/*
- * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
+ * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
#include "cache_cf.h"
#include "client_side.h"
#include "helper.h"
+#include "http/Stream.h"
#include "HttpHeaderTools.h"
#include "HttpReply.h"
#include "HttpRequest.h"
#include "Store.h"
#include "wordlist.h"
-/**
- \defgroup AuthNegotiateInternal Negotiate Authenticator Internals
- \ingroup AuthNegotiateAPI
- */
-
-/* Negotiate Scheme */
static AUTHSSTATS authenticateNegotiateStats;
-/// \ingroup AuthNegotiateInternal
statefulhelper *negotiateauthenticators = NULL;
-/// \ingroup AuthNegotiateInternal
static int authnegotiate_initialised = 0;
-/// \ingroup AuthNegotiateInternal
static hash_table *proxy_auth_cache = NULL;
void
void
Auth::Negotiate::Config::done()
{
- Auth::Config::done();
+ Auth::SchemeConfig::done();
authnegotiate_initialised = 0;
debugs(29, DBG_IMPORTANT, "Reconfigure: Negotiate authentication configuration cleared.");
}
-bool
-Auth::Negotiate::Config::dump(StoreEntry * entry, const char *name, Auth::Config * scheme) const
-{
- if (!Auth::Config::dump(entry, name, scheme))
- return false;
-
- storeAppendPrintf(entry, "%s negotiate keep_alive %s\n", name, keep_alive ? "on" : "off");
- return true;
-}
-
-Auth::Negotiate::Config::Config() : keep_alive(1)
-{ }
-
-void
-Auth::Negotiate::Config::parse(Auth::Config * scheme, int n_configured, char *param_str)
-{
- if (strcmp(param_str, "program") == 0) {
- if (authenticateProgram)
- wordlistDestroy(&authenticateProgram);
-
- parse_wordlist(&authenticateProgram);
-
- requirePathnameExists("auth_param negotiate program", authenticateProgram->key);
- } else if (strcmp(param_str, "keep_alive") == 0) {
- parse_onoff(&keep_alive);
- } else
- Auth::Config::parse(scheme, n_configured, param_str);
-}
-
const char *
Auth::Negotiate::Config::type() const
{
* Called AFTER parsing the config file
*/
void
-Auth::Negotiate::Config::init(Auth::Config * scheme)
+Auth::Negotiate::Config::init(Auth::SchemeConfig *)
{
if (authenticateProgram) {
return false;
}
-/* Negotiate Scheme */
-
void
-Auth::Negotiate::Config::fixHeader(Auth::UserRequest::Pointer auth_user_request, HttpReply *rep, http_hdr_type reqType, HttpRequest * request)
+Auth::Negotiate::Config::fixHeader(Auth::UserRequest::Pointer auth_user_request, HttpReply *rep, Http::HdrType reqType, HttpRequest * request)
{
if (!authenticateProgram)
return;
* tied to it, even if MAYBE the client could handle it - Kinkie */
rep->header.delByName("keep-alive");
request->flags.proxyKeepalive = false;
- /* fall through */
+ /* fall through */
case Auth::Ok:
/* Special case: authentication finished OK but disallowed by ACL.
static void
authenticateNegotiateStats(StoreEntry * sentry)
{
- helperStatefulStats(sentry, negotiateauthenticators, "Negotiate Authenticator Statistics");
+ if (negotiateauthenticators)
+ negotiateauthenticators->packStatsInto(sentry, "Negotiate Authenticator Statistics");
}
/*
* Auth_user structure.
*/
Auth::UserRequest::Pointer
-Auth::Negotiate::Config::decode(char const *proxy_auth, const char *aRequestRealm)
+Auth::Negotiate::Config::decode(char const *proxy_auth, const HttpRequest *, const char *aRequestRealm)
{
- Auth::Negotiate::User *newUser = new Auth::Negotiate::User(Auth::Config::Find("negotiate"), aRequestRealm);
+ Auth::Negotiate::User *newUser = new Auth::Negotiate::User(Auth::SchemeConfig::Find("negotiate"), aRequestRealm);
Auth::UserRequest *auth_user_request = new Auth::Negotiate::UserRequest();
assert(auth_user_request->user() == NULL);
auth_user_request->user(newUser);
auth_user_request->user()->auth_type = Auth::AUTH_NEGOTIATE;
+ auth_user_request->user()->BuildUserKey(proxy_auth, aRequestRealm);
+
/* all we have to do is identify that it's Negotiate - the helper does the rest */
debugs(29, 9, HERE << "decode Negotiate authentication");
return auth_user_request;
}
+
projects / thirdparty / squid.git / blobdiff