基于MySQL的Squid的多用户认证---初感C语言强大

最新推荐文章于 2021-07-06 18:43:43 发布

Mahone

最新推荐文章于 2021-07-06 18:43:43 发布

阅读量3.3k

点赞数

分类专栏： BSD/Unix 文章标签： mysql 语言 c database null buffer

本文链接：https://blog.csdn.net/Mahone/article/details/4228180

版权

BSD/Unix 专栏收录该内容

0 篇文章 0 订阅

订阅专栏

前段时间由于内部统一的网络出口负载过大,大家都上网的时候网就变得巨强,估计蜗牛见了都自杀的网!于是产生了新加一个出口,而且只让一部人有权力用,由于经过了多极路由,经过多方考虑,最后还是决定使用Squid Proxy作服务器!而Squid的用户认证是一个让很多人头疼的问题.

Squid自身带有一个NCSA的认证,但是需要使用到apache的htpasswd来生成密码文件,相当不爽(而且我对Apache不太喜欢,不想装它)!最后决定使用Mysql作为认证!

下面我们就开始我们的Mysql+Squid认证之为旅.

1.安装Mysql

a.多话不说,直接到mysql上传的目录,然后看到shell安装.

#add system user mysql,nologin >adduser >tar -zvxf mysql-5.0.46.tar.gz >cd mysql05.0.46 >./configure --prefix=/usr/local/mysql --with-low-memory --with-charset=gbk >make && make install >cd /usr/local/mysql >chown -R mysql:mysql . >bin/mysql_install_db --user=mysql >chown -R root:wheel . >chown -R mysql:mysql var #add a link to start mysql server manually >ln share/mysql/mysql.server /usr/local/sbin/mysqld >ln bin/mysql /usr/local/sbin/mysql

b.到此,数据安装完成!下面修改一下用户名及密码,为后面作准备.

#update root's password >/usr/local/sbin/mysqld start >/usr/local/sbin/mysql MySQL>use mysql; MySQL>delete from user where user=''; MySQL>update user set password=password("123456") where user='root'; MySQL>flush privileges; MySQL>exit

c.创建一个表,为后面存取用户作准备.

>mysql -u root -p 123456 MySQL>create database squid; MySQL>use squid; MySQL>create table auth_user( MySQL>uid int not null auto_increment, MySQL>uname char(30) not null, MySQL>upass char(50) not null, MySQL>primary key(uid,uname) MySQL>); #add an account for test MySQL>insert into auth_user(uname,upass)values('test',password("123456")); MySQL>exit

2.接着安装Squid.这里不多说,简单安装就OK.

>tar -jvxf squid-3.0.STABLE15-20090507.tar.bz2 >cd squid-3.0.STABLE15-20090507 >./configure --prefix=/usr/local/squid --enable-delay-pools >make && make install #add library links to auth_squid or copy them >cp /usr/local/mysql/lib/mysql/libmysqlclient* /usr/lib/

3.下面进行我们最关键的地方,进行squid与mysql连认证部分!

下面的部分我是参考了别人的标准输入部分,MySQL的使用方面搞定的.下面我把源码贴出来.

/** * Iem_squid ver 1.0 by dawson * Email: Jackholmes@foxmail.com */ #include <stdio.h> #include "mysql.h" /* database host */ #define IEM_dbhost "localhost" /* database username */ #define IEM_dbuser "root" /* database user password */ #define IEM_dbpass "123456" /* database name for squid authentication */ #define IEM_dbname "squid" /* table name for squid account */ #define IEM_dbtable "auth_user" /* column name of squid account id */ #define IEM_db_name_col "uname" /* column name of squid account password*/ #define IEM_db_pass_col "upass" #define IEM_io_buffer 256 int main(){ char Inbuf[IEM_io_buffer],Sqlbuf[IEM_io_buffer]; char n[IEM_io_buffer],*p; int i=0; MYSQL *mysql; MYSQL_RES *res; /* make standard output line buffered */ if(setvbuf(stdout,NULL,_IOLBF,0)!=0){ return 0; exit(0); } /* buffer the user name and password from stdin */ while(1){ if (fgets(Inbuf, IEM_io_buffer, stdin) == NULL) printf("ERR/n"); if ((p = strchr(Inbuf, '/n')) != NULL) *p = '/0'; /* strip /n */ if ((p = strchr(Inbuf, ' ')) == NULL) { printf("ERR/n"); continue; } *p++ = '/0'; break; } /* varlidate the user via mysql database */ sprintf(Sqlbuf,"select "IEM_db_name_col" from "IEM_dbtable" where "IEM_db_name_col"='%s' and "IEM_db_pass_col"=password('%s')",Inbuf,p ); mysql=mysql_init(NULL); if(mysql==NULL){ printf("ERR/n"); exit(0); } if(mysql_real_connect(mysql,IEM_dbhost,IEM_dbuser,IEM_dbpass,IEM_dbname,0,NULL,0)==NULL){ printf("ERR/n"); exit(0); } if(mysql_query(mysql,Sqlbuf)!=0){ printf("ERR/n"); } if(!(res=mysql_store_result(mysql))){ printf("ERR/n"); mysql_close(mysql); exit(0); } if(res->row_count==1) printf("OK/n"); else printf("ERR/n"); mysql_free_result(res); mysql_close(mysql); return 1; }

把这个程序复制保存为squid_auth.c,然后我们进行编译:

>gcc -I /usr/local/mysql/include/mysql / >?-O -o Iem_mysql squid_auth.c -L /usr/lib -lmysqlclient -lm >mv Iem_mysql /usr/local/squid/bin/ >cd /usr/local/squid/conf/ >mv squid.conf squid.conf.bak >vi squid.conf

在新然我们为squid.conf里输入以下内容:

#by dawson #options for authentication auth_param basic program /usr/local/squid/bin/Iem_mysql auth_param basic children 5 auth_param basic realm NAHU Proxy_Web auth_param basic casesensitive on acl authed proxy_auth REQUIRED authenticate_ttl 1 hour authenticate_ip_ttl 2 hours #Access Control acl SSL_ports port 443 acl safe_ports port 80 acl safe_ports port 21 acl safe_ports port 443 acl safe_ports port 70 acl safe_ports port 210 acl safe_ports port 1025-65535 acl safe_ports port 280 acl safe_ports port 488 acl safe_ports port 591 acl safe_ports port 777 acl SSL_conn method CONNECT http_access deny !safe_ports http_access deny SSL_conn !SSL_ports http_access allow authed #delay control delay_pools 1 delay_class 1 1 delay_access 1 allow authed delay_parameters 1 51200/102400 delay_initial_bucket_level 100

然后,我们再进行squid的最后期配置:

>ln /usr/local/squid/sbin/squid /usr/local/sbin/squid >/usr/local/sbin/squid -z >/usr/local/sbin/squid start

到此服务已经启动,并且我们相应的都已经完成!服务器至此OK!

本文是我原本最先自己配置服务器后,凭记忆写的这篇文章,如果有什么不准确的地方,还请大家指出!

-----by dawson