--------------------- PatchSet 2945 Date: 2001/09/02 13:00:38 Author: rbcollins Branch: ntlm Tag: (none) Log: Move the credentials_ok flag to a per request flag Members: src/auth/ntlm/auth_ntlm.c:1.1.10.14.2.48->1.1.10.14.2.49 src/auth/ntlm/auth_ntlm.h:1.1.8.9->1.1.8.10 Index: squid/src/auth/ntlm/auth_ntlm.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/auth_ntlm.c,v retrieving revision 1.1.10.14.2.48 retrieving revision 1.1.10.14.2.49 diff -u -r1.1.10.14.2.48 -r1.1.10.14.2.49 --- squid/src/auth/ntlm/auth_ntlm.c 2 Sep 2001 09:50:24 -0000 1.1.10.14.2.48 +++ squid/src/auth/ntlm/auth_ntlm.c 2 Sep 2001 13:00:38 -0000 1.1.10.14.2.49 @@ -278,12 +278,11 @@ int authenticateNTLMDirection(auth_user_request_t * auth_user_request) { - ntlm_user_t *ntlm_user = auth_user_request->auth_user->scheme_data; ntlm_request_t *ntlm_request = auth_user_request->scheme_data; /* null auth_user is checked for by authenticateDirection */ switch (ntlm_request->auth_state) { case AUTHENTICATE_STATE_NONE: /* no progress at all. */ - if (ntlm_user->flags.credentials_ok != 2) + if (ntlm_request->flags.credentials_ok != 2) debug(29, 1) ("authenticateNTLMDirection: called before NTLM Authenticate!. Report a bug to squid-dev. au %x\n", auth_user_request); return -2; case AUTHENTICATE_STATE_NEGOTIATE: /* send to helper */ @@ -487,7 +486,7 @@ assert(ntlm_request->auth_state == AUTHENTICATE_STATE_RESPONSE); ntlm_user->username = xstrndup(reply, MAX_LOGIN_SZ); ntlm_request->authserver = NULL; - ntlm_user->flags.credentials_ok = 1; /* login ok */ + ntlm_request->flags.credentials_ok = 1; /* login ok */ #ifdef NTLM_FAIL_OPEN } else if (strncasecmp(reply, "LD ", 3) == 0) { /* This is a variant of BH, which rather than deny access @@ -514,7 +513,7 @@ ntlm_user->username = xstrndup(reply, MAX_LOGIN_SZ); helperstate = helperStatefulServerGetData(ntlm_request->authserver); ntlm_request->authserver = NULL; - ntlm_user->flags.credentials_ok = 1; /* login ok */ + ntlm_request->flags.credentials_ok = 1; /* login ok */ /* BH code: mark helper as broken */ /* Not a valid helper response to a YR request. Assert so the helper * programmer will fix their bugs! */ @@ -535,7 +534,7 @@ /* todo: action of Negotiate state on error */ result = S_HELPER_RELEASE; /*some error has occured. no more requests */ ntlm_request->authserver = NULL; - ntlm_user->flags.credentials_ok = 2; /* Login/Usercode failed */ + ntlm_request->flags.credentials_ok = 2; /* Login/Usercode failed */ debug(29, 4) ("authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '%s'\n", reply); ntlm_request->auth_state = AUTHENTICATE_STATE_NONE; if ((t = strchr(reply, ' '))) /* strip after a space */ @@ -565,7 +564,7 @@ if (ntlm_request->auth_state == AUTHENTICATE_STATE_NEGOTIATE) { /* The helper broke on YR. It automatically * resets */ - ntlm_user->flags.credentials_ok = 3; /* cannot process */ + ntlm_request->flags.credentials_ok = 3; /* cannot process */ debug(29, 1) ("authenticateNTLMHandleReply: Error obtaining challenge from helper: %d. Error returned '%s'\n", lastserver, reply); /* mark it for starving */ helperstate->starve = 1; @@ -580,7 +579,7 @@ } else { /* the helper broke on a KK */ /* first the standard KK stuff */ - ntlm_user->flags.credentials_ok = 2; /* Login/Usercode failed */ + ntlm_request->flags.credentials_ok = 2; /* Login/Usercode failed */ debug(29, 4) ("authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '%s'\n", reply); if ((t = strchr(reply, ' '))) /* strip after a space */ *t = '\0'; @@ -601,7 +600,7 @@ debug(29, 1) ("authenticateNTLMHandleReply: *** Unsupported helper response ***, '%s'\n", reply); /* restart the authentication process */ ntlm_request->auth_state = AUTHENTICATE_STATE_NONE; - ntlm_user->flags.credentials_ok = 3; /* cannot process */ + ntlm_request->flags.credentials_ok = 3; /* cannot process */ assert (ntlm_request->authserver ? ntlm_request->authserver == lastserver : 1); ntlm_request->authserver = NULL; } @@ -964,7 +963,7 @@ case AUTHENTICATE_STATE_NONE: /* we've recieved a negotiate request. pass to a helper */ debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm none. %s\n", proxy_auth); - if (ntlm_user->flags.credentials_ok == 2) { + if (ntlm_request->flags.credentials_ok == 2) { /* the authentication fialed badly... */ return; } @@ -1024,7 +1023,7 @@ /* get the existing entries details */ ntlm_user = auth_user->scheme_data; debug(29, 9) ("Username to be used is %s\n", ntlm_user->username); - ntlm_user->flags.credentials_ok = 1; /* authenticated ok */ + ntlm_request->flags.credentials_ok = 1; /* authenticated ok */ /* on ntlm auth we do not unlock the auth_user until the * connection is dropped. Thank MS for this quirk */ auth_user->expiretime = current_time.tv_sec; @@ -1070,7 +1069,7 @@ /* set these to now because this is either a new login from an * existing user or a new user */ auth_user->expiretime = current_time.tv_sec; - ntlm_user->flags.credentials_ok = 1; /*authenticated ok */ + ntlm_request->flags.credentials_ok = 1; /*authenticated ok */ return; break; case AUTHENTICATE_STATE_DONE: Index: squid/src/auth/ntlm/auth_ntlm.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/auth_ntlm.h,v retrieving revision 1.1.8.9 retrieving revision 1.1.8.10 diff -u -r1.1.8.9 -r1.1.8.10 --- squid/src/auth/ntlm/auth_ntlm.h 2 Sep 2001 09:50:24 -0000 1.1.8.9 +++ squid/src/auth/ntlm/auth_ntlm.h 2 Sep 2001 13:00:39 -0000 1.1.8.10 @@ -18,13 +18,13 @@ struct _ntlm_user { /* what username did this connection get? */ char *username; - struct { - unsigned int credentials_ok:2; /*0=unchecked,1=ok,2=failed */ - } flags; dlink_list proxy_auth_list; }; struct _ntlm_request { + struct { + unsigned int credentials_ok:2; /*0=unchecked,1=ok,2=failed */ + } flags; /* what negotiate string did the client use? */ char *ntlmnegotiate; /* what challenge did we give the client? */