| 1 | #!/usr/bin/perl -w |
| 2 | # |
| 3 | # INN perl_auth script |
| 4 | # Authentication against MySQL Database |
| 5 | # |
| 6 | # Written by Thomas Hochstein <thh@inter.net> |
| 7 | # based on a script written by Sven Weise (sven@futzelnet.de). |
| 8 | # Covered under the same license as INN in general. |
| 9 | # |
| 10 | # user = Username |
| 11 | # password = Passwort |
| 12 | # active = User active/inactive? (for temp. suspension) |
| 13 | # |
| 14 | ### database structure |
| 15 | # CREATE TABLE IF NOT EXISTS `users` ( |
| 16 | # `userid` int(11) NOT NULL auto_increment, |
| 17 | # `user` varchar(16) collate latin1_bin NOT NULL default '', |
| 18 | # `password` varchar(16) collate latin1_bin NOT NULL default '', |
| 19 | # `active` tinyint(1) NOT NULL default '1', |
| 20 | # `username` varchar(60) collate latin1_bin default NULL, |
| 21 | # `usermail` varchar(60) collate latin1_bin default NULL, |
| 22 | # `domain` varchar(40) collate latin1_bin default '<EDITME>', |
| 23 | # `llo` date default NULL, |
| 24 | # PRIMARY KEY (`userid`), |
| 25 | # UNIQUE KEY `user` (`user`) |
| 26 | # ); |
| 27 | #################################################################################################################################### |
| 28 | |
| 29 | |
| 30 | |
| 31 | # use strict; |
| 32 | use DBI; |
| 33 | use Time::localtime; |
| 34 | |
| 35 | ### DB Vars - EDIT ME! |
| 36 | $conf{'dbdriver'} = "mysql"; |
| 37 | $conf{'dbhost'} = "localhost"; |
| 38 | $conf{'database'} = ""; |
| 39 | $conf{'dbuser'} = ""; |
| 40 | $conf{'dbpw'} = ""; |
| 41 | $conf{'dbtable'} = ""; |
| 42 | $conf{'actcheck'} = 1; |
| 43 | |
| 44 | sub auth_init() { |
| 45 | #D open LOG, '>/usr/lib/news/bin/auth/passwd/test.log'; |
| 46 | |
| 47 | }; |
| 48 | |
| 49 | sub authenticate() { |
| 50 | # $attributes{hostname} hostname (or the IP address if it doesn't resolve) of the client machine |
| 51 | # $attributes{ipaddress} IP address (as a string) |
| 52 | # $attributes{port} client port (as an integer) |
| 53 | # $attributes{interface} hostname of the interface the client connected on |
| 54 | # $attributes{intipaddr} IP address (as a string) of the interface the client connected on |
| 55 | # $attributes{intport} port (as an integer) on the interface the client connected on |
| 56 | # $attributes{username} username |
| 57 | # $attributes{password} password |
| 58 | |
| 59 | # return if username or password not set |
| 60 | if (!defined($attributes{username}) or !defined($attributes{password})) { |
| 61 | return (481, 'Authentication failure'); |
| 62 | } |
| 63 | |
| 64 | ### DB init |
| 65 | my $dbs = sprintf('DBI:%s:database=%s;host=%s',$conf{'dbdriver'},$conf{'database'},$conf{'dbhost'}); |
| 66 | my $dbhandle = DBI->connect($dbs, $conf{'dbuser'}, $conf{'dbpw'}, { PrintError => 1 }); |
| 67 | |
| 68 | ### Query database and disconnect. |
| 69 | |
| 70 | my(@result); |
| 71 | |
| 72 | # quote SQL |
| 73 | my $sql_user = $dbhandle->quote($attributes{username}); |
| 74 | my $sql_pass = $dbhandle->quote($attributes{password}); |
| 75 | |
| 76 | my $query = sprintf("SELECT domain FROM %s.%s WHERE user = %s AND password = %s",$conf{'database'},$conf{'dbtable'},$sql_user,$sql_pass); |
| 77 | if ($conf{'actcheck'}) { |
| 78 | $query .= ' AND active = 1'; |
| 79 | }; |
| 80 | my $dbquery = $dbhandle->prepare($query); |
| 81 | if ($dbquery->execute()) { |
| 82 | @result = $dbquery->fetchrow_array; |
| 83 | $dbquery->finish; |
| 84 | |
| 85 | if (@result) { |
| 86 | # log timestamp |
| 87 | my $tm = localtime; |
| 88 | my $today = sprintf('%04d-%02d-%02d', $tm->year+1900, ($tm->mon)+1, $tm->mday); |
| 89 | $query = sprintf("UPDATE %s.%s SET llo = '%s' WHERE user = %s",$conf{'database'},$conf{'dbtable'},$today,$sql_user); |
| 90 | $dbquery = $dbhandle->prepare($query); |
| 91 | $dbquery->execute(); |
| 92 | $dbquery->finish; |
| 93 | }; |
| 94 | }; |
| 95 | $dbhandle->disconnect; |
| 96 | ### |
| 97 | |
| 98 | ### check password and respond appropriate |
| 99 | if (@result) { |
| 100 | my $user = $attributes{username} . '@' . $result[0]; |
| 101 | return (281, 'Authentication successful: '.$user, $user); |
| 102 | } else { |
| 103 | return (481, 'Authentication failure'); |
| 104 | } |
| 105 | |
| 106 | # code execution should never reach this point |
| 107 | return (481, 'Authentication failure'); |
| 108 | }; |
| 109 | ### EOF ### |