]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/auth/CredentialsCache.cc
2 * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 29 Authenticator */
12 #include "acl/Gadgets.h"
13 #include "auth/CredentialsCache.h"
14 #include "base/RunnersRegistry.h"
17 #include "SquidConfig.h"
18 #include "SquidTime.h"
22 class CredentialCacheRr
: public RegisteredRunner
25 explicit CredentialCacheRr(const char *n
, CredentialsCache
* const c
) :
30 virtual ~CredentialCacheRr() {
31 debugs(29, 5, "Terminating username cache: " << name
);
32 // invalidate the CBDATA reference.
33 // causes Auth::*::User::Cache() to produce nil / invalid pointer
34 delete whichCache
.get();
37 virtual void endingShutdown() override
{
38 debugs(29, 5, "Clearing username cache: " << name
);
42 virtual void syncConfig() override
{
43 if (!whichCache
.valid())
46 debugs(29, 5, "Reconfiguring username cache: " << name
);
47 whichCache
->doConfigChangeCleanup();
51 /// name of the cache being managed, for logs
54 /// reference to the scheme cache which is being managed
55 CbcPointer
<CredentialsCache
> whichCache
;
58 CBDATA_CLASS_INIT(CredentialsCache
);
60 CredentialsCache::CredentialsCache(const char *name
) :
62 cacheCleanupEventName("User cache cleanup: ")
64 debugs(29, 5, "initializing " << name
<< " username cache");
65 cacheCleanupEventName
.append(name
);
66 RegisterRunner(new Auth::CredentialCacheRr(name
, this));
70 CredentialsCache::lookup(const SBuf
&userKey
) const
72 debugs(29, 6, "lookup for " << userKey
);
73 auto p
= store_
.find(userKey
);
74 if (p
== store_
.end())
75 return User::Pointer(nullptr);
80 CredentialsCache::Cleanup(void *data
)
82 debugs(29, 5, "checkpoint");
83 // data is this in disguise
84 CredentialsCache
*self
= static_cast<CredentialsCache
*>(data
);
89 CredentialsCache::cleanup()
91 // cache entries with expiretime <= expirationTime are to be evicted
92 const time_t expirationTime
= current_time
.tv_sec
- ::Config
.authenticateTTL
;
94 const auto end
= store_
.end();
95 for (auto i
= store_
.begin(); i
!= end
;) {
96 debugs(29, 6, "considering " << i
->first
<< "(expires in " <<
97 (expirationTime
- i
->second
->expiretime
) << " sec)");
98 if (i
->second
->expiretime
<= expirationTime
) {
99 debugs(29, 6, "evicting " << i
->first
);
100 i
= store_
.erase(i
); //erase advances i
109 CredentialsCache::insert(Auth::User::Pointer anAuth_user
)
111 debugs(29, 6, "adding " << anAuth_user
->userKey());
112 store_
[anAuth_user
->userKey()] = anAuth_user
;
116 // generates the list of cached usernames in a format that is convenient
117 // to merge with equivalent lists obtained from other CredentialsCaches.
118 std::vector
<Auth::User::Pointer
>
119 CredentialsCache::sortedUsersList() const
121 std::vector
<Auth::User::Pointer
> rv(size(), nullptr);
122 std::transform(store_
.begin(), store_
.end(), rv
.begin(),
123 [](StoreType::value_type v
) { return v
.second
; }
125 std::sort(rv
.begin(), rv
.end(),
126 [](const Auth::User::Pointer
&lhs
, const Auth::User::Pointer
&rhs
) {
127 return strcmp(lhs
->username(), rhs
->username()) < 0;
134 CredentialsCache::scheduleCleanup()
136 if (!gcScheduled_
&& store_
.size()) {
138 eventAdd(cacheCleanupEventName
.c_str(), &CredentialsCache::Cleanup
,
139 this, ::Config
.authenticateGCInterval
, 1);
144 CredentialsCache::doConfigChangeCleanup()
146 // purge expired entries entirely
148 // purge the ACL match data stored in the credentials
149 for (auto i
: store_
) {
150 aclCacheMatchFlush(&i
.second
->proxy_match_cache
);
154 } /* namespace Auth */