From: hno <>
Date: Tue, 20 Nov 2007 21:46:49 +0000 (+0000)
Subject: Make squid_db_auth reopen the database connection on each query by default
X-Git-Tag: SQUID_3_0_STABLE1~27
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e6711721a1b3cd8f862acb1972afdd32e3c77eee;p=thirdparty%2Fsquid.git

Make squid_db_auth reopen the database connection on each query by default

This change adds support for non-persistent database connections, and also
makes that the default.

To use a persistent database connection use the --persist option.
---

diff --git a/helpers/basic_auth/DB/Makefile.in b/helpers/basic_auth/DB/Makefile.in
index 105dcea423..2301732309 100644
--- a/helpers/basic_auth/DB/Makefile.in
+++ b/helpers/basic_auth/DB/Makefile.in
@@ -17,7 +17,7 @@
 #
 #  Makefile for the Squid Object Cache server
 #
-#  $Id: Makefile.in,v 1.18 2007/11/12 01:10:59 hno Exp $
+#  $Id: Makefile.in,v 1.19 2007/11/20 14:46:49 hno Exp $
 #
 #  Uncomment and customize the following to suit your needs:
 #
@@ -71,7 +71,6 @@ AMTAR = @AMTAR@
 AR = @AR@
 AR_R = @AR_R@
 AUTH_LIBS = @AUTH_LIBS@
-AUTH_LINKOBJS = @AUTH_LINKOBJS@
 AUTH_MODULES = @AUTH_MODULES@
 AUTH_OBJS = @AUTH_OBJS@
 AUTOCONF = @AUTOCONF@
@@ -79,7 +78,6 @@ AUTOHEADER = @AUTOHEADER@
 AUTOMAKE = @AUTOMAKE@
 AWK = @AWK@
 BASIC_AUTH_HELPERS = @BASIC_AUTH_HELPERS@
-CACHE_EFFECTIVE_USER = @CACHE_EFFECTIVE_USER@
 CACHE_HTTP_PORT = @CACHE_HTTP_PORT@
 CACHE_ICP_PORT = @CACHE_ICP_PORT@
 CC = @CC@
@@ -88,30 +86,19 @@ CFLAGS = @CFLAGS@
 CGIEXT = @CGIEXT@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
-CPPUNITCONFIG = @CPPUNITCONFIG@
 CRYPTLIB = @CRYPTLIB@
-CXX = @CXX@
-CXXCPP = @CXXCPP@
-CXXDEPMODE = @CXXDEPMODE@
-CXXFLAGS = @CXXFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
 DIGEST_AUTH_HELPERS = @DIGEST_AUTH_HELPERS@
-DISK_LIBS = @DISK_LIBS@
-DISK_LINKOBJS = @DISK_LINKOBJS@
-DISK_PROGRAMS = @DISK_PROGRAMS@
-ECHO = @ECHO@
 ECHO_C = @ECHO_C@
 ECHO_N = @ECHO_N@
 ECHO_T = @ECHO_T@
 EGREP = @EGREP@
-ENABLE_ARP_ACL_FALSE = @ENABLE_ARP_ACL_FALSE@
-ENABLE_ARP_ACL_TRUE = @ENABLE_ARP_ACL_TRUE@
 ENABLE_HTCP_FALSE = @ENABLE_HTCP_FALSE@
 ENABLE_HTCP_TRUE = @ENABLE_HTCP_TRUE@
-ENABLE_IDENT_FALSE = @ENABLE_IDENT_FALSE@
-ENABLE_IDENT_TRUE = @ENABLE_IDENT_TRUE@
+ENABLE_MINGW32SPECIFIC_FALSE = @ENABLE_MINGW32SPECIFIC_FALSE@
+ENABLE_MINGW32SPECIFIC_TRUE = @ENABLE_MINGW32SPECIFIC_TRUE@
 ENABLE_PINGER_FALSE = @ENABLE_PINGER_FALSE@
 ENABLE_PINGER_TRUE = @ENABLE_PINGER_TRUE@
 ENABLE_SSL_FALSE = @ENABLE_SSL_FALSE@
@@ -120,32 +107,27 @@ ENABLE_UNLINKD_FALSE = @ENABLE_UNLINKD_FALSE@
 ENABLE_UNLINKD_TRUE = @ENABLE_UNLINKD_TRUE@
 ENABLE_WIN32SPECIFIC_FALSE = @ENABLE_WIN32SPECIFIC_FALSE@
 ENABLE_WIN32SPECIFIC_TRUE = @ENABLE_WIN32SPECIFIC_TRUE@
-ENABLE_XPROF_STATS_FALSE = @ENABLE_XPROF_STATS_FALSE@
-ENABLE_XPROF_STATS_TRUE = @ENABLE_XPROF_STATS_TRUE@
-EPOLL_LIBS = @EPOLL_LIBS@
 ERR_DEFAULT_LANGUAGE = @ERR_DEFAULT_LANGUAGE@
 ERR_LANGUAGES = @ERR_LANGUAGES@
 EXEEXT = @EXEEXT@
 EXTERNAL_ACL_HELPERS = @EXTERNAL_ACL_HELPERS@
-F77 = @F77@
 FALSE = @FALSE@
-FFLAGS = @FFLAGS@
 GREP = @GREP@
-ICAP_LIBS = @ICAP_LIBS@
 INSTALL_DATA = @INSTALL_DATA@
 INSTALL_PROGRAM = @INSTALL_PROGRAM@
 INSTALL_SCRIPT = @INSTALL_SCRIPT@
 INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
 LDFLAGS = @LDFLAGS@
-LIBADD_DL = @LIBADD_DL@
+LIBDLMALLOC = @LIBDLMALLOC@
 LIBOBJS = @LIBOBJS@
 LIBREGEX = @LIBREGEX@
 LIBS = @LIBS@
 LIBSASL = @LIBSASL@
-LIBTOOL = @LIBTOOL@
 LIB_DB = @LIB_DB@
+LIB_EPOLL = @LIB_EPOLL@
 LIB_LBER = @LIB_LBER@
 LIB_LDAP = @LIB_LDAP@
+LIB_MALLOC = @LIB_MALLOC@
 LN = @LN@
 LN_S = @LN_S@
 LTLIBOBJS = @LTLIBOBJS@
@@ -155,15 +137,16 @@ MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
 MAKEINFO = @MAKEINFO@
 MAKE_LEAKFINDER_FALSE = @MAKE_LEAKFINDER_FALSE@
 MAKE_LEAKFINDER_TRUE = @MAKE_LEAKFINDER_TRUE@
-MINGW_LIBS = @MINGW_LIBS@
 MKDIR = @MKDIR@
 MV = @MV@
+NEED_COSSDUMP_FALSE = @NEED_COSSDUMP_FALSE@
+NEED_COSSDUMP_TRUE = @NEED_COSSDUMP_TRUE@
+NEED_DISKD_FALSE = @NEED_DISKD_FALSE@
+NEED_DISKD_TRUE = @NEED_DISKD_TRUE@
 NEED_OWN_SNPRINTF_FALSE = @NEED_OWN_SNPRINTF_FALSE@
 NEED_OWN_SNPRINTF_TRUE = @NEED_OWN_SNPRINTF_TRUE@
 NEED_OWN_STRSEP_FALSE = @NEED_OWN_STRSEP_FALSE@
 NEED_OWN_STRSEP_TRUE = @NEED_OWN_STRSEP_TRUE@
-NEED_OWN_STRTOLL_FALSE = @NEED_OWN_STRTOLL_FALSE@
-NEED_OWN_STRTOLL_TRUE = @NEED_OWN_STRTOLL_TRUE@
 NEGOTIATE_AUTH_HELPERS = @NEGOTIATE_AUTH_HELPERS@
 NTLM_AUTH_HELPERS = @NTLM_AUTH_HELPERS@
 OBJEXT = @OBJEXT@
@@ -176,6 +159,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
 PERL = @PERL@
+PKGCONFIG = @PKGCONFIG@
 RANLIB = @RANLIB@
 REGEXLIB = @REGEXLIB@
 REPL_LIBS = @REPL_LIBS@
@@ -186,22 +170,14 @@ SET_MAKE = @SET_MAKE@
 SH = @SH@
 SHELL = @SHELL@
 SNMPLIB = @SNMPLIB@
-SQUID_CFLAGS = @SQUID_CFLAGS@
-SQUID_CPPUNIT_INC = @SQUID_CPPUNIT_INC@
-SQUID_CPPUNIT_LA = @SQUID_CPPUNIT_LA@
-SQUID_CPPUNIT_LIBS = @SQUID_CPPUNIT_LIBS@
-SQUID_CXXFLAGS = @SQUID_CXXFLAGS@
 SSLLIB = @SSLLIB@
 STORE_LIBS = @STORE_LIBS@
-STORE_LINKOBJS = @STORE_LINKOBJS@
+STORE_MODULES = @STORE_MODULES@
 STORE_OBJS = @STORE_OBJS@
-STORE_TESTS = @STORE_TESTS@
 STRIP = @STRIP@
 TRUE = @TRUE@
 USE_AIOPS_WIN32_FALSE = @USE_AIOPS_WIN32_FALSE@
 USE_AIOPS_WIN32_TRUE = @USE_AIOPS_WIN32_TRUE@
-USE_AIO_WIN32_FALSE = @USE_AIO_WIN32_FALSE@
-USE_AIO_WIN32_TRUE = @USE_AIO_WIN32_TRUE@
 USE_DELAY_POOLS_FALSE = @USE_DELAY_POOLS_FALSE@
 USE_DELAY_POOLS_TRUE = @USE_DELAY_POOLS_TRUE@
 USE_DEVPOLL_FALSE = @USE_DEVPOLL_FALSE@
@@ -210,12 +186,6 @@ USE_DNSSERVER_FALSE = @USE_DNSSERVER_FALSE@
 USE_DNSSERVER_TRUE = @USE_DNSSERVER_TRUE@
 USE_EPOLL_FALSE = @USE_EPOLL_FALSE@
 USE_EPOLL_TRUE = @USE_EPOLL_TRUE@
-USE_ESI_FALSE = @USE_ESI_FALSE@
-USE_ESI_TRUE = @USE_ESI_TRUE@
-USE_ICAP_CLIENT_FALSE = @USE_ICAP_CLIENT_FALSE@
-USE_ICAP_CLIENT_TRUE = @USE_ICAP_CLIENT_TRUE@
-USE_IPC_WIN32_FALSE = @USE_IPC_WIN32_FALSE@
-USE_IPC_WIN32_TRUE = @USE_IPC_WIN32_TRUE@
 USE_KQUEUE_FALSE = @USE_KQUEUE_FALSE@
 USE_KQUEUE_TRUE = @USE_KQUEUE_TRUE@
 USE_POLL_FALSE = @USE_POLL_FALSE@
@@ -233,12 +203,8 @@ WIN32_PSAPI = @WIN32_PSAPI@
 XTRA_LIBS = @XTRA_LIBS@
 XTRA_OBJS = @XTRA_OBJS@
 ac_ct_CC = @ac_ct_CC@
-ac_ct_CXX = @ac_ct_CXX@
-ac_ct_F77 = @ac_ct_F77@
 am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
 am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
-am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
-am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
 am__include = @am__include@
 am__leading_dot = @am__leading_dot@
 am__quote = @am__quote@
@@ -278,7 +244,6 @@ program_transform_name = @program_transform_name@
 psdir = @psdir@
 sbindir = @sbindir@
 sharedstatedir = @sharedstatedir@
-subdirs = @subdirs@
 sysconfdir = @sysconfdir@
 target_alias = @target_alias@
 libexec_SCRIPTS = squid_db_auth
@@ -339,15 +304,6 @@ uninstall-libexecSCRIPTS:
 	  echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \
 	  rm -f "$(DESTDIR)$(libexecdir)/$$f"; \
 	done
-
-mostlyclean-libtool:
-	-rm -f *.lo
-
-clean-libtool:
-	-rm -rf .libs _libs
-
-distclean-libtool:
-	-rm -f libtool
 uninstall-info-am:
 install-man8: $(man8_MANS) $(man_MANS)
 	@$(NORMAL_INSTALL)
@@ -462,11 +418,11 @@ maintainer-clean-generic:
 	@echo "it deletes files that may require special tools to rebuild."
 clean: clean-am
 
-clean-am: clean-generic clean-libtool mostlyclean-am
+clean-am: clean-generic mostlyclean-am
 
 distclean: distclean-am
 	-rm -f Makefile
-distclean-am: clean-am distclean-generic distclean-libtool
+distclean-am: clean-am distclean-generic
 
 dvi: dvi-am
 
@@ -494,7 +450,7 @@ maintainer-clean-am: distclean-am maintainer-clean-generic
 
 mostlyclean: mostlyclean-am
 
-mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+mostlyclean-am: mostlyclean-generic
 
 pdf: pdf-am
 
@@ -508,17 +464,15 @@ uninstall-am: uninstall-info-am uninstall-libexecSCRIPTS uninstall-man
 
 uninstall-man: uninstall-man8
 
-.PHONY: all all-am check check-am clean clean-generic clean-libtool \
-	distclean distclean-generic distclean-libtool distdir dvi \
-	dvi-am html html-am info info-am install install-am \
-	install-data install-data-am install-exec install-exec-am \
-	install-info install-info-am install-libexecSCRIPTS \
-	install-man install-man8 install-strip installcheck \
-	installcheck-am installdirs maintainer-clean \
-	maintainer-clean-generic mostlyclean mostlyclean-generic \
-	mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am \
-	uninstall-info-am uninstall-libexecSCRIPTS uninstall-man \
-	uninstall-man8
+.PHONY: all all-am check check-am clean clean-generic distclean \
+	distclean-generic distdir dvi dvi-am html html-am info info-am \
+	install install-am install-data install-data-am install-exec \
+	install-exec-am install-info install-info-am \
+	install-libexecSCRIPTS install-man install-man8 install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-generic pdf \
+	pdf-am ps ps-am uninstall uninstall-am uninstall-info-am \
+	uninstall-libexecSCRIPTS uninstall-man uninstall-man8
 
 
 squid_db_auth.8: squid_db_auth
diff --git a/helpers/basic_auth/DB/squid_db_auth.in b/helpers/basic_auth/DB/squid_db_auth.in
index b3c7b33b98..9ae8b4da42 100755
--- a/helpers/basic_auth/DB/squid_db_auth.in
+++ b/helpers/basic_auth/DB/squid_db_auth.in
@@ -3,6 +3,7 @@ use strict;
 use DBI;
 use Getopt::Long;
 use Pod::Usage;
+$|=1;
 
 =pod
 
@@ -20,6 +21,7 @@ my $db_usercol = "user";
 my $db_passwdcol = "password";
 my $db_cond = "enabled = 1";
 my $plaintext = 0;
+my $persist = 0;
 
 =pod
 
@@ -65,6 +67,10 @@ Condition, defaults to enabled=1. Specify 1 or "" for no condition
 
 Database contains plain-text passwords
 
+=item	B<--persist>
+
+Keep a persistent database connection open between queries. 
+
 =back
 
 =cut
@@ -78,13 +84,30 @@ GetOptions(
 	'passwdcol=s' => \$db_passwdcol,
 	'cond=s' => \$db_cond,
 	'plaintext' => \$plaintext,
+	'persist' => \$persist,
 	);
 
-my $dbh = DBI->connect($dsn, $db_user, $db_passwd) || die ("Could not connect to $dsn\n");
+my ($_dbh, $_sth);
 
-my ($sth) = $dbh->prepare("SELECT $db_passwdcol FROM $db_table WHERE $db_usercol = ?" . ($db_cond ne "" ? " AND $db_cond" : "")) || die;
+sub close_db()
+{
+    return if !defined($_dbh);
+    $_dbh->disconnect();
+    undef $_dbh;
+    undef $_sth;
+}
 
-my $status;
+sub open_db()
+{
+    return $_sth if defined $_sth;
+    $_dbh = DBI->connect($dsn, $db_user, $db_passwd);
+    if (!defined $_dbh) {
+    	warn ("Could not connect to $dsn\n");
+	return undef;
+    }
+    $_sth = $_dbh->prepare("SELECT $db_passwdcol FROM $db_table WHERE $db_usercol = ?" . ($db_cond ne "" ? " AND $db_cond" : "")) || die;
+    return $_sth;
+}
 
 sub check_password($$)
 {
@@ -96,20 +119,34 @@ sub check_password($$)
 
     return 0;
 }
+
+sub query_db($) {
+    my ($user) = @_;
+    my ($sth) = open_db() || return undef;
+    if (!$sth->execute($user)) {
+	close_db();
+	open_db() || return undef;
+	$sth->execute($user) || return undef;;
+    }
+    return $sth;
+}
+my $status;
+
 while (<>) {
     my ($user, $password) = split;
     $status = "ERR";
     $user =~ s/%(..)/pack("H*", $1)/ge;
     $password =~ s/%(..)/pack("H*", $1)/ge;
 
-    $status = "ERR internal error";
-    $sth->execute($user) || next;
+    $status = "ERR database error";
+    my $sth = query_db($user) || next;
     $status = "ERR unknown login";
-    my ($row) = $sth->fetchrow_arrayref() || next;
+    my $row = $sth->fetchrow_arrayref() || next;
     $status = "ERR login failure";
     next if (!check_password($password, @$row[0]));
     $status = "OK";
 } continue {
+    close_db() if (!$persist);
     print $status . "\n";
 }