From: wessels <> Date: Wed, 15 Jul 1998 04:28:08 +0000 (+0000) Subject: Fixes to proxy-auth stuff, mostly to get the user name logged in X-Git-Tag: SQUID_3_0_PRE1~3090 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=def67559ab8087b07c15d3a7db544b202822bb98;p=thirdparty%2Fsquid.git Fixes to proxy-auth stuff, mostly to get the user name logged in access.log. --- diff --git a/src/acl.cc b/src/acl.cc index 0aa138ef3b..09c120e1bb 100644 --- a/src/acl.cc +++ b/src/acl.cc @@ -1,6 +1,6 @@ /* - * $Id: acl.cc,v 1.168 1998/07/14 21:29:54 wessels Exp $ + * $Id: acl.cc,v 1.169 1998/07/14 22:28:08 wessels Exp $ * * DEBUG: section 28 Access Control * AUTHOR: Duane Wessels @@ -1116,7 +1116,7 @@ aclMatchIdent(wordlist * data, const char *ident) static int aclMatchProxyAuth(acl_proxy_auth * p, aclCheck_t * checklist) { - LOCAL_ARRAY(char, sent_user, ICP_IDENT_SZ); + LOCAL_ARRAY(char, sent_user, USER_IDENT_SZ); const char *s; char *cleartext; char *sent_auth; @@ -1134,7 +1134,7 @@ aclMatchProxyAuth(acl_proxy_auth * p, aclCheck_t * checklist) cleartext = uudecode(sent_auth); xfree(sent_auth); debug(28, 3) ("aclMatchProxyAuth: cleartext = '%s'\n", cleartext); - xstrncpy(sent_user, cleartext, ICP_IDENT_SZ); + xstrncpy(sent_user, cleartext, USER_IDENT_SZ); xfree(cleartext); if ((passwd = strchr(sent_user, ':')) != NULL) *passwd++ = '\0'; @@ -1143,6 +1143,8 @@ aclMatchProxyAuth(acl_proxy_auth * p, aclCheck_t * checklist) return 0; } debug(28, 5) ("aclMatchProxyAuth: checking user %s\n", sent_user); + /* copy username to checklist for logging on client-side */ + xstrncpy(checklist->request->user_ident, sent_user, USER_IDENT_SZ); /* reread password file if necessary */ aclReadProxyAuth(p); u = hash_lookup(p->hash, sent_user); @@ -1576,7 +1578,7 @@ aclChecklistCreate(const acl_access * A, if (user_agent) xstrncpy(checklist->browser, user_agent, BROWSERNAMELEN); if (ident) - xstrncpy(checklist->ident, ident, ICP_IDENT_SZ); + xstrncpy(checklist->ident, ident, USER_IDENT_SZ); return checklist; } diff --git a/src/client_side.cc b/src/client_side.cc index f758411a64..68fbed66f1 100644 --- a/src/client_side.cc +++ b/src/client_side.cc @@ -1,6 +1,6 @@ /* - * $Id: client_side.cc,v 1.348 1998/07/14 22:18:20 wessels Exp $ + * $Id: client_side.cc,v 1.349 1998/07/14 22:28:10 wessels Exp $ * * DEBUG: section 33 Client-side Routines * AUTHOR: Duane Wessels @@ -162,7 +162,6 @@ clientAccessCheckDone(int answer, void *data) clientHttpRequest *http = data; int page_id = -1; ErrorState *err = NULL; - HttpReply *rep; debug(33, 5) ("clientAccessCheckDone: '%s' answer=%d\n", http->uri, answer); http->acl_checklist = NULL; if (answer == ACCESS_ALLOWED) { @@ -171,14 +170,11 @@ clientAccessCheckDone(int answer, void *data) http->redirect_state = REDIRECT_PENDING; redirectStart(http, clientRedirectDone, http); } else if (answer == ACCESS_REQ_PROXY_AUTH) { - http->al.http.code = HTTP_PROXY_AUTHENTICATION_REQUIRED; http->log_type = LOG_TCP_DENIED; http->entry = clientCreateStoreEntry(http, http->request->method, 0); - /* create appropreate response */ - rep = clientConstructProxyAuthReply(http); - httpReplySwapOut(rep, http->entry); - /* do not need it anymore */ - httpReplyDestroy(rep); + /* create appropriate response */ + http->entry->mem_obj->reply = clientConstructProxyAuthReply(http); + httpReplySwapOut(http->entry->mem_obj->reply, http->entry); storeComplete(http->entry); } else { debug(33, 5) ("Access Denied: %s\n", http->uri); @@ -619,7 +615,10 @@ httpRequestFree(void *data) http->al.cache.size = http->out.size; http->al.cache.code = http->log_type; http->al.cache.msec = tvSubMsec(http->start, current_time); - http->al.cache.ident = conn->ident.ident; + if (request->user_ident[0]) + http->al.cache.ident = request->user_ident; + else + http->al.cache.ident = conn->ident.ident; if (request) { Packer p; MemBuf mb; diff --git a/src/defines.h b/src/defines.h index 82e3b09a0d..9b92828e05 100644 --- a/src/defines.h +++ b/src/defines.h @@ -88,7 +88,7 @@ #define ANONYMIZER_STANDARD 1 #define ANONYMIZER_PARANOID 2 -#define ICP_IDENT_SZ 64 +#define USER_IDENT_SZ 64 #define IDENT_NONE 0 #define IDENT_PENDING 1 #define IDENT_DONE 2 diff --git a/src/ident.cc b/src/ident.cc index 74fe1b281a..787e0fcd30 100644 --- a/src/ident.cc +++ b/src/ident.cc @@ -1,6 +1,6 @@ /* - * $Id: ident.cc,v 1.41 1998/05/30 19:43:11 rousskov Exp $ + * $Id: ident.cc,v 1.42 1998/07/14 22:28:12 wessels Exp $ * * DEBUG: section 30 Ident (RFC 931) * AUTHOR: Duane Wessels @@ -124,7 +124,7 @@ identReadReply(int fd, void *data) if (strstr(buf, "USERID")) { if ((t = strrchr(buf, ':'))) { while (isspace(*++t)); - xstrncpy(connState->ident.ident, t, ICP_IDENT_SZ); + xstrncpy(connState->ident.ident, t, USER_IDENT_SZ); } } } diff --git a/src/structs.h b/src/structs.h index 3cea6a859c..15154fdf17 100644 --- a/src/structs.h +++ b/src/structs.h @@ -139,7 +139,7 @@ struct _aclCheck_t { struct in_addr src_addr; struct in_addr dst_addr; request_t *request; - char ident[ICP_IDENT_SZ]; + char ident[USER_IDENT_SZ]; char browser[BROWSERNAMELEN]; acl_lookup_state state[ACL_ENUM_MAX]; PF *callback; @@ -754,7 +754,7 @@ struct _ConnStateData { struct in_addr log_addr; struct { int fd; - char ident[ICP_IDENT_SZ]; + char ident[USER_IDENT_SZ]; IDCB *callback; int state; void *callback_data; @@ -1123,6 +1123,7 @@ struct _request_t { protocol_t protocol; char login[MAX_LOGIN_SZ]; char host[SQUIDHOSTNAMELEN + 1]; + char user_ident[USER_IDENT_SZ]; /* from proxy auth or ident server */ u_short port; String urlpath; int link_count; /* free when zero */