From: hno <> Date: Thu, 22 Mar 2001 06:41:10 +0000 (+0000) Subject: 21 mar 2001 Robert Collins X-Git-Tag: SQUID_3_0_PRE1~1564 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f2afa96a18b774acfa6e1b6069f287e5a6dabad1;p=thirdparty%2Fsquid.git 21 mar 2001 Robert Collins * auth/ntlm/helpers/NTLMSSP/ntlm_auth.c: Send error details within the squid-helper protocol (Kinkie) * auth/basic/auth_basic.c: Cleanup multiple requests when credentials recieved (Rob) * acl.c: Use the connection credentials when testing for authentication status. (This fixes a recently introduced bug with persistent NTLM connections). (Rob) --- diff --git a/helpers/ntlm_auth/SMB/ntlm_auth.c b/helpers/ntlm_auth/SMB/ntlm_auth.c index fe10e9232d..496ded9ef2 100644 --- a/helpers/ntlm_auth/SMB/ntlm_auth.c +++ b/helpers/ntlm_auth/SMB/ntlm_auth.c @@ -110,7 +110,7 @@ send_bh_or_ld(char *bhmessage, ntlm_authenticate * failedauth, int authlen) SEND("NA last-ditch on, but no credentials"); } } else { - SEND(bhmessage); + SEND2("NA %s", bhmessage); } } diff --git a/src/acl.cc b/src/acl.cc index bbd20c86e5..f6e5f4b190 100644 --- a/src/acl.cc +++ b/src/acl.cc @@ -1,6 +1,6 @@ /* - * $Id: acl.cc,v 1.251 2001/03/10 00:55:36 hno Exp $ + * $Id: acl.cc,v 1.252 2001/03/21 23:41:10 hno Exp $ * * DEBUG: section 28 Access Control * AUTHOR: Duane Wessels @@ -1213,7 +1213,7 @@ aclMatchProxyAuth(void *data, http_hdr_type headertype, * so we test for an authenticated connection when we recieve no authentication * header. */ - if (((proxy_auth == NULL) && (!authenticateUserAuthenticated(auth_user_request))) + if (((proxy_auth == NULL) && (!authenticateUserAuthenticated(auth_user_request ? auth_user_request : checklist->conn->auth_user_request))) || (checklist->conn->auth_type == AUTH_BROKEN)) { /* no header or authentication failed/got corrupted - restart */ checklist->conn->auth_type = AUTH_UNKNOWN; diff --git a/src/auth/basic/auth_basic.cc b/src/auth/basic/auth_basic.cc index c0208ad2ba..46546bd8d2 100644 --- a/src/auth/basic/auth_basic.cc +++ b/src/auth/basic/auth_basic.cc @@ -1,6 +1,6 @@ /* - * $Id: auth_basic.cc,v 1.7 2001/03/03 10:39:36 hno Exp $ + * $Id: auth_basic.cc,v 1.8 2001/03/21 23:41:13 hno Exp $ * * DEBUG: section 29 Authenticator * AUTHOR: Duane Wessels @@ -261,7 +261,7 @@ authenticateBasicHandleReply(void *data, char *reply) authenticateStateData *r = data; auth_user_t *auth_user; basic_data *basic_auth; - auth_basic_queue_node *node, *tmpnode; + auth_basic_queue_node *tmpnode; int valid; char *t = NULL; debug(29, 9) ("authenticateBasicHandleReply: {%s}\n", reply ? reply : ""); @@ -284,15 +284,14 @@ authenticateBasicHandleReply(void *data, char *reply) if (valid) r->handler(r->data, NULL); cbdataUnlock(r->data); - node = basic_auth->auth_queue; - while (node) { - tmpnode = node->next; - valid = cbdataValid(node->data); + while (basic_auth->auth_queue) { + tmpnode = basic_auth->auth_queue->next; + valid = cbdataValid(basic_auth->auth_queue->data); if (valid) - node->handler(node->data, NULL); - cbdataUnlock(node->data); - xfree(node); - node = tmpnode; + basic_auth->auth_queue->handler(basic_auth->auth_queue->data, NULL); + cbdataUnlock(basic_auth->auth_queue->data); + xfree(basic_auth->auth_queue); + basic_auth->auth_queue = tmpnode; } authenticateStateFree(r); } @@ -324,6 +323,7 @@ authBasicParse(authScheme * scheme, int n_configured, char *param_str) memset(scheme->scheme_data, 0, sizeof(auth_basic_config)); basicConfig = scheme->scheme_data; basicConfig->authenticateChildren = 5; + basicConfig->credentialsTTL = 2 * 60 * 60; /* two hours */ } basicConfig = scheme->scheme_data; if (strcasecmp(param_str, "program") == 0) {