msntauth.cc
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9/*
10 * MSNT - Microsoft Windows NT domain squid authenticator module
11 * Version 2.0 by Stellar-X Pty Ltd, Antonino Iannella
12 * Sun Sep 2 14:39:53 CST 2001
13 *
14 * Modified to act as a Squid authenticator module.
15 * Removed all Pike stuff.
16 * Returns OK for a successful authentication, or ERR upon error.
17 *
18 * Uses code from -
19 * Andrew Tridgell 1997
20 * Richard Sharpe 1996
21 * Bill Welliver 1999
22 * Duane Wessels 2000 (wessels@squid-cache.org)
23 *
24 * Released under GNU Public License
25 *
26 * This program is free software; you can redistribute it and/or modify
27 * it under the terms of the GNU General Public License as published by
28 * the Free Software Foundation; either version 2 of the License, or
29 * (at your option) any later version.
30 *
31 * This program is distributed in the hope that it will be useful,
32 * but WITHOUT ANY WARRANTY; without even the implied warranty of
33 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
34 * GNU General Public License for more details.
35 *
36 * You should have received a copy of the GNU General Public License
37 * along with this program; if not, write to the Free Software
38 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
39 */
40#include "squid.h"
41#include "rfc1738.h"
42#include "util.h"
43
44#include <csignal>
45#include <cstring>
46#include <iostream>
47#include <string>
48#include <vector>
49#include <syslog.h>
50
53
54static char msntauth_version[] = "Msntauth v3.0.0 (C) 2 Sep 2001 Stellar-X Antonino Iannella.\nModified by the Squid HTTP Proxy team 2002-2014";
55
57 std::string domain;
58 std::string server;
59};
60typedef std::vector<domaincontroller> domaincontrollers_t;
62
63static bool
64validate_user(char *username, char *password)
65{
66 for (domaincontrollers_t::iterator dc = domaincontrollers.begin(); dc != domaincontrollers.end(); ++dc) {
67 //std::cerr << "testing against " << dc->server << std::endl;
68 const int rv = Valid_User(username, password, dc->server.c_str(), nullptr, dc->domain.c_str());
69 //std::cerr << "check result: " << rv << std::endl;
70 if (rv == NTV_NO_ERROR)
71 return true;
72 }
73 return false;
74}
75
76static char instructions[] = "Usage instructions: basic_nsnt_auth <domainname>/<domaincontroller> [<domainname>/<domaincontroller> ...]";
77static void
79{
80 using std::endl;
81 std::cerr << msntauth_version << endl << instructions << endl << endl;
82}
83
84// arguments: domain/server_name [domain/server_name ...]
85int
86main(int argc, char **argv)
87{
88 char username[256];
89 char password[256];
90 char wstr[256];
91 int err = 0;
92
93 openlog("basic_smb_lm_auth", LOG_PID, LOG_USER);
94 setbuf(stdout, nullptr);
95
96 for (int j = 1; j < argc; ++j) {
97 std::string arg = argv[j];
98 size_t pos=arg.find('/');
99 if (arg.find('/',pos+1) != std::string::npos) {
100 std::cerr << "Error: can't understand domain controller specification '"
101 << arg << "'. Ignoring" << std::endl;
102 }
104 dc.domain = arg.substr(0,pos);
105 dc.server = arg.substr(pos+1);
106 if (dc.domain.length() == 0 || dc.server.length() == 0) {
107 std::cerr << "Error: invalid domain specification in '" << arg <<
108 "'. Ignoring." << std::endl;
109 exit(EXIT_FAILURE);
110 }
111 domaincontrollers.push_back(dc);
112 }
113 if (domaincontrollers.empty()) {
115 std::cerr << "Error: no domain controllers specified" << std::endl;
116 exit(EXIT_FAILURE);
117 }
118
119 while (1) {
120 int n;
121 /* Read whole line from standard input. Terminate on break. */
122 memset(wstr, '\0', sizeof(wstr));
123 if (fgets(wstr, 255, stdin) == NULL)
124 break;
125 /* ignore this line if we didn't get the end-of-line marker */
126 if (NULL == strchr(wstr, '\n')) {
127 err = 1;
128 continue;
129 }
130 if (err) {
131 syslog(LOG_WARNING, "oversized message");
132 puts("ERR");
133 err = 0;
134 continue;
135 }
136
137 /*
138 * extract username and password.
139 */
140 username[0] = '\0';
141 password[0] = '\0';
142 n = sscanf(wstr, "%s %[^\n]", username, password);
143 if (2 != n) {
144 puts("ERR");
145 continue;
146 }
147 /* Check for invalid or blank entries */
148 if ((username[0] == '\0') || (password[0] == '\0')) {
149 puts("ERR");
150 continue;
151 }
152
153 rfc1738_unescape(username);
154 rfc1738_unescape(password);
155
156 if (validate_user(username, password)) {
157 puts("OK");
158 } else {
159 syslog(LOG_INFO, "'%s' login failed", username);
160 puts("ERR");
161 }
162 err = 0;
163 }
164
165 return EXIT_SUCCESS;
166}
167
int Valid_User(char *USERNAME, char *PASSWORD, const char *SERVER, char *, const char *DOMAIN)
Definition: valid.cc:25
#define NTV_NO_ERROR
Definition: valid.h:13
static bool validate_user(char *username, char *password)
Definition: msntauth.cc:64
domaincontrollers_t domaincontrollers
Definition: msntauth.cc:61
static char msntauth_version[]
Definition: msntauth.cc:54
int main(int argc, char **argv)
Definition: msntauth.cc:86
static void display_usage_instructions()
Definition: msntauth.cc:78
std::vector< domaincontroller > domaincontrollers_t
Definition: msntauth.cc:60
static char instructions[]
Definition: msntauth.cc:76
struct _dc dc
void rfc1738_unescape(char *url)
Definition: rfc1738.c:146
char * domain
std::string domain
Definition: msntauth.cc:57
std::string server
Definition: msntauth.cc:58
#define NULL
Definition: types.h:145

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors