--------------------- PatchSet 8823 Date: 2006/12/23 12:38:22 Author: hno Branch: ssl-2_6 Tag: (none) Log: PROXYPASS forwarding of ssl user id Members: src/HttpRequest.c:1.15.4.1->1.15.4.2 src/client_side.c:1.128.2.3->1.128.2.4 src/http.c:1.46.2.1->1.46.2.2 src/structs.h:1.119.2.2->1.119.2.3 Index: squid/src/HttpRequest.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpRequest.c,v retrieving revision 1.15.4.1 retrieving revision 1.15.4.2 diff -u -r1.15.4.1 -r1.15.4.2 --- squid/src/HttpRequest.c 31 Jul 2006 03:50:37 -0000 1.15.4.1 +++ squid/src/HttpRequest.c 23 Dec 2006 12:38:22 -0000 1.15.4.2 @@ -1,6 +1,6 @@ /* - * $Id: HttpRequest.c,v 1.15.4.1 2006/07/31 03:50:37 hno Exp $ + * $Id: HttpRequest.c,v 1.15.4.2 2006/12/23 12:38:22 hno Exp $ * * DEBUG: section 73 HTTP Request * AUTHOR: Duane Wessels @@ -66,6 +66,7 @@ safe_free(req->urlgroup); safe_free(req->extacl_user); safe_free(req->extacl_passwd); + safe_free(req->ssl_user); stringClean(&req->urlpath); httpHeaderClean(&req->header); if (req->cache_control) Index: squid/src/client_side.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/client_side.c,v retrieving revision 1.128.2.3 retrieving revision 1.128.2.4 diff -u -r1.128.2.3 -r1.128.2.4 --- squid/src/client_side.c 5 Aug 2006 14:38:13 -0000 1.128.2.3 +++ squid/src/client_side.c 23 Dec 2006 12:38:22 -0000 1.128.2.4 @@ -1,6 +1,6 @@ /* - * $Id: client_side.c,v 1.128.2.3 2006/08/05 14:38:13 hno Exp $ + * $Id: client_side.c,v 1.128.2.4 2006/12/23 12:38:22 hno Exp $ * * DEBUG: section 33 Client-side Routines * AUTHOR: Duane Wessels @@ -4001,6 +4001,13 @@ request->my_port = ntohs(conn->me.sin_port); request->client_port = ntohs(conn->peer.sin_port); request->http_ver = http->http_ver; +#if USE_SSL + { + const char *ssluser = sslGetUserId(fd_table[conn->fd].ssl, conn->port->ssluserid); + if (ssluser) + request->ssl_user = xstrdup(ssluser); + } +#endif if (!urlCheckRequest(request) || httpHeaderHas(&request->header, HDR_TRANSFER_ENCODING)) { err = errorCon(ERR_UNSUP_REQ, HTTP_NOT_IMPLEMENTED); Index: squid/src/http.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/http.c,v retrieving revision 1.46.2.1 retrieving revision 1.46.2.2 diff -u -r1.46.2.1 -r1.46.2.2 --- squid/src/http.c 31 Jul 2006 03:50:40 -0000 1.46.2.1 +++ squid/src/http.c 23 Dec 2006 12:38:23 -0000 1.46.2.2 @@ -1,6 +1,6 @@ /* - * $Id: http.c,v 1.46.2.1 2006/07/31 03:50:40 hno Exp $ + * $Id: http.c,v 1.46.2.2 2006/12/23 12:38:23 hno Exp $ * * DEBUG: section 11 Hypertext Transfer Protocol (HTTP) * AUTHOR: Harvest Derived @@ -1129,6 +1129,8 @@ username = authenticateUserRequestUsername(orig_request->auth_user_request); else if (orig_request->extacl_user) username = orig_request->extacl_user; + else if (orig_request->ssl_user) + username = orig_request->ssl_user; snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1); httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", base64_encode(loginbuf)); Index: squid/src/structs.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/structs.h,v retrieving revision 1.119.2.2 retrieving revision 1.119.2.3 diff -u -r1.119.2.2 -r1.119.2.3 --- squid/src/structs.h 31 Jul 2006 03:50:41 -0000 1.119.2.2 +++ squid/src/structs.h 23 Dec 2006 12:38:24 -0000 1.119.2.3 @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.119.2.2 2006/07/31 03:50:41 hno Exp $ + * $Id: structs.h,v 1.119.2.3 2006/12/23 12:38:24 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -1888,6 +1888,7 @@ String x_forwarded_for_iterator; #endif /* FOLLOW_X_FORWARDED_FOR */ ConnStateData *pinned_connection; /* If set then this request is tighly tied to the corresponding client side connetion */ + const char *ssl_user; }; struct _cachemgr_passwd {