Support concurrency channels in Digest authentication helpers

All bundled digest helpers will now automatically detect the existence
of a concurrecy channel-ID and adjust responses appropriately.

The auth_param children concurrency= parameter can now be set to any
valid value without needing to alter the helper binary. This resolves
issues upgrading to default-on concurrency on the digest auth interface.

diff --git a/helpers/digest_auth/LDAP/digest_common.h b/helpers/digest_auth/LDAP/digest_common.h
index 1c288188ea199558afaa3415af45c872bd2c2d0a..5852f0df9e942ebda4951713e58e7d2b0e0e315a 100644 (file)
--- a/helpers/digest_auth/LDAP/digest_common.h
+++ b/helpers/digest_auth/LDAP/digest_common.h
@@ -32,6 +32,7 @@
 #include "util.h"
 
 typedef struct _request_data {
+    int channelId;
     char *user;
     char *realm;
     char *password;

diff --git a/helpers/digest_auth/LDAP/digest_pw_auth.cc b/helpers/digest_auth/LDAP/digest_pw_auth.cc
index 0dd29c9ddcdbfd567e8ce38db3d0e0080e850f14..170c1bad3d76da9fce780fbd94bd6253c513ade0 100644 (file)
--- a/helpers/digest_auth/LDAP/digest_pw_auth.cc
+++ b/helpers/digest_auth/LDAP/digest_pw_auth.cc
@@ -49,6 +49,14 @@ ParseBuffer(char *buf, RequestData * requestData)
     requestData->parsed = 0;
     if ((p = strchr(buf, '\n')) != NULL)
         *p = '\0';             /* strip \n */
+
+    p = NULL;
+    requestData->channelId = strtoll(buf, &p, 10);
+    if (*p != ' ') // not a channel-ID
+        requestData->channelId = -1;
+    else
+        buf = ++p;
+
     if ((requestData->user = strtok(buf, "\"")) == NULL)
         return;
     if ((requestData->realm = strtok(NULL, "\"")) == NULL)
@@ -63,6 +71,8 @@ OutputHHA1(RequestData * requestData)
 {
     requestData->error = 0;
     GetHHA1(requestData);
+    if (requestData->channelId >= 0)
+        printf("%u ", requestData->channelId);
     if (requestData->error) {
         SEND_ERR("message=\"No such user\"");
         return;
@@ -76,6 +86,8 @@ DoOneRequest(char *buf)
     RequestData requestData;
     ParseBuffer(buf, &requestData);
     if (!requestData.parsed) {
+        if (requestData.channelId >= 0)
+            printf("%u ", requestData.channelId);
         SEND_BH("message=\"Invalid line received\"");
         return;
     }

diff --git a/helpers/digest_auth/eDirectory/digest_common.h b/helpers/digest_auth/eDirectory/digest_common.h
index bbad836a4c26eac4520b46e19e95766f0ccd87a2..bae9428f38ae2808c178c04e3773aace83d1c2a5 100644 (file)
--- a/helpers/digest_auth/eDirectory/digest_common.h
+++ b/helpers/digest_auth/eDirectory/digest_common.h
@@ -35,6 +35,7 @@
 #include "util.h"
 
 typedef struct _request_data {
+    int channelId;
     char *user;
     char *realm;
     char *password;

diff --git a/helpers/digest_auth/eDirectory/digest_pw_auth.cc b/helpers/digest_auth/eDirectory/digest_pw_auth.cc
index 2640ac8dbaf3b3dd8d5d03fe545a3eb620f8ffc6..72bedbe7823487b3350aacecea72f0b258e0276e 100644 (file)
--- a/helpers/digest_auth/eDirectory/digest_pw_auth.cc
+++ b/helpers/digest_auth/eDirectory/digest_pw_auth.cc
@@ -49,6 +49,14 @@ ParseBuffer(char *buf, RequestData * requestData)
     requestData->parsed = 0;
     if ((p = strchr(buf, '\n')) != NULL)
         *p = '\0';             /* strip \n */
+
+    p = NULL;
+    requestData->channelId = strtoll(buf, &p, 10);
+    if (*p != ' ') // not a channel-ID
+        requestData->channelId = -1;
+    else
+        buf = ++p;
+
     if ((requestData->user = strtok(buf, "\"")) == NULL)
         return;
     if ((requestData->realm = strtok(NULL, "\"")) == NULL)
@@ -63,6 +71,8 @@ OutputHHA1(RequestData * requestData)
 {
     requestData->error = 0;
     GetHHA1(requestData);
+    if (requestData->channelId >= 0)
+        printf("%u ", requestData->channelId);
     if (requestData->error) {
         SEND_ERR("message=\"No such user\"");
         return;
@@ -76,6 +86,8 @@ DoOneRequest(char *buf)
     RequestData requestData;
     ParseBuffer(buf, &requestData);
     if (!requestData.parsed) {
+        if (requestData.channelId >= 0)
+            printf("%u ", requestData.channelId);
         SEND_BH("message=\"Invalid line received\"");
         return;
     }

diff --git a/helpers/digest_auth/file/digest_common.h b/helpers/digest_auth/file/digest_common.h
index 41258faa6a26f0b4cdaeb7213e7636e10db2f437..e210f7bf2d79a1627dc6fa71c7bc39764899c86c 100644 (file)
--- a/helpers/digest_auth/file/digest_common.h
+++ b/helpers/digest_auth/file/digest_common.h
@@ -27,6 +27,7 @@
 #endif
 
 typedef struct _request_data {
+    int channelId;
     char *user;
     char *realm;
     char *password;

diff --git a/helpers/digest_auth/file/digest_file_auth.8 b/helpers/digest_auth/file/digest_file_auth.8
index 3342ef81bd165f497dfcf00683d8e3c2b6c330fd..ef9191694479303dab292df4675a59b58627d9fc 100644 (file)
--- a/helpers/digest_auth/file/digest_file_auth.8
+++ b/helpers/digest_auth/file/digest_file_auth.8
@@ -5,7 +5,7 @@
 .if !'po4a'hide' \-
 File based digest authentication helper for Squid.
 .PP
-Version 1.0
+Version 1.1
 .
 .SH SYNOPSIS
 .if !'po4a'hide' .B digest_file_auth
@@ -17,6 +17,9 @@ file
 is an installed binary authentication program for Squid. It handles digest 
 authentication protocol and authenticates against a text file backend.
 .
+This program will automatically detect the existence of a concurrecy channel-ID and adjust appropriately.
+It may be used with any value 0 or above for the auth_param children concurrency= parameter.
+.
 .SH OPTIONS
 .if !'po4a'hide' .TP 12
 .if !'po4a'hide' .B \-c

diff --git a/helpers/digest_auth/file/digest_file_auth.cc b/helpers/digest_auth/file/digest_file_auth.cc
index 0839ffe32e0fc688705eff89c95e672769de64e6..3eb59e23ffb015c8155ae9b11dab86b2fecd9827 100644 (file)
--- a/helpers/digest_auth/file/digest_file_auth.cc
+++ b/helpers/digest_auth/file/digest_file_auth.cc
@@ -51,6 +51,14 @@ ParseBuffer(char *buf, RequestData * requestData)
     requestData->parsed = 0;
     if ((p = strchr(buf, '\n')) != NULL)
         *p = '\0';             /* strip \n */
+
+    p = NULL;
+    requestData->channelId = strtoll(buf, &p, 10);
+    if (*p != ' ') // not a channel-ID
+        requestData->channelId = -1;
+    else
+        buf = ++p;
+
     if ((requestData->user = strtok(buf, "\"")) == NULL)
         return;
     if ((requestData->realm = strtok(NULL, "\"")) == NULL)
@@ -65,6 +73,8 @@ OutputHHA1(RequestData * requestData)
 {
     requestData->error = 0;
     GetHHA1(requestData);
+    if (requestData->channelId >= 0)
+        printf("%u ", requestData->channelId);
     if (requestData->error) {
         SEND_ERR("message=\"No such user\"");
         return;
@@ -78,6 +88,8 @@ DoOneRequest(char *buf)
     RequestData requestData;
     ParseBuffer(buf, &requestData);
     if (!requestData.parsed) {
+        if (requestData.channelId >= 0)
+            printf("%u ", requestData.channelId);
         SEND_BH("message=\"Invalid line received\"");
         return;
     }