From 6393a23e57103e5bfc60864f5d43037b409d7028 Mon Sep 17 00:00:00 2001 From: Frank Schmirler Date: Mon, 28 Mar 2011 05:31:28 -0600 Subject: [PATCH] Bug 2330: AuthUser objects are never unlocked This is a partial port of the Buug 2305 auth fixes. These changes involve combining the auth operation state links to credentials data such that the shared code can lock/unlock them properly. --- src/auth/basic/auth_basic.cc | 2 +- src/auth/basic/auth_basic.h | 8 -------- src/auth/digest/auth_digest.cc | 2 +- src/auth/digest/auth_digest.h | 6 ------ src/auth/negotiate/auth_negotiate.cc | 3 +-- src/auth/negotiate/auth_negotiate.h | 9 --------- src/auth/ntlm/auth_ntlm.cc | 3 +-- src/auth/ntlm/auth_ntlm.h | 9 --------- 8 files changed, 4 insertions(+), 38 deletions(-) diff --git a/src/auth/basic/auth_basic.cc b/src/auth/basic/auth_basic.cc index bc67847427..3c64eeff26 100644 --- a/src/auth/basic/auth_basic.cc +++ b/src/auth/basic/auth_basic.cc @@ -122,7 +122,7 @@ AuthBasicConfig::type() const return basicScheme::GetInstance().type(); } -AuthBasicUserRequest::AuthBasicUserRequest() : _theUser(NULL) +AuthBasicUserRequest::AuthBasicUserRequest() {} AuthBasicUserRequest::~AuthBasicUserRequest() diff --git a/src/auth/basic/auth_basic.h b/src/auth/basic/auth_basic.h index 26001b57a6..ceea91d1db 100644 --- a/src/auth/basic/auth_basic.h +++ b/src/auth/basic/auth_basic.h @@ -95,14 +95,6 @@ public: virtual void authenticate(HttpRequest * request, ConnStateData *conn, http_hdr_type type); virtual int module_direction(); virtual void module_start(RH *, void *); - virtual AuthUser *user() {return _theUser;} - - virtual const AuthUser *user() const {return _theUser;} - - virtual void user (AuthUser *aUser) {_theUser=dynamic_cast(aUser);} - -private: - BasicUser *_theUser; }; MEMPROXY_CLASS_INLINE(AuthBasicUserRequest); diff --git a/src/auth/digest/auth_digest.cc b/src/auth/digest/auth_digest.cc index 16a3fec297..f619160ddc 100644 --- a/src/auth/digest/auth_digest.cc +++ b/src/auth/digest/auth_digest.cc @@ -1446,7 +1446,7 @@ AuthDigestUserRequest::credentials(CredentialsState newCreds) AuthDigestUserRequest::AuthDigestUserRequest() : nonceb64(NULL) ,cnonce(NULL) ,realm(NULL), pszPass(NULL) ,algorithm(NULL) ,pszMethod(NULL), qop(NULL) ,uri(NULL) ,response(NULL), - nonce(NULL), _theUser (NULL) , + nonce(NULL), credentials_ok (Unchecked) {} diff --git a/src/auth/digest/auth_digest.h b/src/auth/digest/auth_digest.h index 1002e5b7b3..897bf05015 100644 --- a/src/auth/digest/auth_digest.h +++ b/src/auth/digest/auth_digest.h @@ -70,11 +70,6 @@ public: #endif virtual void module_start(RH *, void *); - virtual AuthUser *user() {return _theUser;} - - virtual const AuthUser *user() const {return _theUser;} - - virtual void user(AuthUser *aUser) {_theUser=dynamic_cast(aUser);} CredentialsState credentials() const; void credentials(CredentialsState); @@ -100,7 +95,6 @@ public: digest_nonce_h *nonce; private: - DigestUser *_theUser; CredentialsState credentials_ok; }; diff --git a/src/auth/negotiate/auth_negotiate.cc b/src/auth/negotiate/auth_negotiate.cc index c9a71cec58..de0ff19a95 100644 --- a/src/auth/negotiate/auth_negotiate.cc +++ b/src/auth/negotiate/auth_negotiate.cc @@ -758,8 +758,7 @@ AuthNegotiateUserRequest::authenticate(HttpRequest * aRequest, ConnStateData * c } AuthNegotiateUserRequest::AuthNegotiateUserRequest() : - /*conn(NULL),*/ auth_state(AUTHENTICATE_STATE_NONE), - _theUser(NULL) + /*conn(NULL),*/ auth_state(AUTHENTICATE_STATE_NONE) { waiting=0; client_blob=0; diff --git a/src/auth/negotiate/auth_negotiate.h b/src/auth/negotiate/auth_negotiate.h index e28f518e52..b08b79f45d 100644 --- a/src/auth/negotiate/auth_negotiate.h +++ b/src/auth/negotiate/auth_negotiate.h @@ -72,14 +72,9 @@ public: virtual int module_direction(); virtual void onConnectionClose(ConnStateData *); virtual void module_start(RH *, void *); - virtual AuthUser *user() {return _theUser;} - - virtual const AuthUser *user() const {return _theUser;} virtual void addHeader(HttpReply * rep, int accel); - virtual void user (AuthUser *aUser) {_theUser=dynamic_cast(aUser);} - virtual const char * connLastHeader(); /*we need to store the helper server between requests */ @@ -102,10 +97,6 @@ public: /* need access to the request flags to mess around on pconn failure */ HttpRequest *request; - -private: - /* the user */ - NegotiateUser * _theUser; }; MEMPROXY_CLASS_INLINE(AuthNegotiateUserRequest); diff --git a/src/auth/ntlm/auth_ntlm.cc b/src/auth/ntlm/auth_ntlm.cc index 42b16d019b..4afd447faa 100644 --- a/src/auth/ntlm/auth_ntlm.cc +++ b/src/auth/ntlm/auth_ntlm.cc @@ -676,8 +676,7 @@ AuthNTLMUserRequest::authenticate(HttpRequest * aRequest, ConnStateData * conn, } AuthNTLMUserRequest::AuthNTLMUserRequest() : - /*conn(NULL),*/ auth_state(AUTHENTICATE_STATE_NONE), - _theUser(NULL) + /*conn(NULL),*/ auth_state(AUTHENTICATE_STATE_NONE) { waiting=0; client_blob=0; diff --git a/src/auth/ntlm/auth_ntlm.h b/src/auth/ntlm/auth_ntlm.h index e26cba6018..0b2426a06f 100644 --- a/src/auth/ntlm/auth_ntlm.h +++ b/src/auth/ntlm/auth_ntlm.h @@ -60,11 +60,6 @@ public: virtual int module_direction(); virtual void onConnectionClose(ConnStateData *); virtual void module_start(RH *, void *); - virtual AuthUser *user() {return _theUser;} - - virtual const AuthUser *user() const {return _theUser;} - - virtual void user (AuthUser *aUser) {_theUser=dynamic_cast(aUser);} virtual const char * connLastHeader(); @@ -88,10 +83,6 @@ public: /* need access to the request flags to mess around on pconn failure */ HttpRequest *request; - -private: - /* the user */ - NTLMUser * _theUser; }; MEMPROXY_CLASS_INLINE(AuthNTLMUserRequest); -- 2.47.2