mysql_auth.c

用于squid mysql 验证的软件 这样squid的帐户就可以放到mysql了

/*
 * mysql_auth - mysql based authenticator for Squid Proxy
 * 
 * mysql_auth.c
 * (C) 2002 Ervin Hegedus
 * Released under GPL, see COPYING-2.0 for details.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */

#include <stdio.h>
#include <mysql/mysql.h>
#include <syslog.h>
#include <stdarg.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
#include <signal.h>

#include "define.h"
#include "extern.h"

int main ()
{
	MYSQL	  connect;
	MYSQL_RES *result;
	MYSQL_ROW row;

	struct my_params parameters;

	char	user[MAX_STRLEN], password[MAX_STRLEN];
	char	query[MAXLENGTH], input[MAX_STRLEN];
	char	*tstring;

	setbuf (stdout, NULL);

	/*
	 * try open and read config file, config file place' see define.h
	 */
	if (parse (&parameters) != 0) {

		// question to squid devels: is require print ERR message
		// when some error occur at initialize of authenticator?
		fprintf (stdout, "ERR\n");
		exit (1);
	}

	/*
	 * first, it must to initialize MYSQL variable
	 */
	mysql_init (&connect);

	if (&connect == NULL) {
		syslog (LOG_WARNING, "Can't initialize MYSQL structure!");
		puts ("ERR");
		exit (1);
	}

	/*
	 * try connect to mysql database, with those user/password, what are
	 * defined in mysql_auth.conf - this is the squid -> mysql connect pair!
	 */
	mysql_real_connect (&connect, parameters.var_host_name, parameters.var_user_name,\
			parameters.var_user_password, parameters.var_database_name,\
			 0, parameters.var_mysqld_socket, 0);

	/*
	 * if error returns, log trough syslog
	 */
	if (mysql_errno (&connect)) {

		syslog (LOG_WARNING, "Can't connect to mysql server: %s.\n", parameters.var_host_name);
		syslog (LOG_WARNING, "Error was: %d - %s.\n",\
			mysql_errno (&connect), mysql_error (&connect));
		puts ("ERR");
		exit (1);
	}

	/*
	 * try to select from table - there is all the same,
	 * what will the result
	 */
	memset (query, 0, strlen (query) + 1);

	sprintf (query, "SELECT * FROM %s WHERE %s LIKE 'squid' AND %s LIKE 'squid'", \
		 parameters.var_table_name,\
		 parameters.var_user_column,\
		 parameters.var_password_column);

	mysql_query (&connect, query);

	// error occur, example invalid table name...
	if (mysql_errno (&connect)) {

		syslog (LOG_WARNING, "Can't select from table - error was: %d - %s",\
				mysql_errno (&connect), mysql_error (&connect));
		puts ("ERR");
		exit (1);
	}

	/*
	 * these are requires for mysql fuctions
	 */
	result = mysql_use_result (&connect);
	while (mysql_fetch_row (result));
	mysql_free_result(result);

	/**********************************
	 * start of auth method
	 **********************************/

	memset (input, 0, MAX_STRLEN);

	while (fgets(input, MAX_STRLEN, stdin)) {

	    user[0] = '\0';
	    password[0] = '\0';

	    /*
	     * may be this method is too difficult - who knows more about safety of strtok()?
	     */
	    tstring = strtok (input, " ");

	    if (tstring == NULL) {	// empty username

		puts ("ERR");
		continue;
	    }
	    else {

		strcpy (user, tstring);
		tstring = strtok (NULL, " \n");

		if (tstring == NULL) {	// empty password

			puts ("ERR");
			continue;
		}
		else {

			if (strcasecmp (parameters.var_encrypt_password_form, "yes") == 0) {
				sprintf (password, "MD5(\"%s\")", tstring);
			}
			else {

				sprintf (password, "'%s'", tstring);
			}
		}
	    }
            memset (query, 0, strlen (query) + 1);

            sprintf (query, "SELECT * FROM %s WHERE %s LIKE '%s' AND %s LIKE %s AND credits > 0", \
                     parameters.var_table_name,\
                     parameters.var_user_column, user,\
                     parameters.var_password_column, password);		

            mysql_query (&connect, query);

            /*
             * may be when mysql_auth runs, meantime lost
             * connection,
             * mysql admin change permission, etc...
             * in this case don't will exit, just return ERR
             * message
             */
            if (mysql_errno (&connect)) { syslog (LOG_WARNING, "Can't select from table - error was: %d - %s\n the query is %s",\
                        mysql_errno (&connect), mysql_error (&connect),query);
                puts ("ERR");
            }
            else {
                result = mysql_use_result (&connect);
                while ((row = mysql_fetch_row (result)));

                /*
                 * the number of result is 1 - this doesn't allow
                 * more than one account!!!
                 */

                if (mysql_num_rows (result) == 1) {
                    puts ("OK");
                }
                else {
                    syslog (LOG_WARNING, "%s login failed.", user);
                    puts ("ERR");
                }
		mysql_free_result(result);
            }

	    memset (input, 0, MAX_STRLEN);
	}

	mysql_close (&connect);

	return 0;
}