From: Amos Jeffries Date: Sat, 17 Apr 2010 10:38:50 +0000 (+1200) Subject: Merge from trunk X-Git-Tag: SQUID_3_2_0_1~167^2~27 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=74d45fa5faa00b3385d940951ff4cee8d1ca5ac9;p=thirdparty%2Fsquid.git Merge from trunk --- 74d45fa5faa00b3385d940951ff4cee8d1ca5ac9 diff --cc src/CompositePoolNode.h index 6318c8233b,c8b4649f80..826b148cce --- a/src/CompositePoolNode.h +++ b/src/CompositePoolNode.h @@@ -75,8 -76,8 +75,8 @@@ public public: CompositeSelectionDetails() {} - IpAddress src_addr; + Ip::Address src_addr; - AuthUserRequest *user; + AuthUserRequest::Pointer user; String tag; }; diff --cc src/HttpRequest.h index bd26f3e9ec,27c9600f9d..4e78882aea --- a/src/HttpRequest.h +++ b/src/HttpRequest.h @@@ -148,9 -149,9 +148,9 @@@ private #endif public: - IpAddress host_addr; + Ip::Address host_addr; - AuthUserRequest *auth_user_request; + AuthUserRequest::Pointer auth_user_request; u_short port; diff --cc src/Makefile.am index 88f93ab971,554fbde823..5f7981ff0d --- a/src/Makefile.am +++ b/src/Makefile.am @@@ -753,23 -753,23 +753,23 @@@ DEFS += -DDEFAULT_CONFIG_FILE=\"$(DEFAU snmp_core.o snmp_agent.o: ../snmplib/libsnmp.a $(top_srcdir)/include/cache_snmp.h globals.cc: globals.h mk-globals-c.awk - $(AWK) -f $(srcdir)/mk-globals-c.awk < $(srcdir)/globals.h > $@ + $(AWK) -f $(srcdir)/mk-globals-c.awk < $(srcdir)/globals.h > $@ || $(RM) -f $@ -## Generate files containing strng arrays for various enums.... +## Generate files containing string arrays for various enums.... hier_code.cc: hier_code.h mk-string-arrays.awk - $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/hier_code.h > $@ + $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/hier_code.h > $@ || $(RM) -f $@ err_type.cc: err_type.h mk-string-arrays.awk - $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/err_type.h > $@ + $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/err_type.h > $@ || $(RM) -f $@ lookup_t.cc: lookup_t.h mk-string-arrays.awk - $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/lookup_t.h > $@ + $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/lookup_t.h > $@ || $(RM) -f $@ icp_opcode.cc: icp_opcode.h mk-string-arrays.awk - $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/icp_opcode.h > $@ + $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/icp_opcode.h > $@ || $(RM) -f $@ swap_log_op.cc: swap_log_op.h mk-string-arrays.awk - $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/swap_log_op.h > $@ + $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/swap_log_op.h > $@ || $(RM) -f $@ ## other generated files... diff --cc src/auth/AclMaxUserIp.cc index 571268726a,c447271b1a..20e9d22f54 --- a/src/auth/AclMaxUserIp.cc +++ b/src/auth/AclMaxUserIp.cc @@@ -112,7 -112,7 +112,7 @@@ ACLMaxUserIP::parse( * 1 : Match */ int - ACLMaxUserIP::match(AuthUserRequest::Pointer auth_user_request, IpAddress const &src_addr) -ACLMaxUserIP::match(AuthUserRequest * auth_user_request, Ip::Address const &src_addr) ++ACLMaxUserIP::match(AuthUserRequest::Pointer auth_user_request, Ip::Address const &src_addr) { /* * the logic for flush the ip list when the limit is hit vs keep diff --cc src/auth/AclMaxUserIp.h index feb45428c9,ad8ade8995..35a62feafe --- a/src/auth/AclMaxUserIp.h +++ b/src/auth/AclMaxUserIp.h @@@ -68,7 -69,7 +68,7 @@@ private static Prototype RegistryProtoype; static ACLMaxUserIP RegistryEntry_; - int match(AuthUserRequest::Pointer, IpAddress const &); - int match(AuthUserRequest *, Ip::Address const &); ++ int match(AuthUserRequest::Pointer, Ip::Address const &); char const *class_; int maximum; diff --cc src/auth/User.cc index d8732ea09f,c95ab0db75..65caa3d5cb --- a/src/auth/User.cc +++ b/src/auth/User.cc @@@ -42,9 -42,8 +42,9 @@@ #include "acl/Gadgets.h" #include "event.h" #include "SquidTime.h" +#include "Store.h" - #ifndef _USE_INLINE_ + #if !_USE_INLINE_ #include "auth/User.cci" #endif @@@ -305,9 -240,9 +305,9 @@@ AuthUser::clearIp( } void - AuthUser::removeIp(IpAddress ipaddr) + AuthUser::removeIp(Ip::Address ipaddr) { - auth_user_ip_t *ipdata = (auth_user_ip_t *) ip_list.head; + AuthUserIP *ipdata = (AuthUserIP *) ip_list.head; while (ipdata) { /* walk the ip list */ @@@ -328,12 -263,12 +328,12 @@@ } void - AuthUser::addIp(IpAddress ipaddr) + AuthUser::addIp(Ip::Address ipaddr) { - auth_user_ip_t *ipdata = (auth_user_ip_t *) ip_list.head; + AuthUserIP *ipdata = (AuthUserIP *) ip_list.head; int found = 0; - CBDATA_INIT_TYPE(auth_user_ip_t); + CBDATA_INIT_TYPE(AuthUserIP); /* * we walk the entire list to prevent the first item in the list diff --cc src/auth/User.h index 72ebdffe61,1f38e40aac..47e4654d1d --- a/src/auth/User.h +++ b/src/auth/User.h @@@ -83,40 -84,21 +83,40 @@@ public virtual ~AuthUser(); _SQUID_INLINE_ char const *username() const; _SQUID_INLINE_ void username(char const *); + + /** + * How long these credentials are still valid for. + * Negative numbers means already expired. + */ + virtual int32_t ttl() const = 0; + + /* Manage list of IPs using this username */ void clearIp(); - void removeIp(IpAddress); - void addIp(IpAddress); + void removeIp(Ip::Address); + void addIp(Ip::Address); - _SQUID_INLINE_ void addRequest(AuthUserRequest *); - void lock(); - void unlock(); +#if USER_REQUEST_LOOP_DEAD +protected: + /* manage list of active authentication requests for this username */ + /** the auth_user_request structures that link to this. Yes it could be a splaytree + * but how many requests will a single username have in parallel? */ + dlink_list requests; + + /* AYJ: why? do we need this here? it forms the core of a circular refcount. */ + +public: + _SQUID_INLINE_ void addRequest(AuthUserRequest::Pointer); + _SQUID_INLINE_ void doneRequest(AuthUserRequest::Pointer); +#endif /* USER_REQUEST_LOOP_DEAD */ void addToNameCache(); + static void UsernameCacheStats(StoreEntry * output); protected: - AuthUser (AuthConfig *); + AuthUser(AuthConfig *); private: - static void cacheCleanup (void *unused); + static void cacheCleanup(void *unused); /** * DPW 2007-05-08 diff --cc src/auth/UserRequest.cc index c514ca54eb,f936e1016f..830ed008c2 --- a/src/auth/UserRequest.cc +++ b/src/auth/UserRequest.cc @@@ -179,9 -200,9 +179,9 @@@ AuthUserRequest::denyMessage(char cons } static void - authenticateAuthUserRequestSetIp(AuthUserRequest::Pointer auth_user_request, IpAddress &ipaddr) -authenticateAuthUserRequestSetIp(AuthUserRequest * auth_user_request, Ip::Address &ipaddr) ++authenticateAuthUserRequestSetIp(AuthUserRequest::Pointer auth_user_request, Ip::Address &ipaddr) { - AuthUser *auth_user = auth_user_request->user(); + AuthUser::Pointer auth_user = auth_user_request->user(); if (!auth_user) return; @@@ -190,9 -211,9 +190,9 @@@ } void - authenticateAuthUserRequestRemoveIp(AuthUserRequest::Pointer auth_user_request, IpAddress const &ipaddr) -authenticateAuthUserRequestRemoveIp(AuthUserRequest * auth_user_request, Ip::Address const &ipaddr) ++authenticateAuthUserRequestRemoveIp(AuthUserRequest::Pointer auth_user_request, Ip::Address const &ipaddr) { - AuthUser *auth_user = auth_user_request->user(); + AuthUser::Pointer auth_user = auth_user_request->user(); if (!auth_user) return; @@@ -306,8 -327,8 +306,8 @@@ authTryGetUser(AuthUserRequest::Pointe * * Caller is responsible for locking and unlocking their *auth_user_request! */ -auth_acl_t -AuthUserRequest::authenticate(AuthUserRequest ** auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr) +AuthAclState - AuthUserRequest::authenticate(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, IpAddress &src_addr) ++AuthUserRequest::authenticate(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr) { const char *proxy_auth; assert(headertype != 0); @@@ -475,18 -501,21 +475,18 @@@ return AUTH_AUTHENTICATED; } -auth_acl_t - -AuthUserRequest::tryToAuthenticateAndSetAuthUser(AuthUserRequest ** auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr) +AuthAclState - AuthUserRequest::tryToAuthenticateAndSetAuthUser(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, IpAddress &src_addr) ++AuthUserRequest::tryToAuthenticateAndSetAuthUser(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr) { /* If we have already been called, return the cached value */ - AuthUserRequest *t = authTryGetUser (auth_user_request, conn, request); + AuthUserRequest::Pointer t = authTryGetUser(*auth_user_request, conn, request); - if (t && t->lastReply != AUTH_ACL_CANNOT_AUTHENTICATE - && t->lastReply != AUTH_ACL_HELPER) { - if (!*auth_user_request) + if (t != NULL && t->lastReply != AUTH_ACL_CANNOT_AUTHENTICATE && t->lastReply != AUTH_ACL_HELPER) { + if (*auth_user_request == NULL) *auth_user_request = t; - if (!request->auth_user_request && t->lastReply == AUTH_AUTHENTICATED) { + if (request->auth_user_request == NULL && t->lastReply == AUTH_AUTHENTICATED) { request->auth_user_request = t; - AUTHUSERREQUESTLOCK(request->auth_user_request, "request"); } return t->lastReply; } diff --cc src/auth/UserRequest.h index cfc6a945ac,a08066626e..c8dad5cdfc --- a/src/auth/UserRequest.h +++ b/src/auth/UserRequest.h @@@ -113,14 -102,14 +113,14 @@@ public */ virtual void module_start(RH *handler, void *data) = 0; - virtual AuthUser *user() {return _auth_user;} + virtual AuthUser::Pointer user() {return _auth_user;} - virtual const AuthUser *user() const {return _auth_user;} + virtual const AuthUser::Pointer user() const {return _auth_user;} - virtual void user(AuthUser *aUser) {_auth_user=aUser;} + virtual void user(AuthUser::Pointer aUser) {_auth_user=aUser;} - static AuthAclState tryToAuthenticateAndSetAuthUser(AuthUserRequest::Pointer *, http_hdr_type, HttpRequest *, ConnStateData *, IpAddress &); - static auth_acl_t tryToAuthenticateAndSetAuthUser(AuthUserRequest **, http_hdr_type, HttpRequest *, ConnStateData *, Ip::Address &); - static void addReplyAuthHeader(HttpReply * rep, AuthUserRequest * auth_user_request, HttpRequest * request, int accelerated, int internal); ++ static AuthAclState tryToAuthenticateAndSetAuthUser(AuthUserRequest::Pointer *, http_hdr_type, HttpRequest *, ConnStateData *, Ip::Address &); + static void addReplyAuthHeader(HttpReply * rep, AuthUserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated, int internal); AuthUserRequest(); @@@ -153,7 -146,7 +153,7 @@@ private: - static AuthAclState authenticate(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, IpAddress &src_addr); - static auth_acl_t authenticate(AuthUserRequest ** auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr); ++ static AuthAclState authenticate(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr); /** return a message on the 407 error pages */ char *message; @@@ -168,20 -164,26 +168,20 @@@ /* AuthUserRequest */ -/** - \ingroup AuthAPI - \deprecated Use AuthUserRequest::refCount() instead. - */ -extern size_t authenticateRequestRefCount (AuthUserRequest *); - /// \ingroup AuthAPI -extern void authenticateFixHeader(HttpReply *, AuthUserRequest *, HttpRequest *, int, int); +extern void authenticateFixHeader(HttpReply *, AuthUserRequest::Pointer, HttpRequest *, int, int); /// \ingroup AuthAPI -extern void authenticateAddTrailer(HttpReply *, AuthUserRequest *, HttpRequest *, int); +extern void authenticateAddTrailer(HttpReply *, AuthUserRequest::Pointer, HttpRequest *, int); /// \ingroup AuthAPI - extern void authenticateAuthUserRequestRemoveIp(AuthUserRequest::Pointer, IpAddress const &); -extern void authenticateAuthUserRequestRemoveIp(AuthUserRequest *, Ip::Address const &); ++extern void authenticateAuthUserRequestRemoveIp(AuthUserRequest::Pointer, Ip::Address const &); /// \ingroup AuthAPI -extern void authenticateAuthUserRequestClearIp(AuthUserRequest *); +extern void authenticateAuthUserRequestClearIp(AuthUserRequest::Pointer); /// \ingroup AuthAPI -extern int authenticateAuthUserRequestIPCount(AuthUserRequest *); +extern int authenticateAuthUserRequestIPCount(AuthUserRequest::Pointer); /// \ingroup AuthAPI /// \deprecated Use AuthUserRequest::direction() instead. -extern int authenticateDirection(AuthUserRequest *); +extern int authenticateDirection(AuthUserRequest::Pointer); /// \ingroup AuthAPI /// See AuthUserRequest::authenticated() diff --cc src/client_side_reply.cc index 23c71908b5,6962571c13..7e60fb5192 --- a/src/client_side_reply.cc +++ b/src/client_side_reply.cc @@@ -94,10 -95,11 +95,10 @@@ clientReplyContext::clientReplyContext( void clientReplyContext::setReplyToError( err_type err, http_status status, const HttpRequestMethod& method, char const *uri, - IpAddress &addr, HttpRequest * failedrequest, const char *unparsedrequest, + Ip::Address &addr, HttpRequest * failedrequest, const char *unparsedrequest, - AuthUserRequest * auth_user_request) + AuthUserRequest::Pointer auth_user_request) { - ErrorState *errstate = - clientBuildError(err, status, uri, addr, failedrequest); + ErrorState *errstate = clientBuildError(err, status, uri, addr, failedrequest); if (unparsedrequest) errstate->request_hdrs = xstrdup(unparsedrequest); diff --cc src/client_side_reply.h index 1bee5ced9a,760c86255e..51e2a6434c --- a/src/client_side_reply.h +++ b/src/client_side_reply.h @@@ -72,7 -72,7 +72,7 @@@ public int storeOKTransferDone() const; int storeNotOKTransferDone() const; - void setReplyToError(err_type, http_status, const HttpRequestMethod&, char const *, IpAddress &, HttpRequest *, const char *, AuthUserRequest::Pointer); - void setReplyToError(err_type, http_status, const HttpRequestMethod&, char const *, Ip::Address &, HttpRequest *, const char *, AuthUserRequest *); ++ void setReplyToError(err_type, http_status, const HttpRequestMethod&, char const *, Ip::Address &, HttpRequest *, const char *, AuthUserRequest::Pointer); void createStoreEntry(const HttpRequestMethod& m, request_flags flags); void removeStoreReference(store_client ** scp, StoreEntry ** ep); void removeClientStoreReference(store_client **scp, ClientHttpRequest *http); diff --cc src/tests/testAuth.h index 406fdbfb44,44086e760a..dfd442f483 --- a/src/tests/testAuth.h +++ b/src/tests/testAuth.h @@@ -47,8 -47,7 +47,8 @@@ protected void construction(); }; - #ifdef HAVE_AUTH_MODULE_BASIC + #if HAVE_AUTH_MODULE_BASIC +#include "auth/basic/basicUserRequest.h" class testAuthBasicUserRequest : public CPPUNIT_NS::TestFixture { CPPUNIT_TEST_SUITE( testAuthBasicUserRequest ); @@@ -64,8 -63,7 +64,8 @@@ protected }; #endif - #ifdef HAVE_AUTH_MODULE_DIGEST + #if HAVE_AUTH_MODULE_DIGEST +#include "auth/digest/digestUserRequest.h" class testAuthDigestUserRequest : public CPPUNIT_NS::TestFixture { CPPUNIT_TEST_SUITE( testAuthDigestUserRequest ); @@@ -81,8 -79,7 +81,8 @@@ protected }; #endif - #ifdef HAVE_AUTH_MODULE_NTLM + #if HAVE_AUTH_MODULE_NTLM +#include "auth/ntlm/ntlmUserRequest.h" class testAuthNTLMUserRequest : public CPPUNIT_NS::TestFixture { CPPUNIT_TEST_SUITE( testAuthNTLMUserRequest ); @@@ -98,8 -95,7 +98,8 @@@ protected }; #endif - #ifdef HAVE_AUTH_MODULE_NEGOTIATE + #if HAVE_AUTH_MODULE_NEGOTIATE +#include "auth/negotiate/negotiateUserRequest.h" class testAuthNegotiateUserRequest : public CPPUNIT_NS::TestFixture { CPPUNIT_TEST_SUITE( testAuthNegotiateUserRequest );