]>
Commit | Line | Data |
---|---|---|
1d620765 | 1 | /* |
262a0e14 | 2 | * $Id$ |
1d620765 | 3 | * |
4 | * DEBUG: section 29 Authenticator | |
e6ccf245 | 5 | * AUTHOR: Robert Collins |
1d620765 | 6 | * |
2b6662ba | 7 | * SQUID Web Proxy Cache http://www.squid-cache.org/ |
1d620765 | 8 | * ---------------------------------------------------------- |
9 | * | |
2b6662ba | 10 | * Squid is the result of efforts by numerous individuals from |
11 | * the Internet community; see the CONTRIBUTORS file for full | |
12 | * details. Many organizations have provided support for Squid's | |
13 | * development; see the SPONSORS file for full details. Squid is | |
14 | * Copyrighted (C) 2001 by the Regents of the University of | |
15 | * California; see the COPYRIGHT file for full details. Squid | |
16 | * incorporates software developed and/or copyrighted by other | |
17 | * sources; see the CREDITS file for full details. | |
1d620765 | 18 | * |
19 | * This program is free software; you can redistribute it and/or modify | |
20 | * it under the terms of the GNU General Public License as published by | |
21 | * the Free Software Foundation; either version 2 of the License, or | |
22 | * (at your option) any later version. | |
26ac0430 | 23 | * |
1d620765 | 24 | * This program is distributed in the hope that it will be useful, |
25 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
26 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
27 | * GNU General Public License for more details. | |
26ac0430 | 28 | * |
1d620765 | 29 | * You should have received a copy of the GNU General Public License |
30 | * along with this program; if not, write to the Free Software | |
31 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
32 | * | |
33 | */ | |
34 | ||
94439e4e | 35 | /* The functions in this file handle authentication. |
36 | * They DO NOT perform access control or auditing. | |
37 | * See acl.c for access control and client_side.c for auditing */ | |
1d620765 | 38 | |
94439e4e | 39 | #include "squid.h" |
3ad63615 AR |
40 | #include "acl/Acl.h" |
41 | #include "acl/FilledChecklist.h" | |
a46d2c0e | 42 | #include "client_side.h" |
2d2b0bb7 AR |
43 | #include "auth/Config.h" |
44 | #include "auth/Scheme.h" | |
3ad63615 | 45 | #include "auth/Gadgets.h" |
2d2b0bb7 | 46 | #include "auth/User.h" |
3ad63615 AR |
47 | #include "auth/UserRequest.h" |
48 | #include "auth/AclProxyAuth.h" | |
924f73bc | 49 | #include "HttpReply.h" |
a2ac85d9 | 50 | #include "HttpRequest.h" |
1d620765 | 51 | |
94439e4e | 52 | /**** PUBLIC FUNCTIONS (ALL GENERIC!) ****/ |
1d620765 | 53 | |
94439e4e | 54 | int |
2d72d4fd | 55 | authenticateActiveSchemeCount(void) |
94439e4e | 56 | { |
f5691f9c | 57 | int rv = 0; |
62e76326 | 58 | |
5817ee13 | 59 | for (Auth::authConfig::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i) |
f5691f9c | 60 | if ((*i)->configured()) |
61 | ++rv; | |
62e76326 | 62 | |
427cb33a | 63 | debugs(29, 9, HERE << rv << " active."); |
62e76326 | 64 | |
94439e4e | 65 | return rv; |
66 | } | |
67 | ||
68 | int | |
2d72d4fd | 69 | authenticateSchemeCount(void) |
94439e4e | 70 | { |
5817ee13 | 71 | int rv = AuthScheme::GetSchemes().size(); |
62e76326 | 72 | |
427cb33a | 73 | debugs(29, 9, HERE << rv << " active."); |
62e76326 | 74 | |
94439e4e | 75 | return rv; |
76 | } | |
77 | ||
5acc9f37 | 78 | static void |
5817ee13 | 79 | authenticateRegisterWithCacheManager(Auth::authConfig * config) |
5acc9f37 | 80 | { |
5817ee13 | 81 | for (Auth::authConfig::iterator i = config->begin(); i != config->end(); ++i) { |
5acc9f37 FC |
82 | AuthConfig *scheme = *i; |
83 | scheme->registerWithCacheManager(); | |
84 | } | |
85 | } | |
86 | ||
94439e4e | 87 | void |
5817ee13 | 88 | authenticateInit(Auth::authConfig * config) |
94439e4e | 89 | { |
427cb33a AJ |
90 | /* Do this first to clear memory and remove dead state on a reconfigure */ |
91 | if (proxy_auth_username_cache) | |
92 | AuthUser::CachedACLsReset(); | |
93 | ||
94 | /* If we do not have any auth config state to create stop now. */ | |
5817ee13 AJ |
95 | if (!config) |
96 | return; | |
97 | ||
98 | for (Auth::authConfig::iterator i = config->begin(); i != config->end(); ++i) { | |
99 | AuthConfig *schemeCfg = *i; | |
62e76326 | 100 | |
5817ee13 AJ |
101 | if (schemeCfg->configured()) |
102 | schemeCfg->init(schemeCfg); | |
1d620765 | 103 | } |
62e76326 | 104 | |
94439e4e | 105 | if (!proxy_auth_username_cache) |
62e76326 | 106 | AuthUser::cacheInit(); |
6fdc2d18 | 107 | |
5817ee13 | 108 | authenticateRegisterWithCacheManager(config); |
c623f072 | 109 | } |
110 | ||
1d620765 | 111 | void |
0bcb6908 | 112 | authenticateRotate(void) |
1d620765 | 113 | { |
0bcb6908 AJ |
114 | for (Auth::authConfig::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i) |
115 | if ((*i)->configured()) | |
116 | (*i)->rotateHelpers(); | |
117 | } | |
118 | ||
119 | void | |
120 | authenticateReset(void) | |
121 | { | |
122 | debugs(29, 2, HERE << "Reset authentication State."); | |
123 | ||
124 | /* free all username cache entries */ | |
125 | hash_first(proxy_auth_username_cache); | |
126 | AuthUserHashPointer *usernamehash; | |
127 | while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) { | |
128 | debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username()); | |
129 | hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash); | |
130 | delete usernamehash; | |
94439e4e | 131 | } |
0bcb6908 AJ |
132 | |
133 | /* schedule shutdown of the helpers */ | |
134 | authenticateRotate(); | |
135 | ||
136 | /* free current global config details too. */ | |
137 | Auth::TheConfig.clean(); | |
e6ccf245 | 138 | } |
139 | ||
56a49fda | 140 | AuthUserHashPointer::AuthUserHashPointer(AuthUser::Pointer anAuth_user): |
e1f7507e | 141 | auth_user(anAuth_user) |
e6ccf245 | 142 | { |
4a8b20e8 | 143 | key = (void *)anAuth_user->username(); |
144 | next = NULL; | |
e6ccf245 | 145 | hash_join(proxy_auth_username_cache, (hash_link *) this); |
94439e4e | 146 | } |
e6ccf245 | 147 | |
56a49fda | 148 | AuthUser::Pointer |
e6ccf245 | 149 | AuthUserHashPointer::user() const |
150 | { | |
151 | return auth_user; | |
152 | } |