Re: [squid-users] Re: external acl code examples

Hi,
I just thought I'd share the script I have for the squid side, maybe
someone finds it useful.
I wrote in PHP because I wanted to use prepared statements and am most
familiar with PDO.

Now my logs have usernames but squid does not allow me to make
proxy_auth acls since I have no auth mechanism configured (this
particular squid instance is a museum piece - 2.6, soon to be
replaced), if this issue also exists in squid 3.1 then how would I
control users based on a username returned through an external ACL?

Thanks,
Eli

The code:
#!/usr/bin/php
<?php
/*****
 * Developed for the Jerusalem College of Technology Computer Center
by E.S. Rosenberg aka Keeper of the Keys
 * 2012/5772
 * Released on: 2/May/2012 - 10 Iyar 5772
 * License: GNU GPLv2
 ****
 * Short: external ACL helper for squid that allows associating
usernames in a database with IPs.
 ****
 * Description:
 * This script is running in a never ending loop and reads an IP
address from stdin.
 * It then queries a database about the username currently associated
with that IP.
 * If a name is associated it returns "OK user=username".
 * Else it returns "ERR"
 ****
 * Depends:
 * - PHP5.x with PDO (tested & working on 5.1 but highly recommended to use 5.3+
 *****/

$db['server'] = '';
$db['db'] = '';
$db['user'] = '';
$db['passwd'] = '';

try {
        $pdo_con = new
PDO("mysql:host=".$db['server'].";dbname=".$db['db'], $db['user'],
$db['passwd'], array(PDO::ATTR_PERSISTENT => true));
}
catch (PDOException $e) {
        echo "Error!: " . $e->getMessage() "\n";
        die();
}

//Prepare the Stored Procedure, so that it executes faster.
//Our stored procedure is basically a select `username` where `ip` = ?
$query = $pdo_con->prepare('call `db_name_here`.`procedure_name_here` ( ? )');
$query->bindParam(1, $ip, PDO::PARAM_STR, 40);

//Loop to answer squid.
while(1) {
        $line = trim(fgets(STDIN));
        $ip = $line;

        $res = $query->execute();

        handle_PDO_error($query);

        if($res) {
                $res = $query->fetch(PDO::FETCH_ASSOC);
        }
        //Even though the result set should be just one row php seems to have
a problem with prepared stored procedures...
        closeCursor($query);

        if(isset($res['user']) && $res['user'] != '') {
                echo $line[0] ." OK user=". $res['user'] ."\n";
        } else {
                echo "ERR\n";
        }
}

function handle_PDO_error($pdoObject) {
        if($pdoObject->errorCode() != '00000') {
                fwrite(STDERR, "Sorry, Database error: ". $pdoObject->errorCode() ."\n");
                fwrite(STDERR, var_dump($pdoObject->errorInfo()));
        }
}

/**
 * From: http://il.php.net/manual/en/pdostatement.closecursor.php
 * @param PDOStatement $oStm
 */
function closeCursor($oStm) {
        do $oStm->fetchAll();
        while ($oStm->nextRowSet());
}
?>

2012/4/10 akadimi <amine.kadimi_at_gmail.com>:
> Hi Amos,
>
> Could you give me more details on your new session helper as soon as it
> becomes available.
>
> Regards,
>
> --
> View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/external-acl-code-examples-tp4424505p4546016.html
> Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Wed May 02 2012 - 11:36:45 MDT