[thirdparty/squid.git] / src / auth / digest / auth_digest.h

/*
 * auth_digest.h
 * Internal declarations for the digest auth module
 */

#ifndef __AUTH_DIGEST_H__
#define __AUTH_DIGEST_H__
#include "rfc2617.h"
#include "authenticate.h"
#include "AuthUser.h"
#include "AuthUserRequest.h"
#include "AuthConfig.h"
#include "helper.h"

/* Generic */

class DigestAuthenticateStateData
{

public:
    void *data;
    AuthUserRequest *auth_user_request;
    RH *handler;
};

typedef struct _digest_nonce_data digest_nonce_data;

typedef struct _digest_nonce_h digest_nonce_h;

class DigestUser : public AuthUser
{

public:
    MEMPROXY_CLASS(DigestUser);

    DigestUser(AuthConfig *);
    ~DigestUser();
    int authenticated() const;
    HASH HA1;
    int HA1created;

    /* what nonces have been allocated to this user */
    dlink_list nonces;

};

MEMPROXY_CLASS_INLINE(DigestUser);

typedef class DigestUser digest_user_h;

/* the digest_request structure is what follows the http_request around */

class AuthDigestUserRequest : public AuthUserRequest
{

public:
    enum CredentialsState {Unchecked, Ok, Pending, Failed};
    MEMPROXY_CLASS(AuthDigestUserRequest);

    AuthDigestUserRequest();
    virtual ~AuthDigestUserRequest();

    virtual int authenticated() const;
    virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type);
    virtual int module_direction();
    virtual void addHeader(HttpReply * rep, int accel);
#if WAITING_FOR_TE

    virtual void addTrailer(HttpReply * rep, int accel);
#endif

    virtual void module_start(RH *, void *);
    virtual AuthUser *user() {return _theUser;}

    virtual const AuthUser *user() const {return _theUser;}

    virtual void user(AuthUser *aUser) {_theUser=dynamic_cast<DigestUser *>(aUser);}

    CredentialsState credentials() const;
    void credentials(CredentialsState);

    void authUser(AuthUser *);
    AuthUser *authUser() const;

    char *nonceb64;		/* "dcd98b7102dd2f0e8b11d0f600bfb0c093" */
    char *cnonce;		/* "0a4f113b" */
    char *realm;		/* = "testrealm@host.com" */
    char *pszPass;		/* = "Circle Of Life" */
    char *algorithm;		/* = "md5" */
    char nc[9];			/* = "00000001" */
    char *pszMethod;		/* = "GET" */
    char *qop;			/* = "auth" */
    char *uri;			/* = "/dir/index.html" */
    char *response;

    struct {
        unsigned int authinfo_sent:1;
        unsigned int invalid_password:1;
        unsigned int helper_queried:1;
    } flags;
    digest_nonce_h *nonce;

private:
    DigestUser *_theUser;
    CredentialsState credentials_ok;
};

MEMPROXY_CLASS_INLINE(AuthDigestUserRequest)		/**DOCS_NOSEMI*/

/* data to be encoded into the nonce's b64 representation */

struct _digest_nonce_data {
    time_t creationtime;
    /* in memory address of the nonce struct (similar purpose to an ETag) */
    digest_nonce_h *self;
    long randomdata;
};

/* the nonce structure we'll pass around */

struct _digest_nonce_h : public hash_link {
    digest_nonce_data noncedata;
    /* number of uses we've seen of this nonce */
    unsigned long nc;
    /* reference count */
    short references;
    /* the auth_user this nonce has been tied to */
    DigestUser *user;
    /* has this nonce been invalidated ? */

    struct {
        unsigned int valid:1;
        unsigned int incache:1;
    } flags;
};

/* configuration runtime data */

class AuthDigestConfig : public AuthConfig
{

public:
    AuthDigestConfig();
    virtual bool active() const;
    virtual bool configured() const;
    virtual AuthUserRequest *decode(char const *proxy_auth);
    virtual void done();
    virtual void dump(StoreEntry *, const char *, AuthConfig *);
    virtual void fixHeader(AuthUserRequest *, HttpReply *, http_hdr_type, HttpRequest *);
    virtual void init(AuthConfig *);
    virtual void parse(AuthConfig *, int, char *);
    virtual void registerWithCacheManager(void);
    virtual const char * type() const;
    int authenticateChildren;
    char *digestAuthRealm;
    wordlist *authenticate;
    time_t nonceGCInterval;
    time_t noncemaxduration;
    unsigned int noncemaxuses;
    int NonceStrictness;
    int CheckNonceCount;
    int PostWorkaround;
    int utf8;
};

typedef class AuthDigestConfig auth_digest_config;

/* strings */
#define QOP_AUTH "auth"

#endif
Commit	Line	Data
2d70df72	1	/*
	2	* auth_digest.h
	3	* Internal declarations for the digest auth module
	4	*/
	5
	6	#ifndef __AUTH_DIGEST_H__
	7	#define __AUTH_DIGEST_H__
	8	#include "rfc2617.h"
82b045dc	9	#include "authenticate.h"
f5691f9c	10	#include "AuthUser.h"
	11	#include "AuthUserRequest.h"
	12	#include "AuthConfig.h"
aa839030	13	#include "helper.h"
aa839030	14
2d70df72	15	/* Generic */
62e76326	16
	17	class DigestAuthenticateStateData
	18	{
	19
e6ccf245	20	public:
2d70df72	21	void *data;
76f142cd	22	AuthUserRequest *auth_user_request;
2d70df72	23	RH *handler;
e6ccf245	24	};
2d70df72	25
2d70df72	26	typedef struct _digest_nonce_data digest_nonce_data;
	27
	28	typedef struct _digest_nonce_h digest_nonce_h;
	29
f5691f9c	30	class DigestUser : public AuthUser
62e76326	31	{
82b045dc	32
82b045dc	33	public:
b001e822	34	MEMPROXY_CLASS(DigestUser);
82b045dc	35
f5691f9c	36	DigestUser(AuthConfig *);
f5691f9c	37	~DigestUser();
82b045dc	38	int authenticated() const;
2d70df72	39	HASH HA1;
2d70df72	40	int HA1created;
62e76326	41
2d70df72	42	/* what nonces have been allocated to this user */
2d70df72	43	dlink_list nonces;
82b045dc	44
2d70df72	45	};
2d70df72	46
e1f7507e	47	MEMPROXY_CLASS_INLINE(DigestUser);
b001e822	48
f5691f9c	49	typedef class DigestUser digest_user_h;
f5691f9c	50
2d70df72	51	/* the digest_request structure is what follows the http_request around */
62e76326	52
f5691f9c	53	class AuthDigestUserRequest : public AuthUserRequest
62e76326	54	{
82b045dc	55
	56	public:
	57	enum CredentialsState {Unchecked, Ok, Pending, Failed};
b001e822	58	MEMPROXY_CLASS(AuthDigestUserRequest);
82b045dc	59
f5691f9c	60	AuthDigestUserRequest();
f5691f9c	61	virtual ~AuthDigestUserRequest();
82b045dc	62
f5691f9c	63	virtual int authenticated() const;
486bf0fb	64	virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type);
f5691f9c	65	virtual int module_direction();
82b045dc	66	virtual void addHeader(HttpReply * rep, int accel);
f5691f9c	67	#if WAITING_FOR_TE
	68
	69	virtual void addTrailer(HttpReply * rep, int accel);
	70	#endif
	71
	72	virtual void module_start(RH , void );
	73	virtual AuthUser *user() {return _theUser;}
	74
	75	virtual const AuthUser *user() const {return _theUser;}
	76
e1f7507e	77	virtual void user(AuthUser aUser) {_theUser=dynamic_cast<DigestUser >(aUser);}
82b045dc	78
	79	CredentialsState credentials() const;
	80	void credentials(CredentialsState);
	81
e1f7507e AJ	82	void authUser(AuthUser *);
e1f7507e AJ	83	AuthUser *authUser() const;
82b045dc	84
6437ac71	85	char nonceb64; / "dcd98b7102dd2f0e8b11d0f600bfb0c093" */
	86	char cnonce; / "0a4f113b" */
	87	char realm; / = "testrealm@host.com" */
	88	char pszPass; / = "Circle Of Life" */
	89	char algorithm; / = "md5" */
	90	char nc[9]; /* = "00000001" */
	91	char pszMethod; / = "GET" */
	92	char qop; / = "auth" */
	93	char uri; / = "/dir/index.html" */
2d70df72	94	char *response;
62e76326	95
26ac0430	96	struct {
3d0ac046	97	unsigned int authinfo_sent:1;
26ac0430	98	unsigned int invalid_password:1;
3d0ac046 HN	99	unsigned int helper_queried:1;
3d0ac046 HN	100	} flags;
2d70df72	101	digest_nonce_h *nonce;
82b045dc	102
82b045dc	103	private:
f5691f9c	104	DigestUser *_theUser;
82b045dc	105	CredentialsState credentials_ok;
2d70df72	106	};
2d70df72	107
63be0a78	108	MEMPROXY_CLASS_INLINE(AuthDigestUserRequest) /*DOCS_NOSEMI/
b001e822	109
2d70df72	110	/* data to be encoded into the nonce's b64 representation */
62e76326	111
26ac0430	112	struct _digest_nonce_data {
2d70df72	113	time_t creationtime;
	114	/* in memory address of the nonce struct (similar purpose to an ETag) */
	115	digest_nonce_h *self;
	116	long randomdata;
	117	};
	118
	119	/* the nonce structure we'll pass around */
62e76326	120
26ac0430	121	struct _digest_nonce_h : public hash_link {
2d70df72	122	digest_nonce_data noncedata;
2d70df72	123	/* number of uses we've seen of this nonce */
e6ccf245	124	unsigned long nc;
2d70df72	125	/* reference count */
	126	short references;
	127	/* the auth_user this nonce has been tied to */
f5691f9c	128	DigestUser *user;
2d70df72	129	/* has this nonce been invalidated ? */
62e76326	130
26ac0430	131	struct {
3d0ac046 HN	132	unsigned int valid:1;
	133	unsigned int incache:1;
	134	} flags;
2d70df72	135	};
	136
	137	/* configuration runtime data */
62e76326	138
f5691f9c	139	class AuthDigestConfig : public AuthConfig
62e76326	140	{
f5691f9c	141
f5691f9c	142	public:
5c926411	143	AuthDigestConfig();
f5691f9c	144	virtual bool active() const;
	145	virtual bool configured() const;
	146	virtual AuthUserRequest decode(char const proxy_auth);
	147	virtual void done();
	148	virtual void dump(StoreEntry , const char , AuthConfig *);
76f142cd	149	virtual void fixHeader(AuthUserRequest , HttpReply , http_hdr_type, HttpRequest *);
f5691f9c	150	virtual void init(AuthConfig *);
f5691f9c	151	virtual void parse(AuthConfig , int, char );
15fab853	152	virtual void registerWithCacheManager(void);
f5691f9c	153	virtual const char * type() const;
2d70df72	154	int authenticateChildren;
	155	char *digestAuthRealm;
	156	wordlist *authenticate;
	157	time_t nonceGCInterval;
	158	time_t noncemaxduration;
e6ccf245	159	unsigned int noncemaxuses;
d205783b	160	int NonceStrictness;
f5292c64	161	int CheckNonceCount;
f5292c64	162	int PostWorkaround;
f741d2f6	163	int utf8;
2d70df72	164	};
2d70df72	165
f5691f9c	166	typedef class AuthDigestConfig auth_digest_config;
2d70df72	167
	168	/* strings */
	169	#define QOP_AUTH "auth"
	170
	171	#endif