msntauth.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /*
10  * MSNT - Microsoft Windows NT domain squid authenticator module
11  * Version 2.0 by Stellar-X Pty Ltd, Antonino Iannella
12  * Sun Sep 2 14:39:53 CST 2001
13  *
14  * Modified to act as a Squid authenticator module.
15  * Removed all Pike stuff.
16  * Returns OK for a successful authentication, or ERR upon error.
17  *
18  * Uses code from -
19  * Andrew Tridgell 1997
20  * Richard Sharpe 1996
21  * Bill Welliver 1999
22  * Duane Wessels 2000 (wessels@squid-cache.org)
23  *
24  * Released under GNU Public License
25  *
26  * This program is free software; you can redistribute it and/or modify
27  * it under the terms of the GNU General Public License as published by
28  * the Free Software Foundation; either version 2 of the License, or
29  * (at your option) any later version.
30  *
31  * This program is distributed in the hope that it will be useful,
32  * but WITHOUT ANY WARRANTY; without even the implied warranty of
33  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
34  * GNU General Public License for more details.
35  *
36  * You should have received a copy of the GNU General Public License
37  * along with this program; if not, write to the Free Software
38  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
39  */
40 #include "squid.h"
41 #include "rfc1738.h"
42 #include "util.h"
43 
44 #include <csignal>
45 #include <cstring>
46 #include <iostream>
47 #include <string>
48 #include <vector> //todo: turn into multimap
49 #include <syslog.h>
50 
53 
54 static char msntauth_version[] = "Msntauth v3.0.0 (C) 2 Sep 2001 Stellar-X Antonino Iannella.\nModified by the Squid HTTP Proxy team 2002-2014";
55 
57  std::string domain;
58  std::string server;
59 };
60 typedef std::vector<domaincontroller> domaincontrollers_t;
62 
63 bool
64 validate_user(char *username, char *password)
65 {
66  for (domaincontrollers_t::iterator dc = domaincontrollers.begin(); dc != domaincontrollers.end(); ++dc) {
67  //std::cerr << "testing against " << dc->server << std::endl;
68  const int rv = Valid_User(username, password, dc->server.c_str(), NULL, dc->domain.c_str());
69  //std::cerr << "check result: " << rv << std::endl;
70  if (rv == NTV_NO_ERROR)
71  return true;
72  }
73  return false;
74 }
75 
76 static char instructions[] = "Usage instructions: basic_nsnt_auth <domainname>/<domaincontroller> [<domainname>/<domaincontroller> ...]";
77 void
79 {
80  using std::endl;
81  std::cerr << msntauth_version << endl << instructions << endl << endl;
82 }
83 
84 // arguments: domain/server_name [domain/server_name ...]
85 int
86 main(int argc, char **argv)
87 {
88  char username[256];
89  char password[256];
90  char wstr[256];
91  int err = 0;
92 
93  openlog("basic_smb_lm_auth", LOG_PID, LOG_USER);
94  setbuf(stdout, NULL);
95 
96  for (int j = 1; j < argc; ++j) {
97  std::string arg = argv[j];
98  size_t pos=arg.find('/');
99  if (arg.find('/',pos+1) != std::string::npos) {
100  std::cerr << "Error: can't understand domain controller specification '"
101  << arg << "'. Ignoring" << std::endl;
102  }
104  dc.domain = arg.substr(0,pos);
105  dc.server = arg.substr(pos+1);
106  if (dc.domain.length() == 0 || dc.server.length() == 0) {
107  std::cerr << "Error: invalid domain specification in '" << arg <<
108  "'. Ignoring." << std::endl;
109  exit(EXIT_FAILURE);
110  }
111  domaincontrollers.push_back(dc);
112  }
113  if (domaincontrollers.empty()) {
115  std::cerr << "Error: no domain controllers specified" << std::endl;
116  exit(EXIT_FAILURE);
117  }
118 
119  while (1) {
120  int n;
121  /* Read whole line from standard input. Terminate on break. */
122  memset(wstr, '\0', sizeof(wstr));
123  if (fgets(wstr, 255, stdin) == NULL)
124  break;
125  /* ignore this line if we didn't get the end-of-line marker */
126  if (NULL == strchr(wstr, '\n')) {
127  err = 1;
128  continue;
129  }
130  if (err) {
131  syslog(LOG_WARNING, "oversized message");
132  puts("ERR");
133  err = 0;
134  continue;
135  }
136 
137  /*
138  * extract username and password.
139  */
140  username[0] = '\0';
141  password[0] = '\0';
142  n = sscanf(wstr, "%s %[^\n]", username, password);
143  if (2 != n) {
144  puts("ERR");
145  continue;
146  }
147  /* Check for invalid or blank entries */
148  if ((username[0] == '\0') || (password[0] == '\0')) {
149  puts("ERR");
150  continue;
151  }
152 
153  rfc1738_unescape(username);
154  rfc1738_unescape(password);
155 
156  if (validate_user(username, password)) {
157  puts("OK");
158  } else {
159  syslog(LOG_INFO, "'%s' login failed", username);
160  puts("ERR");
161  }
162  err = 0;
163  }
164 
165  return EXIT_SUCCESS;
166 }
167 
struct _dc dc
domaincontrollers_t domaincontrollers
Definition: msntauth.cc:61
std::string server
Definition: msntauth.cc:58
#define NTV_NO_ERROR
Definition: valid.h:13
void EVH void * arg
Definition: stub_event.cc:16
static char instructions[]
Definition: msntauth.cc:76
static char msntauth_version[]
Definition: msntauth.cc:54
int main(int argc, char **argv)
Definition: msntauth.cc:86
bool validate_user(char *username, char *password)
Definition: msntauth.cc:64
void display_usage_instructions()
Definition: msntauth.cc:78
std::vector< domaincontroller > domaincontrollers_t
Definition: msntauth.cc:60
char * domain
void rfc1738_unescape(char *url)
Definition: rfc1738.c:146
std::string domain
Definition: msntauth.cc:57
#define NULL
Definition: types.h:166
int Valid_User(char *USERNAME, char *PASSWORD, const char *SERVER, char *, const char *DOMAIN)
Definition: valid.cc:25

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors