]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/auth/CredentialsCache.cc
2 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 29 Authenticator */
12 #include "acl/Gadgets.h"
13 #include "auth/CredentialsCache.h"
14 #include "base/RunnersRegistry.h"
17 #include "SquidConfig.h"
18 #include "SquidTime.h"
22 class CredentialCacheRr
: public RegisteredRunner
25 explicit CredentialCacheRr(const char *n
, CredentialsCache
* const c
) :
30 virtual ~CredentialCacheRr() {
31 debugs(29, 5, "Terminating Auth credentials cache: " << name
);
32 // invalidate the CBDATA reference.
33 // causes Auth::*::User::Cache() to produce nil / invalid pointer
34 delete whichCache
.get();
37 virtual void endingShutdown() override
{
38 debugs(29, 5, "Clearing Auth credentials cache: " << name
);
42 virtual void syncConfig() override
{
43 debugs(29, 5, "Reconfiguring Auth credentials cache: " << name
);
44 whichCache
->doConfigChangeCleanup();
48 /// name of the cache being managed, for logs
51 /// reference to the scheme cache which is being managed
52 CbcPointer
<CredentialsCache
> whichCache
;
55 CBDATA_CLASS_INIT(CredentialsCache
);
57 CredentialsCache::CredentialsCache(const char *name
, const char * const prettyEvName
) :
59 cacheCleanupEventName(prettyEvName
)
61 debugs(29, 5, "initializing " << name
<< " credentials cache");
62 RegisterRunner(new Auth::CredentialCacheRr(name
, this));
66 CredentialsCache::lookup(const SBuf
&userKey
) const
68 debugs(29, 6, "lookup for " << userKey
);
69 auto p
= store_
.find(userKey
);
70 if (p
== store_
.end())
71 return User::Pointer(nullptr);
76 CredentialsCache::Cleanup(void *data
)
78 debugs(29, 5, "checkpoint");
79 // data is this in disguise
80 CredentialsCache
*self
= static_cast<CredentialsCache
*>(data
);
85 CredentialsCache::cleanup()
87 // cache entries with expiretime <= expirationTime are to be evicted
88 const time_t expirationTime
= current_time
.tv_sec
- ::Config
.authenticateTTL
;
90 const auto end
= store_
.end();
91 for (auto i
= store_
.begin(); i
!= end
;) {
92 debugs(29, 6, "considering " << i
->first
<< "(expires in " <<
93 (expirationTime
- i
->second
->expiretime
) << " sec)");
94 if (i
->second
->expiretime
<= expirationTime
) {
95 debugs(29, 6, "evicting " << i
->first
);
96 i
= store_
.erase(i
); //erase advances i
105 CredentialsCache::insert(const SBuf
&userKey
, Auth::User::Pointer anAuth_user
)
107 debugs(29, 6, "adding " << userKey
<< " (" << anAuth_user
->username() << ")");
108 store_
[userKey
] = anAuth_user
;
112 // generates the list of cached usernames in a format that is convenient
113 // to merge with equivalent lists obtained from other CredentialsCaches.
114 std::vector
<Auth::User::Pointer
>
115 CredentialsCache::sortedUsersList() const
117 std::vector
<Auth::User::Pointer
> rv(size(), nullptr);
118 std::transform(store_
.begin(), store_
.end(), rv
.begin(),
119 [](StoreType::value_type v
) { return v
.second
; }
121 std::sort(rv
.begin(), rv
.end(),
122 [](const Auth::User::Pointer
&lhs
, const Auth::User::Pointer
&rhs
) {
123 return strcmp(lhs
->username(), rhs
->username()) < 0;
130 CredentialsCache::scheduleCleanup()
132 if (!gcScheduled_
&& store_
.size()) {
134 eventAdd(cacheCleanupEventName
, &CredentialsCache::Cleanup
,
135 this, ::Config
.authenticateGCInterval
, 1);
140 CredentialsCache::doConfigChangeCleanup()
142 // purge expired entries entirely
144 // purge the ACL match data stored in the credentials
145 for (auto i
: store_
) {
146 aclCacheMatchFlush(&i
.second
->proxy_match_cache
);
150 } /* namespace Auth */