LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   CentOS SQL Proxy (https://www.linuxquestions.org/questions/linux-software-2/centos-sql-proxy-847149/)

trscookie 11-29-2010 01:47 AM
CentOS SQL Proxy
 
Hello All,

Im trying to set up a Proxy server on my CentOS server and I have been looking at Squid, however I wondered if there is a proxy server that will support having authenticated users and passwords in a MySQL database?

I wanted to do this so I have good control over who is connected through my proxy.

Thanks in advance,
trscookie.

kirukan 11-29-2010 02:05 AM
Refer the following
http://people.arxnet.hu/airween/mysql_auth/

trscookie 11-29-2010 03:48 AM
Humm,

I've followed the guide however on CentOS squid doesnt come with mysql_auth. It does however come with the following:


Code:
[root@server squid]# pwd
/usr/lib64/squid
[root@server squid]# ls -ltr
total 348
-rwxr-xr-x 1 root root  2280 Mar 31  2010 smb_auth.sh
-rwxr-xr-x 1 root root  4010 Mar 31  2010 smb_auth.pl
-rwxr-xr-x 1 root root  2359 Mar 31  2010 wbinfo_group.pl
-rwxr-xr-x 1 root root  10992 Mar 31  2010 yp_auth
-rwxr-xr-x 1 root root  4928 Mar 31  2010 unlinkd
-rwxr-xr-x 1 root root  11776 Mar 31  2010 squid_unix_group
-rwxr-xr-x 1 root root  19376 Mar 31  2010 squid_ldap_group
-rwxr-xr-x 1 root root  18048 Mar 31  2010 squid_ldap_auth
-rwxr-xr-x 1 root root  24200 Mar 31  2010 squid_kerb_auth
-rwxr-xr-x 1 root root  11264 Mar 31  2010 smb_auth
-rwxr-xr-x 1 root root  10992 Mar 31  2010 sasl_auth
-rwsr-x--- 1 root squid 12384 Mar 31  2010 pam_auth
-rwxr-xr-x 1 root root  46504 Mar 31  2010 ntlm_auth
-rwsr-x--- 1 root squid 15672 Mar 31  2010 ncsa_auth
-rwxr-xr-x 1 root root  37488 Mar 31  2010 msnt_auth
-rwxr-xr-x 1 root root  11352 Mar 31  2010 ip_user_check
-rwxr-xr-x 1 root root  9688 Mar 31  2010 getpwname_auth
-rwxr-xr-x 1 root root  12480 Mar 31  2010 fakeauth_auth
-rwxr-xr-x 1 root root  13312 Mar 31  2010 diskd-daemon
-rwxr-xr-x 1 root root  15360 Mar 31  2010 digest_pw_auth
-rwxr-xr-x 1 root root  23960 Mar 31  2010 cachemgr.cgi
[root@server squid]#

Is it possible to write my own authentication script if so, how does it work? I cant find out how it passes in the user, password and all that.

Cheers again,
trscookie.

trscookie 11-29-2010 06:07 AM
Ah I may have just found something that might help:

http://www.freesoftwaremagazine.com/...ion_with_squid

trscookie 11-29-2010 11:18 AM
Ok, now I have a new error!!! I have tried to create my own auth script however I just get crap in the log files and I cant find anything useful on google:


/var/log/squid/cache.log:
Code:
1031 2010/11/29 18:18:18| helperHandleRead: unexpected read from basicauthenticator #4, 3 bytes 'ERR'
1032 2010/11/29 18:18:18| helperHandleRead: unexpected read from basicauthenticator #5, 3 bytes 'ERR'
1033 2010/11/29 18:19:18| helperHandleRead: unexpected read from basicauthenticator #3, 3 bytes 'ERR'
1034 2010/11/29 18:19:18| helperHandleRead: unexpected read from basicauthenticator #2, 3 bytes 'ERR'
1035 2010/11/29 18:19:18| helperHandleRead: unexpected read from basicauthenticator #4, 3 bytes 'ERR'
1036 2010/11/29 18:19:18| helperHandleRead: unexpected read from basicauthenticator #5, 3 bytes 'ERR'

squid.conf:
Code:
10 auth_param basic program /usr/bin/php /usr/lib64/squid/sql_auth.php
 11 auth_param basic children 5
 12 auth_param basic realm Linux Class
 13 auth_param basic credentialsttl 2 hours
 14 auth_param basic casesensitive off
 15
 16 acl class proxy_auth REQUIRED
 17 http_access allow class
 18

My auth script - /usr/lib64/squid/sql_auth.php:
Code:
<?php
DEFINE('DB_USER', 'squid');
DEFINE('DB_PASSWORD', 'password');
DEFINE('DB_HOST', 'localhost');
DEFINE('DB_NAME', 'squid');


while(!feof(STDIN))
        {
        $line = trim(fgets(STDIN));
        $fields = explode(' ', $line);

        if(isset($fields[0]))
                {
                $username = rawurldecode($fields[0]);
                }
        if(isset($fields[1]))
                {
                $password = rawurldecode($fields[1]);
                }

        if($username == 'quit')
                {
                exit();
                }

        if(strlen($username)>0 && strlen($password)>0)
                {
                $dbc = @mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

                $q = "SELECT id FROM users WHERE user = '$username' AND password = SHA1('$password') AND enabled = 'Y' AND paid_dstamp > DATE_SUB(NOW(), I
NTERVAL 1 YEAR);";
                $r = @mysqli_query($dbc, $q);

                if(mysqli_num_rows($r)== 1)
                        {
                        fwrite(STDOUT, "OK\n");
                        }
                else
                        {
                        fwrite(STDOUT, "ERR\n");
                        }

                mysqli_close($dbc);
                }
        else
                {
                // failed miserably
                fwrite(STDOUT, "ERR\n");
                }
        }

I believe that this error is causing my authentication to fail, however the script returns OK or ERR in the command line when passing the values in, such as:

Code:
root@server squid]# php /usr/lib64/squid/sql_auth.php
trscookie mypass
OK
trscookie crappass
ERR
quit
[root@server squid]#

Any ideas would be more than appreciated.

Many thanks,
trscookie


All times are GMT -5. The time now is 04:35 AM.