Hi all,
this patch (which requires the recently-posted rfc3986 patch)
refactors the basic_getpwnam_auth helper to c++.
It's been farm-build-tested and run-tested on Ubuntu Linux.
--
Francesco
=== modified file 'helpers/basic_auth/getpwnam/basic_getpwnam_auth.cc'
--- helpers/basic_auth/getpwnam/basic_getpwnam_auth.cc 2015-02-19 02:48:23 +0000
+++ helpers/basic_auth/getpwnam/basic_getpwnam_auth.cc 2015-12-23 17:33:03 +0000
@@ -17,114 +17,114 @@
* Jon Thackray <[email protected]>.
*
* Uses getpwnam() routines for authentication.
* This has the following advantages over the NCSA module:
*
* - Allow authentication of all know local users
* - Allows authentication through nsswitch.conf
* + can handle NIS(+) requests
* + can handle LDAP request
* + can handle PAM request
*
* 2006-07: Giancarlo Razzolini <[email protected]>
*
* Added functionality for doing shadow authentication too,
* using the getspnam() function on systems that support it.
*
*/
#include "squid.h"
#include "helpers/defines.h"
-#include "rfc1738.h"
+#include "rfc3986.h"
#include <cstdlib>
#include <cstring>
+#include <iostream>
+#include <string>
+#include <utility>
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_CRYPT_H
#include <crypt.h>
#endif
#if HAVE_PWD_H
#include <pwd.h>
#endif
#if HAVE_SHADOW_H
#include <shadow.h>
#endif
static int
-passwd_auth(char *user, char *passwd)
+passwd_auth(const std::string &user, const std::string &passwd)
{
struct passwd *pwd;
- pwd = getpwnam(user);
+ pwd = getpwnam(user.c_str());
if (pwd == NULL) {
return 0; /* User does not exist */
} else {
- char *crypted = crypt(passwd, pwd->pw_passwd);
+ char *crypted = crypt(passwd.c_str(), pwd->pw_passwd);
if (!crypted || strcmp(pwd->pw_passwd, crypted)) {
return 2; /* Wrong password */
} else {
return 1; /* Authentication Sucessful */
}
}
}
#if HAVE_SHADOW_H
-static int
-shadow_auth(char *user, char *passwd)
+int
+shadow_auth(const std::string &user, const std::string &passwd)
{
struct spwd *pwd;
- pwd = getspnam(user);
+ pwd = getspnam(user.c_str());
if (pwd == NULL) {
- return passwd_auth(user, passwd); /* Fall back to passwd_auth */
+ return passwd_auth(user.c_str(), passwd.c_str()); /* Fall back to passwd_auth */
} else {
- char *crypted = crypt(passwd, pwd->sp_pwdp);
+ char *crypted = crypt(passwd.c_str(), pwd->sp_pwdp);
if (!crypted || strcmp(pwd->sp_pwdp, crypted)) {
return 2; /* Wrong password */
} else {
return 1; /* Authentication Sucessful */
}
}
}
#endif
int
main(int, char **)
{
int auth = 0;
- char buf[HELPER_INPUT_BUFFER];
- char *user, *passwd, *p;
-
- setbuf(stdout, NULL);
- while (fgets(buf, HELPER_INPUT_BUFFER, stdin) != NULL) {
- if ((p = strchr(buf, '\n')) != NULL)
- *p = '\0'; /* strip \n */
+ std::string buf;
+ while (getline(std::cin,buf)) {
+ std::stringstream ss(buf);
- if ((user = strtok(buf, " ")) == NULL) {
+ std::string user, passwd;
+ if (! (ss >> user)) {
SEND_ERR("No Username");
continue;
}
- if ((passwd = strtok(NULL, "")) == NULL) {
+ if (! (ss >> passwd)) {
SEND_ERR("No Password");
continue;
}
- rfc1738_unescape(user);
- rfc1738_unescape(passwd);
+
+ user = rfc3986_unescape(user);
+ passwd = rfc3986_unescape(passwd);
#if HAVE_SHADOW_H
auth = shadow_auth(user, passwd);
#else
auth = passwd_auth(user, passwd);
#endif
if (auth == 0) {
SEND_ERR("No such user");
} else {
if (auth == 2) {
SEND_ERR("Wrong password");
} else {
SEND_OK("");
}
}
}
return 0;
}
-
_______________________________________________
squid-dev mailing list
[email protected]
http://lists.squid-cache.org/listinfo/squid-dev
