--------------------- PatchSet 1556 Date: 2001/02/12 11:38:44 Author: rbcollins Branch: ntlm Tag: (none) Log: fix a bad merge Members: src/auth/ntlm/auth_ntlm.c:1.1.10.14->1.1.10.14.2.1 Index: squid/src/auth/ntlm/auth_ntlm.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/auth_ntlm.c,v retrieving revision 1.1.10.14 retrieving revision 1.1.10.14.2.1 diff -u -r1.1.10.14 -r1.1.10.14.2.1 --- squid/src/auth/ntlm/auth_ntlm.c 9 Feb 2001 14:52:29 -0000 1.1.10.14 +++ squid/src/auth/ntlm/auth_ntlm.c 12 Feb 2001 11:38:44 -0000 1.1.10.14.2.1 @@ -95,7 +95,7 @@ void authNTLMDone(void) { - debug(29,2) ("authNTLMDone: shutting down NTLM authentication.\n"); + debug(29, 2) ("authNTLMDone: shutting down NTLM authentication.\n"); if (ntlmauthenticators) helperStatefulShutdown(ntlmauthenticators); authntlm_initialised = 0; @@ -145,10 +145,7 @@ storeAppendPrintf(entry, " %s", list->key); list = list->next; } - storeAppendPrintf(entry, "\n%s %s children %d\n%s %s max_challenge_reuses %d\n%s %s max_challenge_lifetime %d seconds\n", - name, "ntlm", config->authenticateChildren, - name, "ntlm", config->challengeuses, - name, "ntlm", config->challengelifetime); + storeAppendPrintf(entry, "\n%s %s children %d\n%s %s max_challenge_reuses %d\n%s %s max_challenge_lifetime %d seconds\n", name, "ntlm", config->authenticateChildren, name, "ntlm", config->challengeuses, name, "ntlm", config->challengelifetime); } @@ -236,9 +233,7 @@ /* TODO: In here send the initial YR to preinitialise the challenge cache */ /* Think about this... currently we ask when the challenge is needed. Better? */ if (!ntlminit) { - cachemgrRegister("ntlmauthenticator", - "User NTLM Authenticator Stats", - authenticateNTLMStats, 0, 1); + cachemgrRegister("ntlmauthenticator", "User NTLM Authenticator Stats", authenticateNTLMStats, 0, 1); ntlminit++; } CBDATA_INIT_TYPE(authenticateStateData); @@ -248,20 +243,18 @@ int authenticateNTLMActive() { - return (authntlm_initialised==1) ? 1 : 0; + return (authntlm_initialised == 1) ? 1 : 0; } int authNTLMConfigured() { - if ((ntlmConfig != NULL) && (ntlmConfig->authenticate != NULL) && - (ntlmConfig->authenticateChildren != 0) && (ntlmConfig->challengeuses > -1) - && (ntlmConfig->challengelifetime > -1)) { - debug(29,9)("authNTLMConfigured: returning configured\n"); - return 1; - } - debug(29,9)("authNTLMConfigured: returning unconfigured\n"); + if ((ntlmConfig != NULL) && (ntlmConfig->authenticate != NULL) && (ntlmConfig->authenticateChildren != 0) && (ntlmConfig->challengeuses > -1) && (ntlmConfig->challengelifetime > -1)) { + debug(29, 9) ("authNTLMConfigured: returning configured\n"); + return 1; + } + debug(29, 9) ("authNTLMConfigured: returning unconfigured\n"); return 0; } @@ -276,10 +269,10 @@ case AUTHENTICATE_STATE_NONE: /* no progress at all. */ debug(28, 1) ("authenticateNTLMDirection: called before NTLM Authenticate!. Report a bug to squid-dev.\n"); return -2; - case AUTHENTICATE_STATE_NEGOTIATE: /* send to helper */ + case AUTHENTICATE_STATE_NEGOTIATE: /* send to helper */ case AUTHENTICATE_STATE_RESPONSE: /*send to helper */ return -1; - case AUTHENTICATE_STATE_CHALLENGE: /* send to client */ + case AUTHENTICATE_STATE_CHALLENGE: /* send to client */ return 1; case AUTHENTICATE_STATE_DONE: /* do nothing.. */ return 0; @@ -324,9 +317,9 @@ debug(29, 9) ("authenticateNTLMFixErrorHeader: Sending type:%d header: 'NTLM %s'\n", type, ntlm_request->authchallenge); httpHeaderPutStrf(&rep->header, type, "NTLM %s", ntlm_request->authchallenge); break; - case AUTHENTICATE_STATE_DONE: /* HACK by Kinkie */ - /* nothing */ - break; + case AUTHENTICATE_STATE_DONE: /* HACK by Kinkie */ + /* nothing */ + break; default: debug(29, 0) ("authenticateNTLMFixErrorHeader: state %d.\n", ntlm_request->auth_state); fatal("unexpected state in AuthenticateNTLMFixErrorHeader.\n"); @@ -486,11 +479,11 @@ ntlm_user->username = xstrndup(reply, MAX_LOGIN_SZ); helperstate = helperStatefulServerGetData(ntlm_request->authhelper); ntlm_request->authhelper = NULL; - auth_user->flags.credentials_ok = 1; /* login ok */ + auth_user->flags.credentials_ok = 1; /* login ok */ /* BH code: mark helper as broken */ /* Not a valid helper response to a YR request. Assert so the helper * programmer will fix their bugs! */ - assert (ntlm_request->auth_state != AUTHENTICATE_STATE_NEGOTIATE); + assert(ntlm_request->auth_state != AUTHENTICATE_STATE_NEGOTIATE); /* mark it for starving */ helperstate->starve = 1; @@ -509,7 +502,7 @@ result = S_HELPER_RELEASE; /*some error has occured. no more requests */ ntlm_request->authhelper = NULL; auth_user->flags.credentials_ok = 2; /* Login/Usercode failed */ - debug(29, 4) ("authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '%s'\n",reply); + debug(29, 4) ("authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '%s'\n", reply); ntlm_request->auth_state = AUTHENTICATE_STATE_NONE; if ((t = strchr(reply, ' '))) /* strip after a space */ *t = '\0'; @@ -535,7 +528,7 @@ /* The helper broke on YR. It automatically * resets */ auth_user->flags.credentials_ok = 3; /* cannot process */ - debug(29, 1) ("authenticateNTLMHandleReply: Error obtaining challenge from helper: %d. Error returned '%s'\n", lastserver,reply); + debug(29, 1) ("authenticateNTLMHandleReply: Error obtaining challenge from helper: %d. Error returned '%s'\n", lastserver, reply); /* mark it for starving */ helperstate->starve = 1; /* resubmit the request. This helper is currently busy, so we will get @@ -545,7 +538,7 @@ /* the helper broke on a KK */ /* first the standard KK stuff */ auth_user->flags.credentials_ok = 2; /* Login/Usercode failed */ - debug(29, 4) ("authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '%s'\n",reply); + debug(29, 4) ("authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '%s'\n", reply); ntlm_request->auth_state = AUTHENTICATE_STATE_NONE; if ((t = strchr(reply, ' '))) /* strip after a space */ *t = '\0'; @@ -570,7 +563,7 @@ ntlm_request->authhelper = NULL; } } else { - abort(); /* patch by Kinkie. I WANT a coredump */ + abort(); /* patch by Kinkie. I WANT a coredump */ fatal("authenticateNTLMHandleReply: called with no result string\n"); } r->handler(r->data, NULL); @@ -595,7 +588,7 @@ int authenticateNTLMValidChallenge(ntlm_helper_state_t * helperstate) { - debug(29,9)("authenticateNTLMValidChallenge: Challenge is %s\n", helperstate->challenge ? "Valid" : "Invalid"); + debug(29, 9) ("authenticateNTLMValidChallenge: Challenge is %s\n", helperstate->challenge ? "Valid" : "Invalid"); if (helperstate->challenge == NULL) return 0; return 1; @@ -609,11 +602,11 @@ /* this is needed because we have to starve the helper until all old * requests have been satisfied */ if (helperstate->challengeuses > ntlmConfig->challengeuses) { - debug(29,9)("authenticateNTLMChangeChallenge: Challenge uses (%d) exceeded max uses (%d)\n",helperstate->challengeuses,ntlmConfig->challengeuses); + debug(29, 9) ("authenticateNTLMChangeChallenge: Challenge uses (%d) exceeded max uses (%d)\n", helperstate->challengeuses, ntlmConfig->challengeuses); return 1; } if (helperstate->renewed + ntlmConfig->challengelifetime >= squid_curtime) { - debug(29,9)("authenticateNTLMChangeChallenge: Challenge exceeded max lifetime\n"); + debug(29, 9) ("authenticateNTLMChangeChallenge: Challenge exceeded max lifetime\n"); return 1; } return 0; @@ -689,8 +682,7 @@ */ server = helperStatefulDefer(ntlmauthenticators); helperstate = server ? helperStatefulServerGetData(server) : NULL; - while ((server != NULL) && - authenticateNTLMChangeChallenge(helperstate)) { + while ((server != NULL) && authenticateNTLMChangeChallenge(helperstate)) { /* flag this helper for challenge changing */ helperstate->starve = 1; /* and release the deferred request */ @@ -724,8 +716,7 @@ /* increment the challenge uses */ helperstate->challengeuses++; /* assign the challenge */ - ntlm_request->authchallenge = - xstrndup(helperstate->challenge, NTLM_CHALLENGE_SZ + 5); + ntlm_request->authchallenge = xstrndup(helperstate->challenge, NTLM_CHALLENGE_SZ + 5); handler(data, NULL); } @@ -859,13 +850,11 @@ { auth_user_hash_pointer *proxy_auth_hash; ntlm_user_t *ntlm_user; - proxy_auth_hash = - memAllocate(MEM_AUTH_USER_HASH); + proxy_auth_hash = memAllocate(MEM_AUTH_USER_HASH); proxy_auth_hash->key = xstrdup(key); proxy_auth_hash->auth_user = auth_user; ntlm_user = auth_user->scheme_data; - dlinkAddTail(proxy_auth_hash, &proxy_auth_hash->link, - &ntlm_user->proxy_auth_list); + dlinkAddTail(proxy_auth_hash, &proxy_auth_hash->link, &ntlm_user->proxy_auth_list); hash_join(proxy_auth_cache, (hash_link *) proxy_auth_hash); } @@ -902,9 +891,8 @@ switch (ntlm_request->auth_state) { case AUTHENTICATE_STATE_NONE: /* we've recieved a negotiate request. pass to a helper */ - debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm none. %s\n", - proxy_auth); - if (auth_user->flags.credentials_ok==2) { + debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm none. %s\n", proxy_auth); + if (auth_user->flags.credentials_ok == 2) { /* the authentication fialed badly... */ return; } @@ -935,9 +923,7 @@ /* TODO: more fault tolerance.. reset the auth scheme here */ } /* cache entries have authenticateauthheaderchallengestring */ - snprintf(ntlmhash, sizeof(ntlmhash) - 1, "%s%s", - ntlm_request->ntlmauthenticate, - ntlm_request->authchallenge); + snprintf(ntlmhash, sizeof(ntlmhash) - 1, "%s%s", ntlm_request->ntlmauthenticate, ntlm_request->authchallenge); /* see if we already know this user's authenticate */ debug(29, 9) ("aclMatchProxyAuth: cache lookup with key '%s'\n", ntlmhash); assert(proxy_auth_cache != NULL); @@ -959,8 +945,7 @@ assert(auth_user->auth_type == AUTH_NTLM); /* get the existing entries details */ ntlm_user = auth_user->scheme_data; - debug(29, 9) ("Username to be used is %s\n", - ntlm_user->username); + debug(29, 9) ("Username to be used is %s\n", ntlm_user->username); auth_user->flags.credentials_ok = 1; /* authenticated ok */ /* on ntlm auth we do not unlock the auth_user until the * connection is dropped. Thank MS for this quirk */ @@ -974,21 +959,13 @@ /*add to cache and let them through */ ntlm_request->auth_state = AUTHENTICATE_STATE_DONE; /* this connection is authenticated */ - debug(29, 4) ("authenticated\nch %s\nauth %s\nauthuser %s\n", - ntlm_request->authchallenge, - ntlm_request->ntlmauthenticate, - ntlm_user->username); + debug(29, 4) ("authenticated\nch %s\nauth %s\nauthuser %s\n", ntlm_request->authchallenge, ntlm_request->ntlmauthenticate, ntlm_user->username); /* cache entries have authenticateauthheaderchallengestring */ - snprintf(ntlmhash, sizeof(ntlmhash) - 1, "%s%s", - ntlm_request->ntlmauthenticate, - ntlm_request->authchallenge); + snprintf(ntlmhash, sizeof(ntlmhash) - 1, "%s%s", ntlm_request->ntlmauthenticate, ntlm_request->authchallenge); /* see if this is an existing user with a different proxy_auth * string */ - if ((usernamehash = hash_lookup(proxy_auth_username_cache, - ntlm_user->username))) { - while ((usernamehash->auth_user->auth_type != - auth_user->auth_type) && (usernamehash->next) && - !authenticateNTLMcmpUsername(usernamehash->auth_user->scheme_data, ntlm_user)) + if ((usernamehash = hash_lookup(proxy_auth_username_cache, ntlm_user->username))) { + while ((usernamehash->auth_user->auth_type != auth_user->auth_type) && (usernamehash->next) && !authenticateNTLMcmpUsername(usernamehash->auth_user->scheme_data, ntlm_user)) usernamehash = usernamehash->next; if (usernamehash->auth_user->auth_type == auth_user->auth_type) { /*