示例#1
0
         $un = $row[0];
         // enforce the session expiry time
         $ttl = $row[1] + 0;
     }
 }
 // finally, WAN sessions
 if (!$onLan && !$un) {
     getLock();
     // TODO: check against active $servers, load alternate LDAP settings
     $rs = mysqli_query($mconn, "select username, TIMESTAMPDIFF(SECOND, UTC_TIMESTAMP(), expiry_time_utc) as ttl, session_id from wan_sessions where proxy_port = {$port} and ip_address = '{$srcIP}' and expiry_time_utc > UTC_TIMESTAMP()");
     if ($rs && ($row = $rs->fetch_row())) {
         $un = $row[0];
         // enforce the session expiry time
         $ttl = $row[1] + 0;
         // keep the session alive
         renewWanSession($row[2], $mconn);
     }
     releaseLock();
 }
 if (!$un) {
     writeReply("ERR");
     // negative cache TTL is 5 seconds
     cacheResult($srcIP, $mac, isset($input[1]) ? $input[1] : "", null, 5);
     continue;
 }
 if ($ttl > SQUID_MAX_TTL) {
     $ttl = SQUID_MAX_TTL;
 }
 $userGroups = getUserGroups($un, true, true, $ldapServer, $ldapUser, $ldapPassword, $ldapBase);
 if ($userGroups === false) {
     // this could indicate a disabled account or an LDAP error
示例#2
0
             $proxyPort = $port;
             break;
         }
     }
     if (is_null($proxyPort)) {
         releaseLock();
         exit("No spare WAN ports for this IP address.");
     }
     if ($conn->query("insert into wan_sessions (username, serial_number, ip_address, proxy_port, auth_time_utc, expiry_time_utc)\nvalues ('" . $conn->escape_string($username) . "', '" . $conn->escape_string($serialNumber) . "', '{$srcIP}', {$proxyPort}, UTC_TIMESTAMP(), ADDTIME(UTC_TIMESTAMP(), '" . SQUID_WAN_SESSION_DURATION . "'))")) {
         iptablesAddWanUser($srcIP, $proxyPort);
     } else {
         releaseLock();
         exit("Error creating session.");
     }
 } else {
     renewWanSession($sessionId, $conn);
 }
 releaseLock();
 // check that our user is active, and hand out a custom PAC if required
 $userGroups = getUserGroups($username, true, false);
 // if $userGroups === FALSE, the user is inactive (or we encountered an LDAP error)
 if (is_array($userGroups)) {
     $pacFile = SQUID_ROOT . "/pac.wan.js";
     $subs["{PORT}"] = $proxyPort;
     foreach ($userGroups as $userGroup) {
         if (isset($SQUID_CUSTOM_PAC) && is_array($SQUID_CUSTOM_PAC) && array_key_exists($userGroup, $SQUID_CUSTOM_PAC)) {
             $pacFile = SQUID_ROOT . "/" . $SQUID_CUSTOM_PAC[$userGroup];
             break;
         }
     }
 }