#endif
static int connect_timeout = 0;
static int timelimit = LDAP_NO_LIMIT;
-static int debug_mode = 0;
/* Added for TLS support and version 3 */
static int use_tls = 0;
break;
#endif
case 'd':
- debug_mode++;
+ debug_enabled = 1;
break;
default:
fprintf(stderr, PROGRAM_NAME ": ERROR: Unknown command line option '%c'\n", option);
/* LDAP can't bind with a blank password. Seen as "anonymous"
* and always granted access
*/
- if (debug_mode)
- fprintf(stderr, "Blank password given\n");
+ debug("Blank password given\n");
return 1;
}
if (searchfilter) {
}
}
snprintf(filter, sizeof(filter), searchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
- if (debug_mode)
- fprintf(stderr, "user filter '%s', searchbase '%s'\n", filter, basedn);
+ debug("user filter '%s', searchbase '%s'\n", filter, basedn);
rc = ldap_search_s(search_ld, basedn, searchscope, filter, searchattr, 1, &res);
if (rc != LDAP_SUCCESS) {
if (noreferrals && rc == LDAP_PARTIAL_RESULTS) {
/* Everything is fine. This is expected when referrals
* are disabled.
*/
- if (debug_mode)
- fprintf(stderr, "noreferrals && rc == LDAP_PARTIAL_RESULTS\n");
+ debug("noreferrals && rc == LDAP_PARTIAL_RESULTS\n");
} else {
fprintf(stderr, PROGRAM_NAME ": WARNING, LDAP search error '%s'\n", ldap_err2string(rc));
#if defined(NETSCAPE_SSL)
}
entry = ldap_first_entry(search_ld, res);
if (!entry) {
- if (debug_mode)
- fprintf(stderr, "Ldap search returned nothing\n");
+ debug("Ldap search returned nothing\n");
ret = 1;
goto search_done;
}
snprintf(dn, sizeof(dn), "%s=%s,%s", userattr, userid, basedn);
}
- if (debug_mode)
- fprintf(stderr, "attempting to authenticate user '%s'\n", dn);
+ debug("attempting to authenticate user '%s'\n", dn);
if (!bind_ld && !bind_once)
bind_ld = persistent_ld;
if (!bind_ld)
#endif
int check_gss_err(OM_uint32 major_status, OM_uint32 minor_status,
- const char *function, int debug, int log);
+ const char *function, int log);
char *gethost_name(void);
static const char *LogTime(void);
int
check_gss_err(OM_uint32 major_status, OM_uint32 minor_status,
- const char *function, int debug, int log)
+ const char *function, int log)
{
if (GSS_ERROR(major_status)) {
OM_uint32 maj_stat, min_stat;
}
gss_release_buffer(&min_stat, &status_string);
}
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: %s failed: %s\n", LogTime(), PROGRAM,
- function, buf);
+ debug("%s| %s: ERROR: %s failed: %s\n", LogTime(), PROGRAM, function, buf);
fprintf(stdout, "BH %s failed: %s\n", function, buf);
if (log)
fprintf(stderr, "%s| %s: INFO: User not authenticated\n", LogTime(),
char *user = NULL;
int length = 0;
static int err = 0;
- int opt, debug = 0, log = 0, norealm = 0;
+ int opt, log = 0, norealm = 0;
OM_uint32 ret_flags = 0, spnego_flag = 0;
char *service_name = (char *) "HTTP", *host_name = NULL;
char *token = NULL;
while (-1 != (opt = getopt(argc, argv, "dirs:h"))) {
switch (opt) {
case 'd':
- debug = 1;
+ debug_enabled = 1;
break;
case 'i':
log = 1;
}
}
- if (debug)
- fprintf(stderr, "%s| %s: INFO: Starting version %s\n", LogTime(), PROGRAM,
- SQUID_KERB_AUTH_VERSION);
+ debug("%s| %s: INFO: Starting version %s\n", LogTime(), PROGRAM, SQUID_KERB_AUTH_VERSION);
if (service_principal && strcasecmp(service_principal, "GSS_C_NO_NAME")) {
service.value = service_principal;
service.length = strlen((char *) service.value);
while (1) {
if (fgets(buf, sizeof(buf) - 1, stdin) == NULL) {
if (ferror(stdin)) {
- if (debug)
- fprintf(stderr,
- "%s| %s: FATAL: fgets() failed! dying..... errno=%d (%s)\n",
- LogTime(), PROGRAM, ferror(stdin),
- strerror(ferror(stdin)));
+ debug("%s| %s: FATAL: fgets() failed! dying..... errno=%d (%s)\n",
+ LogTime(), PROGRAM, ferror(stdin),
+ strerror(ferror(stdin)));
fprintf(stdout, "BH input error\n");
exit(1); /* BIIG buffer */
err = 1;
}
if (err) {
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: Oversized message\n", LogTime(),
- PROGRAM);
+ debug("%s| %s: ERROR: Oversized message\n", LogTime(), PROGRAM);
fprintf(stdout, "BH Oversized message\n");
err = 0;
continue;
}
- if (debug)
- fprintf(stderr, "%s| %s: DEBUG: Got '%s' from squid (length: %d).\n",
- LogTime(), PROGRAM, buf, length);
+ debug("%s| %s: DEBUG: Got '%s' from squid (length: %d).\n", LogTime(), PROGRAM, buf, length);
if (buf[0] == '\0') {
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: Invalid request\n", LogTime(),
- PROGRAM);
+ debug("%s| %s: ERROR: Invalid request\n", LogTime(), PROGRAM);
fprintf(stdout, "BH Invalid request\n");
continue;
}
if (strlen(buf) < 2) {
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: Invalid request [%s]\n", LogTime(),
- PROGRAM, buf);
+ debug("%s| %s: ERROR: Invalid request [%s]\n", LogTime(), PROGRAM, buf);
fprintf(stdout, "BH Invalid request\n");
continue;
}
}
if (strncmp(buf, "YR", 2) && strncmp(buf, "KK", 2)) {
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: Invalid request [%s]\n", LogTime(),
- PROGRAM, buf);
+ debug("%s| %s: ERROR: Invalid request [%s]\n", LogTime(), PROGRAM, buf);
fprintf(stdout, "BH Invalid request\n");
continue;
}
}
if (strlen(buf) <= 3) {
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: Invalid negotiate request [%s]\n",
- LogTime(), PROGRAM, buf);
+ debug("%s| %s: ERROR: Invalid negotiate request [%s]\n", LogTime(), PROGRAM, buf);
fprintf(stdout, "BH Invalid negotiate request\n");
continue;
}
input_token.length = ska_base64_decode_len(buf + 3);
- if (debug)
- fprintf(stderr, "%s| %s: DEBUG: Decode '%s' (decoded length: %d).\n",
- LogTime(), PROGRAM, buf + 3, (int) input_token.length);
+ debug("%s| %s: DEBUG: Decode '%s' (decoded length: %d).\n",
+ LogTime(), PROGRAM, buf + 3, (int) input_token.length);
input_token.value = xmalloc(input_token.length);
ska_base64_decode((char*)input_token.value, buf + 3, input_token.length);
if ((input_token.length >= sizeof ntlmProtocol + 1) &&
(!memcmp(input_token.value, ntlmProtocol, sizeof ntlmProtocol))) {
- if (debug)
- fprintf(stderr, "%s| %s: WARNING: received type %d NTLM token\n",
- LogTime(), PROGRAM,
- (int) *((unsigned char *) input_token.value +
- sizeof ntlmProtocol));
+ debug("%s| %s: WARNING: received type %d NTLM token\n",
+ LogTime(), PROGRAM,
+ (int) *((unsigned char *) input_token.value +
+ sizeof ntlmProtocol));
fprintf(stdout, "BH received type %d NTLM token\n",
(int) *((unsigned char *) input_token.value +
sizeof ntlmProtocol));
gss_nt_service_name, &server_name);
}
- if (check_gss_err(major_status, minor_status, "gss_import_name()",
- debug, log))
+ if (check_gss_err(major_status, minor_status, "gss_import_name()", log))
goto cleanup;
major_status =
gss_acquire_cred(&minor_status, server_name, GSS_C_INDEFINITE,
GSS_C_NO_OID_SET, GSS_C_ACCEPT, &server_creds, NULL, NULL);
- if (check_gss_err(major_status, minor_status, "gss_acquire_cred()",
- debug, log))
+ if (check_gss_err(major_status, minor_status, "gss_acquire_cred()", log))
goto cleanup;
major_status = gss_accept_sec_context(&minor_status,
spnegoTokenLength = output_token.length;
token = (char*)xmalloc(ska_base64_encode_len(spnegoTokenLength));
if (token == NULL) {
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: Not enough memory\n", LogTime(),
- PROGRAM);
+ debug("%s| %s: ERROR: Not enough memory\n", LogTime(), PROGRAM);
fprintf(stdout, "BH Not enough memory\n");
goto cleanup;
}
ska_base64_encode(token, (const char *) spnegoToken,
ska_base64_encode_len(spnegoTokenLength), spnegoTokenLength);
- if (check_gss_err(major_status, minor_status,
- "gss_accept_sec_context()", debug, log))
+ if (check_gss_err(major_status, minor_status, "gss_accept_sec_context()", log))
goto cleanup;
if (major_status & GSS_S_CONTINUE_NEEDED) {
- if (debug)
- fprintf(stderr, "%s| %s: INFO: continuation needed\n", LogTime(),
- PROGRAM);
+ debug("%s| %s: INFO: continuation needed\n", LogTime(), PROGRAM);
fprintf(stdout, "TT %s\n", token);
goto cleanup;
}
gss_display_name(&minor_status, client_name, &output_token,
NULL);
- if (check_gss_err(major_status, minor_status, "gss_display_name()",
- debug, log))
+ if (check_gss_err(major_status, minor_status, "gss_display_name()", log))
goto cleanup;
user = (char*)xmalloc(output_token.length + 1);
if (user == NULL) {
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: Not enough memory\n", LogTime(),
- PROGRAM);
+ debug("%s| %s: ERROR: Not enough memory\n", LogTime(), PROGRAM);
fprintf(stdout, "BH Not enough memory\n");
goto cleanup;
}
*p = '\0';
}
fprintf(stdout, "AF %s %s\n", token, user);
- if (debug)
- fprintf(stderr, "%s| %s: DEBUG: AF %s %s\n", LogTime(), PROGRAM, token,
- user);
+ debug("%s| %s: DEBUG: AF %s %s\n", LogTime(), PROGRAM, token, user);
if (log)
fprintf(stderr, "%s| %s: INFO: User %s authenticated\n", LogTime(),
PROGRAM, user);
goto cleanup;
} else {
- if (check_gss_err(major_status, minor_status,
- "gss_accept_sec_context()", debug, log))
+ if (check_gss_err(major_status, minor_status, "gss_accept_sec_context()", log))
goto cleanup;
if (major_status & GSS_S_CONTINUE_NEEDED) {
- if (debug)
- fprintf(stderr, "%s| %s: INFO: continuation needed\n", LogTime(),
- PROGRAM);
+ debug("%s| %s: INFO: continuation needed\n", LogTime(), PROGRAM);
fprintf(stdout, "NA %s\n", token);
goto cleanup;
}
gss_display_name(&minor_status, client_name, &output_token,
NULL);
- if (check_gss_err(major_status, minor_status, "gss_display_name()",
- debug, log))
+ if (check_gss_err(major_status, minor_status, "gss_display_name()", log))
goto cleanup;
/*
* Return dummy token AA. May need an extra return tag then AF
*/
user = (char*)xmalloc(output_token.length + 1);
if (user == NULL) {
- if (debug)
- fprintf(stderr, "%s| %s: ERROR: Not enough memory\n", LogTime(),
- PROGRAM);
+ debug("%s| %s: ERROR: Not enough memory\n", LogTime(), PROGRAM);
fprintf(stdout, "BH Not enough memory\n");
goto cleanup;
}
*p = '\0';
}
fprintf(stdout, "AF %s %s\n", "AA==", user);
- if (debug)
- fprintf(stderr, "%s| %s: DEBUG: AF %s %s\n", LogTime(), PROGRAM,
- "AA==", user);
+ debug("%s| %s: DEBUG: AF %s %s\n", LogTime(), PROGRAM, "AA==", user);
if (log)
fprintf(stderr, "%s| %s: INFO: User %s authenticated\n", LogTime(),
PROGRAM, user);
projects / thirdparty / squid.git / commitdiff
