--------------------- PatchSet 1237 Date: 2001/01/10 01:35:44 Author: rbcollins Branch: auth_rewrite Tag: (none) Log: cbdata race fixes Members: src/auth/basic/auth_basic.c:1.1.2.25->1.1.2.26 src/auth/ntlm/auth_ntlm.c:1.1.2.24->1.1.2.25 Index: squid/src/auth/basic/auth_basic.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/basic/auth_basic.c,v retrieving revision 1.1.2.25 retrieving revision 1.1.2.26 diff -u -r1.1.2.25 -r1.1.2.26 --- squid/src/auth/basic/auth_basic.c 10 Jan 2001 00:59:59 -0000 1.1.2.25 +++ squid/src/auth/basic/auth_basic.c 10 Jan 2001 01:35:44 -0000 1.1.2.26 @@ -271,16 +271,16 @@ auth_user->flags.credentials_ok = 3; basic_auth->credentials_checkedtime = squid_curtime; valid = cbdataValid(r->data); - cbdataUnlock(r->data); if (valid) r->handler(r->data, NULL); + cbdataUnlock(r->data); node = basic_auth->auth_queue; while (node) { tmpnode = node->next; valid = cbdataValid(node->data); - cbdataUnlock(node->data); if (valid) node->handler(node->data, NULL); + cbdataUnlock(node->data); xfree(node); node = tmpnode; } Index: squid/src/auth/ntlm/auth_ntlm.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/auth_ntlm.c,v retrieving revision 1.1.2.24 retrieving revision 1.1.2.25 diff -u -r1.1.2.24 -r1.1.2.25 --- squid/src/auth/ntlm/auth_ntlm.c 9 Jan 2001 14:08:35 -0000 1.1.2.24 +++ squid/src/auth/ntlm/auth_ntlm.c 10 Jan 2001 01:35:44 -0000 1.1.2.25 @@ -182,9 +182,6 @@ void authSchemeSetup_ntlm(authscheme_entry_t * authscheme) { -#if 0 - static int ntlminit = 0; -#endif assert(!authntlm_initialised); authscheme->Active = authenticateNTLMActive; authscheme->parse = authNTLMParse; @@ -391,16 +388,10 @@ static stateful_helper_callback_t authenticateNTLMHandleReply(void *data, void *lastserver, char *reply) { -#if 0 - authenticateStatefulStateData *r = data; -#endif authenticateStateData *r = data; ntlm_helper_state_t *helperstate; int valid; stateful_helper_callback_t result = S_HELPER_UNKNOWN; -#if 0 - void *nextserver = NULL; -#endif char *t = NULL; auth_user_request_t *auth_user_request; auth_user_t *auth_user; @@ -408,7 +399,6 @@ ntlm_request_t *ntlm_request; debug(29, 9) ("authenticateNTLMHandleReply: Helper: '%d' {%s}\n", lastserver, reply ? reply : ""); valid = cbdataValid(r->data); - cbdataUnlock(r->data); if (valid) { if (reply) { /* seperate out the useful data */ @@ -416,9 +406,6 @@ reply += 3; /* we have been given a Challenge */ /* we should check we weren't given an empty challenge */ -#if 0 - result = S_HELPER_RESERVE; -#endif /* copy the challenge to the state data */ helperstate = helperStatefulServerGetData(lastserver); if (helperstate == NULL) @@ -434,12 +421,8 @@ ntlm_request = auth_user_request->scheme_data; assert(ntlm_request != NULL); result = S_HELPER_DEFER; -#if 0 - nextserver = lastserver; -#endif debug(29, 9) ("authenticateNTLMHandleReply: helper '%d'\n", lastserver); assert(ntlm_request->auth_state == AUTHENTICATE_STATE_NEGOTIATE); -// auth_user->auth_data.ntlm_auth.auth_state = AUTHENTICATE_STATE_CHALLENGE; ntlm_request->authhelper = lastserver; ntlm_request->authchallenge = xstrndup(reply, NTLM_CHALLENGE_SZ + 5); } else if (strncasecmp(reply, "AF ", 3) == 0) { @@ -541,20 +524,12 @@ debug(29, 1) ("AuthenticateNTLMHandleReply: invalid callback data. Releasing helper '%d'.\n", lastserver); result = S_HELPER_RELEASE; } + cbdataUnlock(r->data); authenticateStateFree(r); debug(29, 9) ("NTLM HandleReply, telling stateful helper : %d\n", result); return result; } -#if 0 -static void -authenticateNTLMStateFree(authenticateNTLMStateData * r) -{ - cbdataFree(r); -} - -#endif - static void authenticateNTLMStats(StoreEntry * sentry) { @@ -589,9 +564,6 @@ static void authenticateNTLMStart(auth_user_request_t * auth_user_request, RH * handler, void *data) { -#if 0 - authenticateStatefulStateData *r = NULL; -#endif authenticateStateData *r = NULL; helper_stateful_server *server; ntlm_helper_state_t *helperstate; @@ -634,7 +606,6 @@ debug(29, 9) ("authenticateNTLMStart: '%s'\n", sent_string); if (ntlmConfig->authenticate == NULL) { debug(29, 0) ("authenticateNTLMStart: no NTLM program specified:'%s'\n", sent_string); -// handler(data,0, NULL); handler(data, NULL); return; } @@ -850,13 +821,8 @@ return 0; } -#if 0 -static acl_proxy_auth_user * -authenticateNTLMAuthenticateUser(void *data, const char *proxy_auth, ConnStateData * conn) -#else static void authenticateNTLMAuthenticateUser(auth_user_request_t * auth_user_request, request_t * request, ConnStateData * conn, http_hdr_type type) -#endif { const char *proxy_auth; auth_user_hash_pointer *usernamehash, *proxy_auth_hash = NULL; @@ -973,9 +939,6 @@ authenticateAuthUserMerge(auth_user, usernamehash->auth_user); auth_user = usernamehash->auth_user; auth_user_request->auth_user = auth_user; -#if 0 - conn->auth_user = auth_user; -#endif } } else { /* store user in hash's */ @@ -991,36 +954,6 @@ break; case AUTHENTICATE_STATE_DONE: fatal("authenticateNTLMAuthenticateUser: unexpect auth state DONE! Report a bug to the squid developers.\n"); -#if 0 /* done in acl.c */ - case AUTHENTICATE_STATE_DONE: - debug(28, 5) ("aclMatchProxyAuth: connection in state Done. using connection credentials for the request. \n"); - /* is it working right? */ - assert(checklist->auth_user == NULL); - assert(checklist->conn->auth_user != NULL); - /* we have a valid username. */ - auth_user = checklist->conn->auth_user; - /* store the username in the request for logging */ - xstrncpy(checklist->request->authuser, - auth_user->auth_data.ntlm_auth.username, - USER_IDENT_SZ); - if (auth_user->expiretime + Config.authenticateTTL > current_time.tv_sec - ) { - auth_user->expiretime = current_time.tv_sec; - } else { - //user passed externa; authentication in every case to get here. f. - Let it through - } /* we don't unlock the auth_user until the connection is dropped. Thank - * MS for this quirk. */ if (authenticateCheckAuthUserIP(checklist->src_addr, auth_user)) { - /* Once the match is completed we have finished with the - * auth_user structure */ - /* check to see if we have matched the user-acl before */ - return aclCacheMatchAcl(&auth_user->proxy_match_cache, acltype, - data, auth_user->auth_data.ntlm_auth.username); - } else { - return 0; - } - break; -#endif } return;