CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: Beginner:
Help with adding condition to script

 



anthor
New User

Oct 23, 2013, 12:23 PM

Post #1 of 1 (550 views)
Help with adding condition to script Can't Post

Hello,

I am trying to modify a script that comes with Squid. It connects to a database to check the username and password of a user, as well as whether they are marked as enabled or not, before granting access.

I am trying to add a 3rd check. I want to detect the hostname of the server that the script is being executed on, and then check if that matches the entry in the proxyhost column for user trying to log in. The goal is to ensure that they are accessing the server that they signed up for, because multiple servers will share the same user database.

I am not trying to get someone to do my work for me, but I am very new to Perl and would really appreciate the help. I'm a beginner PHP programmer, and even with that basic knowledge, doing something like this would be a walk in the park if it was written in PHP. I am hoping that it's equally as simple a more experienced perl programmer and your help would be incredibly valuable to me.

Please feel free to explain your solution as much as possible as it would be really helpful for me to understand the logic a bit better as well as getting a solution.

This is my code:


Code
#!/usr/bin/perl 
use strict;
use DBI;
use Getopt::Long;
use Pod::Usage;
use Digest::MD5 qw(md5 md5_hex md5_base64);
$|=1;

=pod

=head1 NAME

squid_db_auth - Database auth helper for Squid

=cut

my $dsn = "DBI:mysql:database=server";
my $db_user = undef;
my $db_passwd = undef;
my $db_table = "users";
my $db_usercol = "user";
my $db_passwdcol = "password";
my $db_cond = "enabled = 1";
my $plaintext = 0;
my $md5 = 0;
my $persist = 0;
my $isjoomla = 0;
my $debug = 0;
my $hashsalt = undef;

=pod

=head1 SYNOPSIS

squid_db_auth [options]

=head1 DESCRIPTOIN

This program verifies username & password to a database

=over 8

=item B<--dsn>

Database DSN. Default "DBI:mysql:database=squid"

=item B<--user>

Database User

=item B<--password>

Database password

=item B<--table>

Database table. Default "passwd".

=item B<--usercol>

Username column. Default "user".

=item B<--passwdcol>

Password column. Default "password".

=item B<--cond>

Condition, defaults to enabled=1. Specify 1 or "" for no condition
If you use --joomla flag, this condition will be changed to block=0

=item B<--plaintext>

Database contains plain-text passwords

=item B<--md5>

Database contains unsalted md5 passwords

=item B<--salt>

Selects the correct salt to evaluate passwords

=item B<--persist>

Keep a persistent database connection open between queries.

=item B<--joomla>

Tells helper that user database is Joomla DB. So their unusual salt
hashing is understood.

=back

=cut

GetOptions(
'dsn=s' => \$dsn,
'user=s' => \$db_user,
'password=s' => \$db_passwd,
'table=s' => \$db_table,
'usercol=s' => \$db_usercol,
'passwdcol=s' => \$db_passwdcol,
'cond=s' => \$db_cond,
'plaintext' => \$plaintext,
'md5' => \$md5,
'persist' => \$persist,
'joomla' => \$isjoomla,
'debug' => \$debug,
'salt=s' => \$hashsalt,
);

my ($_dbh, $_sth);
$db_cond = "block = 0" if $isjoomla;

sub close_db()
{
return if !defined($_dbh);
undef $_sth;
$_dbh->disconnect();
undef $_dbh;
}

sub open_db()
{
return $_sth if defined $_sth;
$_dbh = DBI->connect($dsn, $db_user, $db_passwd);
if (!defined $_dbh) {
warn ("Could not connect to $dsn\n");
my @driver_names = DBI->available_drivers();
my $msg = "DSN drivers apparently installed, available:\n";
foreach my $dn (@driver_names) {
$msg .= "\t$dn";
}
warn($msg."\n");
return undef;
}
my $sql_query;
$sql_query = "SELECT $db_passwdcol FROM $db_table WHERE $db_usercol = ?" . ($db_cond ne "" ? " AND $db_cond" : "");
$_sth = $_dbh->prepare($sql_query) || die;
return $_sth;
}

sub check_password($$)
{
my ($password, $key) = @_;

if ($isjoomla){
my $salt;
my $key2;
($key2,$salt) = split (/:/, $key);
return 1 if md5_hex($password.$salt).':'.$salt eq $key;
}
else{
return 1 if defined $hashsalt && crypt($password, $hashsalt) eq $key;
return 1 if crypt($password, $key) eq $key;
return 1 if $md5 && md5_hex($password) eq $key;
return 1 if $plaintext && $password eq $key;
}

return 0;
}

sub query_db($) {
my ($user) = @_;
my ($sth) = open_db() || return undef;
if (!$sth->execute($user)) {
close_db();
open_db() || return undef;
$sth->execute($user) || return undef;;
}
return $sth;
}
my $status;

while (<>) {
my ($user, $password) = split;
$status = "ERR";
$user =~ s/%(..)/pack("H*", $1)/ge;
$password =~ s/%(..)/pack("H*", $1)/ge;

$status = "ERR database error";
my $sth = query_db($user) || next;
$status = "ERR unknown login";
my $row = $sth->fetchrow_arrayref() || next;
$status = "ERR login failure";
next if (!check_password($password, @$row[0]));
$status = "OK";
} continue {
close_db() if (!$persist);
print $status . "\n";
}

=pod

=head1 COPYRIGHT

Copyright (C) 2007 Henrik Nordstrom <henrik@henriknordstrom.net>
Copyright (C) 2010 Luis Daniel Lucio Quiroz <dlucio@okay.com.mx> (Joomla support)
This program is free software. You may redistribute copies of it under the
terms of the GNU General Public License version 2, or (at youropinion) any
later version.

=cut



(This post was edited by anthor on Oct 23, 2013, 12:52 PM)

 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives