------------------------------------------------------------ revno: 13678 revision-id: squid3@treenet.co.nz-20141208083128-a3zzjag4sckbn2i1 parent: squid3@treenet.co.nz-20141208083034-pweekwpa10iczrj6 committer: Amos Jeffries branch nick: 3.5 timestamp: Mon 2014-12-08 00:31:28 -0800 message: basic_msnt_multi_domain_auth: Add man(8) documentation Also, update helper to use command-line parameters instead of hard-coded configuration for most options. ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squid3@treenet.co.nz-20141208083128-a3zzjag4sckbn2i1 # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 # testament_sha1: cab2cfe85b858667bac03b88246ba414d150a79b # timestamp: 2014-12-08 08:51:12 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 # base_revision_id: squid3@treenet.co.nz-20141208083034-\ # pweekwpa10iczrj6 # # Begin patch === modified file 'helpers/basic_auth/MSNT-multi-domain/Makefile.am' --- helpers/basic_auth/MSNT-multi-domain/Makefile.am 2014-09-02 01:08:58 +0000 +++ helpers/basic_auth/MSNT-multi-domain/Makefile.am 2014-12-08 08:31:28 +0000 @@ -8,8 +8,16 @@ include $(top_srcdir)/src/Common.am libexec_SCRIPTS = basic_msnt_multi_domain_auth -EXTRA_DIST = basic_msnt_multi_domain_auth.pl.in README.txt required.m4 -CLEANFILES += basic_msnt_multi_domain_auth +man_MANS= basic_msnt_multi_domain_auth.8 +EXTRA_DIST= \ + basic_msnt_multi_domain_auth.8 \ + basic_msnt_multi_domain_auth.pl.in \ + required.m4 basic_msnt_multi_domain_auth: basic_msnt_multi_domain_auth.pl.in $(subst_perlshell) + +basic_msnt_multi_domain_auth.8: basic_msnt_multi_domain_auth + pod2man basic_msnt_multi_domain_auth basic_msnt_multi_domain_auth.8 + +CLEANFILES += basic_msnt_multi_domain_auth basic_msnt_multi_domain_auth.8 === removed file 'helpers/basic_auth/MSNT-multi-domain/README.txt' --- helpers/basic_auth/MSNT-multi-domain/README.txt 2001-05-21 10:50:57 +0000 +++ helpers/basic_auth/MSNT-multi-domain/README.txt 1970-01-01 00:00:00 +0000 @@ -1,17 +0,0 @@ - -From: "Francesco Chemolli" -Subject: Multiple NT domains authenticator -Date: Fri, 7 Jul 2000 15:37:32 +0200 - -This is the multi-domain NTLM authenticator, blissfully undocumented -(but there's a few strategic comments, so that at least the user -is not left alone). - -The user is expected to enter his/her credentials as domain\username -or domain/username (in analogy to what M$-Proxy does). - -Requires Authen::SMB from CPAN and Samba if you need to perform netbios -queries. - - Francesco 'Kinkie' Chemolli - === modified file 'helpers/basic_auth/MSNT-multi-domain/basic_msnt_multi_domain_auth.pl.in' --- helpers/basic_auth/MSNT-multi-domain/basic_msnt_multi_domain_auth.pl.in 2014-09-02 01:08:58 +0000 +++ helpers/basic_auth/MSNT-multi-domain/basic_msnt_multi_domain_auth.pl.in 2014-12-08 08:31:28 +0000 @@ -1,14 +1,93 @@ #!@PERL@ -## -## Copyright (C) 1996-2014 The Squid Software Foundation and contributors -## -## Squid software is distributed under GPLv2+ license and includes -## contributions from numerous individuals and organizations. -## Please see the COPYING and CONTRIBUTORS files for details. -## - -#if you define this, debugging output will be printed to STDERR. -#$debug=1; + +use strict; +use Pod::Usage; +use Getopt::Long; + +=pod + +=head1 NAME + + basic_msnt_multi_domain_auth + +=head1 SYNOPSIS + + basic_msnt_multi_domain_auth [options] + +=head1 DESCRIPTION + +B is a Squid authenticator to check +user credentials against multiple NT domains using B. + +The user is expected to enter his/her credentials as domain\username +or domain/username (in analogy to what MS-Proxy does). + +Requires Authen::SMB from CPAN and Samba if you need to perform NETBIOS +queries. + +=head1 OPTIONS + +=over 12 + +=item B<--debug> + +Write debug info to stderr. + +=item B<--wins-server> + +Use the named WINS server. + + Default: broadcast will be attempted. + +=item B<--no-fqdn> + +Some servers don't like to be called by their fully qualified name. +Define this if you wish to call them ONLY by their hostname. + +=item B<--no-rdns> + +Some servers really really want to be called by address. + +=back + +=head1 AUTHOR + +This program was written by I> + +This manual was written by I> + +=head1 COPYRIGHT + + * Copyright (C) 1996-2014 The Squid Software Foundation and contributors + * + * Squid software is distributed under GPLv2+ license and includes + * contributions from numerous individuals and organizations. + * Please see the COPYING and CONTRIBUTORS files for details. + +=head1 QUESTIONS + +Questions on the usage of this program can be sent to the I> + +=head1 REPORTING BUGS + +Bug reports need to be made in English. +See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. + +Report bugs or bug fixes using http://bugs.squid-cache.org/ + +Report serious security bugs to I> + +Report ideas for new improvements to the I> + +=head1 SEE ALSO + +squid (8), GPL (7), + +The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq + +The Squid Configuration Manual http://www.squid-cache.org/Doc/config/ + +=cut #to force using some DC for some domains, fill in this hash. #the key is a regexp matched against the domain name @@ -19,28 +98,24 @@ #%controllers = ( ".*" => ["pdcname","bdcname"]); -#define this if you wish to use a WINS server. If undefined, broadcast -# will be attempted. -#$wins_server="winsservername"; - -# Some servers (at least mine) really really want to be called by address. -# If this variable is defined, we'll ask nmblookup to do a reverse DNS on the -# DC addresses. It might fail though, for instance because you have a crappy -# DNS with no reverse zones or records. If it doesn't work, you'll have to -# fall back to the %controllers hack. -$try_reverse_dns=1; - -# Some servers (at least mine) don't like to be called by their fully -# qualified name. define this if you wish to call them ONLY by their -# hostname. -$dont_use_fqdn=1; - #no more user-serviceable parts + use Authen::Smb; #variables: # %pdc used to cache the domain -> pdc_ip values. IT NEVER EXPIRES! +my $debug = undef; +my $wins_server = undef; +my $no_rdns = undef; +my $no_fqdn = undef; + +GetOptions( + 'debug' => \$debug, + 'wins-server=s' => $wins_server, + 'no-fqdn' => $no_fqdn, + 'no-rdns' => $no_rdns + ); $|=1; while (<>) { @@ -103,7 +178,7 @@ } $lookupstring="nmblookup"; $lookupstring.=" -R -U $wins_server" if (defined($wins_server)); - $lookupstring.=" -T" if (defined($try_reverse_dns)); + $lookupstring.=" -T" unless (defined($no_rdns)); $lookupstring.=" '$domain#1c'"; print STDERR "Discovering PDC: $lookupstring\n" if (defined($debug)); @@ -114,7 +189,7 @@ if (m|(.*), (\d+\.\d+\.\d+\.\d+)|) { $datum=$1; print STDERR "matched $datum\n" if (defined($debug)); - if (defined($dont_use_fqdn) && $datum =~ /^([^.]+)\..*/) { + if (defined($no_fqdn) && $datum =~ /^([^.]+)\..*/) { $datum=$1; print STDERR "stripped domain name: $datum\n" if (defined($debug)); } === modified file 'helpers/basic_auth/MSNT-multi-domain/required.m4' --- helpers/basic_auth/MSNT-multi-domain/required.m4 2014-09-02 01:08:58 +0000 +++ helpers/basic_auth/MSNT-multi-domain/required.m4 2014-12-08 08:31:28 +0000 @@ -5,4 +5,6 @@ ## Please see the COPYING and CONTRIBUTORS files for details. ## -BUILD_HELPER="MSNT-multi-domain" +if test "x$PERL" != "x" -a "x$POD2MAN" != "x"; then + BUILD_HELPER="MSNT-multi-domain" +fi