--------------------- PatchSet 1020 Date: 2000/12/31 15:10:38 Author: rbcollins Branch: auth_rewrite Tag: (none) Log: added a new API function 'authenticated', altered the basic config item to be basicAuthRealm rather than proxyAuthRealm. Members: src/acl.c:1.1.1.3.12.26.2.9->1.1.1.3.12.26.2.10 src/authenticate.c:1.1.1.3.12.17.2.12->1.1.1.3.12.17.2.13 src/cf.data.pre:1.1.1.3.4.1.2.18.2.5->1.1.1.3.4.1.2.18.2.6 src/structs.h:1.1.1.3.4.1.2.26.2.12->1.1.1.3.4.1.2.26.2.13 src/typedefs.h:1.1.1.3.12.13.2.9->1.1.1.3.12.13.2.10 src/auth/basic/auth_basic.c:1.1.2.7->1.1.2.8 Index: squid/src/acl.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/acl.c,v retrieving revision 1.1.1.3.12.26.2.9 retrieving revision 1.1.1.3.12.26.2.10 diff -u -r1.1.1.3.12.26.2.9 -r1.1.1.3.12.26.2.10 --- squid/src/acl.c 11 Dec 2000 23:32:14 -0000 1.1.1.3.12.26.2.9 +++ squid/src/acl.c 31 Dec 2000 15:10:38 -0000 1.1.1.3.12.26.2.10 @@ -1,6 +1,6 @@ /* - * $Id: acl.c,v 1.1.1.3.12.26.2.9 2000/12/11 23:32:14 rbcollins Exp $ + * $Id: acl.c,v 1.1.1.3.12.26.2.10 2000/12/31 15:10:38 rbcollins Exp $ * * DEBUG: section 28 Access Control * AUTHOR: Duane Wessels @@ -1977,7 +1977,10 @@ checklist->conn->auth_type = AUTH_BROKEN; checklist->auth_user = NULL; authenticateAuthUserUnlock(auth_user); +#if 0 +/* This is handled automagically */ authenticateFreeProxyAuthUser(auth_user); +#endif aclCheck(checklist); return; } Index: squid/src/authenticate.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/authenticate.c,v retrieving revision 1.1.1.3.12.17.2.12 retrieving revision 1.1.1.3.12.17.2.13 diff -u -r1.1.1.3.12.17.2.12 -r1.1.1.3.12.17.2.13 --- squid/src/authenticate.c 18 Dec 2000 11:43:40 -0000 1.1.1.3.12.17.2.12 +++ squid/src/authenticate.c 31 Dec 2000 15:10:38 -0000 1.1.1.3.12.17.2.13 @@ -1,6 +1,6 @@ /* - * $Id: authenticate.c,v 1.1.1.3.12.17.2.12 2000/12/18 11:43:40 rbcollins Exp $ + * $Id: authenticate.c,v 1.1.1.3.12.17.2.13 2000/12/31 15:10:38 rbcollins Exp $ * * DEBUG: section 29 Authenticator * AUTHOR: Duane Wessels @@ -164,10 +164,17 @@ int authenticateUserAuthenticated(auth_user_t *auth_user) { assert(authenticateValidateUser(auth_user)); + if (auth_user->auth_module>0) + return authscheme_list[auth_user->auth_module-1].authenticated(auth_user); + else + return 0; +#if 0 + /* Scheme specific tests! naughty! - RBC */ /* if they are in the hash they must be authenticated */ if (auth_user->usernamehash) return 1; debug (29, 7) ("Couldn't find user in cache: assuming not logged in.\n"); return 0; +#endif } /* @@ -435,7 +442,7 @@ } /* free cached acl results */ aclCacheMatchFlush(&u->proxy_match_cache); - if (u->auth_module>0) + if (u->scheme_data && u->auth_module>0) authscheme_list[u->auth_module-1].FreeUser(u); #if 0 switch (u->auth_type) { Index: squid/src/cf.data.pre =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cf.data.pre,v retrieving revision 1.1.1.3.4.1.2.18.2.5 retrieving revision 1.1.1.3.4.1.2.18.2.6 diff -u -r1.1.1.3.4.1.2.18.2.5 -r1.1.1.3.4.1.2.18.2.6 --- squid/src/cf.data.pre 30 Dec 2000 22:48:18 -0000 1.1.1.3.4.1.2.18.2.5 +++ squid/src/cf.data.pre 31 Dec 2000 15:10:38 -0000 1.1.1.3.4.1.2.18.2.6 @@ -1,6 +1,6 @@ # -# $Id: cf.data.pre,v 1.1.1.3.4.1.2.18.2.5 2000/12/30 22:48:18 rbcollins Exp $ +# $Id: cf.data.pre,v 1.1.1.3.4.1.2.18.2.6 2000/12/31 15:10:38 rbcollins Exp $ # # # SQUID Internet Object Cache http://squid.nlanr.net/Squid/ @@ -1869,11 +1869,11 @@ NAME: proxy_auth_realm TYPE: eol DEFAULT: Squid proxy-caching web server -LOC: Config.proxyAuthRealm +LOC: Config.basicAuthRealm DOC_START Specifies the realm name which is to be reported to the client for - proxy authentication (part of the text the user will see when - prompted their username and password). + the basic proxy authentication scheme (part of the text the user will + see when prompted their username and password). DOC_END Index: squid/src/structs.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/structs.h,v retrieving revision 1.1.1.3.4.1.2.26.2.12 retrieving revision 1.1.1.3.4.1.2.26.2.13 diff -u -r1.1.1.3.4.1.2.26.2.12 -r1.1.1.3.4.1.2.26.2.13 --- squid/src/structs.h 13 Dec 2000 01:23:31 -0000 1.1.1.3.4.1.2.26.2.12 +++ squid/src/structs.h 31 Dec 2000 15:10:38 -0000 1.1.1.3.4.1.2.26.2.13 @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.1.1.3.4.1.2.26.2.12 2000/12/13 01:23:31 rbcollins Exp $ + * $Id: structs.h,v 1.1.1.3.4.1.2.26.2.13 2000/12/31 15:10:38 rbcollins Exp $ * * * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ @@ -113,6 +113,7 @@ // STFSPARSE *parsefunc; // AUTHSRECONFIGURE *reconfigurefunc; AUTHSACTIVE *Active; + AUTHSAUTHED *authenticated; AUTHSAUTHUSER *authAuthenticate; AUTHSFIXERR *authFixErrorHeader; AUTHSFREE *FreeUser; @@ -511,7 +512,7 @@ acl_access *redirector; } accessList; acl_deny_info_list *denyInfoList; - char *proxyAuthRealm; + char *basicAuthRealm; struct { size_t list_width; int list_wrap; Index: squid/src/typedefs.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/typedefs.h,v retrieving revision 1.1.1.3.12.13.2.9 retrieving revision 1.1.1.3.12.13.2.10 diff -u -r1.1.1.3.12.13.2.9 -r1.1.1.3.12.13.2.10 --- squid/src/typedefs.h 11 Dec 2000 23:32:15 -0000 1.1.1.3.12.13.2.9 +++ squid/src/typedefs.h 31 Dec 2000 15:10:38 -0000 1.1.1.3.12.13.2.10 @@ -1,6 +1,6 @@ /* - * $Id: typedefs.h,v 1.1.1.3.12.13.2.9 2000/12/11 23:32:15 rbcollins Exp $ + * $Id: typedefs.h,v 1.1.1.3.12.13.2.10 2000/12/31 15:10:38 rbcollins Exp $ * * * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ @@ -291,6 +291,7 @@ /* authenticate.c authenticate scheme routines typedefs */ typedef int AUTHSACTIVE(); +typedef int AUTHSAUTHED(auth_user_t *); typedef auth_user_t * AUTHSAUTHUSER(auth_user_t *, request_t *, ConnStateData *, http_hdr_type); typedef void AUTHSDECODE(auth_user_t *, const char *); typedef int AUTHSDIRECTION(auth_user_t *); Index: squid/src/auth/basic/auth_basic.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/basic/auth_basic.c,v retrieving revision 1.1.2.7 retrieving revision 1.1.2.8 diff -u -r1.1.2.7 -r1.1.2.8 --- squid/src/auth/basic/auth_basic.c 15 Dec 2000 13:52:16 -0000 1.1.2.7 +++ squid/src/auth/basic/auth_basic.c 31 Dec 2000 15:10:39 -0000 1.1.2.8 @@ -51,6 +51,7 @@ static HLPCB authenticateBasicHandleReply; static AUTHSACTIVE authenticateBasicActive; +static AUTHSAUTHED authenticateBasicAuthenticated; static AUTHSAUTHUSER authenticateBasicAuthenticateUser; static AUTHSDIRECTION authenticateBasicDirection; static AUTHSDECODE authenticateBasicDecodeAuth; @@ -95,6 +96,7 @@ authscheme->Active =authenticateBasicActive; if (Config.Program.authenticate){ authscheme->authAuthenticate = authenticateBasicAuthenticateUser; + authscheme->authenticated= authenticateBasicAuthenticated; authscheme->authFixErrorHeader=authenticateBasicFixErrorHeader; authscheme->FreeUser =authenticateBasicFreeUser; authscheme->authStart =authenticateBasicStart; @@ -131,6 +133,15 @@ return 0; } +int +authenticateBasicAuthenticated(auth_user_t * auth_user) +{ + /* if they are in the hash they must be authenticated */ + if (auth_user->usernamehash) return 1; + debug (29, 7) ("Couldn't find user in cache: assuming not logged in.\n"); + return 0; +} + int authenticateBasiccmpUsername(basic_data * u1, basic_data *u2) { return strcmp(u1->username,u2->username); @@ -215,8 +226,8 @@ void authenticateBasicFixErrorHeader(auth_user_t *auth_user, HttpReply *rep, http_hdr_type type, request_t * request){ if (Config.Program.authenticate){ - debug(29, 5) ("authenticateFixErrorHeader: Sending type:%d header: 'Basic realm=\"%s\"'\n",type,Config.proxyAuthRealm); - httpHeaderPutStrf(&rep->header, type, "Basic realm=\"%s\"", Config.proxyAuthRealm); + debug(29, 5) ("authenticateFixErrorHeader: Sending type:%d header: 'Basic realm=\"%s\"'\n",type,Config.basicAuthRealm); + httpHeaderPutStrf(&rep->header, type, "Basic realm=\"%s\"", Config.basicAuthRealm); } }