| Server IP : 195.201.23.43 / Your IP : 3.129.194.144 Web Server : Apache System : Linux webserver2.vercom.be 5.4.0-192-generic #212-Ubuntu SMP Fri Jul 5 09:47:39 UTC 2024 x86_64 User : kdecoratie ( 1041) PHP Version : 7.1.33-63+ubuntu20.04.1+deb.sury.org+1 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/share/webmin/squid/ |
Upload File : |
#!/usr/bin/perl
# save_authparam.cgi
# Save authentication program options
use strict;
use warnings;
no warnings 'redefine';
no warnings 'uninitialized';
our (%text, %in, %access, $squid_version, %config, $auth_program,
$auth_database, $module_root_directory, $module_config_directory);
require './squid-lib.pl';
$access{'authparam'} || &error($text{'authparam_ecannot'});
&ReadParse();
&lock_file($config{'squid_conf'});
my $conf = &get_config();
&error_setup($text{'authparam_err'});
if ($squid_version >= 2.5) {
my @auth = &find_config("auth_param", $conf);
# Save basic authentication options
if ($in{'b_auth_mode'} == 0) {
&save_auth(\@auth, "basic", "program");
}
elsif ($in{'b_auth_mode'} == 2) {
©_source_dest("$module_root_directory/squid-auth.pl",
"$module_config_directory/squid-auth.pl");
&save_auth(\@auth, "basic", "program", "$auth_program $auth_database");
&system_logged("chmod a+rx $auth_program $auth_database");
}
else {
&check_error(\&check_prog, $in{'b_auth'});
&save_auth(\@auth, "basic", "program", $in{'b_auth'});
}
if ($in{'b_children_def'}) {
&save_auth(\@auth, "basic", "children");
}
else {
$in{'b_children'} =~ /^\d+$/ ||
&error(&text('sprog_emsg5', $in{'b_children'}));
&save_auth(\@auth, "basic", "children", $in{'b_children'});
}
if ($in{'b_ttl_def'}) {
&save_auth(\@auth, "basic", "credentialsttl");
}
else {
$in{'b_ttl'} =~ /^\d+$/ ||
&error(&text('sprog_emsg10', $in{'b_ttl'}));
&save_auth(\@auth, "basic", "credentialsttl",
$in{'b_ttl'}." ".$in{'b_ttl_u'});
}
if ($in{'b_realm_def'}) {
&save_auth(\@auth, "basic", "realm");
}
else {
&save_auth(\@auth, "basic", "realm", $in{'b_realm'});
}
if ($in{'b_aittl_def'}) {
&save_directive($conf, "authenticate_ip_ttl",[ ]);
}
else {
$in{'b_aittl'} =~ /^\d+$/ ||
&error(&text('sprog_emsg10', $in{'b_aittl'}));
my @baittl= ( $in{'b_aittl'}." ".$in{'b_aittl_u'} );
&save_directive($conf, "authenticate_ip_ttl",
[ { 'name' => 'authenticate_ip_ttl',
'values' => \@baittl }]);
}
# Save digest authentication options
if ($in{'d_auth_mode'} == 0) {
&save_auth(\@auth, "digest", "program");
}
else {
&check_error(\&check_prog, $in{'d_auth'});
&save_auth(\@auth, "digest", "program", $in{'d_auth'});
}
if ($in{'d_children_def'}) {
&save_auth(\@auth, "digest", "children");
}
else {
$in{'d_children'} =~ /^\d+$/ ||
&error(&text('sprog_emsg5', $in{'d_children'}));
&save_auth(\@auth, "digest", "children", $in{'d_children'});
}
if ($in{'d_realm_def'}) {
&save_auth(\@auth, "digest", "realm");
}
else {
&save_auth(\@auth, "digest", "realm", $in{'d_realm'});
}
# Save NTLM authentication options
if ($in{'n_auth_mode'} == 0) {
&save_auth(\@auth, "ntlm", "program");
}
else {
&check_error(\&check_prog, $in{'n_auth'});
&save_auth(\@auth, "ntlm", "program", $in{'n_auth'});
}
if ($in{'n_children_def'}) {
&save_auth(\@auth, "ntlm", "children");
}
else {
$in{'n_children'} =~ /^\d+$/ ||
&error(&text('sprog_emsg5', $in{'n_children'}));
&save_auth(\@auth, "ntlm", "children", $in{'n_children'});
}
if ($in{'n_reuses_def'}) {
&save_auth(\@auth, "ntlm", "max_challenge_reuses");
}
else {
$in{'n_reuses'} =~ /^\d+$/ ||
&error(&text('authparam_ereuses', $in{'n_reuses'}));
&save_auth(\@auth, "ntlm", "max_challenge_reuses",
$in{'n_reuses'});
}
if ($in{'n_ttl_def'}) {
&save_auth(\@auth, "ntlm", "max_challenge_lifetime");
}
else {
$in{'n_ttl'} =~ /^\d+$/ ||
&error(&text('authparam_elifetime', $in{'n_ttl'}));
&save_auth(\@auth, "ntlm", "max_challenge_lifetime",
$in{'n_ttl'}." ".$in{'n_ttl_u'});
}
&save_directive($conf, "auth_param", \@auth, undef, "acl");
}
elsif ($squid_version >= 2) {
if ($in{'auth_mode'} == 0) {
&save_directive($conf, "authenticate_program", [ ]);
}
elsif ($in{'auth_mode'} == 2) {
©_source_dest("$module_root_directory/squid-auth.pl",
"$module_config_directory/squid-auth.pl");
&save_directive($conf, "authenticate_program",
[ { 'name' => 'authenticate_program',
'values' => [ "$auth_program $auth_database" ] } ]);
&system_logged("chmod a+rx $auth_program $auth_database");
}
else {
&check_error(\&check_prog, $in{'auth'});
&save_directive($conf, "authenticate_program",
[ { 'name' => 'authenticate_program',
'values' => [ $in{'auth'} ] } ]);
}
&save_opt("authenticate_children", \&check_children, $conf);
&save_opt("proxy_auth_realm", undef, $conf);
if ($squid_version >= 2.4) {
&save_opt_time("authenticate_ttl", $conf);
&save_opt_time("authenticate_ip_ttl", $conf);
}
}
&flush_file_lines();
&unlock_file($config{'squid_conf'});
&webmin_log("authparam", undef, undef, \%in);
&redirect("");
sub check_prog
{
$_[0] =~ /^(\/\S+)/ || return &text('sprog_emsg2', $_[0]);
return -x $1 ? undef : &text('sprog_emsg3',$_[0]);
}
sub check_children
{
return $_[0] =~ /^\d+$/ ? undef : &text('sprog_emsg5',$_[0]);
}
# save_auth(&auth, type, name, [value])
sub save_auth
{
my ($old) = grep { $_->{'values'}->[0] eq $_[1] &&
$_->{'values'}->[1] eq $_[2] } @{$_[0]};
if ($old && @_ > 3) {
# Replace value
$old->{'values'} = [ $_[1], $_[2], $_[3] ];
}
elsif (@_ > 3) {
# Adding
push(@{$_[0]}, { 'name' => 'auth_param',
'values' => [ $_[1], $_[2], $_[3] ] });
}
elsif ($old) {
# Removing
@{$_[0]} = grep { $_ ne $old } @{$_[0]};
}
}
Private