[thirdparty/squid.git] / src / auth / basic / User.cc

/*
 * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#include "squid.h"
#include "auth/basic/auth_basic.h"
#include "auth/basic/User.h"
#include "Debug.h"
#include "SquidConfig.h"
#include "SquidTime.h"

Auth::Basic::User::User(Auth::Config *aConfig, const char *aRequestRealm) :
        Auth::User(aConfig, aRequestRealm),
        passwd(NULL),
        queue(NULL),
        currentRequest(NULL)
{}

Auth::Basic::User::~User()
{
    safe_free(passwd);
}

int32_t
Auth::Basic::User::ttl() const
{
    if (credentials() != Auth::Ok && credentials() != Auth::Pending)
        return -1; // TTL is obsolete NOW.

    int32_t basic_ttl = expiretime - squid_curtime + static_cast<Auth::Basic::Config*>(config)->credentialsTTL;
    int32_t global_ttl = static_cast<int32_t>(expiretime - squid_curtime + ::Config.authenticateTTL);

    return min(basic_ttl, global_ttl);
}

bool
Auth::Basic::User::authenticated() const
{
    if ((credentials() == Auth::Ok) && (expiretime + static_cast<Auth::Basic::Config*>(config)->credentialsTTL > squid_curtime))
        return true;

    debugs(29, 4, "User not authenticated or credentials need rechecking.");

    return false;
}

bool
Auth::Basic::User::valid() const
{
    if (username() == NULL)
        return false;
    if (passwd == NULL)
        return false;
    return true;
}

void
Auth::Basic::User::updateCached(Auth::Basic::User *from)
{
    debugs(29, 9, HERE << "Found user '" << from->username() << "' already in the user cache as '" << this << "'");

    assert(strcmp(from->username(), username()) == 0);

    if (strcmp(from->passwd, passwd)) {
        debugs(29, 4, HERE << "new password found. Updating in user master record and resetting auth state to unchecked");
        credentials(Auth::Unchecked);
        xfree(passwd);
        passwd = from->passwd;
        from->passwd = NULL;
    }

    if (credentials() == Auth::Failed) {
        debugs(29, 4, HERE << "last attempt to authenticate this user failed, resetting auth state to unchecked");
        credentials(Auth::Unchecked);
    }
}
Commit	Line	Data
bbc27441 AJ	1	/*
	2	* Copyright (C) 1996-2014 The Squid Software Foundation and contributors
	3	*
	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
	7	*/
	8
f7f3304a	9	#include "squid.h"
aa110616 AJ	10	#include "auth/basic/auth_basic.h"
	11	#include "auth/basic/User.h"
	12	#include "Debug.h"
4d5904f7	13	#include "SquidConfig.h"
aa110616 AJ	14	#include "SquidTime.h"
aa110616 AJ	15
d4806c91 CT	16	Auth::Basic::User::User(Auth::Config aConfig, const char aRequestRealm) :
d4806c91 CT	17	Auth::User(aConfig, aRequestRealm),
aa110616	18	passwd(NULL),
bf929433	19	queue(NULL),
de76457e	20	currentRequest(NULL)
aa110616 AJ	21	{}
	22
	23	Auth::Basic::User::~User()
	24	{
	25	safe_free(passwd);
	26	}
	27
	28	int32_t
	29	Auth::Basic::User::ttl() const
	30	{
	31	if (credentials() != Auth::Ok && credentials() != Auth::Pending)
	32	return -1; // TTL is obsolete NOW.
	33
	34	int32_t basic_ttl = expiretime - squid_curtime + static_cast<Auth::Basic::Config*>(config)->credentialsTTL;
	35	int32_t global_ttl = static_cast<int32_t>(expiretime - squid_curtime + ::Config.authenticateTTL);
	36
	37	return min(basic_ttl, global_ttl);
	38	}
	39
	40	bool
	41	Auth::Basic::User::authenticated() const
	42	{
	43	if ((credentials() == Auth::Ok) && (expiretime + static_cast<Auth::Basic::Config*>(config)->credentialsTTL > squid_curtime))
	44	return true;
	45
	46	debugs(29, 4, "User not authenticated or credentials need rechecking.");
	47
	48	return false;
	49	}
	50
	51	bool
	52	Auth::Basic::User::valid() const
	53	{
	54	if (username() == NULL)
	55	return false;
	56	if (passwd == NULL)
	57	return false;
	58	return true;
	59	}
	60
	61	void
	62	Auth::Basic::User::updateCached(Auth::Basic::User *from)
	63	{
	64	debugs(29, 9, HERE << "Found user '" << from->username() << "' already in the user cache as '" << this << "'");
	65
	66	assert(strcmp(from->username(), username()) == 0);
	67
	68	if (strcmp(from->passwd, passwd)) {
	69	debugs(29, 4, HERE << "new password found. Updating in user master record and resetting auth state to unchecked");
	70	credentials(Auth::Unchecked);
	71	xfree(passwd);
	72	passwd = from->passwd;
	73	from->passwd = NULL;
	74	}
	75
	76	if (credentials() == Auth::Failed) {
	77	debugs(29, 4, HERE << "last attempt to authenticate this user failed, resetting auth state to unchecked");
	78	credentials(Auth::Unchecked);
	79	}
	80	}
	81