[thirdparty/squid.git] / src / auth / Gadgets.cc

/*
 * $Id$
 *
 * DEBUG: section 29    Authenticator
 * AUTHOR:  Robert Collins
 *
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 */

/* The functions in this file handle authentication.
 * They DO NOT perform access control or auditing.
 * See acl.c for access control and client_side.c for auditing */

#include "squid-old.h"
#include "acl/Acl.h"
#include "acl/FilledChecklist.h"
#include "client_side.h"
#include "auth/Config.h"
#include "auth/Scheme.h"
#include "auth/Gadgets.h"
#include "auth/User.h"
#include "auth/UserRequest.h"
#include "auth/AclProxyAuth.h"
#include "HttpReply.h"
#include "HttpRequest.h"

/**** PUBLIC FUNCTIONS (ALL GENERIC!)  ****/

int
authenticateActiveSchemeCount(void)
{
    int rv = 0;

    for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
        if ((*i)->configured())
            ++rv;

    debugs(29, 9, HERE << rv << " active.");

    return rv;
}

int
authenticateSchemeCount(void)
{
    int rv = Auth::Scheme::GetSchemes().size();

    debugs(29, 9, HERE << rv << " active.");

    return rv;
}

static void
authenticateRegisterWithCacheManager(Auth::ConfigVector * config)
{
    for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) {
        Auth::Config *scheme = *i;
        scheme->registerWithCacheManager();
    }
}

void
authenticateInit(Auth::ConfigVector * config)
{
    /* Do this first to clear memory and remove dead state on a reconfigure */
    if (proxy_auth_username_cache)
        Auth::User::CachedACLsReset();

    /* If we do not have any auth config state to create stop now. */
    if (!config)
        return;

    for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) {
        Auth::Config *schemeCfg = *i;

        if (schemeCfg->configured())
            schemeCfg->init(schemeCfg);
    }

    if (!proxy_auth_username_cache)
        Auth::User::cacheInit();

    authenticateRegisterWithCacheManager(config);
}

void
authenticateRotate(void)
{
    for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
        if ((*i)->configured())
            (*i)->rotateHelpers();
}

void
authenticateReset(void)
{
    debugs(29, 2, HERE << "Reset authentication State.");

    /* free all username cache entries */
    hash_first(proxy_auth_username_cache);
    AuthUserHashPointer *usernamehash;
    while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
        debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username());
        hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash);
        delete usernamehash;
    }

    /* schedule shutdown of the helpers */
    authenticateRotate();

    /* free current global config details too. */
    Auth::TheConfig.clean();
}

AuthUserHashPointer::AuthUserHashPointer(Auth::User::Pointer anAuth_user):
        auth_user(anAuth_user)
{
    key = (void *)anAuth_user->username();
    next = NULL;
    hash_join(proxy_auth_username_cache, (hash_link *) this);
}

Auth::User::Pointer
AuthUserHashPointer::user() const
{
    return auth_user;
}
Commit	Line	Data
1d620765	1	/*
262a0e14	2	* $Id$
1d620765	3	*
1d620765	4	* DEBUG: section 29 Authenticator
e6ccf245	5	* AUTHOR: Robert Collins
1d620765	6	*
2b6662ba	7	* SQUID Web Proxy Cache http://www.squid-cache.org/
1d620765	8	* ----------------------------------------------------------
1d620765	9	*
2b6662ba	10	* Squid is the result of efforts by numerous individuals from
	11	* the Internet community; see the CONTRIBUTORS file for full
	12	* details. Many organizations have provided support for Squid's
	13	* development; see the SPONSORS file for full details. Squid is
	14	* Copyrighted (C) 2001 by the Regents of the University of
	15	* California; see the COPYRIGHT file for full details. Squid
	16	* incorporates software developed and/or copyrighted by other
	17	* sources; see the CREDITS file for full details.
1d620765	18	*
	19	* This program is free software; you can redistribute it and/or modify
	20	* it under the terms of the GNU General Public License as published by
	21	* the Free Software Foundation; either version 2 of the License, or
	22	* (at your option) any later version.
26ac0430	23	*
1d620765	24	* This program is distributed in the hope that it will be useful,
	25	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	26	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	27	* GNU General Public License for more details.
26ac0430	28	*
1d620765	29	* You should have received a copy of the GNU General Public License
	30	* along with this program; if not, write to the Free Software
	31	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	32	*
	33	*/
	34
94439e4e	35	/* The functions in this file handle authentication.
	36	* They DO NOT perform access control or auditing.
	37	* See acl.c for access control and client_side.c for auditing */
1d620765	38
f7f3304a	39	#include "squid-old.h"
3ad63615 AR	40	#include "acl/Acl.h"
3ad63615 AR	41	#include "acl/FilledChecklist.h"
a46d2c0e	42	#include "client_side.h"
2d2b0bb7 AR	43	#include "auth/Config.h"
2d2b0bb7 AR	44	#include "auth/Scheme.h"
3ad63615	45	#include "auth/Gadgets.h"
2d2b0bb7	46	#include "auth/User.h"
3ad63615 AR	47	#include "auth/UserRequest.h"
3ad63615 AR	48	#include "auth/AclProxyAuth.h"
924f73bc	49	#include "HttpReply.h"
a2ac85d9	50	#include "HttpRequest.h"
1d620765	51
94439e4e	52	/** PUBLIC FUNCTIONS (ALL GENERIC!) **/
1d620765	53
94439e4e	54	int
2d72d4fd	55	authenticateActiveSchemeCount(void)
94439e4e	56	{
f5691f9c	57	int rv = 0;
62e76326	58
9f3d2b2e	59	for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
f5691f9c	60	if ((*i)->configured())
f5691f9c	61	++rv;
62e76326	62
427cb33a	63	debugs(29, 9, HERE << rv << " active.");
62e76326	64
94439e4e	65	return rv;
	66	}
	67
	68	int
2d72d4fd	69	authenticateSchemeCount(void)
94439e4e	70	{
c6cf8dee	71	int rv = Auth::Scheme::GetSchemes().size();
62e76326	72
427cb33a	73	debugs(29, 9, HERE << rv << " active.");
62e76326	74
94439e4e	75	return rv;
	76	}
	77
5acc9f37	78	static void
9f3d2b2e	79	authenticateRegisterWithCacheManager(Auth::ConfigVector * config)
5acc9f37	80	{
9f3d2b2e AJ	81	for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) {
9f3d2b2e AJ	82	Auth::Config scheme = i;
5acc9f37 FC	83	scheme->registerWithCacheManager();
	84	}
	85	}
	86
94439e4e	87	void
9f3d2b2e	88	authenticateInit(Auth::ConfigVector * config)
94439e4e	89	{
427cb33a AJ	90	/* Do this first to clear memory and remove dead state on a reconfigure */
427cb33a AJ	91	if (proxy_auth_username_cache)
d87154ee	92	Auth::User::CachedACLsReset();
427cb33a AJ	93
427cb33a AJ	94	/* If we do not have any auth config state to create stop now. */
5817ee13 AJ	95	if (!config)
	96	return;
	97
9f3d2b2e AJ	98	for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) {
9f3d2b2e AJ	99	Auth::Config schemeCfg = i;
62e76326	100
5817ee13 AJ	101	if (schemeCfg->configured())
5817ee13 AJ	102	schemeCfg->init(schemeCfg);
1d620765	103	}
62e76326	104
94439e4e	105	if (!proxy_auth_username_cache)
d87154ee	106	Auth::User::cacheInit();
6fdc2d18	107
5817ee13	108	authenticateRegisterWithCacheManager(config);
c623f072	109	}
c623f072	110
1d620765	111	void
0bcb6908	112	authenticateRotate(void)
1d620765	113	{
9f3d2b2e	114	for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
0bcb6908 AJ	115	if ((*i)->configured())
	116	(*i)->rotateHelpers();
	117	}
	118
	119	void
	120	authenticateReset(void)
	121	{
	122	debugs(29, 2, HERE << "Reset authentication State.");
	123
	124	/* free all username cache entries */
	125	hash_first(proxy_auth_username_cache);
	126	AuthUserHashPointer *usernamehash;
	127	while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
	128	debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username());
	129	hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash);
	130	delete usernamehash;
94439e4e	131	}
0bcb6908 AJ	132
	133	/* schedule shutdown of the helpers */
	134	authenticateRotate();
	135
	136	/* free current global config details too. */
	137	Auth::TheConfig.clean();
e6ccf245	138	}
e6ccf245	139
d87154ee	140	AuthUserHashPointer::AuthUserHashPointer(Auth::User::Pointer anAuth_user):
e1f7507e	141	auth_user(anAuth_user)
e6ccf245	142	{
4a8b20e8	143	key = (void *)anAuth_user->username();
4a8b20e8	144	next = NULL;
e6ccf245	145	hash_join(proxy_auth_username_cache, (hash_link *) this);
94439e4e	146	}
e6ccf245	147
d87154ee	148	Auth::User::Pointer
e6ccf245	149	AuthUserHashPointer::user() const
	150	{
	151	return auth_user;
	152	}