helpers/basic_auth/MSNT/denyusers.cc

   1 #include "squid.h"
   2
   3 /*
   4  * denyusers.c
   5  * (C) 2000 Antonino Iannella, Stellar-X Pty Ltd
   6  * Released under GPL, see COPYING-2.0 for details.
   7  *
   8  * These routines are to block users attempting to use the proxy which
   9  * have been explicitly denied by the system administrator.
  10  * Routines at the bottom also use the allowed user functions.
  11  */
  12
  13 #include <stdlib.h>
  14 #include <unistd.h>
  15 #include <time.h>
  16 #include <sys/types.h>
  17 #include <sys/param.h>
  18 #include <string.h>
  19 #include "msntauth.h"
  20 #include "usersfile.h"
  21
  22 static usersfile DenyUsers;
  23 static int init = 0;
  24
  25 /* shared */
  26 char Denyuserpath[MAXPATHLEN];  /* MAXPATHLEN defined in param.h */
  27
  28 int
  29 Read_denyusers(void)
  30 {
  31     if (!init) {
  32         memset(&DenyUsers, '\0', sizeof(DenyUsers));
  33         init = 1;
  34     }
  35     if (*Denyuserpath)
  36         return Read_usersfile(Denyuserpath, &DenyUsers);
  37     else
  38         return 0;
  39 }
  40
  41 static void
  42 Check_fordenychange(void)
  43 {
  44     Check_forfilechange(&DenyUsers);
  45 }
  46
  47 /*
  48  * Check to see if the username provided by Squid appears in the denied
  49  * user list. Returns 0 if the user was not found, and 1 if they were.
  50  */
  51
  52 static int
  53 Check_ifuserdenied(char *ConnectingUser)
  54 {
  55     /* If user string is empty, deny */
  56     if (ConnectingUser[0] == '\0')
  57         return 1;
  58
  59     /* If denied user list is empty, allow */
  60     if (DenyUsers.Inuse == 0)
  61         return 0;
  62
  63     return Check_userlist(&DenyUsers, ConnectingUser);
  64 }
  65
  66 /*
  67  * Decides if a user is denied or allowed.
  68  * If they have been denied, or not allowed, return 1.
  69  * Else return 0.
  70  */
  71
  72 int
  73 Check_user(char *ConnectingUser)
  74 {
  75     if (Check_ifuserdenied(ConnectingUser) == 1)
  76         return 1;
  77
  78     if (Check_ifuserallowed(ConnectingUser) == 0)
  79         return 1;
  80
  81     return 0;
  82 }
  83
  84 /*
  85  * Checks the denied and allowed user files for change.
  86  * This function is invoked when a SIGHUP signal is received.
  87  * It is also run after every 60 seconds, at the next request.
  88  */
  89
  90 void
  91 Check_forchange(int signal)
  92 {
  93     Check_fordenychange();
  94     Check_forallowchange();
  95 }
  96
  97 /*
  98  * Checks the timer. If longer than 1 minute has passed since the last
  99  * time someone has accessed the proxy, then check for changes in the
 100  * denied user file. If longer than one minute hasn't passed, return.
 101  */
 102
 103 void
 104 Checktimer()
 105 {
 106     static time_t Lasttime;     /* The last time the timer was checked */
 107     static time_t Currenttime;  /* The current time */
 108
 109     Currenttime = time(NULL);
 110
 111     /* If timeout has expired, check the denied user file, else return */
 112     if (difftime(Currenttime, Lasttime) < 60)
 113         return;
 114     else {
 115         Check_forchange(-1);
 116         Lasttime = Currenttime;
 117     }
 118 }