2 diff -c squid/src/acl.c:1.270.2.8 squid/src/acl.c:1.270.2.9
3 *** squid/src/acl.c:1.270.2.8 Sat Sep 7 09:13:05 2002
4 --- squid/src/acl.c Wed Oct 2 03:02:29 2002
9 /* Note: this fills in checklist->auth_user_request when applicable */
10 ! switch (authenticateAuthenticate(&checklist->auth_user_request, headertype, checklist->request, checklist->conn, checklist->src_addr)) {
11 case AUTH_ACL_CANNOT_AUTHENTICATE:
12 debug(28, 4) ("aclMatchAcl: returning 0 user authenticated but not authorised.\n");
17 /* Note: this fills in checklist->auth_user_request when applicable */
18 ! switch (authenticateTryToAuthenticateAndSetAuthUser(&checklist->auth_user_request, headertype, checklist->request, checklist->conn, checklist->src_addr)) {
19 case AUTH_ACL_CANNOT_AUTHENTICATE:
20 debug(28, 4) ("aclMatchAcl: returning 0 user authenticated but not authorised.\n");
22 Index: squid/src/authenticate.c
23 diff -c squid/src/authenticate.c:1.36.2.2 squid/src/authenticate.c:1.36.2.3
24 *** squid/src/authenticate.c:1.36.2.2 Wed Jun 12 06:09:26 2002
25 --- squid/src/authenticate.c Wed Oct 2 03:02:29 2002
31 authenticateDecodeAuth(const char *proxy_auth, auth_user_request_t * auth_user_request);
32 + static auth_acl_t authenticateAuthenticate(auth_user_request_t ** auth_user_request, http_hdr_type headertype, request_t * request, ConnStateData * conn, struct in_addr src_addr);
40 const char *proxy_auth;
41 assert(headertype != 0);
43 proxy_auth = httpHeaderGetStr(&request->header, headertype);
49 return AUTH_AUTHENTICATED;
53 + authenticateTryToAuthenticateAndSetAuthUser(auth_user_request_t ** auth_user_request, http_hdr_type headertype, request_t * request, ConnStateData * conn, struct in_addr src_addr)
55 + /* If we have already been called, return the cached value */
56 + auth_user_request_t *t = *auth_user_request ? *auth_user_request : conn->auth_user_request;
58 + if (t && t->lastReply != AUTH_ACL_CANNOT_AUTHENTICATE
59 + && t->lastReply != AUTH_ACL_HELPER) {
60 + if (!*auth_user_request)
61 + *auth_user_request = t;
62 + return t->lastReply;
65 + /* ok, call the actual authenticator routine. */
66 + result = authenticateAuthenticate(auth_user_request, headertype, request, conn, src_addr);
67 + t = *auth_user_request ? *auth_user_request : conn->auth_user_request;
68 + if (t && result != AUTH_ACL_CANNOT_AUTHENTICATE &&
69 + result != AUTH_ACL_HELPER)
70 + t->lastReply = result;
75 /* authenticateUserUsername: return a pointer to the username in the */
80 if ((auth_user_request != NULL) && (auth_user_request->auth_user->auth_module > 0)
81 && (authscheme_list[auth_user_request->auth_user->auth_module - 1].AddHeader))
82 authscheme_list[auth_user_request->auth_user->auth_module - 1].AddHeader(auth_user_request, rep, accelerated);
83 + if (auth_user_request != NULL)
84 + auth_user_request->lastReply = AUTH_ACL_CANNOT_AUTHENTICATE;
87 /* call the active auth module and allow it to add a trailer to the request */
88 Index: squid/src/client_side.c
89 diff -c squid/src/client_side.c:1.561.2.20 squid/src/client_side.c:1.561.2.22
90 *** squid/src/client_side.c:1.561.2.20 Sun Sep 22 22:04:03 2002
91 --- squid/src/client_side.c Thu Oct 3 00:44:06 2002
94 http->range_iter.prefix_size = rep->hdr_sz;
95 debug(33, 3) ("clientSendMoreData: Appending %d bytes after %d bytes of headers\n",
96 (int) body_size, rep->hdr_sz);
97 ! ch = aclChecklistCreate(Config.accessList.reply, http->request, NULL);
99 rv = aclCheckFast(Config.accessList.reply, ch);
100 aclChecklistFree(ch);
102 http->range_iter.prefix_size = rep->hdr_sz;
103 debug(33, 3) ("clientSendMoreData: Appending %d bytes after %d bytes of headers\n",
104 (int) body_size, rep->hdr_sz);
105 ! ch = clientAclChecklistCreate(Config.accessList.reply, http);
107 rv = aclCheckFast(Config.accessList.reply, ch);
108 aclChecklistFree(ch);
109 Index: squid/src/protos.h
110 diff -c squid/src/protos.h:1.420.2.12 squid/src/protos.h:1.420.2.13
111 *** squid/src/protos.h:1.420.2.12 Sat Sep 7 09:13:05 2002
112 --- squid/src/protos.h Wed Oct 2 03:02:30 2002
115 extern void authenticateShutdown(void);
116 extern void authenticateFixHeader(HttpReply *, auth_user_request_t *, request_t *, int, int);
117 extern void authenticateAddTrailer(HttpReply *, auth_user_request_t *, request_t *, int);
118 ! extern auth_acl_t authenticateAuthenticate(auth_user_request_t **, http_hdr_type, request_t *, ConnStateData *, struct in_addr);
119 extern void authenticateAuthUserUnlock(auth_user_t * auth_user);
120 extern void authenticateAuthUserLock(auth_user_t * auth_user);
121 extern void authenticateAuthUserRequestUnlock(auth_user_request_t *);
123 extern void authenticateShutdown(void);
124 extern void authenticateFixHeader(HttpReply *, auth_user_request_t *, request_t *, int, int);
125 extern void authenticateAddTrailer(HttpReply *, auth_user_request_t *, request_t *, int);
126 ! extern auth_acl_t authenticateTryToAuthenticateAndSetAuthUser(auth_user_request_t **, http_hdr_type, request_t *, ConnStateData *, struct in_addr);
127 extern void authenticateAuthUserUnlock(auth_user_t * auth_user);
128 extern void authenticateAuthUserLock(auth_user_t * auth_user);
129 extern void authenticateAuthUserRequestUnlock(auth_user_request_t *);
130 Index: squid/src/structs.h
131 diff -c squid/src/structs.h:1.408.2.6 squid/src/structs.h:1.408.2.7
132 *** squid/src/structs.h:1.408.2.6 Sat Sep 7 17:11:23 2002
133 --- squid/src/structs.h Wed Oct 2 03:02:30 2002
138 /* how many 'processes' are working on this data */
140 + /* We only attempt authentication once per http request. This
141 + * is to allow multiple auth acl references from different _access areas
142 + * when using connection based authentication
144 + auth_acl_t lastReply;