src/auth/User.h

   1 /*
   2  *
   3  * SQUID Web Proxy Cache          http://www.squid-cache.org/
   4  * ----------------------------------------------------------
   5  *
   6  *  Squid is the result of efforts by numerous individuals from
   7  *  the Internet community; see the CONTRIBUTORS file for full
   8  *  details.   Many organizations have provided support for Squid's
   9  *  development; see the SPONSORS file for full details.  Squid is
  10  *  Copyrighted (C) 2001 by the Regents of the University of
  11  *  California; see the COPYRIGHT file for full details.  Squid
  12  *  incorporates software developed and/or copyrighted by other
  13  *  sources; see the CREDITS file for full details.
  14  *
  15  *  This program is free software; you can redistribute it and/or modify
  16  *  it under the terms of the GNU General Public License as published by
  17  *  the Free Software Foundation; either version 2 of the License, or
  18  *  (at your option) any later version.
  19  *
  20  *  This program is distributed in the hope that it will be useful,
  21  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  22  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  23  *  GNU General Public License for more details.
  24  *
  25  *  You should have received a copy of the GNU General Public License
  26  *  along with this program; if not, write to the Free Software
  27  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
  28  *
  29  * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
  30  */
  31
  32 #ifndef SQUID_AUTH_USER_H
  33 #define SQUID_AUTH_USER_H
  34
  35 #if USE_AUTH
  36
  37 #include "auth/CredentialState.h"
  38 #include "auth/Type.h"
  39 #include "dlink.h"
  40 #include "ip/Address.h"
  41 #include "RefCount.h"
  42
  43 class AuthUserHashPointer;
  44 class StoreEntry;
  45
  46 namespace Auth
  47 {
  48
  49 class Config;
  50
  51 /**
  52  *  \ingroup AuthAPI
  53  * This is the main user related structure. It stores user-related data,
  54  * and is persistent across requests. It can even persist across
  55  * multiple external authentications. One major benefit of preserving this
  56  * structure is the cached ACL match results. This structure, is private to
  57  * the authentication framework.
  58  */
  59 class User : public RefCountable
  60 {
  61 public:
  62     typedef RefCount<User> Pointer;
  63
  64     /* extra fields for proxy_auth */
  65     /* auth_type and auth_module are deprecated. Do Not add new users of these fields.
  66      * Aim to remove shortly
  67      */
  68     /** \deprecated this determines what scheme owns the user data. */
  69     Auth::Type auth_type;
  70     /** the config for this user */
  71     Auth::Config *config;
  72     /** we may have many proxy-authenticate strings that decode to the same user */
  73     dlink_list proxy_auth_list;
  74     dlink_list proxy_match_cache;
  75     size_t ipcount;
  76     long expiretime;
  77
  78 public:
  79     static void cacheInit();
  80     static void CachedACLsReset();
  81
  82     void absorb(Auth::User::Pointer from);
  83     virtual ~User();
  84     _SQUID_INLINE_ char const *username() const;
  85     _SQUID_INLINE_ void username(char const *);
  86
  87     /**
  88      * How long these credentials are still valid for.
  89      * Negative numbers means already expired.
  90      */
  91     virtual int32_t ttl() const = 0;
  92
  93     /* Manage list of IPs using this username */
  94     void clearIp();
  95     void removeIp(Ip::Address);
  96     void addIp(Ip::Address);
  97
  98     void addToNameCache();
  99     static void UsernameCacheStats(StoreEntry * output);
 100
 101     CredentialState credentials() const;
 102     void credentials(CredentialState);
 103
 104 private:
 105     /**
 106      * The current state these credentials are in:
 107      *   Unchecked
 108      *   Authenticated
 109      *   Pending helper result
 110      *   Handshake happening in stateful auth.
 111      *   Failed auth
 112      */
 113     CredentialState credentials_state;
 114
 115 protected:
 116     User(Auth::Config *);
 117
 118 private:
 119     /**
 120      * Garbage Collection for the username cache.
 121      */
 122     static void cacheCleanup(void *unused);
 123     static time_t last_discard; /// Time of last username cache garbage collection.
 124
 125     /**
 126      * DPW 2007-05-08
 127      * The username_ memory will be allocated via
 128      * xstrdup().  It is our responsibility.
 129      */
 130     const char *username_;
 131
 132     /** what ip addresses has this user been seen at?, plus a list length cache */
 133     dlink_list ip_list;
 134 };
 135
 136 } // namespace Auth
 137
 138 #if _USE_INLINE_
 139 #include "auth/User.cci"
 140 #endif
 141
 142 #endif /* USE_AUTH */
 143 #endif /* SQUID_AUTH_USER_H */