# created By Henry Saptono henry[at]nurulfikri.com
# squid_mysql_mauth.sh is helper modul for squid authentication
# with mysql database backend 
# License GPL lah..

# How to using this modul
# add this entry to your squid.conf:
#       auth_param basic program /usr/lib/squid/squid_mysql_mauth.sh
#  
# and create acl and rule like this:
#        acl password proxy_auth REQUIRED
#	 acl mylan src 192.168.1.0/24
#	 http_access allow mylan password
#	 http_access deny all

#SET All of mysql argument here....
#MYSQL_USER is user account for mysql 
MYSQL_USER="squid"

#MYSQL_PASS is password of user account
MYSQL_PASS="squid"

#MYSQL_DB is database name in mysql
MYSQL_DB="squid"

#MYSQL_TABLE is table name in $MYSQL_DB
MYSQL_TABLE="users"

#MYSQL_COL_USER is username column of MYSQL_TABLE
MYSQL_COL_USER="username"

#MYSQL_COL_PASS is password column of MYSQL_TABLE with MD5 encryption 
MYSQL_COL_PASS="passwd"

#MYSQL_HOST is servername / Ip address of mysql host
MYSQL_HOST="localhost"

#MYSQL_CMD path of mysql client command line.
MYSQL_CMD="/usr/bin/mysql"

read authx
if [ -z "$authx" ];
then
	echo "ERR"
	continue
fi
auth_user=`echo $authx| awk '{print $1}'`
auth_pass=`echo $authx| awk '{print $2}'`
if [ -n "$auth_user" -a  -n "$auth_pass" ];
then
	VERIFY=`$MYSQL_CMD -u $MYSQL_USER -p$MYSQL_PASS $MYSQL_DB -h $MYSQL_HOST -e "SELECT 1 FROM $MYSQL_TABLE WHERE $MYSQL_COL_USER='$auth_user' AND $MYSQL_COL_PASS=md5('$auth_pass')"`	
fi
if [ -n "$VERIFY" ];
then
		echo "OK"
else
		echo "ERR"
fi
unset VERIFY
exit 0
#...end of script...