[thirdparty/squid.git] / src / auth / Gadgets.cc

/*
 * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/* DEBUG: section 29    Authenticator */

/* The functions in this file handle authentication.
 * They DO NOT perform access control or auditing.
 * See acl.c for access control and client_side.c for auditing */

#include "squid.h"
#include "acl/Acl.h"
#include "acl/FilledChecklist.h"
#include "auth/AclProxyAuth.h"
#include "auth/Config.h"
#include "auth/Gadgets.h"
#include "auth/Scheme.h"
#include "auth/User.h"
#include "auth/UserRequest.h"
#include "client_side.h"
#include "globals.h"
#include "HttpReply.h"
#include "HttpRequest.h"

/**** PUBLIC FUNCTIONS (ALL GENERIC!)  ****/

int
authenticateActiveSchemeCount(void)
{
    int rv = 0;

    for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
        if ((*i)->configured())
            ++rv;

    debugs(29, 9, HERE << rv << " active.");

    return rv;
}

int
authenticateSchemeCount(void)
{
    int rv = Auth::Scheme::GetSchemes().size();

    debugs(29, 9, HERE << rv << " active.");

    return rv;
}

static void
authenticateRegisterWithCacheManager(Auth::ConfigVector * config)
{
    for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) {
        Auth::Config *scheme = *i;
        scheme->registerWithCacheManager();
    }
}

void
authenticateInit(Auth::ConfigVector * config)
{
    /* Do this first to clear memory and remove dead state on a reconfigure */
    if (proxy_auth_username_cache)
        Auth::User::CachedACLsReset();

    /* If we do not have any auth config state to create stop now. */
    if (!config)
        return;

    for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) {
        Auth::Config *schemeCfg = *i;

        if (schemeCfg->configured())
            schemeCfg->init(schemeCfg);
    }

    if (!proxy_auth_username_cache)
        Auth::User::cacheInit();

    authenticateRegisterWithCacheManager(config);
}

void
authenticateRotate(void)
{
    for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
        if ((*i)->configured())
            (*i)->rotateHelpers();
}

void
authenticateReset(void)
{
    debugs(29, 2, HERE << "Reset authentication State.");

    /* free all username cache entries */
    hash_first(proxy_auth_username_cache);
    AuthUserHashPointer *usernamehash;
    while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
        debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username());
        hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash);
        delete usernamehash;
    }

    /* schedule shutdown of the helpers */
    authenticateRotate();

    /* free current global config details too. */
    Auth::TheConfig.clear();
}

AuthUserHashPointer::AuthUserHashPointer(Auth::User::Pointer anAuth_user):
    auth_user(anAuth_user)
{
    key = (void *)anAuth_user->userKey();
    next = NULL;
    hash_join(proxy_auth_username_cache, (hash_link *) this);
}

Auth::User::Pointer
AuthUserHashPointer::user() const
{
    return auth_user;
}
Commit	Line	Data
1d620765	1	/*
bde978a6	2	* Copyright (C) 1996-2015 The Squid Software Foundation and contributors
1d620765	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
1d620765	7	*/
1d620765	8
bbc27441 AJ	9	/* DEBUG: section 29 Authenticator */
bbc27441 AJ	10
94439e4e	11	/* The functions in this file handle authentication.
	12	* They DO NOT perform access control or auditing.
	13	* See acl.c for access control and client_side.c for auditing */
1d620765	14
582c2af2	15	#include "squid.h"
3ad63615 AR	16	#include "acl/Acl.h"
3ad63615 AR	17	#include "acl/FilledChecklist.h"
602d9612	18	#include "auth/AclProxyAuth.h"
2d2b0bb7	19	#include "auth/Config.h"
3ad63615	20	#include "auth/Gadgets.h"
602d9612	21	#include "auth/Scheme.h"
2d2b0bb7	22	#include "auth/User.h"
3ad63615	23	#include "auth/UserRequest.h"
602d9612	24	#include "client_side.h"
582c2af2	25	#include "globals.h"
924f73bc	26	#include "HttpReply.h"
a2ac85d9	27	#include "HttpRequest.h"
1d620765	28
94439e4e	29	/** PUBLIC FUNCTIONS (ALL GENERIC!) **/
1d620765	30
94439e4e	31	int
2d72d4fd	32	authenticateActiveSchemeCount(void)
94439e4e	33	{
f5691f9c	34	int rv = 0;
62e76326	35
9f3d2b2e	36	for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
f5691f9c	37	if ((*i)->configured())
f5691f9c	38	++rv;
62e76326	39
427cb33a	40	debugs(29, 9, HERE << rv << " active.");
62e76326	41
94439e4e	42	return rv;
	43	}
	44
	45	int
2d72d4fd	46	authenticateSchemeCount(void)
94439e4e	47	{
c6cf8dee	48	int rv = Auth::Scheme::GetSchemes().size();
62e76326	49
427cb33a	50	debugs(29, 9, HERE << rv << " active.");
62e76326	51
94439e4e	52	return rv;
	53	}
	54
5acc9f37	55	static void
9f3d2b2e	56	authenticateRegisterWithCacheManager(Auth::ConfigVector * config)
5acc9f37	57	{
9f3d2b2e AJ	58	for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) {
9f3d2b2e AJ	59	Auth::Config scheme = i;
5acc9f37 FC	60	scheme->registerWithCacheManager();
	61	}
	62	}
	63
94439e4e	64	void
9f3d2b2e	65	authenticateInit(Auth::ConfigVector * config)
94439e4e	66	{
427cb33a AJ	67	/* Do this first to clear memory and remove dead state on a reconfigure */
427cb33a AJ	68	if (proxy_auth_username_cache)
d87154ee	69	Auth::User::CachedACLsReset();
427cb33a AJ	70
427cb33a AJ	71	/* If we do not have any auth config state to create stop now. */
5817ee13 AJ	72	if (!config)
	73	return;
	74
9f3d2b2e AJ	75	for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) {
9f3d2b2e AJ	76	Auth::Config schemeCfg = i;
62e76326	77
5817ee13 AJ	78	if (schemeCfg->configured())
5817ee13 AJ	79	schemeCfg->init(schemeCfg);
1d620765	80	}
62e76326	81
94439e4e	82	if (!proxy_auth_username_cache)
d87154ee	83	Auth::User::cacheInit();
6fdc2d18	84
5817ee13	85	authenticateRegisterWithCacheManager(config);
c623f072	86	}
c623f072	87
1d620765	88	void
0bcb6908	89	authenticateRotate(void)
1d620765	90	{
9f3d2b2e	91	for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
0bcb6908 AJ	92	if ((*i)->configured())
	93	(*i)->rotateHelpers();
	94	}
	95
	96	void
	97	authenticateReset(void)
	98	{
	99	debugs(29, 2, HERE << "Reset authentication State.");
	100
	101	/* free all username cache entries */
	102	hash_first(proxy_auth_username_cache);
	103	AuthUserHashPointer *usernamehash;
	104	while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
	105	debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username());
	106	hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash);
	107	delete usernamehash;
94439e4e	108	}
0bcb6908 AJ	109
	110	/* schedule shutdown of the helpers */
	111	authenticateRotate();
	112
	113	/* free current global config details too. */
c33a88ca	114	Auth::TheConfig.clear();
e6ccf245	115	}
e6ccf245	116
d87154ee	117	AuthUserHashPointer::AuthUserHashPointer(Auth::User::Pointer anAuth_user):
f53969cc	118	auth_user(anAuth_user)
e6ccf245	119	{
d4806c91	120	key = (void *)anAuth_user->userKey();
4a8b20e8	121	next = NULL;
e6ccf245	122	hash_join(proxy_auth_username_cache, (hash_link *) this);
94439e4e	123	}
e6ccf245	124
d87154ee	125	Auth::User::Pointer
e6ccf245	126	AuthUserHashPointer::user() const
	127	{
	128	return auth_user;
	129	}
f53969cc	130