/*
- * $Id: auth_basic.cc,v 1.1 2001/01/07 23:36:43 hno Exp $
+ * $Id: auth_basic.cc,v 1.2 2001/01/10 00:24:39 hno Exp $
*
* DEBUG: section 29 Authenticator
* AUTHOR: Duane Wessels
void
authBasicDone(void)
{
-// memPoolDestroy(ufs_state_pool);
if (basicauthenticators)
helperShutdown(basicauthenticators);
authbasic_initialised = 0;
int
authenticateBasicActive()
{
-#if 0
- if (authbasic_initialised)
- return 1;
- else
- return 0;
-#endif
if ((basicConfig != NULL) && (basicConfig->authenticate != NULL) &&
(basicConfig->authenticateChildren != 0) && (basicConfig->basicAuthRealm != NULL))
return 1;
static void
authenticateBasicAuthenticateUser(auth_user_request_t * auth_user_request, request_t * request, ConnStateData * conn, http_hdr_type type)
{
-#if 0
- auth_user_hash_pointer *usernamehash, *proxy_auth_hash = NULL;
-#endif
auth_user_t *auth_user;
basic_data *basic_auth;
-#if 0
-//, *temp_auth;
- const char *proxy_auth;
-#endif
assert(auth_user_request->auth_user != NULL);
auth_user = auth_user_request->auth_user;
debug(29, 4) ("authBasicAuthenticate: credentials expired - rechecking\n");
return;
}
-#if 0
- /* get the header. */
- proxy_auth = httpHeaderGetStr(&request->header, type);
-#endif
/* we have been through the external helper, and the credentials haven't expired */
debug(29, 9) ("authenticateBasicAuthenticateuser: user '%s' authenticated\n",
basic_auth->username);
/* Decode now takes care of finding the auth_user struct in the cache */
-#if 0
- /* see if this is an existing user with a different proxy_auth string */
- if ((usernamehash = hash_lookup(proxy_auth_username_cache,
- basic_auth->username))) {
- while ((usernamehash->auth_user->auth_type != auth_user->auth_type) &&
- (usernamehash->next) &&
- !authenticateBasiccmpUsername(usernamehash->auth_user->scheme_data, basic_auth))
- usernamehash = usernamehash->next;
- if (usernamehash->auth_user->auth_type == auth_user->auth_type) {
- /*
- * add another link from the new proxy_auth to the
- * auth_user structure and update the information */
- assert(proxy_auth_hash == NULL);
- authenticateProxyAuthCacheAddLink(proxy_auth, usernamehash->auth_user);
- /* maybe the p/w changed. update in the old structure */
- temp_auth = usernamehash->auth_user->scheme_data;
- xfree(temp_auth->passwd);
- temp_auth->passwd = basic_auth->passwd;
- basic_auth->passwd = NULL;
- /* and remove the temporary structure */
- authenticateAuthUserUnlock(auth_user);
-#if 0
- authenticateFreeProxyAuthUser(auth_user);
-#endif
- auth_user = usernamehash->auth_user;
- /* and reference the existing basic data structure */
- basic_auth = auth_user->scheme_data;
- /* lock the structure for this request */
- authenticateAuthUserLock(auth_user);
- }
- } else {
- /* store user in hash's */
- authenticateUserNameCacheAdd(auth_user);
- authenticateProxyAuthCacheAddLink(proxy_auth, auth_user);
- }
- /* auth_user is now linked, we reset these values */
-#endif
/* after external auth occurs anyway */
auth_user->expiretime = current_time.tv_sec;
auth_user->ip_expiretime = squid_curtime;
xfree(node);
node = tmpnode;
}
-#if 0
- if (valid)
- r->handler(r->data, reply);
-#endif
authenticateStateFree(r);
}
authenticateAuthUserLock(auth_user);
node = dlinkNodeNew();
dlinkAdd(auth_user_request, node, &auth_user->requests);
-#if 0
- xfree(local_basic.username);
-#endif
}
-#if 0
- memPoolFree(basic_data_pool, basic_auth);
- auth_user->scheme_data = NULL;
-#endif
return;
} else {
local_basic.passwd = xstrndup(cleartext, USER_IDENT_SZ);
/*
- * $Id: auth_ntlm.cc,v 1.2 2001/01/08 19:36:27 hno Exp $
+ * $Id: auth_ntlm.cc,v 1.3 2001/01/10 00:24:39 hno Exp $
*
* DEBUG: section 29 NTLM Authenticator
* AUTHOR: Robert Collins
void
authNTLMDone(void)
{
-// memPoolDestroy(ufs_state_pool);
-
if (ntlmauthenticators)
helperStatefulShutdown(ntlmauthenticators);
authntlm_initialised = 0;
void
authSchemeSetup_ntlm(authscheme_entry_t * authscheme)
{
-#if 0
- static int ntlminit = 0;
-#endif
assert(!authntlm_initialised);
authscheme->Active = authenticateNTLMActive;
authscheme->parse = authNTLMParse;
static stateful_helper_callback_t
authenticateNTLMHandleReply(void *data, void *lastserver, char *reply)
{
-#if 0
- authenticateStatefulStateData *r = data;
-#endif
authenticateStateData *r = data;
ntlm_helper_state_t *helperstate;
int valid;
stateful_helper_callback_t result = S_HELPER_UNKNOWN;
-#if 0
- void *nextserver = NULL;
-#endif
char *t = NULL;
auth_user_request_t *auth_user_request;
auth_user_t *auth_user;
reply += 3;
/* we have been given a Challenge */
/* we should check we weren't given an empty challenge */
-#if 0
- result = S_HELPER_RESERVE;
-#endif
/* copy the challenge to the state data */
helperstate = helperStatefulServerGetData(lastserver);
if (helperstate == NULL)
ntlm_request = auth_user_request->scheme_data;
assert(ntlm_request != NULL);
result = S_HELPER_DEFER;
-#if 0
- nextserver = lastserver;
-#endif
debug(29, 9) ("authenticateNTLMHandleReply: helper '%d'\n", lastserver);
assert(ntlm_request->auth_state == AUTHENTICATE_STATE_NEGOTIATE);
-// auth_user->auth_data.ntlm_auth.auth_state = AUTHENTICATE_STATE_CHALLENGE;
ntlm_request->authhelper = lastserver;
ntlm_request->authchallenge = xstrndup(reply, NTLM_CHALLENGE_SZ + 5);
} else if (strncasecmp(reply, "AF ", 3) == 0) {
return result;
}
-#if 0
-static void
-authenticateNTLMStateFree(authenticateNTLMStateData * r)
-{
- cbdataFree(r);
-}
-
-#endif
-
static void
authenticateNTLMStats(StoreEntry * sentry)
{
static void
authenticateNTLMStart(auth_user_request_t * auth_user_request, RH * handler, void *data)
{
-#if 0
- authenticateStatefulStateData *r = NULL;
-#endif
authenticateStateData *r = NULL;
helper_stateful_server *server;
ntlm_helper_state_t *helperstate;
debug(29, 9) ("authenticateNTLMStart: '%s'\n", sent_string);
if (ntlmConfig->authenticate == NULL) {
debug(29, 0) ("authenticateNTLMStart: no NTLM program specified:'%s'\n", sent_string);
-// handler(data,0, NULL);
handler(data, NULL);
return;
}
return 0;
}
-#if 0
-static acl_proxy_auth_user *
-authenticateNTLMAuthenticateUser(void *data, const char *proxy_auth, ConnStateData * conn)
-#else
static void
authenticateNTLMAuthenticateUser(auth_user_request_t * auth_user_request, request_t * request, ConnStateData * conn, http_hdr_type type)
-#endif
{
const char *proxy_auth;
auth_user_hash_pointer *usernamehash, *proxy_auth_hash = NULL;
authenticateAuthUserMerge(auth_user, usernamehash->auth_user);
auth_user = usernamehash->auth_user;
auth_user_request->auth_user = auth_user;
-#if 0
- conn->auth_user = auth_user;
-#endif
}
} else {
/* store user in hash's */
break;
case AUTHENTICATE_STATE_DONE:
fatal("authenticateNTLMAuthenticateUser: unexpect auth state DONE! Report a bug to the squid developers.\n");
-#if 0 /* done in acl.c */
- case AUTHENTICATE_STATE_DONE:
- debug(28, 5) ("aclMatchProxyAuth: connection in state Done. using connection credentials for the request. \n");
- /* is it working right? */
- assert(checklist->auth_user == NULL);
- assert(checklist->conn->auth_user != NULL);
- /* we have a valid username. */
- auth_user = checklist->conn->auth_user;
- /* store the username in the request for logging */
- xstrncpy(checklist->request->authuser,
- auth_user->auth_data.ntlm_auth.username,
- USER_IDENT_SZ);
- if (auth_user->expiretime + Config.authenticateTTL > current_time.tv_sec
- ) {
- auth_user->expiretime = current_time.tv_sec;
- } else {
- //user passed externa; authentication in every case to get here. f.
- Let it through
- } /* we don't unlock the auth_user until the connection is dropped. Thank
- * MS for this quirk. */ if (authenticateCheckAuthUserIP(checklist->src_addr, auth_user)) {
- /* Once the match is completed we have finished with the
- * auth_user structure */
- /* check to see if we have matched the user-acl before */
- return aclCacheMatchAcl(&auth_user->proxy_match_cache, acltype,
- data, auth_user->auth_data.ntlm_auth.username);
- } else {
- return 0;
- }
- break;
-#endif
}
return;