basic_sasl_auth.cc
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9/*
10 * SASL authenticator module for Squid.
11 * Copyright (C) 2002 Ian Castle <ian.castle@coldcomfortfarm.net>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
26 *
27 * Install instructions:
28 *
29 * This program authenticates users against using cyrus-sasl
30 *
31 * Compile this program with: gcc -Wall -o sasl_auth sasl_auth.c -lsasl
32 * or with SASL2: gcc -Wall -o sasl_auth sasl_auth.c -lsasl2
33 *
34 */
35#include "squid.h"
37#include "rfc1738.h"
38#include "util.h"
39
40#include <cerrno>
41#include <cstdlib>
42#include <cstring>
43#if HAVE_SASL_SASL_H
44#include <sasl/sasl.h>
45#else
46#include <sasl.h>
47#endif
48
49#define APP_NAME_SASL "basic_sasl_auth"
50
51int
52main(int, char *argv[])
53{
54 char line[HELPER_INPUT_BUFFER];
55 char *username, *password;
56#if SASL_VERSION_MAJOR < 2
57 const char *errstr;
58#endif
59
60 int rc;
61 sasl_conn_t *conn = nullptr;
62
63 /* make standard output line buffered */
64 setvbuf(stdout, nullptr, _IOLBF, 0);
65
66 rc = sasl_server_init( nullptr, APP_NAME_SASL );
67
68 if ( rc != SASL_OK ) {
69 fprintf(stderr, "FATAL: %d %s\n", rc, sasl_errstring(rc, nullptr, nullptr ));
70 exit(EXIT_FAILURE);
71 }
72
73#if SASL_VERSION_MAJOR < 2
74 rc = sasl_server_new( APP_NAME_SASL, nullptr, nullptr, nullptr, 0, &conn );
75#else
76 rc = sasl_server_new( APP_NAME_SASL, nullptr, nullptr, nullptr, nullptr, nullptr, 0, &conn );
77#endif
78
79 if ( rc != SASL_OK ) {
80 fprintf(stderr, "FATAL: %d %s\n", rc, sasl_errstring(rc, nullptr, nullptr ));
81 exit(EXIT_FAILURE);
82 }
83
84 while ( fgets( line, HELPER_INPUT_BUFFER, stdin )) {
85 username = &line[0];
86 password = strchr( line, '\n' );
87 if (!password) {
88 debug("ERROR: %s: Unexpected input '%s'\n", argv[0], line);
89 SEND_ERR("Unexpected Empty Input");
90 continue;
91 }
92 *password = '\0';
93 password = strchr ( line, ' ' );
94 if (!password) {
95 debug("ERROR: %s: Unexpected input '%s' (no password)\n", argv[0], line );
96 SEND_ERR("No Password");
97 continue;
98 }
99 *password = '\0';
100 ++password;
101
102 rfc1738_unescape(username);
103 rfc1738_unescape(password);
104
105#if SASL_VERSION_MAJOR < 2
106 rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password), &errstr);
107#else
108 rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password));
109#endif
110
111 if ( rc != SASL_OK ) {
112#if SASL_VERSION_MAJOR < 2
113 if ( errstr ) {
114 debug("errstr %s\n", errstr);
115 }
116 if ( rc != SASL_BADAUTH ) {
117 debug("ERROR: %d %s\n", rc, sasl_errstring(rc, nullptr, nullptr));
118 SEND_ERR(sasl_errstring(rc, nullptr, nullptr));
119 } else
120#endif
121 SEND_ERR("");
122 } else {
123 SEND_OK("");
124 }
125 }
126
127 sasl_dispose(&conn);
128 sasl_done();
129 return EXIT_SUCCESS;
130}
131
int conn
the current server connection FD
Definition: Transport.cc:26
#define HELPER_INPUT_BUFFER
Definition: UserRequest.cc:24
int main(int, char *argv[])
#define APP_NAME_SASL
void debug(const char *format,...)
Definition: debug.cc:19
static char errstr[1001]
#define SEND_ERR(x)
#define SEND_OK(x)
void rfc1738_unescape(char *url)
Definition: rfc1738.c:146

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors