1 Index: squid/helpers/basic_auth/PAM/pam_auth.8
2 diff -c squid/helpers/basic_auth/PAM/pam_auth.8:1.2.2.2 squid/helpers/basic_auth/PAM/pam_auth.8:1.2.2.4
3 *** squid/helpers/basic_auth/PAM/pam_auth.8:1.2.2.2 Wed May 15 06:07:13 2002
4 --- squid/helpers/basic_auth/PAM/pam_auth.8 Wed Nov 5 02:59:13 2003
7 ! .TH pam_auth 8 "15 May 2002" "Squid PAM Auth"
10 pam_auth - Squid PAM authentication helper
12 ! .TH pam_auth 8 "5 Sep 2003" "Squid PAM Auth"
15 pam_auth - Squid PAM authentication helper
21 ! Unless the -1 option is used, this specified for how long
22 ! the connection to the PAM database should be kept open and
23 ! reused for new logins. Defaults to 60 seconds.
27 Do not perform the PAM account management group (account
32 - Specifies "One shot" mode, where a new PAM connection will
33 - be opened for each new user. This is how PAM is normally
34 - used and may be required by some backend databases.
35 - The default is to reuse the PAM connection to maximize
36 - performance. (see -t above)
44 ! Enables persistent PAM connections where the connection to the PAM
45 ! database is kept open and reused for new logins. The TTL specifies
46 ! how long the connetion will be kept open (in seconds). Default is
47 ! to not keep PAM connections open. Please note that the use of
48 ! persistent PAM connections is slightly outside the PAM
49 ! specification and may not work with all PAM configurations.
53 Do not perform the PAM account management group (account
61 .I Henrik Nordstrom <hno@squid-cache.org>
64 ! Squid pam_auth and this manual is Copyright 1999,2002
65 Henrik Nordstrom <hno@squid-cache.org>
69 .I Henrik Nordstrom <hno@squid-cache.org>
72 ! Squid pam_auth and this manual is Copyright 1999,2002,2003
73 Henrik Nordstrom <hno@squid-cache.org>
76 Index: squid/helpers/basic_auth/PAM/pam_auth.c
77 diff -c squid/helpers/basic_auth/PAM/pam_auth.c:1.3.2.6 squid/helpers/basic_auth/PAM/pam_auth.c:1.3.2.9
78 *** squid/helpers/basic_auth/PAM/pam_auth.c:1.3.2.6 Thu Oct 10 21:06:01 2002
79 --- squid/helpers/basic_auth/PAM/pam_auth.c Wed Nov 5 11:15:06 2003
84 * PAM authenticator module for Squid.
85 ! * Copyright (C) 1999,2002 Henrik Nordstrom <hno@squid-cache.org>
87 * This program is free software; you can redistribute it and/or modify
88 * it under the terms of the GNU General Public License as published by
92 * PAM authenticator module for Squid.
93 ! * Copyright (C) 1999,2002,2003 Henrik Nordstrom <hno@squid-cache.org>
95 * This program is free software; you can redistribute it and/or modify
96 * it under the terms of the GNU General Public License as published by
103 + * Version 2.2, 2003-11-05
104 + * One shot mode is now the default mode of operation
105 + * with persistent PAM connections enabled by -t option.
106 + * Support for clearing the PAM_AUTHTOK attribute on
107 + * persistent PAM connections.
109 + * Version 2.1, 2002-08-12
110 + * Squid-2.5 support (URL encoded login, password strings)
112 * Version 2.0, 2002-01-07
113 * One shot mode, command line options
118 /* The default TTL */
119 #ifndef DEFAULT_SQUID_PAM_TTL
120 ! #define DEFAULT_SQUID_PAM_TTL 60
123 static char *password = NULL; /* Workaround for Solaris 2.6 brokenness */
126 /* The default TTL */
127 #ifndef DEFAULT_SQUID_PAM_TTL
128 ! #define DEFAULT_SQUID_PAM_TTL 0
131 static char *password = NULL; /* Workaround for Solaris 2.6 brokenness */
136 pamh_created = time(NULL);
138 + /* Authentication */
139 retval = PAM_SUCCESS;
141 if (retval == PAM_SUCCESS)
145 fprintf(stdout, "ERR\n");
148 retval = pam_end(pamh, retval);
149 if (retval != PAM_SUCCESS) {
150 fprintf(stderr, "WARNING: failed to release PAM authenticator\n");
153 fprintf(stdout, "ERR\n");
156 ! retval = PAM_SUCCESS;
159 ! if (retval == PAM_SUCCESS)
160 ! retval = pam_set_item(pamh, PAM_AUTHTOK, NULL);
163 ! if (ttl == 0 || retval != PAM_SUCCESS) {
164 retval = pam_end(pamh, retval);
165 if (retval != PAM_SUCCESS) {
166 fprintf(stderr, "WARNING: failed to release PAM authenticator\n");