File: authmysql

package info (click to toggle)
inn2 2.5.4-3
  • links: PTS, VCS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 11,720 kB
  • ctags: 8,983
  • sloc: ansic: 92,499; sh: 13,509; perl: 12,921; makefile: 2,985; yacc: 842; python: 342; lex: 255
file content (110 lines) | stat: -rwxr-xr-x 2,860 bytes parent folder | download | duplicates (7)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
#!/usr/bin/perl -w
#
# Authenticate users for INN against a MySQL database.
# Written by Daniel Marsh
# Covered under the same license as INN in general.

# You really shouldn't need to edit this file.
# To test via tcsh:
#     ( echo 'ClientAuthname: test' ; echo 'ClientPassword: monkey' ) | ./authmysql.pl

use DBI;
use strict;

# get STDIN and retun it as a HASH
my %stdin = get_stdin();

# edit this path to wherever you want your config to reside.
my %conf = readconf('/usr/local/news/etc/authmysql.config'); # read our config

# create our dbi string for the connection
$conf{'database'} =
  "dbi:mysql:database=$conf{'DB'};host=$conf{'HOST'};";

# open the database connection
my $dbh = db_open(%conf);

# create the query we're going to pass through
my $query = "SELECT $conf{'passcol'} FROM $conf{'TABLE'} WHERE $conf{'usercol'}=\'$stdin{'ClientAuthname'}\'";

# get our statement handler... not really a result.
my $result = $dbh->prepare($query);
$result->execute;
my $cryptedpw = $result->fetchrow_array(); # the database needs to store this encrypted

$stdin{'ClientPassword'} = crypt($stdin{'ClientPassword'}, $cryptedpw); # encrypt the client password we were given.

# this query is to return a count of 1. there should either be one
# match of the encrypted password/username or none.
$query = "SELECT COUNT(*) FROM $conf{'TABLE'} WHERE"
  ."$conf{'usercol'}=\'$stdin{'ClientAuthname'}\' and"
  ."$conf{'passcol'}=\'$stdin{'ClientPassword'}\'";

$result = $dbh->prepare($query);
$result->execute;
my $query_result = $result->fetchrow_array(); # this should be 1 or 0, 1 on success

$result->finish;

# need to get the return shit working now so it will reply proper
# information to news clients

if( $query_result ) { # the user authenticated fine.
  print "user:$stdin{'ClientAuthname'}\n"; # return based on nnrpd
                                           # auth specs.
  exit(0); # exit with no error
} else {
  exit(502); # exit with error. username/password incorrect
}

# subs below
sub readconf {
  my ($file) = @_;

  my %conf;

  open(CONF, "$file");
  while (<CONF>) {
    chomp;
    next if $_ =~ /^#.*$/;
    next if $_ =~ /\s+/;
    $_ =~ s/#.*$//g;

    if ( $_ ne "" ) {
      my ($key, $value) = split(':', $_, 2);
      $conf{$key} = $_;
    }
  }
  close(CONF);

  return(%conf);
}

sub db_open {
  my (%conf) = @_;
  my ($err, $dbh);

  if( $dbh = DBI->connect($conf{'database'}, $conf{'User'}, $conf{'Pass'}) ) {
    return($dbh);
  } else { $err = "Failure opening database ".$DBI::errstr; }

  return(undef, $err);
}

sub get_stdin {
  my %stdin;
  while (<STDIN>) {
    chomp;
    next if $_ =~ /^#.*$/;
    next if $_ =~ /\s+/;
    $_ =~ s/#.*$//g;
    $_ =~ s/\s+//g;

    if ( $_ ne "" ) {
      my $key = $_;
      my ($key, $value) = split(':', $_, 2);
      $stdin{$key} = $value;
    }
  }
  return(%stdin);
}