Re: [squid-users] squid_ldap_group

From: Gerard Eviston <geviston@dont-contact.us>
Date: Thu, 12 Sep 2002 23:03:50 +1000

The patch below should add an option for stripping the domain component from
the username. I say "should" because I'm unable to test it properly due to
unrelated problems (don't laugh). I'm a lowly sysadmin, not a C programmer so
keep that in mind.

I'm not sure how MSAD works, so I've left it as an option instead of default
behaviour. I'd appreciate any comments from you Henrik or squid-users.

Regards
Gerard

--- squid_ldap_group.c.orig Thu Sep 12 22:02:52 2002
+++ squid_ldap_group.c Thu Sep 12 22:36:42 2002
@@ -217,6 +217,7 @@
     int tryagain, rc;
     int port = LDAP_PORT;
     int use_grouprdn = 0;
+ int stripdomain = 0;
 
     setbuf(stdout, NULL);
 
@@ -229,6 +230,7 @@
         case 'z':
         case 'Z':
         case 'g':
+ case 'S':
             break;
         default:
             if (strlen(argv[1]) > 2) {
@@ -331,6 +333,9 @@
         case 'g':
             use_grouprdn = 1;
             break;
+ case 'S':
+ stripdomain = 1;
+ break;
         default:
             fprintf(stderr, "squid_ldap_match: ERROR: Unknown command line option
'%c'\n", option);
             exit(1);
@@ -370,14 +375,20 @@
         fprintf(stderr, "\t-v 1|2\t\t\tLDAP version\n");
         fprintf(stderr, "\t-Z\t\t\tTLS encrypt the LDAP connection, requires LDAP
version 3\n");
         fprintf(stderr, "\t-g\t\t\tfirst query parameter is additional groups base
RDN for this query\n");
+ fprintf(stderr, "\t-S\t\t\tstrip domain component from username if
present\n");
         fprintf(stderr, "\n");
         fprintf(stderr, "\tIf you need to bind as a user to perform searches then
use the\n\t-D binddn -w bindpasswd options\n\n");
         exit(1);
     }
     while (fgets(buf, 256, stdin) != NULL) {
- char *t;
+ char *t, *u;
         int found = 0;
         user = strwordtok(buf, &t);
+ if (stripdomain && user
+ && (u = strstr(user, "\\\\"))
+ && *++u && *++u)
+ user = u;
+
         if (use_grouprdn)
                 grouprdn = strwordtok(NULL, &t);
 

Received on Thu Sep 12 2002 - 07:01:18 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:18 MST