From d0cc3f4d256fc7d621f7ed8a7e0a27bafbf388c4 Mon Sep 17 00:00:00 2001
From: Claudio Maffioletti <cmaffioletti@esseweb.eu>
Date: Tue, 23 May 2017 10:20:39 +0200
Subject: [PATCH] Fix script per squid

---
 proxy/acl_lista.php           |  3 +--
 proxy/squid_acl/listip        |  2 +-
 proxy/squid_acl/shellwords.pl | 38 ++++++++++++++++++++++++++++++++
 proxy/squid_acl/squid_acl.pl  | 41 ++++++++++++++++-------------------
 proxy/squid_acl/squid_auth.pl | 20 ++++++++++++++---
 proxy/users_edit.php          |  2 +-
 proxy/users_group_edit.php    |  2 +-
 7 files changed, 78 insertions(+), 30 deletions(-)
 create mode 100644 proxy/squid_acl/shellwords.pl

diff --git a/proxy/acl_lista.php b/proxy/acl_lista.php
index 5b6e93c..6dee04f 100755
--- a/proxy/acl_lista.php
+++ b/proxy/acl_lista.php
@@ -57,7 +57,6 @@ while ($dato = mysql_fetch_array ( $res )) {
 <?php
 	if ($dato['sys']) { ?>
 		<td rowspan=2><img src="<?php print $CONF['base_url'] ?>/img/attivo_grey.gif" ALT="ACL non modificabile" TITLE="ACL non modificabile"></td>
-		<td rowspan=2><img src="<?php print $CONF['base_url'] ?>/img/modify_grey.gif" ALT="ACL non modificabile" TITLE="ACL non modificabile"></td>
 <?php	} else {
 		if ($dato['attivo']) {
 ?>
@@ -65,8 +64,8 @@ while ($dato = mysql_fetch_array ( $res )) {
 <?php		} else { ?>
 		<td rowspan=2 class="spazio"><a href="proxy_gest.php?azione=acl_up&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/non_attivo.gif" ALT="ACL non attiva" TITLE="ACL non attiva"></a></td>
 <?php		} ?> 
-		<td rowspan=2><a href="acl_edit.php?id=<?php print $dato['id'] ?>"><img src="<?php print $CONF['base_url'] ?>/img/modify.gif" ALT="Dettaglio" TITLE="Dettaglio"></a></td>
 <?php 	} ?>
+		<td rowspan=2><a href="acl_edit.php?id=<?php print $dato['id'] ?>"><img src="<?php print $CONF['base_url'] ?>/img/modify.gif" ALT="Dettaglio" TITLE="Dettaglio"></a></td>
 		<td rowspan=2 class="spazio"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
 		<td class="descrizione">Nome lista</td>
 		<td rowspan=2 class="spazio"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
diff --git a/proxy/squid_acl/listip b/proxy/squid_acl/listip
index 0c4b6f6..c34d216 100644
--- a/proxy/squid_acl/listip
+++ b/proxy/squid_acl/listip
@@ -1 +1 @@
-192.168.1.1
+172.16.0.254
diff --git a/proxy/squid_acl/shellwords.pl b/proxy/squid_acl/shellwords.pl
new file mode 100644
index 0000000..deb5c54
--- /dev/null
+++ b/proxy/squid_acl/shellwords.pl
@@ -0,0 +1,38 @@
+sub shellwords {
+    package shellwords;
+    local($_) = join('', @_) if @_;
+    local(@words,$snippet,$field);
+
+    s/^\s+//;
+    while ($_ ne '') {
+	$field = '';
+	for (;;) {
+	    if (s/^"(([^"\\]|\\[\\"])*)"//) {
+		($snippet = $1) =~ s#\\(.)#$1#g;
+	    }
+	    elsif (/^"/) {
+		die "Unmatched double quote: $_\n";
+	    }
+	    elsif (s/^'(([^'\\]|\\[\\'])*)'//) {
+		($snippet = $1) =~ s#\\(.)#$1#g;
+	    }
+	    elsif (/^'/) {
+		die "Unmatched single quote: $_\n";
+	    }
+	    elsif (s/^\\(.)//) {
+		$snippet = $1;
+	    }
+	    elsif (s/^([^\s\\'"]+)//) {
+		$snippet = $1;
+	    }
+	    else {
+		s/^\s+//;
+		last;
+	    }
+	    $field .= $snippet;
+	}
+	push(@words, $field);
+    }
+    @words;
+}
+1;
diff --git a/proxy/squid_acl/squid_acl.pl b/proxy/squid_acl/squid_acl.pl
index 5f829a6..4b16a68 100755
--- a/proxy/squid_acl/squid_acl.pl
+++ b/proxy/squid_acl/squid_acl.pl
@@ -6,10 +6,11 @@ use Switch;
 use FindBin qw($Bin);
 
 require "$Bin/../script/conntrack.conf";
+require "$Bin/shellwords.pl";
 
 local $SIG{ALRM} = sub {
 	my $time = localtime; # scalar context
-#	print LOG "$$ - $time - Exit\n";
+	print LOG "$$ - $time - Exit\n";
 	exit 1;
 };
 
@@ -21,31 +22,26 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
 $sts = $dbmysql->prepare("use $DBname");
 $sts->execute ();
 
-#open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
-#LOG->autoflush(1);
+open LOG, ">> /usr/local/mybin/proxy/squid_acl/squid_pool.log";
+LOG->autoflush(1);
 
-while($limit) {
-	alarm $timeout;
-	my $query = "";
-	my $input = <>;
-	chop $input;
+my $time = localtime; # scalar context
+print LOG "$$ - $time - Start\n";
 
-	my @param = split / /, $input;
-
-	my $ritorno = cerca ($param[1],$param[2], -1);
-	$limit--;
-	if ($ritorno) {
-#		print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
-		print "DENY\n";
+while (<>) {
+	print LOG "$$ - $time - $_\n";
+	my ($name, $ip, $host) = &shellwords;
+	
+	if (cerca($ip,$host, -1)) {
+		print LOG "$ip, $host, -1 - ERR\n";
+		print "ERR\n";
 	} else {
-		$ritorno = cerca ($param[1],$param[2], 1);
-		if ($ritorno) {
-#			print LOG "$param[0] - $param[1] - $param[2] - OK\n";
+		if (cerca($ip,$host, 1)) {
+			print LOG "$ip, $host, -1 - OK\n";
 			print "OK\n";
 		} else {
-#			print LOG "$param[0] - $param[1] - $param[2] - ERR\n";
-#			print "DENY\n";
-			print "\n";
+			print LOG "$ip, $host, -1 - ERR\n";
+			print "ERR\n";
 		}
 	}
 }
@@ -131,9 +127,10 @@ sub cerca {
 					WHERE
 						proxy_pool.ip = '$ip'
 					)
+
 	";
 
-#	print "$query\n";
+#	print LOG "$query\n";
 	$sts = $dbmysql->prepare($query);
 	$sts->execute ();
 
diff --git a/proxy/squid_acl/squid_auth.pl b/proxy/squid_acl/squid_auth.pl
index 45b1ca1..5ab3dad 100755
--- a/proxy/squid_acl/squid_auth.pl
+++ b/proxy/squid_acl/squid_auth.pl
@@ -20,19 +20,33 @@ my $dbmysql = DBI->connect("DBI:mysql:;host=$DBhost", $DBuser, $DBpass) or die (
 $sts = $dbmysql->prepare("use $DBname");
 $sts->execute ();
 
-#open LOG, ">> /srv/www/htdocs/pannello_vbc/proxy/squid_acl/squid_pool.log";
-#LOG->autoflush(1);
+open LOG, ">> /usr/local/mybin/proxy/squid_acl/squid_pool.log";
+LOG->autoflush(1);
+#					pass = PASSWORD('".$param[1]."') 
 
 alarm $timeout;
 while($limit) {
 	my $query = "";
 	my $input = <>;
+	print LOG "AUTH -- $input\n";
 	chop $input;
 
 	my @param = split / /, $input;
 
 	if ($param[0] ne "") {
-		$query = "SELECT id, primo, (tempo*3600)-time_to_sec(timediff(ultimo, primo)) AS rimasto, tempo FROM proxy_utenti WHERE user = '".$param[0]."' AND pass = PASSWORD('".$param[1]."') AND attivo = 1";
+		$query = "	SELECT 
+					id, 
+					primo, 
+					(tempo*3600)-time_to_sec(timediff(ultimo, primo)) AS rimasto, 
+					tempo 
+				FROM 
+					proxy_utenti 
+				WHERE 
+					user = '".$param[0]."' 
+					AND 
+					pass = ENCRYPT('".$param[1]."',LEFT(pass, 2)) 
+					AND 
+					attivo = 1";
 		$limit--;
 		alarm $timeout;
 	} else {
diff --git a/proxy/users_edit.php b/proxy/users_edit.php
index 325db81..a584767 100755
--- a/proxy/users_edit.php
+++ b/proxy/users_edit.php
@@ -17,7 +17,7 @@ if (isset($_POST['id'])) {
 		$pwd2 = $_POST['pwd2'];
 
 		if ($pwd1 == $pwd2) {
-			$pwd = "pass = PASSWORD('$pwd1'),";
+			$pwd = "pass = ENCRYPT('$pwd1'),";
 		} else {
 			$pwd = -1;
 		}
diff --git a/proxy/users_group_edit.php b/proxy/users_group_edit.php
index 4f4ddf7..0ab5f4d 100755
--- a/proxy/users_group_edit.php
+++ b/proxy/users_group_edit.php
@@ -23,7 +23,7 @@ if (isset($_POST['id'])) {
 					proxy_utenti
 				SET
 					user = '$utgruppo',
-					pass = PASSWORD('$pwgruppo'),
+					pass = ENCRYPT('$pwgruppo'),
 					fullname = 'Utente Guest',
 					data = NOW(),
 					modifica = NOW(),