1 Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.8
2 diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.4 squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.5
3 *** squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.4 Wed Feb 18 09:15:52 2004
4 --- squid/helpers/basic_auth/LDAP/squid_ldap_auth.8 Tue Mar 2 02:13:29 2004
9 Specify time limit on LDAP search operations
13 + Debug mode where each step taken will get reported in detail.
14 + Useful for understanding what goes wrong if the results is
15 + not what is expected.
18 For directories using the RFC2307 layout with a single domain, all
19 you need to specify is usually the base DN under where your users
20 Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.c
21 diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.8 squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.10
22 *** squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.8 Mon Jan 5 06:12:11 2004
23 --- squid/helpers/basic_auth/LDAP/squid_ldap_auth.c Thu Mar 4 02:37:38 2004
27 * or (at your option) any later version.
30 + * 2004-03-01: Henrik Nordstrom <hno@squid-cache.org>
31 + * - corrected building of search filters to escape
33 + * - -d option for "debug" like squid_ldap_group
34 * 2004-01-05: Henrik Nordstrom <hno@squid-cache.org>
35 * - Corrected TLS mode
36 * 2003-03-01: David J N Begley
41 static int connect_timeout = 0;
42 static int timelimit = LDAP_NO_LIMIT;
43 + static int debug = 0;
45 /* Added for TLS support and version 3 */
46 static int use_tls = 0;
56 if (strlen(argv[1]) > 2) {
67 fprintf(stderr, PROGRAM_NAME ": ERROR: Unknown command line option '%c'\n", option);
75 + ldap_escape_value(char *escaped, int size, const char *src)
78 + while (size > 4 && *src) {
88 + snprintf(escaped, 3, "%02x", (unsigned char)*src++);
93 + *escaped++ = *src++;
103 checkLDAP(LDAP * ld, const char *userid, const char *password)
112 + char escaped_login[256];
113 LDAPMessage *res = NULL;
122 + ldap_escape_value(escaped_login, sizeof(escaped_login), userid);
124 rc = ldap_simple_bind_s(ld, binddn, bindpasswd);
125 if (rc != LDAP_SUCCESS) {
131 ! snprintf(filter, sizeof(filter), searchfilter, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid);
132 rc = ldap_search_s(ld, basedn, searchscope, filter, searchattr, 1, &res);
133 if (rc != LDAP_SUCCESS) {
134 if (noreferrals && rc == LDAP_PARTIAL_RESULTS) {
139 ! snprintf(filter, sizeof(filter), searchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
141 ! fprintf(stderr, "user filter '%s', searchbase '%s'\n", filter, basedn);
142 rc = ldap_search_s(ld, basedn, searchscope, filter, searchattr, 1, &res);
143 if (rc != LDAP_SUCCESS) {
144 if (noreferrals && rc == LDAP_PARTIAL_RESULTS) {
148 snprintf(dn, sizeof(dn), "%s=%s,%s", userattr, userid, basedn);
152 + fprintf(stderr, "attempting to bind to user '%s'\n", dn);
153 if (ldap_simple_bind_s(ld, dn, password) != LDAP_SUCCESS)
156 Index: squid/helpers/external_acl/ldap_group/squid_ldap_group.8
157 diff -c squid/helpers/external_acl/ldap_group/squid_ldap_group.8:1.1.2.3 squid/helpers/external_acl/ldap_group/squid_ldap_group.8:1.1.2.4
158 *** squid/helpers/external_acl/ldap_group/squid_ldap_group.8:1.1.2.3 Wed Nov 19 17:41:37 2003
159 --- squid/helpers/external_acl/ldap_group/squid_ldap_group.8 Tue Mar 2 02:13:29 2004
164 Strip NT domain name component from user names (/ or \\ separated)
168 + Debug mode where each step taken will get reported in detail.
169 + Useful for understanding what goes wrong if the results is
170 + not what is expected.
172 .SH SQUID CONFIGURATION
174 This helper is intended to be used as a external_acl_type helper from
175 Index: squid/helpers/external_acl/ldap_group/squid_ldap_group.c
176 diff -c squid/helpers/external_acl/ldap_group/squid_ldap_group.c:1.2.2.16 squid/helpers/external_acl/ldap_group/squid_ldap_group.c:1.2.2.17
177 *** squid/helpers/external_acl/ldap_group/squid_ldap_group.c:1.2.2.16 Mon Feb 9 10:04:56 2004
178 --- squid/helpers/external_acl/ldap_group/squid_ldap_group.c Tue Mar 2 02:13:29 2004
194 ! snprintf(escaped, 3, "%02x", (int)*src++);
202 ! snprintf(escaped, 3, "%02x", (unsigned char)*src++);