- //HACK...
- if (PathExists(g_options.auth_uri))
- g_options.auth_method = AUTH_SHADOW;
- else
- g_options.auth_method = AUTH_LDAP;
+ // Get the options part of the URI if it exists
+ char * c = (char*)g_options.auth_uri;
+ while (*(++c) != '\0' && *c != '#');
+
+ if (*(c++) == '#')
+ {
+ *(c-1) = '\0';
+ g_options.auth_options = c;
+ }
+
+ // Use the first part of the URI to identify the protocol:
+ c = (char*)g_options.auth_uri;
+ while (*(++c) != '\0' && *c != ':');
+
+ if (*c == '\0') // No ':' means no protocol; use plaintext file
+ {
+ g_options.auth_method = AUTH_SHADOW;
+ }
+ else if (*c == ':' && *(c+1) == '/' && *(c+2) == '/')
+ {
+
+ *c = '\0';
+ if (strcmp(g_options.auth_uri, "ldap") == 0 || strcmp(g_options.auth_uri, "ldaps") == 0)
+ {
+ *c = ':'; // LDAP URI's require the prodocol as part of the string
+ g_options.auth_method = AUTH_LDAP;
+ }
+ else if (strcmp(g_options.auth_uri, "mysql") == 0)
+ {
+ g_options.auth_uri = c+3; // MySQL doesn't (just a hostname)
+ g_options.auth_method = AUTH_MYSQL;
+ }
+ else
+ {
+ Fatal("Unsupported authentication method %s", g_options.auth_uri);
+ }
+ }
+ }
+ else
+ {
+ Log(LOGWARN, "No authentication method.");