src/authenticate.cc

   1
   2 /*
   3  * $Id$
   4  *
   5  * DEBUG: section 29    Authenticator
   6  * AUTHOR:  Robert Collins
   7  *
   8  * SQUID Web Proxy Cache          http://www.squid-cache.org/
   9  * ----------------------------------------------------------
  10  *
  11  *  Squid is the result of efforts by numerous individuals from
  12  *  the Internet community; see the CONTRIBUTORS file for full
  13  *  details.   Many organizations have provided support for Squid's
  14  *  development; see the SPONSORS file for full details.  Squid is
  15  *  Copyrighted (C) 2001 by the Regents of the University of
  16  *  California; see the COPYRIGHT file for full details.  Squid
  17  *  incorporates software developed and/or copyrighted by other
  18  *  sources; see the CREDITS file for full details.
  19  *
  20  *  This program is free software; you can redistribute it and/or modify
  21  *  it under the terms of the GNU General Public License as published by
  22  *  the Free Software Foundation; either version 2 of the License, or
  23  *  (at your option) any later version.
  24  *
  25  *  This program is distributed in the hope that it will be useful,
  26  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  27  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  28  *  GNU General Public License for more details.
  29  *
  30  *  You should have received a copy of the GNU General Public License
  31  *  along with this program; if not, write to the Free Software
  32  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
  33  *
  34  */
  35
  36 /* The functions in this file handle authentication.
  37  * They DO NOT perform access control or auditing.
  38  * See acl.c for access control and client_side.c for auditing */
  39
  40 #include "squid.h"
  41 #include "authenticate.h"
  42 #include "ACL.h"
  43 #include "client_side.h"
  44 #include "AuthConfig.h"
  45 #include "AuthScheme.h"
  46 #include "AuthUser.h"
  47 #include "HttpReply.h"
  48 #include "HttpRequest.h"
  49
  50 /**** PUBLIC FUNCTIONS (ALL GENERIC!)  ****/
  51
  52 int
  53 authenticateActiveSchemeCount(void)
  54 {
  55     int rv = 0;
  56
  57     for (authConfig::iterator i = Config.authConfiguration.begin(); i != Config.authConfiguration.end(); ++i)
  58         if ((*i)->configured())
  59             ++rv;
  60
  61     debugs(29, 9, "authenticateActiveSchemeCount: " << rv << " active.");
  62
  63     return rv;
  64 }
  65
  66 int
  67 authenticateSchemeCount(void)
  68 {
  69     int rv = AuthScheme::Schemes().size();
  70
  71     debugs(29, 9, "authenticateSchemeCount: " << rv << " active.");
  72
  73     return rv;
  74 }
  75
  76 static void
  77 authenticateRegisterWithCacheManager(authConfig * config)
  78 {
  79     for (authConfig::iterator i = config->begin(); i != config->end(); ++i) {
  80         AuthConfig *scheme = *i;
  81         scheme->registerWithCacheManager();
  82     }
  83 }
  84
  85 void
  86 authenticateInit(authConfig * config)
  87 {
  88     for (authConfig::iterator i = config->begin(); i != config->end(); ++i) {
  89         AuthConfig *scheme = *i;
  90
  91         if (scheme->configured())
  92             scheme->init(scheme);
  93     }
  94
  95     if (!proxy_auth_username_cache)
  96         AuthUser::cacheInit();
  97     else
  98         AuthUser::CachedACLsReset();
  99
 100     authenticateRegisterWithCacheManager(&Config.authConfiguration);
 101 }
 102
 103 void
 104 authenticateShutdown(void)
 105 {
 106     debugs(29, 2, "authenticateShutdown: shutting down auth schemes");
 107     /* free the cache if we are shutting down */
 108
 109     if (shutting_down) {
 110         hashFreeItems(proxy_auth_username_cache, AuthUserHashPointer::removeFromCache);
 111         AuthScheme::FreeAll();
 112     } else {
 113         for (AuthScheme::const_iterator i = AuthScheme::Schemes().begin(); i != AuthScheme::Schemes().end(); ++i)
 114             (*i)->done();
 115     }
 116 }
 117
 118 /**
 119  \retval 0 not in use
 120  \retval ? in use
 121  */
 122 int
 123 authenticateAuthUserInuse(AuthUser * auth_user)
 124 {
 125     assert(auth_user != NULL);
 126     return auth_user->references;
 127 }
 128
 129 void
 130 authenticateAuthUserMerge(AuthUser * from, AuthUser * to)
 131 {
 132     to->absorb (from);
 133 }
 134
 135 /**
 136  * Cleans all config-dependent data from the auth_user cache.
 137  \note It DOES NOT Flush the user cache.
 138  */
 139 void
 140 authenticateUserCacheRestart(void)
 141 {
 142     AuthUserHashPointer *usernamehash;
 143     AuthUser *auth_user;
 144     debugs(29, 3, HERE << "Clearing config dependent cache data.");
 145     hash_first(proxy_auth_username_cache);
 146
 147     while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
 148         auth_user = usernamehash->user();
 149         debugs(29, 5, "authenticateUserCacheRestat: Clearing cache ACL results for user: " << auth_user->username());
 150     }
 151 }
 152
 153
 154 void
 155 AuthUserHashPointer::removeFromCache(void *usernamehash_p)
 156 {
 157     AuthUserHashPointer *usernamehash = static_cast<AuthUserHashPointer *>(usernamehash_p);
 158     AuthUser *auth_user = usernamehash->auth_user;
 159
 160     if ((authenticateAuthUserInuse(auth_user) - 1))
 161         debugs(29, 1, "AuthUserHashPointer::removeFromCache: entry in use - not freeing");
 162
 163     auth_user->unlock();
 164
 165     /** \todo change behaviour - we remove from the auth user list here, and then unlock, and the
 166      * delete ourselves.
 167      */
 168 }
 169
 170 AuthUserHashPointer::AuthUserHashPointer(AuthUser * anAuth_user):
 171         auth_user(anAuth_user)
 172 {
 173     key = (void *)anAuth_user->username();
 174     next = NULL;
 175     hash_join(proxy_auth_username_cache, (hash_link *) this);
 176
 177     /** lock for presence in the cache */
 178     auth_user->lock();
 179 }
 180
 181 AuthUser *
 182 AuthUserHashPointer::user() const
 183 {
 184     return auth_user;
 185 }