*/
virtual bool configured() const = 0;
+ /**
+ * Shutdown just the auth helpers.
+ * For use by log rotate etc. where auth needs to stay running, with the helpers restarted.
+ */
+ virtual void rotateHelpers(void) = 0;
+
/**
* Responsible for writing to the StoreEntry the configuration parameters that a user
* would put in a config file to recreate the running configuration.
}
void
-authenticateShutdown(void)
+authenticateRotate(void)
{
- debugs(29, 2, HERE << "Shutting down auth schemes");
- /* free the cache if we are shutting down */
- if (shutting_down) {
- hash_first(proxy_auth_username_cache);
- AuthUserHashPointer *usernamehash;
- while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
- debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username());
- hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash);
- delete usernamehash;
- }
- AuthScheme::FreeAll();
- } else {
- for (AuthScheme::iterator i = (AuthScheme::GetSchemes()).begin(); i != (AuthScheme::GetSchemes()).end(); ++i)
- (*i)->done();
+ for (Auth::authConfig::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
+ if ((*i)->configured())
+ (*i)->rotateHelpers();
+}
+
+void
+authenticateReset(void)
+{
+ debugs(29, 2, HERE << "Reset authentication State.");
+
+ /* free all username cache entries */
+ hash_first(proxy_auth_username_cache);
+ AuthUserHashPointer *usernamehash;
+ while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
+ debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username());
+ hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash);
+ delete usernamehash;
}
+
+ /* schedule shutdown of the helpers */
+ authenticateRotate();
+
+ /* free current global config details too. */
+ Auth::TheConfig.clean();
}
AuthUserHashPointer::AuthUserHashPointer(AuthUser::Pointer anAuth_user):
/// \ingroup AuthAPI
extern void authenticateInit(Auth::authConfig *);
-/// \ingroup AuthAPI
-extern void authenticateShutdown(void);
+
+/** \ingroup AuthAPI
+ * Remove all idle authentication state. Intended for use by reconfigure.
+ *
+ * Removes the username cache contents and global configuration state.
+ * Stops just short of detaching the auth components completely.
+ *
+ * Currently active requests should finish. Howevee new requests will not use
+ * authentication unless something causes the global config to be rebuilt.
+ * Such as a configure load action adding config and re-running authenticateInit().
+ */
+extern void authenticateReset(void);
+
+extern void authenticateRotate(void);
/// \ingroup AuthAPI
extern void authenticateFreeProxyAuthUserACLResults(void *data);
}
}
+void
+AuthBasicConfig::rotateHelpers()
+{
+ /* schedule closure of existing helpers */
+ if (basicauthenticators) {
+ helperShutdown(basicauthenticators);
+ }
+
+ /* NP: dynamic helper restart will ensure they start up again as needed. */
+}
+
/** shutdown the auth helpers and free any allocated configuration details */
void
AuthBasicConfig::done()
bool valid() const;
void makeLoggingInstance(AuthUserRequest::Pointer auth_user_request);
-#if 0
- AuthUser::Pointer makeCachedFrom();
-#endif
+
/** Update the cached password for a username. */
void updateCached(BasicUser *from);
virtual int32_t ttl() const;
virtual bool configured() const;
virtual AuthUserRequest::Pointer decode(char const *proxy_auth);
virtual void done();
+ virtual void rotateHelpers();
virtual void dump(StoreEntry *, const char *, AuthConfig *);
virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *);
virtual void init(AuthConfig *);
return NULL;
}
+void
+AuthDigestConfig::rotateHelpers()
+{
+ /* schedule closure of existing helpers */
+ if (digestauthenticators) {
+ helperShutdown(digestauthenticators);
+ }
+
+ /* NP: dynamic helper restart will ensure they start up again as needed. */
+}
+
+
/** delete the digest request structure. Does NOT delete related structures */
void
digestScheme::done()
virtual bool configured() const;
virtual AuthUserRequest::Pointer decode(char const *proxy_auth);
virtual void done();
+ virtual void rotateHelpers();
virtual void dump(StoreEntry *, const char *, AuthConfig *);
virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *);
virtual void init(AuthConfig *);
*
*/
+void
+AuthNegotiateConfig::rotateHelpers()
+{
+ /* schedule closure of existing helpers */
+ if (negotiateauthenticators) {
+ helperStatefulShutdown(negotiateauthenticators);
+ }
+
+ /* NP: dynamic helper restart will ensure they start up again as needed. */
+}
+
void
AuthNegotiateConfig::done()
{
virtual bool configured() const;
virtual AuthUserRequest::Pointer decode(char const *proxy_auth);
virtual void done();
+ virtual void rotateHelpers();
virtual void dump(StoreEntry *, const char *, AuthConfig *);
virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *);
virtual void init(AuthConfig *);
*
*/
+void
+AuthNTLMConfig::rotateHelpers()
+{
+ /* schedule closure of existing helpers */
+ if (ntlmauthenticators) {
+ helperStatefulShutdown(ntlmauthenticators);
+ }
+
+ /* NP: dynamic helper restart will ensure they start up again as needed. */
+}
+
/* free any allocated configuration details */
void
AuthNTLMConfig::done()
virtual bool configured() const;
virtual AuthUserRequest::Pointer decode(char const *proxy_auth);
virtual void done();
+ virtual void rotateHelpers();
virtual void dump(StoreEntry *, const char *, AuthConfig *);
virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *);
virtual void init(AuthConfig *);
WIN32_svcstatusupdate(SERVICE_STOP_PENDING, (wait + 1) * 1000);
#endif
+ /* run the closure code which can be shared with reconfigure */
serverConnectionsClose();
+
+ /* detach the auth components (only do this on full shutdown) */
+ AuthScheme::FreeAll();
+
eventAdd("SquidShutdown", &StopEventLoop, this, (double) (wait + 1), 1, false);
}
#endif
redirectShutdown();
- authenticateShutdown(); /* destroys any unused auth schemas */
- InitAuthSchemes(); /* create new ones required for config parsing */
-
+ authenticateReset();
externalAclShutdown();
storeDirCloseSwapLogs();
storeLogClose();
dnsShutdown();
#endif
redirectShutdown();
-
- /* TODO: should only terminate the helpers they are using. nothing else. */
- authenticateShutdown(); /* destroys any unused auth schemas */
- InitAuthSchemes(); /* create new ones required for config parsing */
-
+ authenticateRotate();
externalAclShutdown();
_db_rotate_log(); /* cache.log */
DelayPools::FreePools();
#endif
- authenticateShutdown();
+ authenticateReset();
#if USE_WIN32_SERVICE
WIN32_svcstatusupdate(SERVICE_STOP_PENDING, 10000);