Tue, 12 Sep 2023 18:08:11 +0200
update uwproj
38
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
1 | /* |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
3 | * |
44
3da1f7b6847f
added some error messages
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
38
diff
changeset
|
4 | * Copyright 2013 Olaf Wintermann. All rights reserved. |
38
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
5 | * |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
6 | * Redistribution and use in source and binary forms, with or without |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
7 | * modification, are permitted provided that the following conditions are met: |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
8 | * |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
9 | * 1. Redistributions of source code must retain the above copyright |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
10 | * notice, this list of conditions and the following disclaimer. |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
11 | * |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
12 | * 2. Redistributions in binary form must reproduce the above copyright |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
13 | * notice, this list of conditions and the following disclaimer in the |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
14 | * documentation and/or other materials provided with the distribution. |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
15 | * |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
26 | * POSSIBILITY OF SUCH DAMAGE. |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
27 | */ |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
28 | |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
29 | #include <stdio.h> |
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
30 | #include <stdlib.h> |
91 | 31 | #include <string.h> |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
32 | #include <pthread.h> |
38
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
33 | |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
34 | #include <cx/map.h> |
92
382bff43c6eb
fixed some includes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
91
diff
changeset
|
35 | |
115
51d9a15eac98
improves logging
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
92
diff
changeset
|
36 | #include "../public/nsapi.h" |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
37 | #include "../util/atomic.h" |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
38 | #include "auth.h" |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
39 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
40 | static pthread_mutex_t auth_cache_mutex = PTHREAD_MUTEX_INITIALIZER; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
41 | static UserCache cache; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
42 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
43 | void auth_cache_init() { |
115
51d9a15eac98
improves logging
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
92
diff
changeset
|
44 | log_ereport(LOG_VERBOSE, "auth_cache_init"); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
45 | // TODO: config parameters |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
46 | //pthread_mutex_init(&auth_cache_mutex, NULL); |
77 | 47 | cache.map = calloc(80, sizeof(UserCacheElm)); |
48 | cache.size = 80; | |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
49 | cache.count = 0; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
50 | cache.max_users = 64; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
51 | cache.head = NULL; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
52 | cache.trail = NULL; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
53 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
54 | |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
55 | User* auth_cache_get(char *authdb, const char *user) { |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
56 | //printf("auth_cache_get: %s\n", user); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
57 | /* |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
58 | * create the key to access the map |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
59 | * key: authdb\0user |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
60 | */ |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
61 | size_t authdblen = strlen(authdb); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
62 | size_t userlen = strlen(user); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
63 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
64 | size_t keylen = authdblen + userlen + 1; |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
65 | unsigned char *key = malloc(keylen); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
66 | memcpy(key, authdb, authdblen); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
67 | key[authdblen] = 0; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
68 | memcpy(key + authdblen + 1, user, userlen); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
69 | |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
70 | CxHashKey mapkey = cx_hash_key_bytes(key, keylen); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
71 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
72 | // get cached user from map |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
73 | time_t now = time(NULL); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
74 | size_t slot = mapkey.hash%cache.size; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
75 | |
67
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
76 | User *u = NULL; |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
77 | pthread_mutex_lock(&auth_cache_mutex); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
78 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
79 | UserCacheElm *elm = cache.map[slot]; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
80 | while(elm && elm->key.hash != mapkey.hash) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
81 | elm = elm->next_elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
82 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
83 | // if we have an elm, the hash is correct |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
84 | if(elm) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
85 | // compare the key data to be sure it is the correct user |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
86 | int n = (mapkey.len > elm->key.len) ? elm->key.len : mapkey.len; |
490 | 87 | if (!memcmp(elm->key.data, mapkey.data, n)) { |
67
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
88 | // elm is now the correct UserCacheElm |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
89 | // TODO: use configuration for expire time |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
90 | if(now - elm->created > 120) { |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
91 | // cached user expired |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
92 | // remove all users from the list from the first to this one |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
93 | UserCacheElm *e = cache.head; |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
94 | while(e) { |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
95 | if(e == elm) { |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
96 | break; |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
97 | } |
133
87b405d61f64
improves event handler and ssl error handling
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
115
diff
changeset
|
98 | UserCacheElm *nu = e->next_user; |
67
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
99 | auth_cache_remove_from_map(e); |
133
87b405d61f64
improves event handler and ssl error handling
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
115
diff
changeset
|
100 | e = nu; |
67
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
101 | } |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
102 | cache.head = elm->next_user; |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
103 | if(cache.trail == elm) { |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
104 | cache.trail = NULL; |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
105 | } |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
106 | auth_cache_remove_from_map(elm); |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
107 | u = NULL; |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
108 | } else { |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
109 | u = (User*)elm->user; |
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
110 | } |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
111 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
112 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
113 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
114 | pthread_mutex_unlock(&auth_cache_mutex); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
115 | free(key); |
67
50505dc3f8a6
dynamic thread pool
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
66
diff
changeset
|
116 | return u; |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
117 | } |
38
d07810b02147
added ldap authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
118 | |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
119 | void auth_cache_add( |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
120 | char *authdb, |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
121 | User *user, |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
122 | const char *password, |
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
123 | const char **groups, |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
124 | size_t numgroups) |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
125 | { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
126 | //printf("auth_cache_add: %s\n", user->name); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
127 | /* |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
128 | * this function does not check, if the user is already in the map |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
129 | * use it only after auth_cache_get |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
130 | */ |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
131 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
132 | CachedUser *cusr = malloc(sizeof(CachedUser)); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
133 | cusr->user.name = strdup(user->name); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
134 | cusr->user.uid = user->uid; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
135 | cusr->user.gid = user->gid; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
136 | cusr->user.verify_password = |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
137 | (user_verify_passwd_f)cached_user_verify_password; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
138 | cusr->user.check_group = (user_check_group_f)cached_user_check_group; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
139 | cusr->user.free = (user_free_f)cached_user_unref; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
140 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
141 | cusr->authdb = strdup(authdb); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
142 | cusr->password = strdup(password); |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
143 | cusr->groups = numgroups ? calloc(numgroups, sizeof(cxmutstr)) : NULL; |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
144 | cusr->numgroups = numgroups; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
145 | for(int i=0;i<numgroups;i++) { |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
146 | cusr->groups[i] = cx_strdup(cx_str(groups[i])); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
147 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
148 | cusr->ref = 1; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
149 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
150 | /* |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
151 | * add the user to the auth cache |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
152 | * the auth cache is a list of all cached users |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
153 | */ |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
154 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
155 | // create list element |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
156 | time_t now = time(NULL); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
157 | UserCacheElm *elm = malloc(sizeof(UserCacheElm)); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
158 | elm->user = cusr; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
159 | elm->created = now; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
160 | elm->next_elm = NULL; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
161 | elm->next_user = NULL; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
162 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
163 | // create map key |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
164 | size_t authdblen = strlen(authdb); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
165 | size_t userlen = strlen(user->name); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
166 | size_t keylen = authdblen + userlen + 1; |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
167 | unsigned char *key = malloc(keylen); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
168 | memcpy(key, authdb, authdblen); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
169 | key[authdblen] = 0; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
170 | memcpy(key + authdblen + 1, user->name, userlen); |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
171 | CxHashKey mapkey = cx_hash_key_bytes(key, keylen); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
172 | |
490 | 173 | elm->key.data = key; |
400
d814b29e8d96
fix warning caused by an ucx update that changed UcxKey data to const
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
133
diff
changeset
|
174 | elm->key.len = mapkey.len; |
d814b29e8d96
fix warning caused by an ucx update that changed UcxKey data to const
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
133
diff
changeset
|
175 | elm->key.hash = mapkey.hash; |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
176 | elm->slot = mapkey.hash%cache.size; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
177 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
178 | // add user to list and map |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
179 | pthread_mutex_lock(&auth_cache_mutex); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
180 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
181 | // remove the first cached user if expired or the cache is full |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
182 | if(cache.head && |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
183 | (cache.count >= cache.max_users || now-cache.head->created > 120)) |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
184 | { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
185 | UserCacheElm *first = cache.head; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
186 | cache.head = first->next_user; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
187 | if(!cache.head) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
188 | cache.trail = NULL; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
189 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
190 | auth_cache_remove_from_map(first); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
191 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
192 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
193 | // add to map |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
194 | UserCacheElm *prevelm = cache.map[elm->slot]; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
195 | if(prevelm) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
196 | for(;;) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
197 | if(!prevelm->next_elm) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
198 | break; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
199 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
200 | prevelm = prevelm->next_elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
201 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
202 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
203 | if(prevelm) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
204 | prevelm->next_elm = elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
205 | } else { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
206 | cache.map[elm->slot] = elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
207 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
208 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
209 | // add to list |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
210 | if(cache.head) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
211 | cache.trail->next_user = elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
212 | cache.trail = elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
213 | } else { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
214 | cache.head = elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
215 | cache.trail = elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
216 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
217 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
218 | cache.count++; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
219 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
220 | pthread_mutex_unlock(&auth_cache_mutex); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
221 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
222 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
223 | void auth_cache_remove_from_map(UserCacheElm *elm) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
224 | UserCacheElm *prevelm = NULL; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
225 | UserCacheElm *e = cache.map[elm->slot]; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
226 | while(e) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
227 | if(e == elm) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
228 | break; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
229 | } else { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
230 | prevelm = e; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
231 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
232 | e = e->next_elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
233 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
234 | if(prevelm) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
235 | prevelm->next_elm = elm->next_elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
236 | } else { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
237 | cache.map[elm->slot] = elm->next_elm; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
238 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
239 | |
490 | 240 | free((void*)elm->key.data); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
241 | cached_user_unref(elm->user); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
242 | free(elm); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
243 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
244 | cache.count--; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
245 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
246 | |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
247 | int cached_user_verify_password(CachedUser *user, const char *password) { |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
248 | if(!strcmp(user->password, password)) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
249 | return 1; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
250 | } else { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
251 | return 0; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
252 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
253 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
254 | |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
255 | int cached_user_check_group(CachedUser *user, const char *group) { |
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
256 | cxstring grp = cx_str(group); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
257 | for(int i=0;i<user->numgroups;i++) { |
415
d938228c382e
switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
400
diff
changeset
|
258 | if(!cx_strcmp(cx_strcast(user->groups[i]), grp)) { |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
259 | return 1; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
260 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
261 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
262 | return 0; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
263 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
264 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
265 | void cached_user_unref(CachedUser *user) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
266 | uint32_t ref = ws_atomic_dec32(&user->ref); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
267 | if(ref == 0) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
268 | cached_user_delete(user); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
269 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
270 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
271 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
272 | void cached_user_delete(CachedUser *user) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
273 | free(user->user.name); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
274 | free(user->authdb); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
275 | free(user->password); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
276 | free(user->groups); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
277 | free(user); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
278 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
279 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
280 | |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
281 | /* |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
282 | * public API |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
283 | * from public/auth.h |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
284 | */ |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
285 | |
467
4d038bc6f86e
refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
415
diff
changeset
|
286 | User* authdb_get_user(AuthDB *db, Session *sn, Request *rq, const char *user) { |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
287 | if(db->use_cache) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
288 | User *u = auth_cache_get(db->name, user); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
289 | if(u) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
290 | return u; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
291 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
292 | } |
467
4d038bc6f86e
refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
415
diff
changeset
|
293 | return db->get_user(db, sn, rq, user); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
294 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
295 | |
467
4d038bc6f86e
refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
415
diff
changeset
|
296 | User* authdb_get_and_verify(AuthDB *db, Session *sn, Request *rq, const char *user, const char *password, int *pw) { |
4d038bc6f86e
refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
415
diff
changeset
|
297 | User *u = authdb_get_user(db, sn, rq, user); |
66
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
298 | if(u) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
299 | if(u->verify_password(u, password)) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
300 | if(db->use_cache) { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
301 | auth_cache_add(db->name, u, password, NULL, 0); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
302 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
303 | *pw = 1; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
304 | } else { |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
305 | *pw = 0; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
306 | u->free(u); |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
307 | u = NULL; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
308 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
309 | } |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
310 | return u; |
74babc0082b7
added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
311 | } |