/*
- * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
+ * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Credentials may be found in one of the following locations (listed by order of preference):
* - the source passed as parameter aUR
* - cached in the HttpRequest parameter from a previous authentication of this request
- * - cached in the ConnStateData paremeter from a previous authentication of this connection
+ * - cached in the ConnStateData parameter from a previous authentication of this connection
* (only applies to some situations. ie NTLM, Negotiate, Kerberos auth schemes,
* or decrypted SSL requests from inside an authenticated CONNECT tunnel)
* - cached in the user credentials cache from a previous authentication of the same credentials
static AuthAclState tryToAuthenticateAndSetAuthUser(UserRequest::Pointer *aUR, Http::HdrType, HttpRequest *, ConnStateData *, Ip::Address &, AccessLogEntry::Pointer &);
/// Add the appropriate [Proxy-]Authenticate header to the given reply
- static void addReplyAuthHeader(HttpReply * rep, UserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated, int internal);
+ static void AddReplyAuthHeader(HttpReply * rep, UserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated, int internal);
/** Start an asynchronous helper lookup to verify the user credentials
*
*/
void start(HttpRequest *request, AccessLogEntry::Pointer &al, AUTHCB *handler, void *data);
- char const * denyMessage(char const * const default_message = NULL);
+ char const * denyMessage(char const * const default_message = NULL) const;
- /** Possibly overrideable in future */
+ /** Possibly overridable in future */
void setDenyMessage(char const *);
- /** Possibly overrideable in future */
- char const * getDenyMessage();
+ /** Possibly overridable in future */
+ char const * getDenyMessage() const;
/**
* Squid does not make assumptions about where the username is stored.
const char *helperRequestKeyExtras(HttpRequest *, AccessLogEntry::Pointer &al);
+ /// Sets the reason of 'authentication denied' helper response.
+ void denyMessageFromHelper(char const *proto, const Helper::Reply &reply);
+
protected:
/**
* The scheme-specific actions to be performed when sending helper lookup.
/* AuthUserRequest */
-/// \ingroup AuthAPI
-void authenticateFixHeader(HttpReply *, Auth::UserRequest::Pointer, HttpRequest *, int, int);
-/// \ingroup AuthAPI
-void authenticateAddTrailer(HttpReply *, Auth::UserRequest::Pointer, HttpRequest *, int);
-
/// \ingroup AuthAPI
void authenticateAuthUserRequestRemoveIp(Auth::UserRequest::Pointer, Ip::Address const &);
/// \ingroup AuthAPI