/*
- * $Id: ACLChecklist.cc,v 1.21 2004/12/20 16:30:32 robertc Exp $
+ * $Id: ACLChecklist.cc,v 1.22 2004/12/20 17:35:58 robertc Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
}
/* get authed here */
- /* Note: this fills in auth_user_request when applicable */
+ /* Note: this fills in auth_user_request when applicable (auth incomplete)*/
switch (AuthUserRequest::tryToAuthenticateAndSetAuthUser (&auth_user_request, headertype, request, conn(), src_addr)) {
case AUTH_ACL_CANNOT_AUTHENTICATE:
return 0;
case AUTH_AUTHENTICATED:
+
+ if (auth_user_request) {
+ auth_user_request->unlock();
+ auth_user_request = NULL;
+ }
+
return 1;
break;
PF *callback_;
void *cbdata_;
debug(28, 3) ("ACLChecklist::checkCallback: %p answer=%d\n", this, answer);
- /* During reconfigure, we can end up not finishing call
- * sequences into the auth code */
-
- if (auth_user_request) {
- /* the checklist lock */
- auth_user_request->unlock();
- /* it might have been connection based */
- assert(conn().getRaw() != NULL);
- conn()->auth_user_request = NULL;
- conn()->auth_type = AUTH_BROKEN;
- auth_user_request = NULL;
- }
callback_ = callback;
callback = NULL;
if (extacl_entry)
cbdataReferenceDone(extacl_entry);
+ /* During reconfigure or if authentication is used in aclCheckFast without
+ * first being authenticated in http_access we can end up not finishing call
+ * sequences into the auth code. In such case we must make sure to forget
+ * the authentication state completely
+ */
+ if (auth_user_request) {
+ /* the checklist lock */
+ auth_user_request->unlock();
+ /* it might have been connection based */
+ assert(conn().getRaw() != NULL);
+ conn()->auth_user_request = NULL;
+ conn()->auth_type = AUTH_BROKEN;
+ auth_user_request = NULL;
+ }
+
if (request)
requestUnlink(request);
/*
- * $Id: AuthUserRequest.cc,v 1.1 2004/08/30 03:28:56 robertc Exp $
+ * $Id: AuthUserRequest.cc,v 1.2 2004/12/20 17:35:58 robertc Exp $
*
* DO NOT MODIFY NEXT 2 LINES:
* arch-tag: 6803fde1-d5a2-4c29-9034-1c0c9f650eb4
if (t && t->lastReply != AUTH_ACL_CANNOT_AUTHENTICATE
&& t->lastReply != AUTH_ACL_HELPER)
{
- if (!*auth_user_request)
+ if (!*auth_user_request) {
*auth_user_request = t;
+ (*auth_user_request)->lock()
+
+ ;
+ //TODO: check if needed. If there's a leak, it is not
+ }
+
+ if (!request->auth_user_request) {
+ request->auth_user_request=t;
+
+ request->auth_user_request->lock()
+
+ ;
+ }
+
return t->lastReply;
}
/*
- * $Id: auth_ntlm.cc,v 1.44 2004/12/20 16:30:40 robertc Exp $
+ * $Id: auth_ntlm.cc,v 1.45 2004/12/20 17:35:58 robertc Exp $
*
* DEBUG: section 29 NTLM Authenticator
* AUTHOR: Robert Collins
static void
authenticateStateFree(authenticateStateData * r)
{
+ r->auth_user_request->unlock();
+ r->auth_user_request = NULL;
cbdataFree(r);
}
r->data = cbdataReference(data);
r->auth_user_request = this;
+ lock()
+
+ ; /* locking myself */
+
if (server == NULL) {
helperStatefulSubmit(ntlmauthenticators, NULL, authenticateNTLMHandleplaceholder, r, NULL);
} else {
r->handler = handler;
r->data = cbdataReference(data);
r->auth_user_request = this;
+
+ lock()
+
+ ;
snprintf(buf, 8192, "KK %s\n", sent_string);
+
/* getting rid of deferred request status */
authserver_deferred = 0;
+
helperStatefulSubmit(ntlmauthenticators, buf, authenticateNTLMHandleReply, r, authserver);
+
debug(29, 9) ("authenticateNTLMstart: finished\n");
+
break;
default:
/*
- * $Id: client_side_reply.cc,v 1.78 2004/12/20 16:30:35 robertc Exp $
+ * $Id: client_side_reply.cc,v 1.79 2004/12/20 17:35:58 robertc Exp $
*
* DEBUG: section 88 Client-side Reply Routines
* AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c)
acl_size_t *l = Config.ReplyBodySize;
ACLChecklist *ch;
+ if (http->logType == LOG_TCP_DENIED)
+ return;
+
ch = clientAclChecklistCreate(NULL, http);
+
ch->reply = reply;
for (l = Config.ReplyBodySize; l; l = l -> next) {