This is the authentication againt NT 4.0 style domain controllers.
squid has dropped support for this in the 4.5 release and nobody
should be using these old domain controllers any more.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
WARNING: translation string unused: adsl settings
+WARNING: translation string unused: advproxy AUTH method ntlm
WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM BDC hostname
+WARNING: translation string unused: advproxy NTLM PDC hostname
WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy NTLM auth mode
+WARNING: translation string unused: advproxy NTLM authorized users
+WARNING: translation string unused: advproxy NTLM domain
+WARNING: translation string unused: advproxy NTLM domain settings
+WARNING: translation string unused: advproxy NTLM unauthorized users
+WARNING: translation string unused: advproxy NTLM use integrated auth
+WARNING: translation string unused: advproxy NTLM use negative access list
+WARNING: translation string unused: advproxy NTLM use positive access list
+WARNING: translation string unused: advproxy NTLM user based access restrictions
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: advproxy chgwebpwd ERROR
WARNING: translation string unused: advproxy chgwebpwd SUCCESS
WARNING: translation string unused: advproxy chgwebpwd username
WARNING: translation string unused: advproxy errmsg change fail
WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid bdc
+WARNING: translation string unused: advproxy errmsg invalid pdc
WARNING: translation string unused: advproxy errmsg invalid user
WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg ntlm domain
+WARNING: translation string unused: advproxy errmsg ntlm pdc
WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy invalid num of children
+WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: again
WARNING: untranslated string: advproxy AUTH method ldap = LDAP
WARNING: untranslated string: advproxy AUTH method ncsa = Local
WARNING: untranslated string: advproxy AUTH method none = None
-WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain
WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory
WARNING: untranslated string: advproxy AUTH method radius = RADIUS
WARNING: untranslated string: advproxy AUTH no auth = Domains without authentication (one per line)
WARNING: untranslated string: advproxy NCSA user accounts = User accounts
WARNING: untranslated string: advproxy NCSA user management = User management
WARNING: untranslated string: advproxy NCSA username = Username
-WARNING: untranslated string: advproxy NTLM BDC hostname = BDC hostname
-WARNING: untranslated string: advproxy NTLM PDC hostname = PDC hostname
-WARNING: untranslated string: advproxy NTLM auth mode = Authentication mode
-WARNING: untranslated string: advproxy NTLM authorized users = Authorized domain users (one per line)
-WARNING: untranslated string: advproxy NTLM domain = Domain
-WARNING: untranslated string: advproxy NTLM domain settings = Common domain settings
-WARNING: untranslated string: advproxy NTLM unauthorized users = Unauthorized domain users (one per line)
-WARNING: untranslated string: advproxy NTLM use integrated auth = Enable Windows integrated authentication
-WARNING: untranslated string: advproxy NTLM use negative access list = Use negative access control
-WARNING: untranslated string: advproxy NTLM use positive access list = Use positive access control
-WARNING: untranslated string: advproxy NTLM user based access restrictions = User based access restrictions
WARNING: untranslated string: advproxy RADIUS authorized users = Authorized users (one per line)
WARNING: untranslated string: advproxy RADIUS identifier = Identifier
WARNING: untranslated string: advproxy RADIUS port = Port
WARNING: untranslated string: advproxy errmsg cache = The RAM cache size is greater than the harddisk cache size:
WARNING: untranslated string: advproxy errmsg hdd cache size = Invalid value for harddisk cache size (min 10 MB required)
WARNING: untranslated string: advproxy errmsg ident timeout = Invalid ident timeout
-WARNING: untranslated string: advproxy errmsg invalid bdc = Invalid hostname for backup domain controller
WARNING: untranslated string: advproxy errmsg invalid destination port = Invalid destination port
WARNING: untranslated string: advproxy errmsg invalid ip or mask = Invalid IP address or network mask
WARNING: untranslated string: advproxy errmsg invalid mac = Invalid MAC address
-WARNING: untranslated string: advproxy errmsg invalid pdc = Invalid hostname for primary domain controller
WARNING: untranslated string: advproxy errmsg invalid proxy port = Invalid proxy port
WARNING: untranslated string: advproxy errmsg invalid upstream proxy = Invalid upstream proxy IP/hostname
WARNING: untranslated string: advproxy errmsg invalid upstream proxy username or password setting = Invalid upstream proxy username or password setting
WARNING: untranslated string: advproxy errmsg no browser = At least one browser or client must be selected for web access
WARNING: untranslated string: advproxy errmsg no username = Username can not be empty
WARNING: untranslated string: advproxy errmsg non-transparent proxy required = Web proxy must be running in non-transparent mode for authentication
-WARNING: untranslated string: advproxy errmsg ntlm domain = Windows domain name required
-WARNING: untranslated string: advproxy errmsg ntlm pdc = Hostname for primary domain controller required
WARNING: untranslated string: advproxy errmsg password length = Invalid value for password length
WARNING: untranslated string: advproxy errmsg password length 1 = Password must have at least
WARNING: untranslated string: advproxy errmsg password length 2 = characters
WARNING: untranslated string: advproxy group access control = Group based access control
WARNING: untranslated string: advproxy group required = Required group
WARNING: untranslated string: advproxy hdd cache size = Harddisk cache size (MB)
-WARNING: untranslated string: advproxy invalid num of children = Invalid number of filter processes
WARNING: untranslated string: advproxy log enabled = Log enabled
WARNING: untranslated string: advproxy log query = Log query terms
WARNING: untranslated string: advproxy log settings = Log settings
WARNING: untranslated string: advproxy proxy port = Proxy port
WARNING: untranslated string: advproxy proxy port transparent = Transparent port
WARNING: untranslated string: advproxy ram cache size = Memory cache size (MB)
-WARNING: untranslated string: advproxy redirector children = Number of filter processes
WARNING: untranslated string: advproxy reset = Reset
WARNING: untranslated string: advproxy saturday = Sat
WARNING: untranslated string: advproxy save and restart = Save and Restart
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM BDC hostname
+WARNING: translation string unused: advproxy NTLM PDC hostname
WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy NTLM auth mode
+WARNING: translation string unused: advproxy NTLM authorized users
+WARNING: translation string unused: advproxy NTLM domain
+WARNING: translation string unused: advproxy NTLM domain settings
+WARNING: translation string unused: advproxy NTLM unauthorized users
+WARNING: translation string unused: advproxy NTLM use integrated auth
+WARNING: translation string unused: advproxy NTLM use negative access list
+WARNING: translation string unused: advproxy NTLM use positive access list
+WARNING: translation string unused: advproxy NTLM user based access restrictions
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: advproxy chgwebpwd ERROR
WARNING: translation string unused: advproxy chgwebpwd SUCCESS
WARNING: translation string unused: advproxy chgwebpwd username
WARNING: translation string unused: advproxy errmsg change fail
WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid bdc
+WARNING: translation string unused: advproxy errmsg invalid pdc
WARNING: translation string unused: advproxy errmsg invalid user
WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg ntlm domain
+WARNING: translation string unused: advproxy errmsg ntlm pdc
WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy invalid num of children
+WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: untranslated string: addons = Addons
WARNING: untranslated string: administrator password = Administrator password
WARNING: untranslated string: administrator username = Administrator username
-WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain
WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory
WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication
WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
WARNING: translation string unused: adsl settings
+WARNING: translation string unused: advproxy AUTH method ntlm
WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM BDC hostname
+WARNING: translation string unused: advproxy NTLM PDC hostname
WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy NTLM auth mode
+WARNING: translation string unused: advproxy NTLM authorized users
+WARNING: translation string unused: advproxy NTLM domain
+WARNING: translation string unused: advproxy NTLM domain settings
+WARNING: translation string unused: advproxy NTLM unauthorized users
+WARNING: translation string unused: advproxy NTLM use integrated auth
+WARNING: translation string unused: advproxy NTLM use negative access list
+WARNING: translation string unused: advproxy NTLM use positive access list
+WARNING: translation string unused: advproxy NTLM user based access restrictions
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: advproxy chgwebpwd ERROR
WARNING: translation string unused: advproxy chgwebpwd SUCCESS
WARNING: translation string unused: advproxy chgwebpwd username
WARNING: translation string unused: advproxy errmsg change fail
WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid bdc
+WARNING: translation string unused: advproxy errmsg invalid pdc
WARNING: translation string unused: advproxy errmsg invalid user
WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg ntlm domain
+WARNING: translation string unused: advproxy errmsg ntlm pdc
WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy invalid num of children
+WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: add-route
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
+WARNING: translation string unused: advproxy AUTH method ntlm
WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM BDC hostname
+WARNING: translation string unused: advproxy NTLM PDC hostname
WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy NTLM auth mode
+WARNING: translation string unused: advproxy NTLM authorized users
+WARNING: translation string unused: advproxy NTLM domain
+WARNING: translation string unused: advproxy NTLM domain settings
+WARNING: translation string unused: advproxy NTLM unauthorized users
+WARNING: translation string unused: advproxy NTLM use integrated auth
+WARNING: translation string unused: advproxy NTLM use negative access list
+WARNING: translation string unused: advproxy NTLM use positive access list
+WARNING: translation string unused: advproxy NTLM user based access restrictions
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: advproxy chgwebpwd ERROR
WARNING: translation string unused: advproxy chgwebpwd SUCCESS
WARNING: translation string unused: advproxy chgwebpwd username
WARNING: translation string unused: advproxy errmsg change fail
WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid bdc
+WARNING: translation string unused: advproxy errmsg invalid pdc
WARNING: translation string unused: advproxy errmsg invalid user
WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg ntlm domain
+WARNING: translation string unused: advproxy errmsg ntlm pdc
WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy invalid num of children
+WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM BDC hostname
+WARNING: translation string unused: advproxy NTLM PDC hostname
WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy NTLM auth mode
+WARNING: translation string unused: advproxy NTLM authorized users
+WARNING: translation string unused: advproxy NTLM domain
+WARNING: translation string unused: advproxy NTLM domain settings
+WARNING: translation string unused: advproxy NTLM unauthorized users
+WARNING: translation string unused: advproxy NTLM use integrated auth
+WARNING: translation string unused: advproxy NTLM use negative access list
+WARNING: translation string unused: advproxy NTLM use positive access list
+WARNING: translation string unused: advproxy NTLM user based access restrictions
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: advproxy chgwebpwd ERROR
WARNING: translation string unused: advproxy chgwebpwd SUCCESS
WARNING: translation string unused: advproxy chgwebpwd username
WARNING: translation string unused: advproxy errmsg change fail
WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid bdc
+WARNING: translation string unused: advproxy errmsg invalid pdc
WARNING: translation string unused: advproxy errmsg invalid user
WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg ntlm domain
+WARNING: translation string unused: advproxy errmsg ntlm pdc
WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy invalid num of children
+WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: untranslated string: Scan for Songs = unknown string
WARNING: untranslated string: administrator password = Administrator password
WARNING: untranslated string: administrator username = Administrator username
-WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain
WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory
WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication
WARNING: untranslated string: advproxy group access control = Group based access control
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM BDC hostname
+WARNING: translation string unused: advproxy NTLM PDC hostname
WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy NTLM auth mode
+WARNING: translation string unused: advproxy NTLM authorized users
+WARNING: translation string unused: advproxy NTLM domain
+WARNING: translation string unused: advproxy NTLM domain settings
+WARNING: translation string unused: advproxy NTLM unauthorized users
+WARNING: translation string unused: advproxy NTLM use integrated auth
+WARNING: translation string unused: advproxy NTLM use negative access list
+WARNING: translation string unused: advproxy NTLM use positive access list
+WARNING: translation string unused: advproxy NTLM user based access restrictions
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: advproxy chgwebpwd ERROR
WARNING: translation string unused: advproxy chgwebpwd SUCCESS
WARNING: translation string unused: advproxy chgwebpwd username
WARNING: translation string unused: advproxy errmsg change fail
WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid bdc
+WARNING: translation string unused: advproxy errmsg invalid pdc
WARNING: translation string unused: advproxy errmsg invalid user
WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg ntlm domain
+WARNING: translation string unused: advproxy errmsg ntlm pdc
WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy invalid num of children
+WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: untranslated string: addons = Addons
WARNING: untranslated string: administrator password = Administrator password
WARNING: untranslated string: administrator username = Administrator username
-WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain
WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory
WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication
WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM BDC hostname
+WARNING: translation string unused: advproxy NTLM PDC hostname
WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy NTLM auth mode
+WARNING: translation string unused: advproxy NTLM authorized users
+WARNING: translation string unused: advproxy NTLM domain
+WARNING: translation string unused: advproxy NTLM domain settings
+WARNING: translation string unused: advproxy NTLM unauthorized users
+WARNING: translation string unused: advproxy NTLM use integrated auth
+WARNING: translation string unused: advproxy NTLM use negative access list
+WARNING: translation string unused: advproxy NTLM use positive access list
+WARNING: translation string unused: advproxy NTLM user based access restrictions
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: advproxy chgwebpwd ERROR
WARNING: translation string unused: advproxy chgwebpwd SUCCESS
WARNING: translation string unused: advproxy chgwebpwd username
WARNING: translation string unused: advproxy errmsg change fail
WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid bdc
+WARNING: translation string unused: advproxy errmsg invalid pdc
WARNING: translation string unused: advproxy errmsg invalid user
WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg ntlm domain
+WARNING: translation string unused: advproxy errmsg ntlm pdc
WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy invalid num of children
+WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: untranslated string: addons = Addons
WARNING: untranslated string: administrator password = Administrator password
WARNING: untranslated string: administrator username = Administrator username
-WARNING: untranslated string: advproxy AUTH method ntlm = Windows NT4 Domain
WARNING: untranslated string: advproxy AUTH method ntlm auth = Windows Active Directory
WARNING: untranslated string: advproxy basic authentication = Allow HTTP Basic authentication
WARNING: untranslated string: advproxy cache-digest = Enable Cache-Digest Generation
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
WARNING: translation string unused: adsl settings
+WARNING: translation string unused: advproxy AUTH method ntlm
WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM BDC hostname
+WARNING: translation string unused: advproxy NTLM PDC hostname
WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy NTLM auth mode
+WARNING: translation string unused: advproxy NTLM authorized users
+WARNING: translation string unused: advproxy NTLM domain
+WARNING: translation string unused: advproxy NTLM domain settings
+WARNING: translation string unused: advproxy NTLM unauthorized users
+WARNING: translation string unused: advproxy NTLM use integrated auth
+WARNING: translation string unused: advproxy NTLM use negative access list
+WARNING: translation string unused: advproxy NTLM use positive access list
+WARNING: translation string unused: advproxy NTLM user based access restrictions
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: advproxy chgwebpwd ERROR
WARNING: translation string unused: advproxy chgwebpwd SUCCESS
WARNING: translation string unused: advproxy chgwebpwd username
WARNING: translation string unused: advproxy errmsg change fail
WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid bdc
+WARNING: translation string unused: advproxy errmsg invalid pdc
WARNING: translation string unused: advproxy errmsg invalid user
WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg ntlm domain
+WARNING: translation string unused: advproxy errmsg ntlm pdc
WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy invalid num of children
+WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
my $acldir = "${General::swroot}/proxy/advanced/acls";
my $ncsadir = "${General::swroot}/proxy/advanced/ncsa";
-my $ntlmdir = "${General::swroot}/proxy/advanced/ntlm";
my $raddir = "${General::swroot}/proxy/advanced/radius";
my $identdir = "${General::swroot}/proxy/advanced/ident";
my $credir = "${General::swroot}/proxy/advanced/cre";
unless (-d "$acldir") { mkdir("$acldir"); }
unless (-d "$ncsadir") { mkdir("$ncsadir"); }
-unless (-d "$ntlmdir") { mkdir("$ntlmdir"); }
unless (-d "$raddir") { mkdir("$raddir"); }
unless (-d "$identdir") { mkdir("$identdir"); }
unless (-d "$credir") { mkdir("$credir"); }
}
}
}
- if ($proxysettings{'AUTH_METHOD'} eq 'ntlm')
- {
- if ($proxysettings{'NTLM_DOMAIN'} eq '')
- {
- $errormessage = $Lang::tr{'advproxy errmsg ntlm domain'};
- goto ERROR;
- }
- if ($proxysettings{'NTLM_PDC'} eq '')
- {
- $errormessage = $Lang::tr{'advproxy errmsg ntlm pdc'};
- goto ERROR;
- }
- if (!&General::validhostname($proxysettings{'NTLM_PDC'}))
- {
- $errormessage = $Lang::tr{'advproxy errmsg invalid pdc'};
- goto ERROR;
- }
- if ((!($proxysettings{'NTLM_BDC'} eq '')) && (!&General::validhostname($proxysettings{'NTLM_BDC'})))
- {
- $errormessage = $Lang::tr{'advproxy errmsg invalid bdc'};
- goto ERROR;
- }
-
- $proxysettings{'NTLM_DOMAIN'} = lc($proxysettings{'NTLM_DOMAIN'});
- $proxysettings{'NTLM_PDC'} = lc($proxysettings{'NTLM_PDC'});
- $proxysettings{'NTLM_BDC'} = lc($proxysettings{'NTLM_BDC'});
- }
if ($proxysettings{'AUTH_METHOD'} eq 'radius')
{
if (!&General::validip($proxysettings{'RADIUS_SERVER'}))
$checked{'AUTH_METHOD'}{'ncsa'} = '';
$checked{'AUTH_METHOD'}{'ident'} = '';
$checked{'AUTH_METHOD'}{'ldap'} = '';
-$checked{'AUTH_METHOD'}{'ntlm'} = '';
$checked{'AUTH_METHOD'}{'ntlm-auth'} = '';
$checked{'AUTH_METHOD'}{'radius'} = '';
$checked{'AUTH_METHOD'}{$proxysettings{'AUTH_METHOD'}} = "checked='checked'";
<td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ncsa' $checked{'AUTH_METHOD'}{'ncsa'} />$Lang::tr{'advproxy AUTH method ncsa'}</td>
<td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ident' $checked{'AUTH_METHOD'}{'ident'} />$Lang::tr{'advproxy AUTH method ident'}</td>
<td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ldap' $checked{'AUTH_METHOD'}{'ldap'} />$Lang::tr{'advproxy AUTH method ldap'}</td>
- <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ntlm' $checked{'AUTH_METHOD'}{'ntlm'} />$Lang::tr{'advproxy AUTH method ntlm'}</td>
END
if ($HAVE_NTLM_AUTH) {
END
; }
-# ===================================================================
-# NTLM auth settings
-# ===================================================================
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') {
-print <<END
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='6'><b>$Lang::tr{'advproxy NTLM domain settings'}</b></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy NTLM domain'}:</td>
- <td><input type='text' name='NTLM_DOMAIN' value='$proxysettings{'NTLM_DOMAIN'}' size='15' /></td>
- <td class='base'>$Lang::tr{'advproxy NTLM PDC hostname'}:</td>
- <td><input type='text' name='NTLM_PDC' value='$proxysettings{'NTLM_PDC'}' size='14' /></td>
- <td class='base'>$Lang::tr{'advproxy NTLM BDC hostname'}:</td>
- <td><input type='text' name='NTLM_BDC' value='$proxysettings{'NTLM_BDC'}' size='14' /></td>
-</tr>
-</table>
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='3'><b>$Lang::tr{'advproxy NTLM auth mode'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base' width='25%'>$Lang::tr{'advproxy NTLM use integrated auth'}:</td>
- <td width='20%'><input type='checkbox' name='NTLM_ENABLE_INT_AUTH' $checked{'NTLM_ENABLE_INT_AUTH'}{'on'} /></td>
- <td> </td>
-</tr>
-</table>
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy NTLM user based access restrictions'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy enabled'}:</td>
- <td width='20%'><input type='checkbox' name='NTLM_ENABLE_ACL' $checked{'NTLM_ENABLE_ACL'}{'on'} /></td>
- <td width='25%'> </td>
- <td width='30%'> </td>
-</tr>
-<tr>
- <td colspan='2'><input type='radio' name='NTLM_USER_ACL' value='positive' $checked{'NTLM_USER_ACL'}{'positive'} />
- $Lang::tr{'advproxy NTLM use positive access list'}:</td>
- <td colspan='2'><input type='radio' name='NTLM_USER_ACL' value='negative' $checked{'NTLM_USER_ACL'}{'negative'} />
- $Lang::tr{'advproxy NTLM use negative access list'}:</td>
-</tr>
-<tr>
- <td colspan='2'>$Lang::tr{'advproxy NTLM authorized users'}</td>
- <td colspan='2'>$Lang::tr{'advproxy NTLM unauthorized users'}</td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='NTLM_ALLOW_USERS' cols='32' rows='6' wrap='off'>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_ALLOW_USERS'}; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END
-</textarea></td>
- <td colspan='2'><textarea name='NTLM_DENY_USERS' cols='32' rows='6' wrap='off'>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_DENY_USERS'}; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END
-</textarea></td>
-</tr>
-</table>
-END
-; }
-
# ===================================================================
# NTLM-AUTH settings
# ===================================================================
END
; }
-if (!($proxysettings{'AUTH_METHOD'} eq 'ntlm')) {
-print <<END
-<td><input type='hidden' name='NTLM_DOMAIN' value='$proxysettings{'NTLM_DOMAIN'}'></td>
-<td><input type='hidden' name='NTLM_PDC' value='$proxysettings{'NTLM_PDC'}'></td>
-<td><input type='hidden' name='NTLM_BDC' value='$proxysettings{'NTLM_BDC'}'></td>
-<td><input type='hidden' name='NTLM_ENABLE_INT_AUTH' value='$proxysettings{'NTLM_ENABLE_INT_AUTH'}'></td>
-<td><input type='hidden' name='NTLM_ENABLE_ACL' value='$proxysettings{'NTLM_ENABLE_ACL'}'></td>
-<td><input type='hidden' name='NTLM_USER_ACL' value='$proxysettings{'NTLM_USER_ACL'}'></td>
-<td><input type='hidden' name='NTLM_ALLOW_USERS' value='$proxysettings{'NTLM_ALLOW_USERS'}'></td>
-<td><input type='hidden' name='NTLM_DENY_USERS' value='$proxysettings{'NTLM_DENY_USERS'}'></td>
-END
-; }
-
if (!($proxysettings{'AUTH_METHOD'} eq 'radius')) {
print <<END
<td><input type='hidden' name='RADIUS_SERVER' value='$proxysettings{'RADIUS_SERVER'}'></td>
while (<FILE>) { $proxysettings{'MIME_TYPES'} .= $_ };
close(FILE);
}
- if (-e "$ntlmdir/msntauth.allowusers") {
- open(FILE,"$ntlmdir/msntauth.allowusers");
- delete $proxysettings{'NTLM_ALLOW_USERS'};
- while (<FILE>) { $proxysettings{'NTLM_ALLOW_USERS'} .= $_ };
- close(FILE);
- }
- if (-e "$ntlmdir/msntauth.denyusers") {
- open(FILE,"$ntlmdir/msntauth.denyusers");
- delete $proxysettings{'NTLM_DENY_USERS'};
- while (<FILE>) { $proxysettings{'NTLM_DENY_USERS'} .= $_ };
- close(FILE);
- }
if (-e "$raddir/radauth.allowusers") {
open(FILE,"$raddir/radauth.allowusers");
delete $proxysettings{'RADIUS_ALLOW_USERS'};
print FILE $proxysettings{'MIME_TYPES'};
close(FILE);
- open(FILE, ">$ntlmdir/msntauth.allowusers");
- flock(FILE, 2);
- print FILE $proxysettings{'NTLM_ALLOW_USERS'};
- close(FILE);
-
- open(FILE, ">$ntlmdir/msntauth.denyusers");
- flock(FILE, 2);
- print FILE $proxysettings{'NTLM_DENY_USERS'};
- close(FILE);
-
open(FILE, ">$raddir/radauth.allowusers");
flock(FILE, 2);
print FILE $proxysettings{'RADIUS_ALLOW_USERS'};
if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
}
- if ($proxysettings{'AUTH_METHOD'} eq 'ntlm')
- {
- if ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on')
- {
- print FILE "auth_param ntlm program $authdir/ntlm_smb_lm_auth $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_PDC'}";
- if ($proxysettings{'NTLM_BDC'} eq '') { print FILE "\n"; } else { print FILE " $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_BDC'}\n"; }
- print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n";
- if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
- } else {
- print FILE "auth_param basic program $authdir/basic_msnt_auth\n";
- print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
- print FILE "auth_param basic realm $authrealm\n";
- print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
- if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
-
- open(MSNTCONF, ">$ntlmdir/msntauth.conf");
- flock(MSNTCONF,2);
- print MSNTCONF "server $proxysettings{'NTLM_PDC'}";
- if ($proxysettings{'NTLM_BDC'} eq '') { print MSNTCONF " $proxysettings{'NTLM_PDC'}"; } else { print MSNTCONF " $proxysettings{'NTLM_BDC'}"; }
- print MSNTCONF " $proxysettings{'NTLM_DOMAIN'}\n";
- if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')
- {
- if ($proxysettings{'NTLM_USER_ACL'} eq 'positive')
- {
- print MSNTCONF "allowusers $ntlmdir/msntauth.allowusers\n";
- } else {
- print MSNTCONF "denyusers $ntlmdir/msntauth.denyusers\n";
- }
- }
- close(MSNTCONF);
- }
- }
-
if ($proxysettings{'AUTH_METHOD'} eq 'ntlm-auth')
{
print FILE "auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp";
print FILE "\n";
print FILE "acl for_inetusers proxy_auth REQUIRED\n";
- if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on'))
- {
- if ((!-z "$ntlmdir/msntauth.allowusers") && ($proxysettings{'NTLM_USER_ACL'} eq 'positive'))
- {
- print FILE "acl for_acl_users proxy_auth \"$ntlmdir/msntauth.allowusers\"\n";
- }
- if ((!-z "$ntlmdir/msntauth.denyusers") && ($proxysettings{'NTLM_USER_ACL'} eq 'negative'))
- {
- print FILE "acl for_acl_users proxy_auth \"$ntlmdir/msntauth.denyusers\"\n";
- }
- }
if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on'))
{
if ((!-z "$raddir/radauth.allowusers") && ($proxysettings{'RADIUS_USER_ACL'} eq 'positive'))
{
if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FILE " for_inetusers"; }
}
- if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || ($proxysettings{'AUTH_METHOD'} eq 'radius'))
+ if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || ($proxysettings{'AUTH_METHOD'} eq 'radius'))
{
print FILE " for_inetusers";
}
- if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on'))
- {
- if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')
- {
- if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/msntauth.allowusers"))
- {
- print FILE " for_acl_users";
- }
- if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/msntauth.denyusers"))
- {
- print FILE " !for_acl_users";
- }
- } else { print FILE " for_inetusers"; }
- }
if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on'))
{
if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')
{
if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FILE " for_inetusers"; }
}
- if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || ($proxysettings{'AUTH_METHOD'} eq 'radius'))
+ if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || ($proxysettings{'AUTH_METHOD'} eq 'radius'))
{
print FILE " for_inetusers";
}
- if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on'))
- {
- if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')
- {
- if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/msntauth.allowusers"))
- {
- print FILE " for_acl_users";
- }
- if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/msntauth.denyusers"))
- {
- print FILE " !for_acl_users";
- }
- } else { print FILE " for_inetusers"; }
- }
if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on'))
{
if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')
}
if (
- (
- ($proxysettings{'AUTH_METHOD'} eq 'ntlm') &&
- ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') &&
- ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'NTLM_USER_ACL'} eq 'negative') &&
- (!-z "$ntlmdir/msntauth.denyusers")
- )
- ||
(
($proxysettings{'AUTH_METHOD'} eq 'radius') &&
($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') &&
print FILE "http_access allow IPFire_networks";
if (
- (
- ($proxysettings{'AUTH_METHOD'} eq 'ntlm') &&
- ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') &&
- ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'NTLM_USER_ACL'} eq 'positive') &&
- (!-z "$ntlmdir/msntauth.allowusers")
- )
- ||
(
($proxysettings{'AUTH_METHOD'} eq 'radius') &&
($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') &&