---------------------
PatchSet 1837 
Date: 2005/09/15 09:43:53
Author: serassio
Branch: nt
Tag: (none) 
Log:
Updated win32_check_group to version 1.22

Members: 
	helpers/external_acl/win32_group/Makefile.am:1.2.18.3->1.2.18.4 
	helpers/external_acl/win32_group/readme.txt:1.2.18.5->1.2.18.6 
	helpers/external_acl/win32_group/win32_check_group.c:1.2.18.10->1.2.18.11 
	helpers/external_acl/win32_group/win32_check_group.h:1.2.18.2->1.2.18.3 

Index: squid3/helpers/external_acl/win32_group/Makefile.am
===================================================================
RCS file: /cvsroot/squid-sf//squid3/helpers/external_acl/win32_group/Attic/Makefile.am,v
retrieving revision 1.2.18.3
retrieving revision 1.2.18.4
diff -u -r1.2.18.3 -r1.2.18.4
--- squid3/helpers/external_acl/win32_group/Makefile.am	21 Aug 2005 18:41:05 -0000	1.2.18.3
+++ squid3/helpers/external_acl/win32_group/Makefile.am	15 Sep 2005 09:43:53 -0000	1.2.18.4
@@ -1,7 +1,7 @@
 #
 #  Makefile for the Squid Object Cache server
 #
-#  $Id: Makefile.am,v 1.2.18.3 2005/08/21 18:41:05 serassio Exp $
+#  $Id: Makefile.am,v 1.2.18.4 2005/09/15 09:43:53 serassio Exp $
 #
 #  Uncomment and customize the following to suit your needs:
 #
@@ -9,11 +9,11 @@
 
 libexec_PROGRAMS = win32_check_group
 
-win32_check_group_SOURCES = win32_check_group.c win32_check_group.h 
+win32_check_group_SOURCES = win32_check_group.c win32_check_group.h
 
 INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include -I$(top_srcdir)/src
 
-LDADD	= -L$(top_builddir)/lib -lmiscutil -lnetapi32 -ladvapi32 \
+LDADD   = -L$(top_builddir)/lib -lmiscutil -lnetapi32 -ladvapi32 \
           -lntdll $(XTRA_LIBS)
 
 EXTRA_DIST = readme.txt
Index: squid3/helpers/external_acl/win32_group/readme.txt
===================================================================
RCS file: /cvsroot/squid-sf//squid3/helpers/external_acl/win32_group/Attic/readme.txt,v
retrieving revision 1.2.18.5
retrieving revision 1.2.18.6
diff -u -r1.2.18.5 -r1.2.18.6
--- squid3/helpers/external_acl/win32_group/readme.txt	12 Jun 2004 19:52:11 -0000	1.2.18.5
+++ squid3/helpers/external_acl/win32_group/readme.txt	15 Sep 2005 09:43:53 -0000	1.2.18.6
@@ -14,12 +14,14 @@
 Program Syntax
 ==============
 
-win32_check_group [-G][-c][-d][-h]
+win32_check_group [-D domain][-G][-P][-c][-d][-h]
 
--G start helper in Global Group mode
--c use case insensitive compare
--d enable debugging
--h this message
+-D domain specify the default user's domain
+-G        start helper in Domain Global Group mode
+-P        use ONLY PDCs for group validation
+-c        use case insensitive compare
+-d        enable debugging
+-h        this message
 
 
 ================
Index: squid3/helpers/external_acl/win32_group/win32_check_group.c
===================================================================
RCS file: /cvsroot/squid-sf//squid3/helpers/external_acl/win32_group/Attic/win32_check_group.c,v
retrieving revision 1.2.18.10
retrieving revision 1.2.18.11
diff -u -r1.2.18.10 -r1.2.18.11
--- squid3/helpers/external_acl/win32_group/win32_check_group.c	3 Oct 2004 12:51:35 -0000	1.2.18.10
+++ squid3/helpers/external_acl/win32_group/win32_check_group.c	15 Sep 2005 09:43:53 -0000	1.2.18.11
@@ -1,7 +1,7 @@
 /*
  * win32_group: lookup group membership in a Windows NT/2000 domain
  *
- * (C)2002,2003 Guido Serassio - Acme Consulting S.r.l.
+ * (C)2002,2005 Guido Serassio - Acme Consulting S.r.l.
  *
  * Authors:
  *  Guido Serassio <guido.serassio@acmeconsulting.it>
@@ -30,9 +30,17 @@
  *
  * History:
  *
+ * Version 1.22
+ * 08-07-2005 Guido Serassio
+ *              Added -P option for force usage of PDCs for group validation.
+ *              Added support for '/' char as domain separator.
+ *              Fixed Bugzilla #1336. 
  * Version 1.21
+ * 23-04-2005 Guido Serassio
+ *              Added -D option for specify default user's domain.
+ * Version 1.20.1
  * 15-08-2004 Guido Serassio
- * 		Helper protocol changed to use URL escaped strings in Squid-3.0
+ *              Helper protocol changed to use URL escaped strings in Squid-3.0
  *              (Original work of Henrik Nordstrom)
  * Version 1.20
  * 13-06-2004 Guido Serassio
@@ -62,7 +70,7 @@
 #include "config.h"
 #ifdef _SQUID_CYGWIN_
 #include <wchar.h>
-int _wcsicmp(const wchar_t*, const wchar_t*);;
+int _wcsicmp(const wchar_t*, const wchar_t*);
 #endif
 #if HAVE_STDIO_H
 #include <stdio.h>
@@ -86,11 +94,14 @@
 
 #define BUFSIZE 8192		/* the stdin buffer size */
 int use_global = 0;
+int use_PDC_only = 0;
 char debug_enabled = 0;
 char *myname;
 pid_t mypid;
 char * machinedomain;
-int use_case_insensitive_compare=0;
+int use_case_insensitive_compare = 0;
+char * DefaultDomain = NULL;
+const char NTV_VALID_DOMAIN_SEPARATOR[] = "\\/";
 
 #include "win32_check_group.h"
 
@@ -226,6 +237,7 @@
 Valid_Local_Groups(char *UserName, const char **Groups)
 {
     int result = 0;
+    char * Domain_Separator;
     WCHAR wszUserName[UNLEN+1];	// Unicode user name
 
     LPLOCALGROUP_USERS_INFO_0 pBuf = NULL;
@@ -239,6 +251,11 @@
     DWORD i;
     DWORD dwTotalCount = 0;
 
+    if ((Domain_Separator = strchr(UserName, '/')) != NULL)
+        *Domain_Separator = '\\';
+    
+    debug("Valid_Local_Groups: checking group membership of '%s'.\n", UserName);
+    
 /* Convert ANSI User Name and Group to Unicode */
 
     MultiByteToWideChar(CP_ACP, 0, UserName,
@@ -303,6 +320,7 @@
     char NTDomain[DNLEN+UNLEN+2];
     char *domain_qualify;
     char User[UNLEN+1];
+    size_t j;
 
     LPWSTR LclDCptr = NULL;
     LPWSTR UsrDCptr = NULL;
@@ -317,9 +335,15 @@
     DWORD i;
     DWORD dwTotalCount = 0;
 
-    strcpy(NTDomain, UserName);
-    if ((domain_qualify = strchr(NTDomain, '\\')) == NULL) {
-	return result;
+    strncpy(NTDomain, UserName, sizeof(NTDomain));
+
+    for (j=0; j < strlen(NTV_VALID_DOMAIN_SEPARATOR); j++) {
+        if ((domain_qualify = strchr(NTDomain, NTV_VALID_DOMAIN_SEPARATOR[j])) != NULL)
+            break;
+    }
+    if (domain_qualify == NULL) {
+	strcpy(User, NTDomain);
+	strcpy(NTDomain, DefaultDomain);
     } else {
 	strcpy(User, domain_qualify + 1);
 	domain_qualify[0] = '\0';
@@ -351,7 +375,7 @@
             debug("Running on a DC.\n");
         }
         else
-            nStatus = NetGetAnyDCName(NULL, wszLocalDomain, (LPBYTE *) & LclDCptr);
+            nStatus = (use_PDC_only ? NetGetDCName(NULL, wszLocalDomain, (LPBYTE *) & LclDCptr) : NetGetAnyDCName(NULL, wszLocalDomain, (LPBYTE *) & LclDCptr));
     } else {
 	fprintf(stderr, "%s NetServerGetInfo() failed.'\n", myname);
         if (pSrvBuf != NULL)
@@ -365,10 +389,7 @@
         if (strcmp(NTDomain, machinedomain) != 0) {
 	    MultiByteToWideChar(CP_ACP, 0, NTDomain,
 		strlen(NTDomain) + 1, wszUserDomain, sizeof(wszUserDomain) / sizeof(wszUserDomain[0]));
-                nStatus = NetGetAnyDCName(
-		    LclDCptr,
-		    wszUserDomain,
-		    (LPBYTE *) & UsrDCptr);
+            nStatus = (use_PDC_only ? NetGetDCName(LclDCptr, wszUserDomain, (LPBYTE *) & UsrDCptr) : NetGetAnyDCName(LclDCptr, wszUserDomain, (LPBYTE *) & UsrDCptr));
 	        if (nStatus != NERR_Success) {
 		    fprintf(stderr, "%s Can't find DC for user's domain '%s'\n", myname, NTDomain);
                     if (pSrvBuf != NULL)
@@ -438,8 +459,10 @@
 static void
 usage(char *program)
 {
-    fprintf(stderr,"Usage: %s [-G][-c][-d][-h]\n"
+    fprintf(stderr,"Usage: %s [-D domain][-G][-P][-c][-d][-h]\n"
+	    	" -D    default user Domain\n"
 	    	" -G    enable Domain Global group mode\n"
+	    	" -P    use ONLY PDCs for group validation\n"
 	    	" -c    use case insensitive compare\n"
 	    	" -d    enable debugging\n"
 		" -h    this message\n",
@@ -452,11 +475,18 @@
     int opt;
 
     opterr = 0;
-    while (-1 != (opt = getopt(argc, argv, "Gcdh"))) {
+    while (-1 != (opt = getopt(argc, argv, "D:GPcdh"))) {
 	switch (opt) {
+	case 'D':
+	    DefaultDomain = xstrndup(optarg, DNLEN + 1);
+            strlwr(DefaultDomain);
+	    break;
 	case 'G':
 	    use_global = 1;
 	    break;
+	case 'P':
+	    use_PDC_only = 1;
+	    break;
 	case 'c':
 	    use_case_insensitive_compare = 1;
 	    break;
@@ -512,14 +542,18 @@
 	    exit(1);
 	}
 	strlwr(machinedomain);
+        if (!DefaultDomain)
+            DefaultDomain = xstrdup(machinedomain);
     }
 
     debug("External ACL win32 group helper build " __DATE__ ", " __TIME__
     " starting up...\n");
     if (use_global)
-        debug("Domain Global group mode enabled.\n");
+        debug("Domain Global group mode enabled using '%s' as default domain.\n", DefaultDomain);
     if (use_case_insensitive_compare)
         debug("Warning: running in case insensitive mode !!!\n");
+    if (use_PDC_only)
+        debug("Warning: using only PDCs for group validation !!!\n");
 
     /* Main Loop */
     while (fgets (buf, sizeof(buf), stdin))
Index: squid3/helpers/external_acl/win32_group/win32_check_group.h
===================================================================
RCS file: /cvsroot/squid-sf//squid3/helpers/external_acl/win32_group/Attic/win32_check_group.h,v
retrieving revision 1.2.18.2
retrieving revision 1.2.18.3
diff -u -r1.2.18.2 -r1.2.18.3
--- squid3/helpers/external_acl/win32_group/win32_check_group.h	2 May 2003 14:52:29 -0000	1.2.18.2
+++ squid3/helpers/external_acl/win32_group/win32_check_group.h	15 Sep 2005 09:43:53 -0000	1.2.18.3
@@ -1,5 +1,5 @@
 /*
- * (C) 2002 Guido Serassio <guido.serassio@acmeconsulting.it>
+ * (C) 2002, 2005 Guido Serassio <guido.serassio@acmeconsulting.it>
  * Based on previous work of Francesco Chemolli, Robert Collins and Andrew Doran
  *
  * Distributed freely under the terms of the GNU General Public License,