forked from poppyred/1.6.x
/
exec.squid.static.ad.groups.php
executable file
·105 lines (80 loc) · 3.46 KB
/
exec.squid.static.ad.groups.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
include_once(dirname(__FILE__)."/framework/frame.class.inc");
include_once(dirname(__FILE__)."/framework/class.unix.inc");
include_once(dirname(__FILE__)."/ressources/class.templates.inc");
include_once(dirname(__FILE__)."/ressources/class.users.menus.inc");
include_once(dirname(__FILE__)."/ressources/class.mysql.squid.builder.php");
include_once(dirname(__FILE__)."/ressources/class.squid.inc");
include_once(dirname(__FILE__)."/ressources/class.external.ad.inc");
if(is_array($argv)){
if(preg_match("#--verbose#",implode(" ",$argv))){
ini_set('display_errors', 1);ini_set('error_reporting', E_ALL);ini_set('error_prepend_string',null);ini_set('error_append_string',null);
$GLOBALS["VERBOSE"]=true;
}
if(preg_match("#--old#",implode(" ",$argv))){$GLOBALS["OLD"]=true;}
if(preg_match("#--force#",implode(" ",$argv))){$GLOBALS["FORCE"]=true;}
if(preg_match("#--rebuild#",implode(" ",$argv))){$GLOBALS["REBUILD"]=true;}
}
start_parse();
function start_parse(){
if($GLOBALS["VERBOSE"]){"echo Loading...\n";}
$unix=new unix();
if($GLOBALS["VERBOSE"]){"echo Loading done...\n";}
$pidfile="/etc/artica-postfix/pids/".basename(__FILE__).".".__FUNCTION__.".pid";
$timefile="/etc/artica-postfix/pids/".basename(__FILE__).".".__FUNCTION__.".time";
$pid=@file_get_contents($pidfile);
if(!$GLOBALS["FORCE"]){
if($pid<100){$pid=null;}
$unix=new unix();
if($unix->process_exists($pid,basename(__FILE__))){if($GLOBALS["VERBOSE"]){echo "Already executed pid $pid\n";}return;}
$timeexec=$unix->file_time_min($timefile);
if($timeexec<10){return;}
$mypid=getmypid();
@file_put_contents($pidfile,$mypid);
}
@unlink($timefile);
@file_put_contents($timefile, time());
$ldap=new clladp();
if(!$ldap->IsKerbAuth()){return;}
$q=new mysql_squid_builder();
$sql="SELECT ID,GroupName FROM webfilters_sqgroups WHERE `enabled`=1 AND `GroupType`='proxy_auth_statad'";
$results = $q->QUERY_SQL($sql);
$REFRESH=false;
$Count=mysql_num_rows($results);
$UPDATED=array();
while ($ligne = mysql_fetch_assoc($results)) {
if(parse_object($ligne["ID"],$ligne["GroupName"])){
$UPDATED[]=$ligne["GroupName"];
$REFRESH=true;}
}
if($REFRESH){
squid_admin_mysql(1, "Reloading proxy service after updating ". count($UPDATED)." Active Directory group(s)", @implode("\n", $UPDATED),__FILE__,__LINE__);
$squid=$unix->LOCATE_SQUID_BIN();
system("/etc/init.d/squid reload --force --script=exec.squid.static.ad.groups.php/".__LINE__);
$sock=new sockets();
$EnableTransparent27=intval($sock->GET_INFO("EnableTransparent27"));
if($EnableTransparent27==1){
system("/etc/init.d/squid-nat reload --script=".basename(__FILE__));
}
}
}
function parse_object($ID,$GroupName){
$filename="/etc/squid3/acls/container_$ID.txt";
$md5Source=md5_file($filename);
$ad=new external_ad_search();
$members=$ad->MembersFromGroupName($GroupName);
$MembersCount=count($members);
if($GLOBALS["VERBOSE"]){print_r($members);}
if($MembersCount==0){
squid_admin_mysql(1, "Group $GroupName return no member skiping task", null,__FILE__,__LINE__);
return false;
}
squid_admin_mysql(2, "Group $GroupName have $MembersCount member(s)", null,__FILE__,__LINE__);
@file_put_contents($filename, @implode("\n", $members)."\n");
$md5Dest=md5_file($filename);
if($GLOBALS["VERBOSE"]){echo "$filename: From \"$md5Source\" to \"$md5Dest\"\n";}
if($md5Dest<>$md5Source){
squid_admin_mysql(2, "Group $GroupName container have changed", null,__FILE__,__LINE__);
return true;}
return false;
}