[thirdparty/squid.git] / src / auth / ntlm / auth_ntlm.cc

/*
 * $Id$
 *
 * DEBUG: section 29    NTLM Authenticator
 * AUTHOR: Robert Collins, Henrik Nordstrom, Francesco Chemolli
 *
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 */

/* The functions in this file handle authentication.
 * They DO NOT perform access control or auditing.
 * See acl.c for access control and client_side.c for auditing */


#include "squid.h"
#include "auth/Gadgets.h"
#include "auth/ntlm/auth_ntlm.h"
#include "auth/ntlm/ntlmScheme.h"
#include "auth/ntlm/ntlmUserRequest.h"
#include "auth/State.h"
#include "mgr/Registration.h"
#include "Store.h"
#include "client_side.h"
#include "HttpReply.h"
#include "HttpRequest.h"
#include "wordlist.h"
#include "SquidTime.h"

/* NTLM Scheme */
static AUTHSSTATS authenticateNTLMStats;

statefulhelper *ntlmauthenticators = NULL;
static int authntlm_initialised = 0;

static hash_table *proxy_auth_cache = NULL;

/*
 *
 * Private Functions
 *
 */

void
AuthNTLMConfig::rotateHelpers()
{
    /* schedule closure of existing helpers */
    if (ntlmauthenticators) {
        helperStatefulShutdown(ntlmauthenticators);
    }

    /* NP: dynamic helper restart will ensure they start up again as needed. */
}

/* free any allocated configuration details */
void
AuthNTLMConfig::done()
{
    authntlm_initialised = 0;

    if (ntlmauthenticators) {
        helperStatefulShutdown(ntlmauthenticators);
    }

    if (!shutting_down)
        return;

    delete ntlmauthenticators;
    ntlmauthenticators = NULL;

    if (authenticate)
        wordlistDestroy(&authenticate);

    debugs(29, 2, "ntlmScheme::done: NTLM authentication Shutdown.");
}

void
AuthNTLMConfig::dump(StoreEntry * entry, const char *name, AuthConfig * scheme)
{
    wordlist *list = authenticate;
    storeAppendPrintf(entry, "%s %s", name, "ntlm");

    while (list != NULL) {
        storeAppendPrintf(entry, " %s", list->key);
        list = list->next;
    }

    storeAppendPrintf(entry, "\n%s ntlm children %d startup=%d idle=%d concurrency=%d\n",
                      name, authenticateChildren.n_max, authenticateChildren.n_startup, authenticateChildren.n_idle, authenticateChildren.concurrency);
    storeAppendPrintf(entry, "%s %s keep_alive %s\n", name, "ntlm", keep_alive ? "on" : "off");

}

AuthNTLMConfig::AuthNTLMConfig() : keep_alive(1)
{ }

void
AuthNTLMConfig::parse(AuthConfig * scheme, int n_configured, char *param_str)
{
    if (strcasecmp(param_str, "program") == 0) {
        if (authenticate)
            wordlistDestroy(&authenticate);

        parse_wordlist(&authenticate);

        requirePathnameExists("auth_param ntlm program", authenticate->key);
    } else if (strcasecmp(param_str, "children") == 0) {
        authenticateChildren.parseConfig();
    } else if (strcasecmp(param_str, "keep_alive") == 0) {
        parse_onoff(&keep_alive);
    } else {
        debugs(29, 0, "AuthNTLMConfig::parse: unrecognised ntlm auth scheme parameter '" << param_str << "'");
    }

    /*
     * disable client side request pipelining. There is a race with
     * NTLM when the client sends a second request on an NTLM
     * connection before the authenticate challenge is sent. With
     * this patch, the client may fail to authenticate, but squid's
     * state will be preserved.  Caveats: this should be a post-parse
     * test, but that can wait for the modular parser to be integrated.
     */
    if (authenticate)
        Config.onoff.pipeline_prefetch = 0;
}

const char *
AuthNTLMConfig::type() const
{
    return ntlmScheme::GetInstance()->type();
}

/* Initialize helpers and the like for this auth scheme. Called AFTER parsing the
 * config file */
void
AuthNTLMConfig::init(AuthConfig * scheme)
{
    if (authenticate) {

        authntlm_initialised = 1;

        if (ntlmauthenticators == NULL)
            ntlmauthenticators = new statefulhelper("ntlmauthenticator");

        if (!proxy_auth_cache)
            proxy_auth_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string);

        assert(proxy_auth_cache);

        ntlmauthenticators->cmdline = authenticate;

        ntlmauthenticators->childs = authenticateChildren;

        ntlmauthenticators->ipc_type = IPC_STREAM;

        helperStatefulOpenServers(ntlmauthenticators);

        CBDATA_INIT_TYPE(authenticateStateData);
    }
}

void
AuthNTLMConfig::registerWithCacheManager(void)
{
    Mgr::RegisterAction("ntlmauthenticator",
                   "NTLM User Authenticator Stats",
                   authenticateNTLMStats, 0, 1);
}

bool
AuthNTLMConfig::active() const
{
    return authntlm_initialised == 1;
}

bool
AuthNTLMConfig::configured() const
{
    if ((authenticate != NULL) && (authenticateChildren.n_max != 0)) {
        debugs(29, 9, "AuthNTLMConfig::configured: returning configured");
        return true;
    }

    debugs(29, 9, "AuthNTLMConfig::configured: returning unconfigured");
    return false;
}

/* NTLM Scheme */

void
AuthNTLMConfig::fixHeader(AuthUserRequest::Pointer auth_user_request, HttpReply *rep, http_hdr_type hdrType, HttpRequest * request)
{
    if (!authenticate)
        return;

    /* Need keep-alive */
    if (!request->flags.proxy_keepalive && request->flags.must_keepalive)
        return;

    /* New request, no user details */
    if (auth_user_request == NULL) {
        debugs(29, 9, "AuthNTLMConfig::fixHeader: Sending type:" << hdrType << " header: 'NTLM'");
        httpHeaderPutStrf(&rep->header, hdrType, "NTLM");

        if (!keep_alive) {
            /* drop the connection */
            request->flags.proxy_keepalive = 0;
        }
    } else {
        AuthNTLMUserRequest *ntlm_request = dynamic_cast<AuthNTLMUserRequest *>(auth_user_request.getRaw());
        assert(ntlm_request != NULL);

        switch (ntlm_request->user()->credentials()) {

        case AuthUser::Failed:
            /* here it makes sense to drop the connection, as auth is
             * tied to it, even if MAYBE the client could handle it - Kinkie */
            request->flags.proxy_keepalive = 0;
            /* fall through */

        case AuthUser::Ok:
            /* Special case: authentication finished OK but disallowed by ACL.
             * Need to start over to give the client another chance.
             */
            /* fall through */

        case AuthUser::Unchecked:
            /* semantic change: do not drop the connection.
             * 2.5 implementation used to keep it open - Kinkie */
            debugs(29, 9, "AuthNTLMConfig::fixHeader: Sending type:" << hdrType << " header: 'NTLM'");
            httpHeaderPutStrf(&rep->header, hdrType, "NTLM");
            break;

        case AuthUser::Handshake:
            /* we're waiting for a response from the client. Pass it the blob */
            debugs(29, 9, "AuthNTLMConfig::fixHeader: Sending type:" << hdrType << " header: 'NTLM " << ntlm_request->server_blob << "'");
            httpHeaderPutStrf(&rep->header, hdrType, "NTLM %s", ntlm_request->server_blob);
            safe_free(ntlm_request->server_blob);
            break;

        default:
            debugs(29, DBG_CRITICAL, "AuthNTLMConfig::fixHeader: state " << ntlm_request->user()->credentials() << ".");
            fatal("unexpected state in AuthenticateNTLMFixErrorHeader.\n");
        }
    }
}

NTLMUser::~NTLMUser()
{
    debugs(29, 5, "NTLMUser::~NTLMUser: doing nothing to clearNTLM scheme data for '" << this << "'");
}

int32_t
NTLMUser::ttl() const
{
    return -1; // NTLM credentials cannot be cached.
}

static void
authenticateNTLMStats(StoreEntry * sentry)
{
    helperStatefulStats(sentry, ntlmauthenticators, "NTLM Authenticator Statistics");
}

/*
 * Decode a NTLM [Proxy-]Auth string, placing the results in the passed
 * Auth_user structure.
 */
AuthUserRequest::Pointer
AuthNTLMConfig::decode(char const *proxy_auth)
{
    NTLMUser *newUser = new NTLMUser(AuthConfig::Find("ntlm"));
    AuthUserRequest::Pointer auth_user_request = new AuthNTLMUserRequest();
    assert(auth_user_request->user() == NULL);

    auth_user_request->user(newUser);
    auth_user_request->user()->auth_type = AUTH_NTLM;

    /* all we have to do is identify that it's NTLM - the helper does the rest */
    debugs(29, 9, "AuthNTLMConfig::decode: NTLM authentication");
    return auth_user_request;
}

void
NTLMUser::deleteSelf() const
{
    delete this;
}

NTLMUser::NTLMUser (AuthConfig *aConfig) : AuthUser (aConfig)
{
    proxy_auth_list.head = proxy_auth_list.tail = NULL;
}
Commit	Line	Data
94439e4e	1	/*
262a0e14	2	* $Id$
94439e4e	3	*
94439e4e	4	* DEBUG: section 29 NTLM Authenticator
6bf4f823	5	* AUTHOR: Robert Collins, Henrik Nordstrom, Francesco Chemolli
94439e4e	6	*
2b6662ba	7	* SQUID Web Proxy Cache http://www.squid-cache.org/
94439e4e	8	* ----------------------------------------------------------
94439e4e	9	*
2b6662ba	10	* Squid is the result of efforts by numerous individuals from
	11	* the Internet community; see the CONTRIBUTORS file for full
	12	* details. Many organizations have provided support for Squid's
	13	* development; see the SPONSORS file for full details. Squid is
	14	* Copyrighted (C) 2001 by the Regents of the University of
	15	* California; see the COPYRIGHT file for full details. Squid
	16	* incorporates software developed and/or copyrighted by other
	17	* sources; see the CREDITS file for full details.
94439e4e	18	*
	19	* This program is free software; you can redistribute it and/or modify
	20	* it under the terms of the GNU General Public License as published by
	21	* the Free Software Foundation; either version 2 of the License, or
	22	* (at your option) any later version.
26ac0430	23	*
94439e4e	24	* This program is distributed in the hope that it will be useful,
	25	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	26	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	27	* GNU General Public License for more details.
26ac0430	28	*
94439e4e	29	* You should have received a copy of the GNU General Public License
	30	* along with this program; if not, write to the Free Software
	31	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	32	*
	33	*/
	34
	35	/* The functions in this file handle authentication.
	36	* They DO NOT perform access control or auditing.
	37	* See acl.c for access control and client_side.c for auditing */
	38
	39
	40	#include "squid.h"
3ad63615	41	#include "auth/Gadgets.h"
5817ee13 AJ	42	#include "auth/ntlm/auth_ntlm.h"
5817ee13 AJ	43	#include "auth/ntlm/ntlmScheme.h"
928f3421 AJ	44	#include "auth/ntlm/ntlmUserRequest.h"
928f3421 AJ	45	#include "auth/State.h"
8822ebee	46	#include "mgr/Registration.h"
e6ccf245	47	#include "Store.h"
a46d2c0e	48	#include "client_side.h"
924f73bc	49	#include "HttpReply.h"
a2ac85d9	50	#include "HttpRequest.h"
d295d770	51	#include "wordlist.h"
cc192b50	52	#include "SquidTime.h"
c78aa667	53
94439e4e	54	/* NTLM Scheme */
94439e4e	55	static AUTHSSTATS authenticateNTLMStats;
94439e4e	56
928f3421	57	statefulhelper *ntlmauthenticators = NULL;
94439e4e	58	static int authntlm_initialised = 0;
94439e4e	59
94439e4e	60	static hash_table *proxy_auth_cache = NULL;
	61
	62	/*
	63	*
	64	* Private Functions
	65	*
	66	*/
	67
0bcb6908 AJ	68	void
	69	AuthNTLMConfig::rotateHelpers()
	70	{
	71	/* schedule closure of existing helpers */
	72	if (ntlmauthenticators) {
	73	helperStatefulShutdown(ntlmauthenticators);
	74	}
	75
	76	/* NP: dynamic helper restart will ensure they start up again as needed. */
	77	}
	78
5817ee13	79	/* free any allocated configuration details */
f5691f9c	80	void
5817ee13	81	AuthNTLMConfig::done()
94439e4e	82	{
94439e4e	83	authntlm_initialised = 0;
62e76326	84
5817ee13 AJ	85	if (ntlmauthenticators) {
5817ee13 AJ	86	helperStatefulShutdown(ntlmauthenticators);
5817ee13	87	}
62e76326	88
94439e4e	89	if (!shutting_down)
62e76326	90	return;
62e76326	91
48d54e4d	92	delete ntlmauthenticators;
94439e4e	93	ntlmauthenticators = NULL;
62e76326	94
f5691f9c	95	if (authenticate)
f5691f9c	96	wordlistDestroy(&authenticate);
cdabe87d AJ	97
cdabe87d AJ	98	debugs(29, 2, "ntlmScheme::done: NTLM authentication Shutdown.");
94439e4e	99	}
94439e4e	100
f5691f9c	101	void
f5691f9c	102	AuthNTLMConfig::dump(StoreEntry * entry, const char name, AuthConfig scheme)
94439e4e	103	{
f5691f9c	104	wordlist *list = authenticate;
94439e4e	105	storeAppendPrintf(entry, "%s %s", name, "ntlm");
62e76326	106
94439e4e	107	while (list != NULL) {
62e76326	108	storeAppendPrintf(entry, " %s", list->key);
62e76326	109	list = list->next;
94439e4e	110	}
62e76326	111
404cfda1 AJ	112	storeAppendPrintf(entry, "\n%s ntlm children %d startup=%d idle=%d concurrency=%d\n",
404cfda1 AJ	113	name, authenticateChildren.n_max, authenticateChildren.n_startup, authenticateChildren.n_idle, authenticateChildren.concurrency);
6bf4f823	114	storeAppendPrintf(entry, "%s %s keep_alive %s\n", name, "ntlm", keep_alive ? "on" : "off");
94439e4e	115
	116	}
	117
ea0695f2	118	AuthNTLMConfig::AuthNTLMConfig() : keep_alive(1)
6bf4f823	119	{ }
62e76326	120
f5691f9c	121	void
	122	AuthNTLMConfig::parse(AuthConfig * scheme, int n_configured, char *param_str)
	123	{
94439e4e	124	if (strcasecmp(param_str, "program") == 0) {
f5691f9c	125	if (authenticate)
f5691f9c	126	wordlistDestroy(&authenticate);
62e76326	127
f5691f9c	128	parse_wordlist(&authenticate);
62e76326	129
42900318	130	requirePathnameExists("auth_param ntlm program", authenticate->key);
94439e4e	131	} else if (strcasecmp(param_str, "children") == 0) {
48d54e4d	132	authenticateChildren.parseConfig();
6bf4f823	133	} else if (strcasecmp(param_str, "keep_alive") == 0) {
6bf4f823	134	parse_onoff(&keep_alive);
94439e4e	135	} else {
bf8fe701	136	debugs(29, 0, "AuthNTLMConfig::parse: unrecognised ntlm auth scheme parameter '" << param_str << "'");
94439e4e	137	}
62e76326	138
dff99376	139	/*
	140	* disable client side request pipelining. There is a race with
	141	* NTLM when the client sends a second request on an NTLM
	142	* connection before the authenticate challenge is sent. With
	143	* this patch, the client may fail to authenticate, but squid's
	144	* state will be preserved. Caveats: this should be a post-parse
	145	* test, but that can wait for the modular parser to be integrated.
721b0310	146	*/
f5691f9c	147	if (authenticate)
62e76326	148	Config.onoff.pipeline_prefetch = 0;
94439e4e	149	}
94439e4e	150
f5691f9c	151	const char *
f5691f9c	152	AuthNTLMConfig::type() const
94439e4e	153	{
5817ee13	154	return ntlmScheme::GetInstance()->type();
94439e4e	155	}
	156
	157	/* Initialize helpers and the like for this auth scheme. Called AFTER parsing the
	158	* config file */
f5691f9c	159	void
f5691f9c	160	AuthNTLMConfig::init(AuthConfig * scheme)
94439e4e	161	{
f5691f9c	162	if (authenticate) {
6bf4f823	163
62e76326	164	authntlm_initialised = 1;
	165
	166	if (ntlmauthenticators == NULL)
48d54e4d	167	ntlmauthenticators = new statefulhelper("ntlmauthenticator");
62e76326	168
62e76326	169	if (!proxy_auth_cache)
30abd221	170	proxy_auth_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string);
62e76326	171
	172	assert(proxy_auth_cache);
	173
f5691f9c	174	ntlmauthenticators->cmdline = authenticate;
62e76326	175
48d54e4d	176	ntlmauthenticators->childs = authenticateChildren;
62e76326	177
	178	ntlmauthenticators->ipc_type = IPC_STREAM;
	179
62e76326	180	helperStatefulOpenServers(ntlmauthenticators);
62e76326	181
62e76326	182	CBDATA_INIT_TYPE(authenticateStateData);
94439e4e	183	}
	184	}
	185
62ee09ca	186	void
15fab853	187	AuthNTLMConfig::registerWithCacheManager(void)
62ee09ca	188	{
8822ebee	189	Mgr::RegisterAction("ntlmauthenticator",
26ac0430 AJ	190	"NTLM User Authenticator Stats",
26ac0430 AJ	191	authenticateNTLMStats, 0, 1);
62ee09ca	192	}
62ee09ca	193
f5691f9c	194	bool
f5691f9c	195	AuthNTLMConfig::active() const
2d70df72	196	{
f5691f9c	197	return authntlm_initialised == 1;
2d70df72	198	}
2d70df72	199
f5691f9c	200	bool
f5691f9c	201	AuthNTLMConfig::configured() const
94439e4e	202	{
48d54e4d	203	if ((authenticate != NULL) && (authenticateChildren.n_max != 0)) {
bf8fe701	204	debugs(29, 9, "AuthNTLMConfig::configured: returning configured");
f5691f9c	205	return true;
2d70df72	206	}
62e76326	207
bf8fe701	208	debugs(29, 9, "AuthNTLMConfig::configured: returning unconfigured");
f5691f9c	209	return false;
94439e4e	210	}
	211
	212	/* NTLM Scheme */
94439e4e	213
f5691f9c	214	void
a33a428a	215	AuthNTLMConfig::fixHeader(AuthUserRequest::Pointer auth_user_request, HttpReply rep, http_hdr_type hdrType, HttpRequest request)
94439e4e	216	{
6bf4f823	217	if (!authenticate)
6bf4f823	218	return;
62e76326	219
63a05fa3	220	/* Need keep-alive */
63a05fa3	221	if (!request->flags.proxy_keepalive && request->flags.must_keepalive)
26ac0430	222	return;
63a05fa3	223
6bf4f823	224	/* New request, no user details */
6bf4f823	225	if (auth_user_request == NULL) {
18ec8500 FC	226	debugs(29, 9, "AuthNTLMConfig::fixHeader: Sending type:" << hdrType << " header: 'NTLM'");
18ec8500 FC	227	httpHeaderPutStrf(&rep->header, hdrType, "NTLM");
6bf4f823	228
6bf4f823	229	if (!keep_alive) {
62e76326	230	/* drop the connection */
62e76326	231	request->flags.proxy_keepalive = 0;
62e76326	232	}
6bf4f823	233	} else {
a33a428a	234	AuthNTLMUserRequest ntlm_request = dynamic_cast<AuthNTLMUserRequest >(auth_user_request.getRaw());
3a11f20d	235	assert(ntlm_request != NULL);
3a11f20d	236
d232141d	237	switch (ntlm_request->user()->credentials()) {
62e76326	238
d232141d	239	case AuthUser::Failed:
6bf4f823	240	/* here it makes sense to drop the connection, as auth is
6bf4f823	241	* tied to it, even if MAYBE the client could handle it - Kinkie */
6bf4f823	242	request->flags.proxy_keepalive = 0;
6bf4f823	243	/* fall through */
94439e4e	244
d232141d	245	case AuthUser::Ok:
6bf4f823	246	/* Special case: authentication finished OK but disallowed by ACL.
	247	* Need to start over to give the client another chance.
	248	*/
	249	/* fall through */
62e76326	250
d232141d	251	case AuthUser::Unchecked:
6bf4f823	252	/* semantic change: do not drop the connection.
6bf4f823	253	* 2.5 implementation used to keep it open - Kinkie */
18ec8500 FC	254	debugs(29, 9, "AuthNTLMConfig::fixHeader: Sending type:" << hdrType << " header: 'NTLM'");
18ec8500 FC	255	httpHeaderPutStrf(&rep->header, hdrType, "NTLM");
6bf4f823	256	break;
62e76326	257
d232141d	258	case AuthUser::Handshake:
6bf4f823	259	/* we're waiting for a response from the client. Pass it the blob */
18ec8500 FC	260	debugs(29, 9, "AuthNTLMConfig::fixHeader: Sending type:" << hdrType << " header: 'NTLM " << ntlm_request->server_blob << "'");
18ec8500 FC	261	httpHeaderPutStrf(&rep->header, hdrType, "NTLM %s", ntlm_request->server_blob);
6bf4f823	262	safe_free(ntlm_request->server_blob);
6bf4f823	263	break;
62e76326	264
6bf4f823	265	default:
d232141d	266	debugs(29, DBG_CRITICAL, "AuthNTLMConfig::fixHeader: state " << ntlm_request->user()->credentials() << ".");
6bf4f823	267	fatal("unexpected state in AuthenticateNTLMFixErrorHeader.\n");
	268	}
	269	}
	270	}
62e76326	271
6bf4f823	272	NTLMUser::~NTLMUser()
6bf4f823	273	{
bf8fe701	274	debugs(29, 5, "NTLMUser::~NTLMUser: doing nothing to clearNTLM scheme data for '" << this << "'");
94439e4e	275	}
94439e4e	276
56a49fda AJ	277	int32_t
	278	NTLMUser::ttl() const
	279	{
	280	return -1; // NTLM credentials cannot be cached.
	281	}
	282
94439e4e	283	static void
	284	authenticateNTLMStats(StoreEntry * sentry)
	285	{
9522b380	286	helperStatefulStats(sentry, ntlmauthenticators, "NTLM Authenticator Statistics");
94439e4e	287	}
94439e4e	288
94439e4e	289	/*
6bf4f823	290	* Decode a NTLM [Proxy-]Auth string, placing the results in the passed
94439e4e	291	* Auth_user structure.
94439e4e	292	*/
a33a428a	293	AuthUserRequest::Pointer
f5691f9c	294	AuthNTLMConfig::decode(char const *proxy_auth)
94439e4e	295	{
5817ee13	296	NTLMUser *newUser = new NTLMUser(AuthConfig::Find("ntlm"));
a33a428a	297	AuthUserRequest::Pointer auth_user_request = new AuthNTLMUserRequest();
f5691f9c	298	assert(auth_user_request->user() == NULL);
a33a428a	299
f5691f9c	300	auth_user_request->user(newUser);
f5691f9c	301	auth_user_request->user()->auth_type = AUTH_NTLM;
94439e4e	302
94439e4e	303	/* all we have to do is identify that it's NTLM - the helper does the rest */
bf8fe701	304	debugs(29, 9, "AuthNTLMConfig::decode: NTLM authentication");
f5691f9c	305	return auth_user_request;
94439e4e	306	}
94439e4e	307
f5691f9c	308	void
	309	NTLMUser::deleteSelf() const
	310	{
	311	delete this;
	312	}
	313
18ec8500	314	NTLMUser::NTLMUser (AuthConfig *aConfig) : AuthUser (aConfig)
f5691f9c	315	{
	316	proxy_auth_list.head = proxy_auth_list.tail = NULL;
	317	}