git.ipfire.org Git - thirdparty/squid.git/commit

author	Amos Jeffries <squid3@treenet.co.nz>
	Sat, 13 Aug 2011 15:53:38 +0000 (09:53 -0600)
committer	Amos Jeffries <squid3@treenet.co.nz>
	Sat, 13 Aug 2011 15:53:38 +0000 (09:53 -0600)
commit	7dfddb79cf546639f6b2ccdbd171b02cd03e5a2c
tree	6ac777ce2cc49f6ece4f71af73981ec3adfd0bc4	tree \| snapshot
parent	8baf6ea32b94d5d6426065fdcfe00716bc9b4b69	commit \| diff

Support extended authentication states to ACL results

Support sub-states of authentication to be sent as results from ACLs.
This allows future work to resolve issues around cases such as expired
but known credentials being used in fast category access controls.

The new authentication states are:
  ACCESS_AUTH_OK
    - equivalent to ACCESS_ALLOWED

  ACCESS_AUTH_REQUIRED
    - Missing Credentials. Used to be ACCESS_REQ_PROXY_AUTH

  ACCESS_AUTH_EXPIRED_OK
    - Expired now. Were Okay.

  ACCESS_AUTH_EXPIRED_BAD
    - Expired now. Were Failed.

Also converts cases of ACCESS_REQ_PROXY_AUTH to the new name.

As yet no attempt is made to alter auth or access control logics to use
the new states.

src/acl/Acl.h		diff \| blob \| blame \| history
src/adaptation/AccessCheck.cc		diff \| blob \| blame \| history
src/auth/AclProxyAuth.cc		diff \| blob \| blame \| history
src/client_side_request.cc		diff \| blob \| blame \| history