/*
 *  mysql_auth.c
 *
 *  Copyright 1998 Frank Liu (frank@ctcqnx4.ctc.cummins.com)
 *  Distributed under the GPL
 *
 *  26 Sep 1999, version 2:
 *    1. fixed a bug where A_TABLE is defined but never used.
 *       (thanks to luciano.ghezzi@linux.it)
 *    2. now you can choose to use either clear text password or
 *       encrypted password in the MySQL table.
 *  13 Nov 1998, version 1:
 *    initial release
 *  Needs to be compiled/linked with MySQL libs.
 *  Assuming MySQL header files are installed in /usr/local/mysql/include
 *  and MySQL libs in /usr/local/mysql/lib
 *
 *  On my Linux box:
 *
 *  cc -I /usr/local/mysql/include -O -o mysql_auth mysql_auth.c \
       -L /usr/local/mysql/lib -lmysqlclient -lm
 *
 *  Then modify the squid.conf to use this external auth program:
 *
 *  authenticate_program /usr/local/squid/bin/mysql_auth
 *
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "mysql.h"

/* comment out next line if you use clear text password in MySQL DB */
#define ENCRYPTED_PASS

/* can use NULL for localhost, current user, or no password */
#define DBHOST "localhost"
#define DBUSER "nobody"
#define DB "www"
#define DBPASSWORD NULL

/* table for the user database for the squid authentication, 
   column names for auth username and auth password */
#define A_TABLE  "user"
#define A_USERNAME "username"
#define A_PASSWORD "passwd"

#define BUFSIZE         256

void main(int argc, char *argv[])
{
    char buf[BUFSIZE], qbuf[BUFSIZE];
    char *p;
    MYSQL mysql,*sock;
    MYSQL_RES *res;

    /* make standard output line buffered */
    if (setvbuf(stdout, NULL, _IOLBF, 0) != 0)
        return;

    while (1) {
        if (fgets(buf, BUFSIZE, stdin) == NULL)
            break;
        if ((p = strchr(buf, '\n')) != NULL)
            *p = '\0';          /* strip \n */
        if ((p = strchr(buf, ' ')) == NULL) {
            (void) printf("ERR\n");
            continue;
        }
        *p++ = '\0';

        /* buf is username and p is password now */

        if (!(sock = mysql_connect(&mysql, DBHOST, DBUSER, DBPASSWORD))) 
        {
            /* couldn't connect to database server */
            (void) printf("ERR\n");
            continue;
        }
        if (mysql_select_db(sock, DB))
        {
            /* couldn't use the database */
            (void) printf("ERR\n");
            mysql_close(sock);
            continue;
        }
        sprintf(qbuf, "select " A_USERNAME " from " A_TABLE " where "
                       A_USERNAME "='%s' and " A_PASSWORD 

#ifdef ENCRYPTED_PASS
                      "=password('%s')", buf, p);
#else
                      "='%s'", buf, p);
#endif
        if(mysql_query(sock,qbuf) || !(res=mysql_store_result(sock)))
        {
            /* query failed */
            (void) printf("ERR\n");
            mysql_close(sock);
            continue;
        }
        if ( res->row_count !=0 )
            (void) printf("OK\n");
        else
            (void) printf("ERR\n");
        mysql_free_result(res);
        mysql_close(sock);
    }
    exit(0);
}