From: Francesco Chemolli <kinkie@squid-cache.org>
Date: Thu, 3 Sep 2015 16:38:01 +0000 (+0200)
Subject: Convert NTLM to new cache
X-Git-Tag: SQUID_4_0_1~21^2~33
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=33e622d7e35c556e4aadb2c4d91361da96b1e2cc;p=thirdparty%2Fsquid.git

Convert NTLM to new cache
---

diff --git a/src/auth/negotiate/UserRequest.cc b/src/auth/negotiate/UserRequest.cc
index 8c44f21146..2aa42f1f2c 100644
--- a/src/auth/negotiate/UserRequest.cc
+++ b/src/auth/negotiate/UserRequest.cc
@@ -338,7 +338,12 @@ Auth::Negotiate::UserRequest::HandleReply(void *data, const Helper::Reply &reply
         if (!cached_user) {
             local_auth_user->addToNameCache();
         } else {
+            /* we can't seamlessly recheck the username due to the
+             * challenge-response nature of the protocol.
+             * Just free the temporary auth_user after merging as
+             * much of it new state into the existing one as possible */
             cached_user->absorb(local_auth_user);
+            /* from here on we are working with the original cached credentials. */
             local_auth_user = cached_user;
             auth_user_request->user(local_auth_user);
         }
diff --git a/src/auth/ntlm/UserRequest.cc b/src/auth/ntlm/UserRequest.cc
index 40fe619d54..caf9e65921 100644
--- a/src/auth/ntlm/UserRequest.cc
+++ b/src/auth/ntlm/UserRequest.cc
@@ -9,7 +9,9 @@
 #include "squid.h"
 #include "AccessLogEntry.h"
 #include "auth/ntlm/Config.h"
+#include "auth/ntlm/User.h"
 #include "auth/ntlm/UserRequest.h"
+#include "auth/UserNameCache.h"
 #include "auth/State.h"
 #include "cbdata.h"
 #include "client_side.h"
@@ -326,23 +328,19 @@ Auth::Ntlm::UserRequest::HandleReply(void *data, const Helper::Reply &reply)
         /* connection is authenticated */
         debugs(29, 4, HERE << "authenticated user " << auth_user_request->user()->username());
         /* see if this is an existing user */
-        AuthUserHashPointer *usernamehash = static_cast<AuthUserHashPointer *>(hash_lookup(proxy_auth_username_cache, auth_user_request->user()->userKey()));
-        Auth::User::Pointer local_auth_user = lm_request->user();
-        while (usernamehash && (usernamehash->user()->auth_type != Auth::AUTH_NTLM ||
-                                strcmp(usernamehash->user()->userKey(), auth_user_request->user()->userKey()) != 0))
-            usernamehash = static_cast<AuthUserHashPointer *>(usernamehash->next);
-        if (usernamehash) {
+        auto local_auth_user = lm_request->user();
+        auto cached_user = Auth::Ntlm::User::Cache()->lookup(auth_user_request->user()->SBUserKey());
+        if (!cached_user) {
+            local_auth_user->addToNameCache();
+        } else {
             /* we can't seamlessly recheck the username due to the
              * challenge-response nature of the protocol.
              * Just free the temporary auth_user after merging as
              * much of it new state into the existing one as possible */
-            usernamehash->user()->absorb(local_auth_user);
+            cached_user->absorb(local_auth_user);
             /* from here on we are working with the original cached credentials. */
-            local_auth_user = usernamehash->user();
+            local_auth_user = cached_user;
             auth_user_request->user(local_auth_user);
-        } else {
-            /* store user in hash's */
-            local_auth_user->addToNameCache();
         }
         /* set these to now because this is either a new login from an
          * existing user or a new user */