basic_sasl_auth.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /*
10  * SASL authenticator module for Squid.
11  * Copyright (C) 2002 Ian Castle <ian.castle@coldcomfortfarm.net>
12  *
13  * This program is free software; you can redistribute it and/or modify
14  * it under the terms of the GNU General Public License as published by
15  * the Free Software Foundation; either version 2 of the License, or
16  * (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software
25  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
26  *
27  * Install instructions:
28  *
29  * This program authenticates users against using cyrus-sasl
30  *
31  * Compile this program with: gcc -Wall -o sasl_auth sasl_auth.c -lsasl
32  * or with SASL2: gcc -Wall -o sasl_auth sasl_auth.c -lsasl2
33  *
34  */
35 #include "squid.h"
37 #include "rfc1738.h"
38 #include "util.h"
39 
40 #include <cerrno>
41 #include <cstdlib>
42 #include <cstring>
43 #if HAVE_SASL_SASL_H
44 #include <sasl/sasl.h>
45 #else
46 #include <sasl.h>
47 #endif
48 
49 #define APP_NAME_SASL "basic_sasl_auth"
50 
51 int
52 main(int, char *argv[])
53 {
54  char line[HELPER_INPUT_BUFFER];
55  char *username, *password;
56 #if SASL_VERSION_MAJOR < 2
57  const char *errstr;
58 #endif
59 
60  int rc;
61  sasl_conn_t *conn = NULL;
62 
63  /* make standard output line buffered */
64  setvbuf(stdout, NULL, _IOLBF, 0);
65 
66  rc = sasl_server_init( NULL, APP_NAME_SASL );
67 
68  if ( rc != SASL_OK ) {
69  fprintf(stderr, "FATAL: %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
70  exit(EXIT_FAILURE);
71  }
72 
73 #if SASL_VERSION_MAJOR < 2
74  rc = sasl_server_new( APP_NAME_SASL, NULL, NULL, NULL, 0, &conn );
75 #else
76  rc = sasl_server_new( APP_NAME_SASL, NULL, NULL, NULL, NULL, NULL, 0, &conn );
77 #endif
78 
79  if ( rc != SASL_OK ) {
80  fprintf(stderr, "FATAL: %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
81  exit(EXIT_FAILURE);
82  }
83 
84  while ( fgets( line, HELPER_INPUT_BUFFER, stdin )) {
85  username = &line[0];
86  password = strchr( line, '\n' );
87  if (!password) {
88  debug("ERROR: %s: Unexpected input '%s'\n", argv[0], line);
89  SEND_ERR("Unexpected Empty Input");
90  continue;
91  }
92  *password = '\0';
93  password = strchr ( line, ' ' );
94  if (!password) {
95  debug("ERROR: %s: Unexpected input '%s' (no password)\n", argv[0], line );
96  SEND_ERR("No Password");
97  continue;
98  }
99  *password = '\0';
100  ++password;
101 
102  rfc1738_unescape(username);
103  rfc1738_unescape(password);
104 
105 #if SASL_VERSION_MAJOR < 2
106  rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password), &errstr);
107 #else
108  rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password));
109 #endif
110 
111  if ( rc != SASL_OK ) {
112 #if SASL_VERSION_MAJOR < 2
113  if ( errstr ) {
114  debug("errstr %s\n", errstr);
115  }
116  if ( rc != SASL_BADAUTH ) {
117  debug("ERROR: %d %s\n", rc, sasl_errstring(rc, NULL, NULL));
118  SEND_ERR(sasl_errstring(rc, NULL, NULL));
119  } else
120 #endif
121  SEND_ERR("");
122  } else {
123  SEND_OK("");
124  }
125  }
126 
127  sasl_dispose(&conn);
128  sasl_done();
129  return EXIT_SUCCESS;
130 }
131 
#define APP_NAME_SASL
int conn
the current server connection FD
Definition: Transport.cc:26
#define SEND_OK(x)
#define HELPER_INPUT_BUFFER
Definition: UserRequest.cc:26
static int debug
Definition: tcp-banger3.c:105
static char errstr[1001]
int main(int, char *argv[])
void rfc1738_unescape(char *url)
Definition: rfc1738.c:146
#define SEND_ERR(x)
#define NULL
Definition: types.h:166

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors