]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/auth/CredentialsCache.cc
2 * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 29 Authenticator */
12 #include "acl/Gadgets.h"
13 #include "auth/CredentialsCache.h"
14 #include "base/RunnersRegistry.h"
17 #include "SquidConfig.h"
18 #include "SquidTime.h"
22 class CredentialCacheRr
: public RegisteredRunner
25 explicit CredentialCacheRr(const char *n
, CredentialsCache
* const c
) :
30 virtual ~CredentialCacheRr() {
31 debugs(29, 5, "Terminating username cache: " << name
);
32 // invalidate the CBDATA reference.
33 // causes Auth::*::User::Cache() to produce nil / invalid pointer
34 delete whichCache
.get();
37 virtual void endingShutdown() override
{
38 debugs(29, 5, "Clearing username cache: " << name
);
42 virtual void syncConfig() override
{
43 if (!whichCache
.valid())
46 debugs(29, 5, "Reconfiguring username cache: " << name
);
47 whichCache
->doConfigChangeCleanup();
51 /// name of the cache being managed, for logs
54 /// reference to the scheme cache which is being managed
55 CbcPointer
<CredentialsCache
> whichCache
;
58 CBDATA_CLASS_INIT(CredentialsCache
);
60 CredentialsCache::CredentialsCache(const char *name
, const char * const prettyEvName
) :
62 cacheCleanupEventName(prettyEvName
)
64 debugs(29, 5, "initializing " << name
<< " username cache");
65 RegisterRunner(new Auth::CredentialCacheRr(name
, this));
69 CredentialsCache::lookup(const SBuf
&userKey
) const
71 debugs(29, 6, "lookup for " << userKey
);
72 auto p
= store_
.find(userKey
);
73 if (p
== store_
.end())
74 return User::Pointer(nullptr);
79 CredentialsCache::Cleanup(void *data
)
81 debugs(29, 5, "checkpoint");
82 // data is this in disguise
83 CredentialsCache
*self
= static_cast<CredentialsCache
*>(data
);
88 CredentialsCache::cleanup()
90 // cache entries with expiretime <= expirationTime are to be evicted
91 const time_t expirationTime
= current_time
.tv_sec
- ::Config
.authenticateTTL
;
93 const auto end
= store_
.end();
94 for (auto i
= store_
.begin(); i
!= end
;) {
95 debugs(29, 6, "considering " << i
->first
<< "(expires in " <<
96 (expirationTime
- i
->second
->expiretime
) << " sec)");
97 if (i
->second
->expiretime
<= expirationTime
) {
98 debugs(29, 6, "evicting " << i
->first
);
99 i
= store_
.erase(i
); //erase advances i
108 CredentialsCache::insert(Auth::User::Pointer anAuth_user
)
110 debugs(29, 6, "adding " << anAuth_user
->userKey());
111 store_
[anAuth_user
->userKey()] = anAuth_user
;
115 // generates the list of cached usernames in a format that is convenient
116 // to merge with equivalent lists obtained from other CredentialsCaches.
117 std::vector
<Auth::User::Pointer
>
118 CredentialsCache::sortedUsersList() const
120 std::vector
<Auth::User::Pointer
> rv(size(), nullptr);
121 std::transform(store_
.begin(), store_
.end(), rv
.begin(),
122 [](StoreType::value_type v
) { return v
.second
; }
124 std::sort(rv
.begin(), rv
.end(),
125 [](const Auth::User::Pointer
&lhs
, const Auth::User::Pointer
&rhs
) {
126 return strcmp(lhs
->username(), rhs
->username()) < 0;
133 CredentialsCache::scheduleCleanup()
135 if (!gcScheduled_
&& store_
.size()) {
137 eventAdd(cacheCleanupEventName
, &CredentialsCache::Cleanup
,
138 this, ::Config
.authenticateGCInterval
, 1);
143 CredentialsCache::doConfigChangeCleanup()
145 // purge expired entries entirely
147 // purge the ACL match data stored in the credentials
148 for (auto i
: store_
) {
149 aclCacheMatchFlush(&i
.second
->proxy_match_cache
);
153 } /* namespace Auth */