• cat /usr/lib64/squid/squid_db_auth


    [danny@ip-172-31-21-147 ~]$ sudo cat /usr/lib64/squid/squid_db_auth
    #!/usr/bin/perl
    use strict;
    use DBI;
    use Getopt::Long;
    use Pod::Usage;
    use Digest::MD5 qw(md5 md5_hex md5_base64);
    $|=1;

    =pod

    =head1 NAME

    squid_db_auth - Database auth helper for Squid

    =cut

    my $dsn = "DBI:mysql:database=squid";
    my $db_user = undef;
    my $db_passwd = undef;
    my $db_table = "passwd";
    my $db_usercol = "user";
    my $db_passwdcol = "password";
    my $db_cond = "enabled = 1";
    my $plaintext = 0;
    my $md5 = 0;
    my $persist = 0;
    my $isjoomla = 0;
    my $debug = 0;
    my $hashsalt = undef;

    =pod

    =head1 SYNOPSIS

    squid_db_auth [options]

    =head1 DESCRIPTOIN

    This program verifies username & password to a database

    =over 8

    =item B<--dsn>

    Database DSN. Default "DBI:mysql:database=squid"

    =item B<--user>

    Database User

    =item B<--password>

    Database password

    =item B<--table>

    Database table. Default "passwd".

    =item B<--usercol>

    Username column. Default "user".

    =item B<--passwdcol>

    Password column. Default "password".

    =item B<--cond>

    Condition, defaults to enabled=1. Specify 1 or "" for no condition
    If you use --joomla flag, this condition will be changed to block=0

    =item B<--plaintext>

    Database contains plain-text passwords

    =item B<--md5>

    Database contains unsalted md5 passwords

    =item B<--salt>

    Selects the correct salt to evaluate passwords

    =item B<--persist>

    Keep a persistent database connection open between queries.

    =item B<--joomla>

    Tells helper that user database is Joomla DB. So their unusual salt
    hashing is understood.

    =back

    =cut

    GetOptions(
    'dsn=s' => $dsn,
    'user=s' => $db_user,
    'password=s' => $db_passwd,
    'table=s' => $db_table,
    'usercol=s' => $db_usercol,
    'passwdcol=s' => $db_passwdcol,
    'cond=s' => $db_cond,
    'plaintext' => $plaintext,
    'md5' => $md5,
    'persist' => $persist,
    'joomla' => $isjoomla,
    'debug' => $debug,
    'salt=s' => $hashsalt,
    );

    my ($_dbh, $_sth);
    $db_cond = "block = 0" if $isjoomla;

    sub close_db()
    {
    return if !defined($_dbh);
    undef $_sth;
    $_dbh->disconnect();
    undef $_dbh;
    }

    sub open_db()
    {
    return $_sth if defined $_sth;
    $_dbh = DBI->connect($dsn, $db_user, $db_passwd);
    if (!defined $_dbh) {
    warn ("Could not connect to $dsn ");
    return undef;
    }
    my $sql_query;
    $sql_query = "SELECT $db_passwdcol FROM $db_table WHERE $db_usercol = ?" . ($db_cond ne "" ? " AND $db_cond" : "");
    $_sth = $_dbh->prepare($sql_query) || die;
    return $_sth;
    }

    sub check_password($$)
    {
    my ($password, $key) = @_;

    if ($isjoomla){
    my $salt;
    my $key2;
    ($key2,$salt) = split (/:/, $key);
    return 1 if md5_hex($password.$salt).':'.$salt eq $key;
    }
    else{
    return 1 if defined $hashsalt && crypt($password, $hashsalt) eq $key;
    return 1 if crypt($password, $key) eq $key;
    return 1 if $md5 && md5_hex($password) eq $key;
    return 1 if $plaintext && $password eq $key;
    }

    return 0;
    }

    sub query_db($) {
    my ($user) = @_;
    my ($sth) = open_db() || return undef;
    if (!$sth->execute($user)) {
    close_db();
    open_db() || return undef;
    $sth->execute($user) || return undef;;
    }
    return $sth;
    }
    my $status;

    while (<>) {
    my ($user, $password) = split;
    $status = "ERR";
    $user =~ s/%(..)/pack("H*", $1)/ge;
    $password =~ s/%(..)/pack("H*", $1)/ge;

    $status = "ERR database error";
    my $sth = query_db($user) || next;
    $status = "ERR unknown login";
    my $row = $sth->fetchrow_arrayref() || next;
    $status = "ERR login failure";
    next if (!check_password($password, @$row[0]));
    $status = "OK";
    } continue {
    close_db() if (!$persist);
    print $status . " ";
    }

    =pod

    =head1 COPYRIGHT

    Copyright (C) 2007 Henrik Nordstrom <henrik@henriknordstrom.net>
    Copyright (C) 2010 Luis Daniel Lucio Quiroz <dlucio@okay.com.mx> (Joomla support)
    This program is free software. You may redistribute copies of it under the
    terms of the GNU General Public License version 2, or (at youropinion) any
    later version.

    =cut

  • 相关阅读:
    关闭Windows的CTRL+ALT+DEL 和 ALT+TAB组合键的方法
    VC中常用文件操作(一)
    VC 创建NT服务程序
    几个操作文件的API函数
    VC中常用文件操作(二) ——INI文件操作
    初学OpenCV之图像坐标读取函数cvGet2D()
    OpenCV学习之图像读取与显示
    SLT容器之vector简单实现C++运行时多态
    C/C++文件——数据写入、读取
    OpenCV学习之视频读取与帧的提取、显示及保存
  • 原文地址:https://www.cnblogs.com/chromebook/p/4056017.html
Copyright © 2020-2023  润新知