]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/auth/CredentialsCache.cc
2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 29 Authenticator */
12 #include "acl/Gadgets.h"
13 #include "auth/Config.h"
14 #include "auth/CredentialsCache.h"
15 #include "base/RunnersRegistry.h"
16 #include "debug/Stream.h"
21 class CredentialCacheRr
: public RegisteredRunner
24 explicit CredentialCacheRr(const char *n
, CredentialsCache
* const c
) :
29 ~CredentialCacheRr() override
{
30 debugs(29, 5, "Terminating Auth credentials cache: " << name
);
31 // invalidate the CBDATA reference.
32 // causes Auth::*::User::Cache() to produce nil / invalid pointer
33 delete whichCache
.get();
36 void endingShutdown() override
{
37 debugs(29, 5, "Clearing Auth credentials cache: " << name
);
41 void syncConfig() override
{
42 debugs(29, 5, "Reconfiguring Auth credentials cache: " << name
);
43 whichCache
->doConfigChangeCleanup();
47 /// name of the cache being managed, for logs
50 /// reference to the scheme cache which is being managed
51 CbcPointer
<CredentialsCache
> whichCache
;
54 CBDATA_CLASS_INIT(CredentialsCache
);
56 CredentialsCache::CredentialsCache(const char *name
, const char * const prettyEvName
) :
58 cacheCleanupEventName(prettyEvName
)
60 debugs(29, 5, "initializing " << name
<< " credentials cache");
61 RegisterRunner(new Auth::CredentialCacheRr(name
, this));
65 CredentialsCache::lookup(const SBuf
&userKey
) const
67 debugs(29, 6, "lookup for " << userKey
);
68 auto p
= store_
.find(userKey
);
69 if (p
== store_
.end())
70 return User::Pointer(nullptr);
75 CredentialsCache::Cleanup(void *data
)
77 debugs(29, 5, "checkpoint");
78 // data is this in disguise
79 CredentialsCache
*self
= static_cast<CredentialsCache
*>(data
);
84 CredentialsCache::cleanup()
86 // cache entries with expiretime <= expirationTime are to be evicted
87 const time_t expirationTime
= current_time
.tv_sec
- Auth::TheConfig
.credentialsTtl
;
89 const auto end
= store_
.end();
90 for (auto i
= store_
.begin(); i
!= end
;) {
91 debugs(29, 6, "considering " << i
->first
<< "(expires in " <<
92 (expirationTime
- i
->second
->expiretime
) << " sec)");
93 if (i
->second
->expiretime
<= expirationTime
) {
94 debugs(29, 6, "evicting " << i
->first
);
95 i
= store_
.erase(i
); //erase advances i
100 gcScheduled_
= false;
105 CredentialsCache::insert(const SBuf
&userKey
, const Auth::User::Pointer
&anAuth_user
)
107 debugs(29, 6, "adding " << userKey
<< " (" << anAuth_user
->username() << ")");
108 store_
[userKey
] = anAuth_user
;
112 // generates the list of cached usernames in a format that is convenient
113 // to merge with equivalent lists obtained from other CredentialsCaches.
114 std::vector
<Auth::User::Pointer
>
115 CredentialsCache::sortedUsersList() const
117 std::vector
<Auth::User::Pointer
> rv(size(), nullptr);
118 std::transform(store_
.begin(), store_
.end(), rv
.begin(),
119 [](StoreType::value_type v
) { return v
.second
; }
121 std::sort(rv
.begin(), rv
.end(),
122 [](const Auth::User::Pointer
&lhs
, const Auth::User::Pointer
&rhs
) {
123 return strcmp(lhs
->username(), rhs
->username()) < 0;
130 CredentialsCache::scheduleCleanup()
132 if (!gcScheduled_
&& store_
.size()) {
134 eventAdd(cacheCleanupEventName
, &CredentialsCache::Cleanup
,
135 this, Auth::TheConfig
.garbageCollectInterval
, 1);
140 CredentialsCache::doConfigChangeCleanup()
142 // purge expired entries entirely
144 // purge the ACL match data stored in the credentials
145 for (auto i
: store_
) {
146 aclCacheMatchFlush(&i
.second
->proxy_match_cache
);
150 } /* namespace Auth */