--- /dev/null
+#
+# Makefile for the Squid Object Cache server
+#
+# $Id: Makefile.am,v 1.1 2005/12/29 02:11:00 hno Exp $
+#
+# Uncomment and customize the following to suit your needs:
+#
+
+libexec_PROGRAMS = digest_ldap_auth
+digest_pw_auth_SOURCES = digest_pw_auth.c \
+ digest_common.h \
+ ldap_backend.c \
+ ldap_backend.h
+INCLUDES = -I. -I$(top_builddir)/include -I$(top_srcdir)/include \
+ -I$(top_srcdir)/src/
+
+LDADD = -L$(top_builddir)/lib -lmiscutil $(LIB_LDAP) $(LIB_LBER) $(CRYPTLIB) $(XTRA_LIBS) $(SSLLIB)
--- /dev/null
+# Makefile.in generated by automake 1.9.6 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Makefile for the Squid Object Cache server
+#
+# $Id: Makefile.in,v 1.1 2005/12/29 02:11:00 hno Exp $
+#
+# Uncomment and customize the following to suit your needs:
+#
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+top_builddir = ../../..
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+INSTALL = @INSTALL@
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+libexec_PROGRAMS = digest_pw_auth$(EXEEXT)
+subdir = helpers/digest_auth/password
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/cfgaux/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/include/autoconf.h
+CONFIG_CLEAN_FILES =
+am__installdirs = "$(DESTDIR)$(libexecdir)"
+libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+PROGRAMS = $(libexec_PROGRAMS)
+am_digest_pw_auth_OBJECTS = digest_pw_auth.$(OBJEXT) \
+ text_backend.$(OBJEXT) ldap_backend.$(OBJEXT)
+digest_pw_auth_OBJECTS = $(am_digest_pw_auth_OBJECTS)
+digest_pw_auth_LDADD = $(LDADD)
+am__DEPENDENCIES_1 =
+digest_pw_auth_DEPENDENCIES = $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include
+depcomp = $(SHELL) $(top_srcdir)/cfgaux/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+SOURCES = $(digest_pw_auth_SOURCES)
+DIST_SOURCES = $(digest_pw_auth_SOURCES)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+AMDEP_FALSE = @AMDEP_FALSE@
+AMDEP_TRUE = @AMDEP_TRUE@
+AMTAR = @AMTAR@
+AR = @AR@
+AR_R = @AR_R@
+AUTH_LIBS = @AUTH_LIBS@
+AUTH_LINKOBJS = @AUTH_LINKOBJS@
+AUTH_MODULES = @AUTH_MODULES@
+AUTH_OBJS = @AUTH_OBJS@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BASIC_AUTH_HELPERS = @BASIC_AUTH_HELPERS@
+CACHE_HTTP_PORT = @CACHE_HTTP_PORT@
+CACHE_ICP_PORT = @CACHE_ICP_PORT@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CGIEXT = @CGIEXT@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYPTLIB = @CRYPTLIB@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DIGEST_AUTH_HELPERS = @DIGEST_AUTH_HELPERS@
+DISK_LIBS = @DISK_LIBS@
+DISK_LINKOBJS = @DISK_LINKOBJS@
+DISK_PROGRAMS = @DISK_PROGRAMS@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ENABLE_ARP_ACL_FALSE = @ENABLE_ARP_ACL_FALSE@
+ENABLE_ARP_ACL_TRUE = @ENABLE_ARP_ACL_TRUE@
+ENABLE_HTCP_FALSE = @ENABLE_HTCP_FALSE@
+ENABLE_HTCP_TRUE = @ENABLE_HTCP_TRUE@
+ENABLE_IDENT_FALSE = @ENABLE_IDENT_FALSE@
+ENABLE_IDENT_TRUE = @ENABLE_IDENT_TRUE@
+ENABLE_PINGER_FALSE = @ENABLE_PINGER_FALSE@
+ENABLE_PINGER_TRUE = @ENABLE_PINGER_TRUE@
+ENABLE_SSL_FALSE = @ENABLE_SSL_FALSE@
+ENABLE_SSL_TRUE = @ENABLE_SSL_TRUE@
+ENABLE_UNLINKD_FALSE = @ENABLE_UNLINKD_FALSE@
+ENABLE_UNLINKD_TRUE = @ENABLE_UNLINKD_TRUE@
+ENABLE_WIN32SPECIFIC_FALSE = @ENABLE_WIN32SPECIFIC_FALSE@
+ENABLE_WIN32SPECIFIC_TRUE = @ENABLE_WIN32SPECIFIC_TRUE@
+ENABLE_XPROF_STATS_FALSE = @ENABLE_XPROF_STATS_FALSE@
+ENABLE_XPROF_STATS_TRUE = @ENABLE_XPROF_STATS_TRUE@
+EPOLL_LIBS = @EPOLL_LIBS@
+ERR_DEFAULT_LANGUAGE = @ERR_DEFAULT_LANGUAGE@
+ERR_LANGUAGES = @ERR_LANGUAGES@
+EXEEXT = @EXEEXT@
+EXTERNAL_ACL_HELPERS = @EXTERNAL_ACL_HELPERS@
+F77 = @F77@
+FALSE = @FALSE@
+FFLAGS = @FFLAGS@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LDFLAGS = @LDFLAGS@
+LIBADD_DL = @LIBADD_DL@
+LIBDLMALLOC = @LIBDLMALLOC@
+LIBOBJS = @LIBOBJS@
+LIBREGEX = @LIBREGEX@
+LIBS = @LIBS@
+LIBSASL = @LIBSASL@
+LIBTOOL = @LIBTOOL@
+LIB_LBER = @LIB_LBER@
+LIB_LDAP = @LIB_LDAP@
+LIB_MALLOC = @LIB_MALLOC@
+LN = @LN@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAINT = @MAINT@
+MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
+MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
+MAKEINFO = @MAKEINFO@
+MAKE_LEAKFINDER_FALSE = @MAKE_LEAKFINDER_FALSE@
+MAKE_LEAKFINDER_TRUE = @MAKE_LEAKFINDER_TRUE@
+MINGW_LIBS = @MINGW_LIBS@
+MKDIR = @MKDIR@
+MV = @MV@
+NEED_OWN_MD5_FALSE = @NEED_OWN_MD5_FALSE@
+NEED_OWN_MD5_TRUE = @NEED_OWN_MD5_TRUE@
+NEED_OWN_SNPRINTF_FALSE = @NEED_OWN_SNPRINTF_FALSE@
+NEED_OWN_SNPRINTF_TRUE = @NEED_OWN_SNPRINTF_TRUE@
+NEGOTIATE_AUTH_HELPERS = @NEGOTIATE_AUTH_HELPERS@
+NTLM_AUTH_HELPERS = @NTLM_AUTH_HELPERS@
+OBJEXT = @OBJEXT@
+OPT_DEFAULT_HOSTS = @OPT_DEFAULT_HOSTS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+RANLIB = @RANLIB@
+REGEXLIB = @REGEXLIB@
+REPL_LIBS = @REPL_LIBS@
+REPL_OBJS = @REPL_OBJS@
+REPL_POLICIES = @REPL_POLICIES@
+RM = @RM@
+SET_MAKE = @SET_MAKE@
+SH = @SH@
+SHELL = @SHELL@
+SNMPLIB = @SNMPLIB@
+SQUID_CFLAGS = @SQUID_CFLAGS@
+SQUID_CPPUNIT_DIR = @SQUID_CPPUNIT_DIR@
+SQUID_CPPUNIT_INC = @SQUID_CPPUNIT_INC@
+SQUID_CPPUNIT_LA = @SQUID_CPPUNIT_LA@
+SQUID_CXXFLAGS = @SQUID_CXXFLAGS@
+SSLLIB = @SSLLIB@
+STORE_LIBS = @STORE_LIBS@
+STORE_LINKOBJS = @STORE_LINKOBJS@
+STORE_OBJS = @STORE_OBJS@
+STRIP = @STRIP@
+TRUE = @TRUE@
+USE_DELAY_POOLS_FALSE = @USE_DELAY_POOLS_FALSE@
+USE_DELAY_POOLS_TRUE = @USE_DELAY_POOLS_TRUE@
+USE_DNSSERVER_FALSE = @USE_DNSSERVER_FALSE@
+USE_DNSSERVER_TRUE = @USE_DNSSERVER_TRUE@
+USE_ESI_FALSE = @USE_ESI_FALSE@
+USE_ESI_TRUE = @USE_ESI_TRUE@
+USE_ICAP_CLIENT_FALSE = @USE_ICAP_CLIENT_FALSE@
+USE_ICAP_CLIENT_TRUE = @USE_ICAP_CLIENT_TRUE@
+USE_SNMP_FALSE = @USE_SNMP_FALSE@
+USE_SNMP_TRUE = @USE_SNMP_TRUE@
+VERSION = @VERSION@
+WIN32_PSAPI = @WIN32_PSAPI@
+XTRA_LIBS = @XTRA_LIBS@
+XTRA_OBJS = @XTRA_OBJS@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+ac_ct_RANLIB = @ac_ct_RANLIB@
+ac_ct_STRIP = @ac_ct_STRIP@
+am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
+am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
+am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
+am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+datadir = @datadir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localstatedir = @localstatedir@
+makesnmplib = @makesnmplib@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+subdirs = @subdirs@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+digest_pw_auth_SOURCES = digest_pw_auth.c \
+ digest_common.h \
+ text_backend.c \
+ text_backend.h \
+ ldap_backend.c \
+ ldap_backend.h
+
+INCLUDES = -I. -I$(top_builddir)/include -I$(top_srcdir)/include \
+ -I$(top_srcdir)/src/
+
+LDADD = -L$(top_builddir)/lib -lmiscutil $(LIB_LDAP) $(LIB_LBER) $(CRYPTLIB) $(XTRA_LIBS) $(SSLLIB)
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign helpers/digest_auth/password/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --foreign helpers/digest_auth/password/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-libexecPROGRAMS: $(libexec_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ test -z "$(libexecdir)" || $(mkdir_p) "$(DESTDIR)$(libexecdir)"
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ if test -f $$p \
+ || test -f $$p1 \
+ ; then \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \
+ else :; fi; \
+ done
+
+uninstall-libexecPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(libexecdir)/$$f"; \
+ done
+
+clean-libexecPROGRAMS:
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+digest_pw_auth$(EXEEXT): $(digest_pw_auth_OBJECTS) $(digest_pw_auth_DEPENDENCIES)
+ @rm -f digest_pw_auth$(EXEEXT)
+ $(LINK) $(digest_pw_auth_LDFLAGS) $(digest_pw_auth_OBJECTS) $(digest_pw_auth_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/digest_pw_auth.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ldap_backend.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/text_backend.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+ -rm -f libtool
+uninstall-info-am:
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
+ list='$(DISTFILES)'; for file in $$list; do \
+ case $$file in \
+ $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
+ $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
+ esac; \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test "$$dir" != "$$file" && test "$$dir" != "."; then \
+ dir="/$$dir"; \
+ $(mkdir_p) "$(distdir)$$dir"; \
+ else \
+ dir=''; \
+ fi; \
+ if test -d $$d/$$file; then \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(PROGRAMS)
+installdirs:
+ for dir in "$(DESTDIR)$(libexecdir)"; do \
+ test -z "$$dir" || $(mkdir_p) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-libtool distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-exec-am: install-libexecPROGRAMS
+
+install-info: install-info-am
+
+install-man:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-info-am uninstall-libexecPROGRAMS
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libexecPROGRAMS clean-libtool ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-exec \
+ install-exec-am install-info install-info-am \
+ install-libexecPROGRAMS install-man install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-info-am \
+ uninstall-libexecPROGRAMS
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
--- /dev/null
+/*
+ * digest_common.h
+ *
+ * AUTHOR: Robert Collins.
+ *
+ * Digest helper API details.
+ *
+ * Copyright (c) 2003 Robert Collins <robertc@squid-cache.org>
+ */
+
+#ifndef _SQUID_DIGEST_COMMON_H_
+#define _SQUID_DIGEST_COMMON_H_
+
+#include "config.h"
+#if HAVE_STDIO_H
+#include <stdio.h>
+#endif
+#if HAVE_STDLIB_H
+#include <stdlib.h>
+#endif
+#if HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#if HAVE_STRING_H
+#include <string.h>
+#endif
+#if HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#if HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+#if HAVE_CRYPT_H
+#include <crypt.h>
+#endif
+
+#include "util.h"
+#include "hash.h"
+#include "rfc2617.h"
+
+typedef struct _request_data {
+ char *user;
+ char *realm;
+ char *password;
+ HASHHEX HHA1;
+ int parsed;
+ int error;
+} RequestData;
+
+/* to use a backend, include your backend.h file
+ * and define thusly:
+ * #define ProcessArguments(A, B) MyHandleArguments(A,B)
+ * #define GetHHA1(A) MyGetHHA1(A)
+ */
+typedef void HandleArguments(int, char **);
+typedef void HHA1Creator(RequestData *);
+#endif /* _SQUID_DIGEST_COMMON_H_ */
--- /dev/null
+/*
+ * digest_pw_auth.c
+ *
+ * AUTHOR: Robert Collins. Based on ncsa_auth.c by Arjan de Vet
+ * <Arjan.deVet@adv.iae.nl>
+ * LDAP backend extension by Flavio Pescuma, MARA Systems AB <flavio@marasystems.com>
+ *
+ * Example digest authentication program for Squid, based on the original
+ * proxy_auth code from client_side.c, written by
+ * Jon Thackray <jrmt@uk.gdscorp.com>.
+ *
+ * - comment lines are possible and should start with a '#';
+ * - empty or blank lines are possible;
+ * - file format is username:password
+ *
+ * To build a directory integrated backend, you need to be able to
+ * calculate the HA1 returned to squid. To avoid storing a plaintext
+ * password you can calculate MD5(username:realm:password) when the
+ * user changes their password, and store the tuple username:realm:HA1.
+ * then find the matching username:realm when squid asks for the
+ * HA1.
+ *
+ * This implementation could be improved by using such a triple for
+ * the file format. However storing such a triple does little to
+ * improve security: If compromised the username:realm:HA1 combination
+ * is "plaintext equivalent" - for the purposes of digest authentication
+ * they allow the user access. Password syncronisation is not tackled
+ * by digest - just preventing on the wire compromise.
+ *
+ * Copyright (c) 2003 Robert Collins <robertc@squid-cache.org>
+ */
+
+#include "digest_common.h"
+#include "ldap_backend.h"
+#define PROGRAM_NAME "digest_ldap_auth"
+char *backend;
+
+
+void
+GetHHA1(RequestData * requestData)
+{
+ if (strcmp(backend, "LDAP") == 0)
+ LDAPHHA1(requestData);
+ else if (strcmp(backend, "file") == 0)
+ TextHHA1(requestData);
+}
+
+static void
+ParseBuffer(char *buf, RequestData * requestData)
+{
+ char *p;
+ requestData->parsed = 0;
+ if ((p = strchr(buf, '\n')) != NULL)
+ *p = '\0'; /* strip \n */
+ if ((requestData->user = strtok(buf, "\"")) == NULL)
+ return;
+ if ((requestData->realm = strtok(NULL, "\"")) == NULL)
+ return;
+ if ((requestData->realm = strtok(NULL, "\"")) == NULL)
+ return;
+ requestData->parsed = -1;
+}
+
+static void
+OutputHHA1(RequestData * requestData)
+{
+ requestData->error = 0;
+ GetHHA1(requestData);
+ if (requestData->error) {
+ printf("ERR No such user\n");
+ return;
+ }
+ printf("%s\n", requestData->HHA1);
+}
+
+static void
+DoOneRequest(char *buf)
+{
+ RequestData requestData;
+ ParseBuffer(buf, &requestData);
+ if (!requestData.parsed) {
+ printf("ERR\n");
+ return;
+ }
+ OutputHHA1(&requestData);
+}
+
+void
+ProcessArguments(int argc, char **argv)
+{
+ int i;
+ i = LDAPArguments(argc, argv);
+ if (i)
+ exit(i);
+}
+
+int
+main(int argc, char **argv)
+{
+ char buf[256];
+ setbuf(stdout, NULL);
+ ProcessArguments(argc, argv);
+ while (fgets(buf, 256, stdin) != NULL)
+ DoOneRequest(buf);
+ exit(0);
+}
--- /dev/null
+/*
+ *
+ *
+ *
+ * ldap_backend.c
+ * AUTHOR: Flavio Pescuma, MARA Systems AB <flavio@marasystems.com>
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include "ldap_backend.h"
+
+#ifdef _SQUID_MSWIN_ /* Native Windows port and MinGW */
+
+#define snprintf _snprintf
+#include <windows.h>
+#include <winldap.h>
+#ifndef LDAPAPI
+#define LDAPAPI __cdecl
+#endif
+#ifdef LDAP_VERSION3
+#ifndef LDAP_OPT_X_TLS
+#define LDAP_OPT_X_TLS 0x6000
+#endif
+/* Some tricks to allow dynamic bind with ldap_start_tls_s entry point at
+ run time.
+ */
+#undef ldap_start_tls_s
+#if LDAP_UNICODE
+#define LDAP_START_TLS_S "ldap_start_tls_sW"
+typedef WINLDAPAPI ULONG (LDAPAPI * PFldap_start_tls_s) (IN PLDAP, OUT PULONG, OUT LDAPMessage **, IN PLDAPControlW *, IN PLDAPControlW *);
+#else
+#define LDAP_START_TLS_S "ldap_start_tls_sA"
+typedef WINLDAPAPI ULONG (LDAPAPI * PFldap_start_tls_s) (IN PLDAP, OUT PULONG, OUT LDAPMessage **, IN PLDAPControlA *, IN PLDAPControlA *);
+#endif /* LDAP_UNICODE */
+PFldap_start_tls_s Win32_ldap_start_tls_s;
+#define ldap_start_tls_s(l,s,c) Win32_ldap_start_tls_s(l,NULL,NULL,s,c)
+#endif /* LDAP_VERSION3 */
+
+#else
+
+#include <lber.h>
+#include <ldap.h>
+
+#endif
+#define PROGRAM_NAME "digest_pw_auth(LDAP_backend)"
+
+/* Globals */
+
+static LDAP *ld = NULL;
+static char *passattr = NULL;
+static char *ldapServer = NULL;
+static char *userbasedn = NULL;
+static char *userdnattr = NULL;
+static char *usersearchfilter = NULL;
+static char *binddn = NULL;
+static char *bindpasswd = NULL;
+static char *delimiter = ":";
+static int encrpass = 0;
+static int searchscope = LDAP_SCOPE_SUBTREE;
+static int persistent = 0;
+static int noreferrals = 0;
+static int debug = 0;
+static int port = LDAP_PORT;
+static int strip_nt_domain = 0;
+static int aliasderef = LDAP_DEREF_NEVER;
+#if defined(NETSCAPE_SSL)
+static char *sslpath = NULL;
+static int sslinit = 0;
+#endif
+static int connect_timeout = 0;
+static int timelimit = LDAP_NO_LIMIT;
+
+#ifdef LDAP_VERSION3
+/* Added for TLS support and version 3 */
+static int use_tls = 0;
+static int version = -1;
+#endif
+
+static void ldapconnect(void);
+static int readSecret(char *filename);
+
+/* Yuck.. we need to glue to different versions of the API */
+
+#if defined(LDAP_API_VERSION) && LDAP_API_VERSION > 1823
+static void
+squid_ldap_set_aliasderef(int deref)
+{
+ ldap_set_option(ld, LDAP_OPT_DEREF, &deref);
+}
+static void
+squid_ldap_set_referrals(int referrals)
+{
+ int *value = referrals ? LDAP_OPT_ON : LDAP_OPT_OFF;
+ ldap_set_option(ld, LDAP_OPT_REFERRALS, value);
+}
+static void
+squid_ldap_set_timelimit(int timelimit)
+{
+ ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &timelimit);
+}
+static void
+squid_ldap_set_connect_timeout(int timelimit)
+{
+#if defined(LDAP_OPT_NETWORK_TIMEOUT)
+ struct timeval tv;
+ tv.tv_sec = timelimit;
+ tv.tv_usec = 0;
+ ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &tv);
+#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
+ timelimit *= 1000;
+ ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, &timelimit);
+#endif
+}
+
+#else
+static int
+squid_ldap_errno(LDAP * ld)
+{
+ return ld->ld_errno;
+}
+static void
+squid_ldap_set_aliasderef(int deref)
+{
+ ld->ld_deref = deref;
+}
+static void
+squid_ldap_set_referrals(int referrals)
+{
+ if (referrals)
+ ld->ld_options |= ~LDAP_OPT_REFERRALS;
+ else
+ ld->ld_options &= ~LDAP_OPT_REFERRALS;
+}
+static void
+squid_ldap_set_timelimit(int timelimit)
+{
+ ld->ld_timelimit = timelimit;
+}
+static void
+squid_ldap_set_connect_timeout(int timelimit)
+{
+ fprintf(stderr, "Connect timeouts not supported in your LDAP library\n");
+}
+static void
+squid_ldap_memfree(char *p)
+{
+ free(p);
+}
+
+#endif
+
+#ifdef LDAP_API_FEATURE_X_OPENLDAP
+#if LDAP_VENDOR_VERSION > 194
+#define HAS_URI_SUPPORT 1
+#endif
+#endif
+
+static int
+ldap_escape_value(char *escaped, int size, const char *src)
+{
+ int n = 0;
+ while (size > 4 && *src) {
+ switch (*src) {
+ case '*':
+ case '(':
+ case ')':
+ case '\\':
+ n += 3;
+ size -= 3;
+ if (size > 0) {
+ *escaped++ = '\\';
+ snprintf(escaped, 3, "%02x", (int) *src++);
+ escaped += 2;
+ }
+ break;
+ default:
+ *escaped++ = *src++;
+ n++;
+ size--;
+ }
+ }
+ *escaped = '\0';
+ return n;
+}
+
+static char *
+getpassword(char *login, char *realm)
+{
+ LDAPMessage *res = NULL;
+ LDAPMessage *entry;
+ char **values = NULL;
+ char **value = NULL;
+ char *password = NULL;
+ int retry = 0;
+ char filter[8192];
+ char searchbase[8192];
+ int rc = -1;
+ if (ld) {
+ if (usersearchfilter) {
+ char escaped_login[1024];
+ snprintf(searchbase, sizeof(searchbase), "%s", userbasedn);
+ ldap_escape_value(escaped_login, sizeof(escaped_login), login);
+ snprintf(filter, sizeof(filter), usersearchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
+
+ retrysrch:
+ if (debug)
+ fprintf(stderr, "user filter '%s', searchbase '%s'\n", filter, searchbase);
+
+ rc = ldap_search_s(ld, searchbase, searchscope, filter, NULL, 0, &res);
+ if (rc != LDAP_SUCCESS) {
+ if (noreferrals && rc == LDAP_PARTIAL_RESULTS) {
+ /* Everything is fine. This is expected when referrals
+ * are disabled.
+ */
+ rc = LDAP_SUCCESS;
+ } else {
+ fprintf(stderr, PROGRAM_NAME " WARNING, LDAP search error '%s'\n", ldap_err2string(rc));
+#if defined(NETSCAPE_SSL)
+ if (sslpath && ((rc == LDAP_SERVER_DOWN) || (rc == LDAP_CONNECT_ERROR))) {
+ int sslerr = PORT_GetError();
+ fprintf(stderr, PROGRAM_NAME ": WARNING, SSL error %d (%s)\n", sslerr, ldapssl_err2string(sslerr));
+ }
+#endif
+ fprintf(stderr, PROGRAM_NAME " WARNING, LDAP search error, trying to recover'%s'\n", ldap_err2string(rc));
+ ldap_msgfree(res);
+ /* try to connect to the LDAP server agin, maybe my persisten conexion failed. */
+ if (!retry) {
+ retry++;
+ ldap_unbind(ld);
+ ld = NULL;
+ ldapconnect();
+ goto retrysrch;
+ }
+ return NULL;
+
+ }
+ }
+ } else if (userdnattr) {
+ sprintf(searchbase, "%s=%s, %s", userdnattr, login, userbasedn);
+
+ retrydnattr:
+ if (debug)
+ fprintf(stderr, "searchbase '%s'\n", searchbase);
+ rc = ldap_search_s(ld, searchbase, searchscope, NULL, NULL, 0, &res);
+ }
+ if (rc == LDAP_SUCCESS) {
+ entry = ldap_first_entry(ld, res);
+ if (entry)
+ values = ldap_get_values(ld, entry, passattr);
+ else {
+ ldap_msgfree(res);
+ return NULL;
+ }
+ if (!values) {
+ if (debug)
+ printf("No attribute value found\n");
+ ldap_msgfree(res);
+ return NULL;
+ }
+ value = values;
+ while (*value) {
+ if (encrpass) {
+ if (strcmp(strtok(*value, delimiter), realm) == 0) {
+ password = strtok(NULL, delimiter);
+ break;
+ }
+ } else {
+ password = *value;
+ break;
+ }
+ value++;
+ }
+ if (debug)
+ printf("password: %s\n", password);
+ if (password)
+ password = strdup(password);
+ ldap_value_free(values);
+ ldap_msgfree(res);
+ return password;
+ } else {
+ fprintf(stderr, PROGRAM_NAME " WARNING, LDAP error '%s'\n", ldap_err2string(rc));
+ /* try to connect to the LDAP server agin, maybe my persisten conexion failed. */
+ if (!retry) {
+ retry++;
+ ldap_unbind(ld);
+ ld = NULL;
+ ldapconnect();
+ goto retrydnattr;
+ }
+ return NULL;
+ }
+ }
+ return NULL;
+}
+
+
+
+static void
+ldapconnect(void)
+{
+ int rc;
+
+/* On Windows ldap_start_tls_s is available starting from Windows XP,
+ so we need to bind at run-time with the function entry point
+ */
+#ifdef _SQUID_MSWIN_
+ if (use_tls) {
+
+ HMODULE WLDAP32Handle;
+
+ WLDAP32Handle = GetModuleHandle("wldap32");
+ if ((Win32_ldap_start_tls_s = (PFldap_start_tls_s) GetProcAddress(WLDAP32Handle, LDAP_START_TLS_S)) == NULL) {
+ fprintf( stderr, PROGRAM_NAME ": ERROR: TLS (-Z) not supported on this platform.\n");
+ exit(1);
+ }
+ }
+#endif
+
+ if (ld == NULL) {
+#if HAS_URI_SUPPORT
+ if (strstr(ldapServer, "://") != NULL) {
+ rc = ldap_initialize(&ld, ldapServer);
+ if (rc != LDAP_SUCCESS) {
+ fprintf(stderr, "\nUnable to connect to LDAPURI:%s\n", ldapServer);
+ }
+ } else
+#endif
+#if NETSCAPE_SSL
+ if (sslpath) {
+ if (!sslinit && (ldapssl_client_init(sslpath, NULL) != LDAP_SUCCESS)) {
+ fprintf(stderr, "\nUnable to initialise SSL with cert path %s\n",
+ sslpath);
+ exit(1);
+ } else {
+ sslinit++;
+ }
+ if ((ld = ldapssl_init(ldapServer, port, 1)) == NULL) {
+ fprintf(stderr, "\nUnable to connect to SSL LDAP server: %s port:%d\n",
+ ldapServer, port);
+ exit(1);
+ }
+ } else
+#endif
+ if ((ld = ldap_init(ldapServer, port)) == NULL) {
+ fprintf(stderr, "\nUnable to connect to LDAP server:%s port:%d\n", ldapServer, port);
+ }
+ if (connect_timeout)
+ squid_ldap_set_connect_timeout(connect_timeout);
+
+#ifdef LDAP_VERSION3
+ if (version == -1) {
+ version = LDAP_VERSION2;
+ }
+ if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version)
+ != LDAP_SUCCESS) {
+ fprintf(stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
+ version);
+ ldap_unbind(ld);
+ ld = NULL;
+ }
+ if (use_tls && (version == LDAP_VERSION3) && (ldap_start_tls_s(ld, NULL, NULL) == LDAP_SUCCESS)) {
+ fprintf(stderr, "Could not Activate TLS connection\n");
+ ldap_unbind(ld);
+ ld = NULL;
+ }
+#endif
+ squid_ldap_set_timelimit(timelimit);
+ squid_ldap_set_referrals(!noreferrals);
+ squid_ldap_set_aliasderef(aliasderef);
+ if (binddn && bindpasswd && *binddn && *bindpasswd) {
+ rc = ldap_simple_bind_s(ld, binddn, bindpasswd);
+ if (rc != LDAP_SUCCESS) {
+ fprintf(stderr, PROGRAM_NAME " WARNING, could not bind to binddn '%s'\n", ldap_err2string(rc));
+ ldap_unbind(ld);
+ ld = NULL;
+ }
+ }
+ if (debug)
+ fprintf(stderr, "Connected OK\n");
+ }
+}
+int
+LDAPArguments(int argc, char **argv)
+{
+ setbuf(stdout, NULL);
+
+ while (argc > 1 && argv[1][0] == '-') {
+ char *value = "";
+ char option = argv[1][1];
+ switch (option) {
+ case 'P':
+ case 'R':
+ case 'z':
+ case 'Z':
+ case 'g':
+ case 'e':
+ case 'S':
+ break;
+ default:
+ if (strlen(argv[1]) > 2) {
+ value = argv[1] + 2;
+ } else if (argc > 2) {
+ value = argv[2];
+ argv++;
+ argc--;
+ } else
+ value = "";
+ break;
+ }
+ argv++;
+ argc--;
+ switch (option) {
+ case 'H':
+#if !HAS_URI_SUPPORT
+ fprintf(stderr, "ERROR: Your LDAP library does not have URI support\n");
+ return 1;
+#endif
+ /* Fall thru to -h */
+ case 'h':
+ if (ldapServer) {
+ int len = strlen(ldapServer) + 1 + strlen(value) + 1;
+ char *newhost = malloc(len);
+ snprintf(newhost, len, "%s %s", ldapServer, value);
+ free(ldapServer);
+ ldapServer = newhost;
+ } else {
+ ldapServer = strdup(value);
+ }
+ break;
+ case 'A':
+ passattr = value;
+ break;
+ case 'e':
+ encrpass = 1;
+ break;
+ case 'l':
+ delimiter = value;
+ break;
+ case 'b':
+ userbasedn = value;
+ break;
+ case 'F':
+ usersearchfilter = value;
+ break;
+ case 'u':
+ userdnattr = value;
+ break;
+ case 's':
+ if (strcmp(value, "base") == 0)
+ searchscope = LDAP_SCOPE_BASE;
+ else if (strcmp(value, "one") == 0)
+ searchscope = LDAP_SCOPE_ONELEVEL;
+ else if (strcmp(value, "sub") == 0)
+ searchscope = LDAP_SCOPE_SUBTREE;
+ else {
+ fprintf(stderr, PROGRAM_NAME " ERROR: Unknown search scope '%s'\n", value);
+ return 1;
+ }
+ break;
+ case 'S':
+#if defined(NETSCAPE_SSL)
+ sslpath = value;
+ if (port == LDAP_PORT)
+ port = LDAPS_PORT;
+#else
+ fprintf(stderr, PROGRAM_NAME " ERROR: -E unsupported with this LDAP library\n");
+ return 1;
+#endif
+ break;
+ case 'c':
+ connect_timeout = atoi(value);
+ break;
+ case 't':
+ timelimit = atoi(value);
+ break;
+ case 'a':
+ if (strcmp(value, "never") == 0)
+ aliasderef = LDAP_DEREF_NEVER;
+ else if (strcmp(value, "always") == 0)
+ aliasderef = LDAP_DEREF_ALWAYS;
+ else if (strcmp(value, "search") == 0)
+ aliasderef = LDAP_DEREF_SEARCHING;
+ else if (strcmp(value, "find") == 0)
+ aliasderef = LDAP_DEREF_FINDING;
+ else {
+ fprintf(stderr, PROGRAM_NAME " ERROR: Unknown alias dereference method '%s'\n", value);
+ return 1;
+ }
+ break;
+ case 'D':
+ binddn = value;
+ break;
+ case 'w':
+ bindpasswd = value;
+ break;
+ case 'W':
+ readSecret(value);
+ break;
+ case 'P':
+ persistent = !persistent;
+ break;
+ case 'p':
+ port = atoi(value);
+ break;
+ case 'R':
+ noreferrals = !noreferrals;
+ break;
+#ifdef LDAP_VERSION3
+ case 'v':
+ switch (atoi(value)) {
+ case 2:
+ version = LDAP_VERSION2;
+ break;
+ case 3:
+ version = LDAP_VERSION3;
+ break;
+ default:
+ fprintf(stderr, "Protocol version should be 2 or 3\n");
+ return 1;
+ }
+ break;
+ case 'Z':
+ if (version == LDAP_VERSION2) {
+ fprintf(stderr, "TLS (-Z) is incompatible with version %d\n",
+ version);
+ return 1;
+ }
+ version = LDAP_VERSION3;
+ use_tls = 1;
+ break;
+#endif
+ case 'd':
+ debug = 1;
+ break;
+ case 'E':
+ strip_nt_domain = 1;
+ break;
+ default:
+ fprintf(stderr, PROGRAM_NAME " ERROR: Unknown command line option '%c'\n", option);
+ return 1;
+ }
+ }
+
+ while (argc > 1) {
+ char *value = argv[1];
+ if (ldapServer) {
+ int len = strlen(ldapServer) + 1 + strlen(value) + 1;
+ char *newhost = malloc(len);
+ snprintf(newhost, len, "%s %s", ldapServer, value);
+ free(ldapServer);
+ ldapServer = newhost;
+ } else {
+ ldapServer = strdup(value);
+ }
+ argc--;
+ argv++;
+ }
+
+ if (!ldapServer)
+ ldapServer = "localhost";
+
+ if (!userbasedn || !passattr) {
+ fprintf(stderr, "Usage: " PROGRAM_NAME " -b basedn -f filter [options] ldap_server_name\n\n");
+ fprintf(stderr, "\t-A password attribute(REQUIRED)\t\tUser attribute that contains the password\n");
+ fprintf(stderr, "\t-l password realm delimiter(REQUIRED)\tCharater(s) that devides the password attribute\n\t\t\t\t\t\tin realm and password tokens, default ':' realm:password\n");
+ fprintf(stderr, "\t-b basedn (REQUIRED)\t\t\tbase dn under where to search for users\n");
+ fprintf(stderr, "\t-e Encrypted passwords(REQUIRED)\tPassword are stored encrypted using HHA1\n");
+ fprintf(stderr, "\t-F filter\t\t\t\tuser search filter pattern. %%s = login\n");
+ fprintf(stderr, "\t-u attribute\t\t\t\tattribute to use in combination with the basedn to create the user DN\n");
+ fprintf(stderr, "\t-s base|one|sub\t\t\t\tsearch scope\n");
+ fprintf(stderr, "\t-D binddn\t\t\t\tDN to bind as to perform searches\n");
+ fprintf(stderr, "\t-w bindpasswd\t\t\t\tpassword for binddn\n");
+ fprintf(stderr, "\t-W secretfile\t\t\t\tread password for binddn from file secretfile\n");
+#if HAS_URI_SUPPORT
+ fprintf(stderr, "\t-H URI\t\t\t\t\tLDAPURI (defaults to ldap://localhost)\n");
+#endif
+ fprintf(stderr, "\t-h server\t\t\t\tLDAP server (defaults to localhost)\n");
+ fprintf(stderr, "\t-p port\t\t\t\t\tLDAP server port (defaults to %d)\n", LDAP_PORT);
+ fprintf(stderr, "\t-P\t\t\t\t\tpersistent LDAP connection\n");
+#if defined(NETSCAPE_SSL)
+ fprintf(stderr, "\t-E sslcertpath\t\t\t\tenable LDAP over SSL\n");
+#endif
+ fprintf(stderr, "\t-c timeout\t\t\t\tconnect timeout\n");
+ fprintf(stderr, "\t-t timelimit\t\t\t\tsearch time limit\n");
+ fprintf(stderr, "\t-R\t\t\t\t\tdo not follow referrals\n");
+ fprintf(stderr, "\t-a never|always|search|find\t\twhen to dereference aliases\n");
+#ifdef LDAP_VERSION3
+ fprintf(stderr, "\t-v 2|3\t\t\t\t\tLDAP version\n");
+ fprintf(stderr, "\t-Z\t\t\t\t\tTLS encrypt the LDAP connection, requires\n\t\t\t\tLDAP version 3\n");
+#endif
+ fprintf(stderr, "\t-S\t\t\t\t\tStrip NT domain from usernames\n");
+ fprintf(stderr, "\n");
+ fprintf(stderr, "\tIf you need to bind as a user to perform searches then use the\n\t-D binddn -w bindpasswd or -D binddn -W secretfile options\n\n");
+ return -1;
+ }
+ return 0;
+}
+static int
+readSecret(char *filename)
+{
+ char buf[BUFSIZ];
+ char *e = 0;
+ FILE *f;
+
+ if (!(f = fopen(filename, "r"))) {
+ fprintf(stderr, PROGRAM_NAME " ERROR: Can not read secret file %s\n", filename);
+ return 1;
+ }
+ if (!fgets(buf, sizeof(buf) - 1, f)) {
+ fprintf(stderr, PROGRAM_NAME " ERROR: Secret file %s is empty\n", filename);
+ fclose(f);
+ return 1;
+ }
+ /* strip whitespaces on end */
+ if ((e = strrchr(buf, '\n')))
+ *e = 0;
+ if ((e = strrchr(buf, '\r')))
+ *e = 0;
+
+ bindpasswd = (char *) calloc(sizeof(char), strlen(buf) + 1);
+ if (bindpasswd) {
+ strcpy(bindpasswd, buf);
+ } else {
+ fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
+ }
+
+ fclose(f);
+
+ return 0;
+}
+
+void
+LDAPHHA1(RequestData * requestData)
+{
+ char *password = "";
+ ldapconnect();
+ password = getpassword(requestData->user, requestData->realm);
+ if (password != NULL) {
+ if (encrpass)
+ xstrncpy(requestData->HHA1, &password[6], sizeof(requestData->HHA1));
+ else {
+ HASH HA1;
+ DigestCalcHA1("md5", requestData->user, requestData->realm, password, NULL, NULL, HA1, requestData->HHA1);
+ }
+ free(password);
+ } else {
+ requestData->error = -1;
+ }
+
+}
--- /dev/null
+/*
+ * text_backend.h
+ *
+ * AUTHOR: Flavio Pescuma. <flavio@marasystems.com>
+ *
+ */
+#include "digest_common.h"
+extern int LDAPArguments(int argc, char **argv);
+extern void LDAPHHA1(RequestData * requestData);
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.am,v 1.4 2005/05/18 21:34:56 hno Exp $
+# $Id: Makefile.am,v 1.5 2005/12/29 02:11:00 hno Exp $
#
# Uncomment and customize the following to suit your needs:
#
digest_pw_auth_SOURCES = digest_pw_auth.c \
digest_common.h \
text_backend.c \
- text_backend.h \
- ldap_backend.c \
- ldap_backend.h
+ text_backend.h
INCLUDES = -I. -I$(top_builddir)/include -I$(top_srcdir)/include \
-I$(top_srcdir)/src/
*/
#include "digest_common.h"
-#include "text_backend.h"
#include "ldap_backend.h"
#define PROGRAM_NAME "digest_pw_auth"
char *backend;
void
ProcessArguments(int argc, char **argv)
{
- int i = 0;
- if ((strncmp(argv[1], "-D", 2) != 0) || (argc < 3))
- usage();
- else {
- backend = argv[2];
- if (strcmp(backend, "LDAP") == 0) {
- i = LDAPArguments(argc, argv);
- if (i)
- exit(i);
- } else if (strcmp(backend, "file") == 0)
- TextArguments(argc, argv);
- else
- usage();
- }
+ TextArguments(argc, argv);
}
int
projects / thirdparty / squid.git / commitdiff
