/*
- * $Id: check_group.c,v 1.5 2005/07/02 18:34:03 serassio Exp $
+ * $Id: check_group.c,v 1.6 2006/05/05 12:44:26 robertc Exp $
*
* This is a helper for the external ACL interface for Squid Cache
* Copyright (C) 2002 Rodrigo Albani de Campos (rodrigo@geekbunker.org)
static void
usage(char *program)
{
- fprintf(stderr, "Usage: %s -g group1 [-g group2 ...] [-p]\n\n",
+ fprintf(stderr, "Usage: %s -g group1 [-g group2 ...] [-p] [-s]\n\n",
program);
fprintf(stderr, "-g group\n");
fprintf(stderr,
" be allowed to authenticate.\n");
fprintf(stderr,
"-p Verify primary user group as well\n");
+ fprintf(stderr,
+ "-s Strip NT domain from usernames\n");
}
int
main(int argc, char *argv[])
{
- char *user, *p;
+ char *user, *suser, *p;
char buf[BUFSIZE];
char *grents[MAX_GROUP];
- int check_pw = 0, ch, i = 0, j = 0;
+ int check_pw = 0, ch, i = 0, j = 0, strip_dm = 0;
/* make standard output line buffered */
setvbuf(stdout, NULL, _IOLBF, 0);
/* get user options */
- while ((ch = getopt(argc, argv, "pg:")) != -1) {
- switch (ch) {
+ while ((ch = getopt(argc, argv, "spg:")) != -1) {
+ switch (ch) {
+ case 's':
+ strip_dm = 1;
+ break;
case 'p':
check_pw = 1;
break;
} else {
user = p;
rfc1738_unescape(user);
+ if (user && strip_dm) {
+ suser = strchr(user, '\\');
+ if (!suser) suser = strchr(user, '/');
+ if (suser && suser[1]) user = suser + 1;
+ }
/* check groups supplied by Squid */
while ((p = strtok(NULL, " ")) != NULL) {
rfc1738_unescape(p);
squid_unix_group - Squid UNIX Group external_acl helper
.
.SH SYNOPSIS
-squid_unix_group [-g groupname] [-g groupname...] [-p]
+squid_unix_group [-g groupname] [-g groupname...] [-p] [-s]
.
.SH DESCRIPTION
This helper allows Squid to base access controls on users
.BI "-p"
Also match the users primary group from /etc/passwd
.
+.TP
+.BI "-s"
+Strip NT domain name component from user names (/ or \\ separated)
+.
.SH EXAMPLES
.
This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2
projects / thirdparty / squid.git / commitdiff
