src/auth/digest/Config.h

   1 /*
   2  * Copyright (C) 1996-2019 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef __AUTH_DIGEST_H__
  10 #define __AUTH_DIGEST_H__
  11
  12 #if HAVE_AUTH_MODULE_DIGEST
  13
  14 #include "auth/Gadgets.h"
  15 #include "auth/SchemeConfig.h"
  16 #include "auth/UserRequest.h"
  17 #include "helper/forward.h"
  18 #include "rfc2617.h"
  19
  20 namespace Auth
  21 {
  22 namespace Digest
  23 {
  24 class User;
  25 }
  26 }
  27
  28 /* Generic */
  29 typedef struct _digest_nonce_data digest_nonce_data;
  30 typedef struct _digest_nonce_h digest_nonce_h;
  31
  32 /* data to be encoded into the nonce's b64 representation */
  33 struct _digest_nonce_data {
  34     time_t creationtime;
  35     /* in memory address of the nonce struct (similar purpose to an ETag) */
  36     digest_nonce_h *self;
  37     uint32_t randomdata;
  38 };
  39
  40 /* the nonce structure we'll pass around */
  41
  42 struct _digest_nonce_h : public hash_link {
  43     digest_nonce_data noncedata;
  44     /* number of uses we've seen of this nonce */
  45     unsigned long nc;
  46     /* reference count */
  47     short references;
  48     /* the auth_user this nonce has been tied to */
  49     Auth::Digest::User *user;
  50     /* has this nonce been invalidated ? */
  51
  52     struct {
  53         bool valid;
  54         bool incache;
  55     } flags;
  56 };
  57
  58 void authDigestNonceUnlink(digest_nonce_h * nonce);
  59 int authDigestNonceIsValid(digest_nonce_h * nonce, char nc[9]);
  60 int authDigestNonceIsStale(digest_nonce_h * nonce);
  61 const char *authenticateDigestNonceNonceb64(const digest_nonce_h * nonce);
  62 int authDigestNonceLastRequest(digest_nonce_h * nonce);
  63 void authenticateDigestNonceShutdown(void);
  64 void authDigestNoncePurge(digest_nonce_h * nonce);
  65 void authDigestUserLinkNonce(Auth::Digest::User * user, digest_nonce_h * nonce);
  66 digest_nonce_h *authenticateDigestNonceNew(void);
  67
  68 namespace Auth
  69 {
  70 namespace Digest
  71 {
  72
  73 /** Digest Authentication configuration data */
  74 class Config : public Auth::SchemeConfig
  75 {
  76 public:
  77     Config();
  78     virtual bool active() const;
  79     virtual bool configured() const;
  80     virtual Auth::UserRequest::Pointer decode(char const *proxy_auth, const char *requestRealm);
  81     virtual void done();
  82     virtual void rotateHelpers();
  83     virtual bool dump(StoreEntry *, const char *, Auth::SchemeConfig *) const;
  84     virtual void fixHeader(Auth::UserRequest::Pointer, HttpReply *, Http::HdrType, HttpRequest *);
  85     virtual void init(Auth::SchemeConfig *);
  86     virtual void parse(Auth::SchemeConfig *, int, char *);
  87     virtual void registerWithCacheManager(void);
  88     virtual const char * type() const;
  89
  90 public:
  91     time_t nonceGCInterval;
  92     time_t noncemaxduration;
  93     unsigned int noncemaxuses;
  94     int NonceStrictness;
  95     int CheckNonceCount;
  96     int PostWorkaround;
  97 };
  98
  99 } // namespace Digest
 100 } // namespace Auth
 101
 102 /* strings */
 103 #define QOP_AUTH "auth"
 104
 105 extern helper *digestauthenticators;
 106
 107 #endif /* HAVE_AUTH_MODULE_DIGEST */
 108 #endif
 109