]>
Commit | Line | Data |
---|---|---|
1d620765 | 1 | /* |
bbc27441 | 2 | * Copyright (C) 1996-2014 The Squid Software Foundation and contributors |
1d620765 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
1d620765 | 7 | */ |
8 | ||
bbc27441 AJ |
9 | /* DEBUG: section 29 Authenticator */ |
10 | ||
94439e4e | 11 | /* The functions in this file handle authentication. |
12 | * They DO NOT perform access control or auditing. | |
13 | * See acl.c for access control and client_side.c for auditing */ | |
1d620765 | 14 | |
582c2af2 | 15 | #include "squid.h" |
3ad63615 AR |
16 | #include "acl/Acl.h" |
17 | #include "acl/FilledChecklist.h" | |
602d9612 | 18 | #include "auth/AclProxyAuth.h" |
2d2b0bb7 | 19 | #include "auth/Config.h" |
3ad63615 | 20 | #include "auth/Gadgets.h" |
602d9612 | 21 | #include "auth/Scheme.h" |
2d2b0bb7 | 22 | #include "auth/User.h" |
3ad63615 | 23 | #include "auth/UserRequest.h" |
602d9612 | 24 | #include "client_side.h" |
582c2af2 | 25 | #include "globals.h" |
924f73bc | 26 | #include "HttpReply.h" |
a2ac85d9 | 27 | #include "HttpRequest.h" |
1d620765 | 28 | |
94439e4e | 29 | /**** PUBLIC FUNCTIONS (ALL GENERIC!) ****/ |
1d620765 | 30 | |
94439e4e | 31 | int |
2d72d4fd | 32 | authenticateActiveSchemeCount(void) |
94439e4e | 33 | { |
f5691f9c | 34 | int rv = 0; |
62e76326 | 35 | |
9f3d2b2e | 36 | for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i) |
f5691f9c | 37 | if ((*i)->configured()) |
38 | ++rv; | |
62e76326 | 39 | |
427cb33a | 40 | debugs(29, 9, HERE << rv << " active."); |
62e76326 | 41 | |
94439e4e | 42 | return rv; |
43 | } | |
44 | ||
45 | int | |
2d72d4fd | 46 | authenticateSchemeCount(void) |
94439e4e | 47 | { |
c6cf8dee | 48 | int rv = Auth::Scheme::GetSchemes().size(); |
62e76326 | 49 | |
427cb33a | 50 | debugs(29, 9, HERE << rv << " active."); |
62e76326 | 51 | |
94439e4e | 52 | return rv; |
53 | } | |
54 | ||
5acc9f37 | 55 | static void |
9f3d2b2e | 56 | authenticateRegisterWithCacheManager(Auth::ConfigVector * config) |
5acc9f37 | 57 | { |
9f3d2b2e AJ |
58 | for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) { |
59 | Auth::Config *scheme = *i; | |
5acc9f37 FC |
60 | scheme->registerWithCacheManager(); |
61 | } | |
62 | } | |
63 | ||
94439e4e | 64 | void |
9f3d2b2e | 65 | authenticateInit(Auth::ConfigVector * config) |
94439e4e | 66 | { |
427cb33a AJ |
67 | /* Do this first to clear memory and remove dead state on a reconfigure */ |
68 | if (proxy_auth_username_cache) | |
d87154ee | 69 | Auth::User::CachedACLsReset(); |
427cb33a AJ |
70 | |
71 | /* If we do not have any auth config state to create stop now. */ | |
5817ee13 AJ |
72 | if (!config) |
73 | return; | |
74 | ||
9f3d2b2e AJ |
75 | for (Auth::ConfigVector::iterator i = config->begin(); i != config->end(); ++i) { |
76 | Auth::Config *schemeCfg = *i; | |
62e76326 | 77 | |
5817ee13 AJ |
78 | if (schemeCfg->configured()) |
79 | schemeCfg->init(schemeCfg); | |
1d620765 | 80 | } |
62e76326 | 81 | |
94439e4e | 82 | if (!proxy_auth_username_cache) |
d87154ee | 83 | Auth::User::cacheInit(); |
6fdc2d18 | 84 | |
5817ee13 | 85 | authenticateRegisterWithCacheManager(config); |
c623f072 | 86 | } |
87 | ||
1d620765 | 88 | void |
0bcb6908 | 89 | authenticateRotate(void) |
1d620765 | 90 | { |
9f3d2b2e | 91 | for (Auth::ConfigVector::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i) |
0bcb6908 AJ |
92 | if ((*i)->configured()) |
93 | (*i)->rotateHelpers(); | |
94 | } | |
95 | ||
96 | void | |
97 | authenticateReset(void) | |
98 | { | |
99 | debugs(29, 2, HERE << "Reset authentication State."); | |
100 | ||
101 | /* free all username cache entries */ | |
102 | hash_first(proxy_auth_username_cache); | |
103 | AuthUserHashPointer *usernamehash; | |
104 | while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) { | |
105 | debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username()); | |
106 | hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash); | |
107 | delete usernamehash; | |
94439e4e | 108 | } |
0bcb6908 AJ |
109 | |
110 | /* schedule shutdown of the helpers */ | |
111 | authenticateRotate(); | |
112 | ||
113 | /* free current global config details too. */ | |
c33a88ca | 114 | Auth::TheConfig.clear(); |
e6ccf245 | 115 | } |
116 | ||
d87154ee | 117 | AuthUserHashPointer::AuthUserHashPointer(Auth::User::Pointer anAuth_user): |
f53969cc | 118 | auth_user(anAuth_user) |
e6ccf245 | 119 | { |
d4806c91 | 120 | key = (void *)anAuth_user->userKey(); |
4a8b20e8 | 121 | next = NULL; |
e6ccf245 | 122 | hash_join(proxy_auth_username_cache, (hash_link *) this); |
94439e4e | 123 | } |
e6ccf245 | 124 | |
d87154ee | 125 | Auth::User::Pointer |
e6ccf245 | 126 | AuthUserHashPointer::user() const |
127 | { | |
128 | return auth_user; | |
129 | } | |
f53969cc | 130 |