From: Amos Jeffries Date: Sun, 7 Dec 2014 14:26:56 +0000 (-0800) Subject: basic_msnt_multi_domain_auth: Add man(8) documentation X-Git-Tag: merge-candidate-3-v1~451 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f079bf464ead1ed76b4615b410480ba1787ae0fe;p=thirdparty%2Fsquid.git basic_msnt_multi_domain_auth: Add man(8) documentation Also, update helper to use command-line parameters instead of hard-coded configuration for most options. --- diff --git a/helpers/basic_auth/MSNT-multi-domain/Makefile.am b/helpers/basic_auth/MSNT-multi-domain/Makefile.am index 0d82b7423b..5c78ba368e 100644 --- a/helpers/basic_auth/MSNT-multi-domain/Makefile.am +++ b/helpers/basic_auth/MSNT-multi-domain/Makefile.am @@ -8,8 +8,16 @@ include $(top_srcdir)/src/Common.am libexec_SCRIPTS = basic_msnt_multi_domain_auth -EXTRA_DIST = basic_msnt_multi_domain_auth.pl.in README.txt required.m4 -CLEANFILES += basic_msnt_multi_domain_auth +man_MANS= basic_msnt_multi_domain_auth.8 +EXTRA_DIST= \ + basic_msnt_multi_domain_auth.8 \ + basic_msnt_multi_domain_auth.pl.in \ + required.m4 basic_msnt_multi_domain_auth: basic_msnt_multi_domain_auth.pl.in $(subst_perlshell) + +basic_msnt_multi_domain_auth.8: basic_msnt_multi_domain_auth + pod2man basic_msnt_multi_domain_auth basic_msnt_multi_domain_auth.8 + +CLEANFILES += basic_msnt_multi_domain_auth basic_msnt_multi_domain_auth.8 diff --git a/helpers/basic_auth/MSNT-multi-domain/README.txt b/helpers/basic_auth/MSNT-multi-domain/README.txt deleted file mode 100644 index 4efd101f64..0000000000 --- a/helpers/basic_auth/MSNT-multi-domain/README.txt +++ /dev/null @@ -1,17 +0,0 @@ - -From: "Francesco Chemolli" -Subject: Multiple NT domains authenticator -Date: Fri, 7 Jul 2000 15:37:32 +0200 - -This is the multi-domain NTLM authenticator, blissfully undocumented -(but there's a few strategic comments, so that at least the user -is not left alone). - -The user is expected to enter his/her credentials as domain\username -or domain/username (in analogy to what M$-Proxy does). - -Requires Authen::SMB from CPAN and Samba if you need to perform netbios -queries. - - Francesco 'Kinkie' Chemolli - diff --git a/helpers/basic_auth/MSNT-multi-domain/basic_msnt_multi_domain_auth.pl.in b/helpers/basic_auth/MSNT-multi-domain/basic_msnt_multi_domain_auth.pl.in index 1dfa086d51..b32139b36b 100755 --- a/helpers/basic_auth/MSNT-multi-domain/basic_msnt_multi_domain_auth.pl.in +++ b/helpers/basic_auth/MSNT-multi-domain/basic_msnt_multi_domain_auth.pl.in @@ -1,14 +1,93 @@ #!@PERL@ -## -## Copyright (C) 1996-2014 The Squid Software Foundation and contributors -## -## Squid software is distributed under GPLv2+ license and includes -## contributions from numerous individuals and organizations. -## Please see the COPYING and CONTRIBUTORS files for details. -## -#if you define this, debugging output will be printed to STDERR. -#$debug=1; +use strict; +use Pod::Usage; +use Getopt::Long; + +=pod + +=head1 NAME + + basic_msnt_multi_domain_auth + +=head1 SYNOPSIS + + basic_msnt_multi_domain_auth [options] + +=head1 DESCRIPTION + +B is a Squid authenticator to check +user credentials against multiple NT domains using B. + +The user is expected to enter his/her credentials as domain\username +or domain/username (in analogy to what MS-Proxy does). + +Requires Authen::SMB from CPAN and Samba if you need to perform NETBIOS +queries. + +=head1 OPTIONS + +=over 12 + +=item B<--debug> + +Write debug info to stderr. + +=item B<--wins-server> + +Use the named WINS server. + + Default: broadcast will be attempted. + +=item B<--no-fqdn> + +Some servers don't like to be called by their fully qualified name. +Define this if you wish to call them ONLY by their hostname. + +=item B<--no-rdns> + +Some servers really really want to be called by address. + +=back + +=head1 AUTHOR + +This program was written by I> + +This manual was written by I> + +=head1 COPYRIGHT + + * Copyright (C) 1996-2014 The Squid Software Foundation and contributors + * + * Squid software is distributed under GPLv2+ license and includes + * contributions from numerous individuals and organizations. + * Please see the COPYING and CONTRIBUTORS files for details. + +=head1 QUESTIONS + +Questions on the usage of this program can be sent to the I> + +=head1 REPORTING BUGS + +Bug reports need to be made in English. +See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. + +Report bugs or bug fixes using http://bugs.squid-cache.org/ + +Report serious security bugs to I> + +Report ideas for new improvements to the I> + +=head1 SEE ALSO + +squid (8), GPL (7), + +The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq + +The Squid Configuration Manual http://www.squid-cache.org/Doc/config/ + +=cut #to force using some DC for some domains, fill in this hash. #the key is a regexp matched against the domain name @@ -19,28 +98,24 @@ #%controllers = ( ".*" => ["pdcname","bdcname"]); -#define this if you wish to use a WINS server. If undefined, broadcast -# will be attempted. -#$wins_server="winsservername"; - -# Some servers (at least mine) really really want to be called by address. -# If this variable is defined, we'll ask nmblookup to do a reverse DNS on the -# DC addresses. It might fail though, for instance because you have a crappy -# DNS with no reverse zones or records. If it doesn't work, you'll have to -# fall back to the %controllers hack. -$try_reverse_dns=1; - -# Some servers (at least mine) don't like to be called by their fully -# qualified name. define this if you wish to call them ONLY by their -# hostname. -$dont_use_fqdn=1; - #no more user-serviceable parts + use Authen::Smb; #variables: # %pdc used to cache the domain -> pdc_ip values. IT NEVER EXPIRES! +my $debug = undef; +my $wins_server = undef; +my $no_rdns = undef; +my $no_fqdn = undef; + +GetOptions( + 'debug' => \$debug, + 'wins-server=s' => $wins_server, + 'no-fqdn' => $no_fqdn, + 'no-rdns' => $no_rdns + ); $|=1; while (<>) { @@ -103,7 +178,7 @@ sub discover_dc { } $lookupstring="nmblookup"; $lookupstring.=" -R -U $wins_server" if (defined($wins_server)); - $lookupstring.=" -T" if (defined($try_reverse_dns)); + $lookupstring.=" -T" unless (defined($no_rdns)); $lookupstring.=" '$domain#1c'"; print STDERR "Discovering PDC: $lookupstring\n" if (defined($debug)); @@ -114,7 +189,7 @@ sub discover_dc { if (m|(.*), (\d+\.\d+\.\d+\.\d+)|) { $datum=$1; print STDERR "matched $datum\n" if (defined($debug)); - if (defined($dont_use_fqdn) && $datum =~ /^([^.]+)\..*/) { + if (defined($no_fqdn) && $datum =~ /^([^.]+)\..*/) { $datum=$1; print STDERR "stripped domain name: $datum\n" if (defined($debug)); } diff --git a/helpers/basic_auth/MSNT-multi-domain/required.m4 b/helpers/basic_auth/MSNT-multi-domain/required.m4 index 6473b4401f..ce18d0acb3 100755 --- a/helpers/basic_auth/MSNT-multi-domain/required.m4 +++ b/helpers/basic_auth/MSNT-multi-domain/required.m4 @@ -5,4 +5,6 @@ ## Please see the COPYING and CONTRIBUTORS files for details. ## -BUILD_HELPER="MSNT-multi-domain" +if test "x$PERL" != "x" -a "x$POD2MAN" != "x"; then + BUILD_HELPER="MSNT-multi-domain" +fi