]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/auth/Config.cc
7c966c14291f8f48ca7a08daef207d3ffce1cdb9
2 * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 29 Authenticator */
12 #include "auth/Config.h"
13 #include "auth/Gadgets.h"
14 #include "auth/UserRequest.h"
16 #include "ConfigParser.h"
18 #include "format/Format.h"
23 Auth::ConfigVector
Auth::TheConfig
;
26 * Get an User credentials object filled out for the given Proxy- or WWW-Authenticate header.
27 * Any decoding which needs to be done will be done.
29 * It may be a cached AuthUser or a new Unauthenticated object.
30 * It may also be NULL reflecting that no user could be created.
32 Auth::UserRequest::Pointer
33 Auth::Config::CreateAuthUser(const char *proxy_auth
, AccessLogEntry::Pointer
&al
)
35 assert(proxy_auth
!= NULL
);
36 debugs(29, 9, HERE
<< "header = '" << proxy_auth
<< "'");
38 Auth::Config
*config
= Find(proxy_auth
);
40 if (config
== NULL
|| !config
->active()) {
41 debugs(29, (shutting_down
?3:DBG_IMPORTANT
), (shutting_down
?"":"WARNING: ") <<
42 "Unsupported or unconfigured/inactive proxy-auth scheme, '" << proxy_auth
<< "'");
47 if (config
->keyExtras
) {
48 // %credentials and %username, which normally included in
49 // request_format, are - at this time, but that is OK
50 // because user name is added to key explicitly, and we do
51 // not want to store authenticated credentials at all.
52 config
->keyExtras
->assemble(rmb
, al
, 0);
55 return config
->decode(proxy_auth
, rmb
.hasContent() ? rmb
.content() : NULL
);
59 Auth::Config::Find(const char *proxy_auth
)
61 for (Auth::ConfigVector::iterator i
= Auth::TheConfig
.begin(); i
!= Auth::TheConfig
.end(); ++i
)
62 if (strncasecmp(proxy_auth
, (*i
)->type(), strlen((*i
)->type())) == 0)
68 /** Default behaviour is to expose nothing */
70 Auth::Config::registerWithCacheManager(void)
74 Auth::Config::parse(Auth::Config
* scheme
, int, char *param_str
)
76 if (strcmp(param_str
, "program") == 0) {
77 if (authenticateProgram
)
78 wordlistDestroy(&authenticateProgram
);
80 parse_wordlist(&authenticateProgram
);
82 requirePathnameExists("Authentication helper program", authenticateProgram
->key
);
84 } else if (strcmp(param_str
, "realm") == 0) {
87 char *token
= ConfigParser::NextQuotedOrToEol();
89 while (token
&& *token
&& xisspace(*token
))
92 if (!token
|| !*token
) {
93 debugs(29, DBG_PARSE_NOTE(DBG_IMPORTANT
), "ERROR: Missing auth_param " << scheme
->type() << " realm");
100 } else if (strcmp(param_str
, "children") == 0) {
101 authenticateChildren
.parseConfig();
103 } else if (strcmp(param_str
, "key_extras") == 0) {
104 keyExtrasLine
= ConfigParser::NextQuotedToken();
105 Format::Format
*nlf
= new ::Format::Format(scheme
->type());
106 if (!nlf
->parse(keyExtrasLine
.termedBuf())) {
107 debugs(29, DBG_CRITICAL
, "FATAL: Failed parsing key_extras formatting value");
116 if (char *t
= strtok(NULL
, w_space
)) {
117 debugs(29, DBG_CRITICAL
, "FATAL: Unexpected argument '" << t
<< "' after request_format specification");
121 debugs(29, DBG_CRITICAL
, "Unrecognised " << scheme
->type() << " auth scheme parameter '" << param_str
<< "'");
126 Auth::Config::dump(StoreEntry
*entry
, const char *name
, Auth::Config
*scheme
) const
128 if (!authenticateProgram
)
129 return false; // not configured
131 wordlist
*list
= authenticateProgram
;
132 storeAppendPrintf(entry
, "%s %s", name
, scheme
->type());
133 while (list
!= NULL
) {
134 storeAppendPrintf(entry
, " %s", list
->key
);
137 storeAppendPrintf(entry
, "\n");
139 storeAppendPrintf(entry
, "%s %s realm " SQUIDSBUFPH
"\n", name
, scheme
->type(), SQUIDSBUFPRINT(realm
));
141 storeAppendPrintf(entry
, "%s %s children %d startup=%d idle=%d concurrency=%d\n",
142 name
, scheme
->type(),
143 authenticateChildren
.n_max
, authenticateChildren
.n_startup
,
144 authenticateChildren
.n_idle
, authenticateChildren
.concurrency
);
146 if (keyExtrasLine
.size() > 0)
147 storeAppendPrintf(entry
, "%s %s key_extras \"%s\"\n", name
, scheme
->type(), keyExtrasLine
.termedBuf());
157 keyExtrasLine
.clean();