]>
Commit | Line | Data |
---|---|---|
bbc27441 | 1 | /* |
f70aedc4 | 2 | * Copyright (C) 1996-2021 The Squid Software Foundation and contributors |
bbc27441 AJ |
3 | * |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
2d70df72 | 9 | #ifndef __AUTH_DIGEST_H__ |
10 | #define __AUTH_DIGEST_H__ | |
928f3421 | 11 | |
a0026a6c AJ |
12 | #if HAVE_AUTH_MODULE_DIGEST |
13 | ||
3ad63615 | 14 | #include "auth/Gadgets.h" |
ae578099 | 15 | #include "auth/SchemeConfig.h" |
2d2b0bb7 | 16 | #include "auth/UserRequest.h" |
24438ec5 | 17 | #include "helper/forward.h" |
928f3421 | 18 | #include "rfc2617.h" |
aa839030 | 19 | |
aa110616 AJ |
20 | namespace Auth |
21 | { | |
22 | namespace Digest | |
23 | { | |
24 | class User; | |
25 | } | |
26 | } | |
62e76326 | 27 | |
aa110616 | 28 | /* Generic */ |
2d70df72 | 29 | typedef struct _digest_nonce_data digest_nonce_data; |
2d70df72 | 30 | typedef struct _digest_nonce_h digest_nonce_h; |
31 | ||
b20ce974 | 32 | /* data to be encoded into the nonce's hex representation */ |
26ac0430 | 33 | struct _digest_nonce_data { |
2d70df72 | 34 | time_t creationtime; |
42df4209 | 35 | uint32_t randomdata; |
2d70df72 | 36 | }; |
37 | ||
38 | /* the nonce structure we'll pass around */ | |
62e76326 | 39 | |
26ac0430 | 40 | struct _digest_nonce_h : public hash_link { |
2d70df72 | 41 | digest_nonce_data noncedata; |
42 | /* number of uses we've seen of this nonce */ | |
e6ccf245 | 43 | unsigned long nc; |
2d70df72 | 44 | /* reference count */ |
aba0474c | 45 | uint64_t references; |
2d70df72 | 46 | /* the auth_user this nonce has been tied to */ |
aa110616 | 47 | Auth::Digest::User *user; |
2d70df72 | 48 | /* has this nonce been invalidated ? */ |
62e76326 | 49 | |
26ac0430 | 50 | struct { |
3dd52a0b FC |
51 | bool valid; |
52 | bool incache; | |
3d0ac046 | 53 | } flags; |
2d70df72 | 54 | }; |
55 | ||
8a648e8d FC |
56 | void authDigestNonceUnlink(digest_nonce_h * nonce); |
57 | int authDigestNonceIsValid(digest_nonce_h * nonce, char nc[9]); | |
572d2e31 | 58 | int authDigestNonceIsStale(digest_nonce_h * nonce); |
b20ce974 | 59 | const char *authenticateDigestNonceNonceHex(const digest_nonce_h * nonce); |
8a648e8d FC |
60 | int authDigestNonceLastRequest(digest_nonce_h * nonce); |
61 | void authenticateDigestNonceShutdown(void); | |
62 | void authDigestNoncePurge(digest_nonce_h * nonce); | |
572d2e31 HN |
63 | void authDigestUserLinkNonce(Auth::Digest::User * user, digest_nonce_h * nonce); |
64 | digest_nonce_h *authenticateDigestNonceNew(void); | |
928f3421 | 65 | |
bb8909c3 A |
66 | namespace Auth |
67 | { | |
68 | namespace Digest | |
69 | { | |
62e76326 | 70 | |
372fccd6 | 71 | /** Digest Authentication configuration data */ |
dc79fed8 | 72 | class Config : public Auth::SchemeConfig |
62e76326 | 73 | { |
f5691f9c | 74 | public: |
372fccd6 | 75 | Config(); |
f5691f9c | 76 | virtual bool active() const; |
77 | virtual bool configured() const; | |
7e851a3e | 78 | virtual Auth::UserRequest::Pointer decode(char const *proxy_auth, const HttpRequest *request, const char *requestRealm); |
f5691f9c | 79 | virtual void done(); |
0bcb6908 | 80 | virtual void rotateHelpers(); |
dc79fed8 | 81 | virtual bool dump(StoreEntry *, const char *, Auth::SchemeConfig *) const; |
789217a2 | 82 | virtual void fixHeader(Auth::UserRequest::Pointer, HttpReply *, Http::HdrType, HttpRequest *); |
dc79fed8 AJ |
83 | virtual void init(Auth::SchemeConfig *); |
84 | virtual void parse(Auth::SchemeConfig *, int, char *); | |
15fab853 | 85 | virtual void registerWithCacheManager(void); |
f5691f9c | 86 | virtual const char * type() const; |
9f3d2b2e AJ |
87 | |
88 | public: | |
2d70df72 | 89 | time_t nonceGCInterval; |
90 | time_t noncemaxduration; | |
e6ccf245 | 91 | unsigned int noncemaxuses; |
d205783b | 92 | int NonceStrictness; |
f5292c64 | 93 | int CheckNonceCount; |
94 | int PostWorkaround; | |
2d70df72 | 95 | }; |
96 | ||
372fccd6 AJ |
97 | } // namespace Digest |
98 | } // namespace Auth | |
2d70df72 | 99 | |
100 | /* strings */ | |
101 | #define QOP_AUTH "auth" | |
102 | ||
928f3421 AJ |
103 | extern helper *digestauthenticators; |
104 | ||
a0026a6c | 105 | #endif /* HAVE_AUTH_MODULE_DIGEST */ |
2d70df72 | 106 | #endif |
f53969cc | 107 |