---------------------
PatchSet 1436 
Date: 2001/01/30 12:07:05
Author: rbcollins
Branch: ntlm
Tag: (none) 
Log:
addition of LD: return code from helpers, which allows a helper to fail open - indicating a problem with the authentication mechanism such that the credentials couldn't be tested

Members: 
	acconfig.h:1.1.1.3.10.9->1.1.1.3.10.10 
	configure.in:1.1.1.3.10.27->1.1.1.3.10.28 
	src/acl.c:1.1.1.3.12.34->1.1.1.3.12.35 
	src/authenticate.c:1.1.1.3.12.29->1.1.1.3.12.30 

Index: squid/acconfig.h
===================================================================
RCS file: /cvsroot/squid-sf//squid/Attic/acconfig.h,v
retrieving revision 1.1.1.3.10.9
retrieving revision 1.1.1.3.10.10
diff -u -r1.1.1.3.10.9 -r1.1.1.3.10.10
--- squid/acconfig.h	31 Dec 2000 00:02:04 -0000	1.1.1.3.10.9
+++ squid/acconfig.h	30 Jan 2001 12:07:05 -0000	1.1.1.3.10.10
@@ -20,7 +20,7 @@
  *
  */
 @ TOP @
-/* $Id: acconfig.h,v 1.1.1.3.10.9 2000/12/31 00:02:04 rbcollins Exp $ */
+/* $Id: acconfig.h,v 1.1.1.3.10.10 2001/01/30 12:07:05 rbcollins Exp $ */
 
 /*********************************
  * START OF CONFIGURABLE OPTIONS *
@@ -129,6 +129,9 @@
  */
 #undef USE_CARP
 
+/* Define if NTLM is allowed to fail gracefully when a helper has problems */
+#undef NTLM_FAIL_OPEN
+
 /********************************
  *  END OF CONFIGURABLE OPTIONS *
  ********************************/
Index: squid/configure.in
===================================================================
RCS file: /cvsroot/squid-sf//squid/configure.in,v
retrieving revision 1.1.1.3.10.27
retrieving revision 1.1.1.3.10.28
diff -u -r1.1.1.3.10.27 -r1.1.1.3.10.28
--- squid/configure.in	23 Jan 2001 23:10:48 -0000	1.1.1.3.10.27
+++ squid/configure.in	30 Jan 2001 12:07:05 -0000	1.1.1.3.10.28
@@ -3,13 +3,13 @@
 dnl
 dnl  Duane Wessels, wessels@nlanr.net, February 1996 (autoconf v2.9)
 dnl
-dnl  $Id: configure.in,v 1.1.1.3.10.27 2001/01/23 23:10:48 rbcollins Exp $
+dnl  $Id: configure.in,v 1.1.1.3.10.28 2001/01/30 12:07:05 rbcollins Exp $
 dnl
 dnl
 dnl
 AC_INIT(src/main.c)
 AC_CONFIG_HEADER(include/autoconf.h)
-AC_REVISION($Revision: 1.1.1.3.10.27 $)dnl
+AC_REVISION($Revision: 1.1.1.3.10.28 $)dnl
 AC_PREFIX_DEFAULT(/usr/local/squid)
 AC_CONFIG_AUX_DIR(cfgaux)
 
@@ -812,6 +812,16 @@
 fi
 AC_SUBST(DIGEST_AUTH_HELPERS)
 
+dnl Enable "NTLM fail open"
+AC_ARG_ENABLE(ntlm-fail-open,
+[  --enable-ntlm-fail-open Enable NTLM fail open, where a helper that fails one of the
+                           Authentication steps can allow squid to still authenticate
+			   the user.],
+[ if test "$enableval" = "yes" ; then
+    AC_DEFINE(NTLM_FAIL_OPEN)
+  fi
+])
+
 dnl Disable "unlinkd" code
 AC_ARG_ENABLE(unlinkd,
 [  --disable-unlinkd       Do not use unlinkd],
Index: squid/src/acl.c
===================================================================
RCS file: /cvsroot/squid-sf//squid/src/acl.c,v
retrieving revision 1.1.1.3.12.34
retrieving revision 1.1.1.3.12.35
diff -u -r1.1.1.3.12.34 -r1.1.1.3.12.35
--- squid/src/acl.c	23 Jan 2001 10:33:38 -0000	1.1.1.3.12.34
+++ squid/src/acl.c	30 Jan 2001 12:07:06 -0000	1.1.1.3.12.35
@@ -1,6 +1,6 @@
 
 /*
- * $Id: acl.c,v 1.1.1.3.12.34 2001/01/23 10:33:38 rbcollins Exp $
+ * $Id: acl.c,v 1.1.1.3.12.35 2001/01/30 12:07:06 rbcollins Exp $
  *
  * DEBUG: section 28    Access Control
  * AUTHOR: Duane Wessels
@@ -1216,7 +1216,7 @@
 	    if (!authenticateValidateUser(auth_user_request = authenticateGetAuthUser(proxy_auth))) {
 		/* the decode might have left a username for logging, or a message to
 		 * the user */
-		if (auth_user_request) {
+		if (authenticateUserRequestUsername(auth_user_request)) {
 		    /* lock the user for the request structure link */
 		    authenticateAuthUserRequestLock(auth_user_request);
 		    checklist->request->auth_user_request = auth_user_request;
Index: squid/src/authenticate.c
===================================================================
RCS file: /cvsroot/squid-sf//squid/src/authenticate.c,v
retrieving revision 1.1.1.3.12.29
retrieving revision 1.1.1.3.12.30
diff -u -r1.1.1.3.12.29 -r1.1.1.3.12.30
--- squid/src/authenticate.c	23 Jan 2001 13:19:30 -0000	1.1.1.3.12.29
+++ squid/src/authenticate.c	30 Jan 2001 12:07:06 -0000	1.1.1.3.12.30
@@ -1,6 +1,6 @@
 
 /*
- * $Id: authenticate.c,v 1.1.1.3.12.29 2001/01/23 13:19:30 rbcollins Exp $
+ * $Id: authenticate.c,v 1.1.1.3.12.30 2001/01/30 12:07:06 rbcollins Exp $
  *
  * DEBUG: section 29    Authenticator
  * AUTHOR: Duane Wessels
@@ -324,7 +324,10 @@
 authenticateUserRequestUsername(auth_user_request_t * auth_user_request)
 {
     assert(auth_user_request != NULL);
-    return authenticateUserUsername(auth_user_request->auth_user);
+    if (auth_user_request->auth_user)
+	return authenticateUserUsername(auth_user_request->auth_user);
+    else
+	return NULL;
 }
 
 /* returns
@@ -398,7 +401,7 @@
 	    authscheme_list[i].donefunc();
 	else
 	    debug(29, 2) ("authenticateShutdown: scheme %s has not registered a shutdown function.\n", authscheme_list[i].typestr);
-	if (!reconfiguring)
+	if (shutting_down)
 	    authscheme_list[i].typestr = NULL;
     }
 }