1 Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.8
2 diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.9 squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.10
3 *** squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.9 Sun Jan 30 12:28:56 2005
4 --- squid/helpers/basic_auth/LDAP/squid_ldap_auth.8 Wed Sep 28 12:33:42 2005
7 a user DN and password to log in as to perform the searches, as in the
8 following complex Active Directory example
10 ! squid_ldap_auth -p -R -b "dc=your,dc=domain" -D "cn=squid,cn=users,dc=your,dc=domain" -w "secretsquidpassword" -f "(&(userPrincipalName=%s)(objectClass=Person))" activedirectoryserver
15 a user DN and password to log in as to perform the searches, as in the
16 following complex Active Directory example
18 ! squid_ldap_auth -P -R -b "dc=your,dc=domain" -D "cn=squid,cn=users,dc=your,dc=domain" -w "secretsquidpassword" -f "(&(userPrincipalName=%s)(objectClass=Person))" activedirectoryserver
22 Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.c
23 diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.23 squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.24
24 *** squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.23 Sat Sep 10 18:53:23 2005
25 --- squid/helpers/basic_auth/LDAP/squid_ldap_auth.c Wed Sep 28 12:33:42 2005
29 ld->ld_options &= ~LDAP_OPT_REFERRALS;
32 squid_ldap_set_timelimit(LDAP * ld, int timelimit)
34 ld->ld_timelimit = timelimit;
37 ld->ld_options &= ~LDAP_OPT_REFERRALS;
40 squid_ldap_set_timelimit(LDAP * ld, int timelimit)
42 ld->ld_timelimit = timelimit;
48 ! if (version != LDAP_VERSION3) {
49 fprintf(stderr, "TLS requires LDAP version 3\n");
51 } else if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) {
56 ! if (version != LDAP_VERSION3) {
57 fprintf(stderr, "TLS requires LDAP version 3\n");
59 } else if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) {
63 validUsername(const char *user)
65 ! const unsigned char *p = (const unsigned char *)user;
67 /* Leading whitespace? */
70 ! while(p[0] && p[1]) {
72 /* More than one consequitive space? */
76 validUsername(const char *user)
78 ! const unsigned char *p = (const unsigned char *) user;
80 /* Leading whitespace? */
83 ! while (p[0] && p[1]) {
85 /* More than one consequitive space? */
93 + /* Check the userid & password.
94 + * Return 0 on success, 1 on failure
97 checkLDAP(LDAP * persistent_ld, const char *userid, const char *password, const char *ldapServer, int port)
101 LDAP *bind_ld = NULL;
105 /* LDAP can't bind with a blank password. Seen as "anonymous"
106 * and always granted access
109 + fprintf(stderr, "Blank password given\n");
115 char escaped_login[256];
116 LDAPMessage *res = NULL;
118 ! char *searchattr[] = {LDAP_NO_ATTRS, NULL};
121 LDAP *search_ld = persistent_ld;
125 char escaped_login[256];
126 LDAPMessage *res = NULL;
128 ! char *searchattr[] =
129 ! {LDAP_NO_ATTRS, NULL};
131 LDAP *search_ld = persistent_ld;
137 /* Everything is fine. This is expected when referrals
141 + fprintf(stderr, "noreferrals && rc == LDAP_PARTIAL_RESULTS\n");
143 fprintf(stderr, PROGRAM_NAME ": WARNING, LDAP search error '%s'\n", ldap_err2string(rc));
144 #if defined(NETSCAPE_SSL)
149 entry = ldap_first_entry(search_ld, res);
152 + fprintf(stderr, "Ldap search returned nothing\n");
162 readSecret(const char *filename)
170 readSecret(const char *filename)