50 cache.max_users = 64; |
50 cache.max_users = 64; |
51 cache.head = NULL; |
51 cache.head = NULL; |
52 cache.trail = NULL; |
52 cache.trail = NULL; |
53 } |
53 } |
54 |
54 |
55 User* auth_cache_get(char *authdb, char *user) { |
55 User* auth_cache_get(char *authdb, const char *user) { |
56 //printf("auth_cache_get: %s\n", user); |
56 //printf("auth_cache_get: %s\n", user); |
57 /* |
57 /* |
58 * create the key to access the map |
58 * create the key to access the map |
59 * key: authdb\0user |
59 * key: authdb\0user |
60 */ |
60 */ |
61 size_t authdblen = strlen(authdb); |
61 size_t authdblen = strlen(authdb); |
62 size_t userlen = strlen(user); |
62 size_t userlen = strlen(user); |
63 |
63 |
64 size_t keylen = authdblen + userlen + 1; |
64 size_t keylen = authdblen + userlen + 1; |
65 char *key = malloc(keylen); |
65 unsigned char *key = malloc(keylen); |
66 memcpy(key, authdb, authdblen); |
66 memcpy(key, authdb, authdblen); |
67 key[authdblen] = 0; |
67 key[authdblen] = 0; |
68 memcpy(key + authdblen + 1, user, userlen); |
68 memcpy(key + authdblen + 1, user, userlen); |
69 |
69 |
70 UcxKey mapkey = ucx_key(key, keylen); |
70 CxHashKey mapkey = cx_hash_key_bytes(key, keylen); |
71 |
71 |
72 // get cached user from map |
72 // get cached user from map |
73 time_t now = time(NULL); |
73 time_t now = time(NULL); |
74 size_t slot = mapkey.hash%cache.size; |
74 size_t slot = mapkey.hash%cache.size; |
75 |
75 |
82 } |
82 } |
83 // if we have an elm, the hash is correct |
83 // if we have an elm, the hash is correct |
84 if(elm) { |
84 if(elm) { |
85 // compare the key data to be sure it is the correct user |
85 // compare the key data to be sure it is the correct user |
86 int n = (mapkey.len > elm->key.len) ? elm->key.len : mapkey.len; |
86 int n = (mapkey.len > elm->key.len) ? elm->key.len : mapkey.len; |
87 if (!memcmp(elm->key.data, mapkey.data, n)) { |
87 if (!memcmp(elm->key.data.cbytes, mapkey.data.cbytes, n)) { |
88 // elm is now the correct UserCacheElm |
88 // elm is now the correct UserCacheElm |
89 // TODO: use configuration for expire time |
89 // TODO: use configuration for expire time |
90 if(now - elm->created > 120) { |
90 if(now - elm->created > 120) { |
91 // cached user expired |
91 // cached user expired |
92 // remove all users from the list from the first to this one |
92 // remove all users from the list from the first to this one |
138 cusr->user.check_group = (user_check_group_f)cached_user_check_group; |
138 cusr->user.check_group = (user_check_group_f)cached_user_check_group; |
139 cusr->user.free = (user_free_f)cached_user_unref; |
139 cusr->user.free = (user_free_f)cached_user_unref; |
140 |
140 |
141 cusr->authdb = strdup(authdb); |
141 cusr->authdb = strdup(authdb); |
142 cusr->password = strdup(password); |
142 cusr->password = strdup(password); |
143 cusr->groups = numgroups ? calloc(numgroups, sizeof(sstr_t)) : NULL; |
143 cusr->groups = numgroups ? calloc(numgroups, sizeof(cxmutstr)) : NULL; |
144 cusr->numgroups = numgroups; |
144 cusr->numgroups = numgroups; |
145 for(int i=0;i<numgroups;i++) { |
145 for(int i=0;i<numgroups;i++) { |
146 cusr->groups[i] = sstrdup(sstr(groups[i])); |
146 cusr->groups[i] = cx_strdup(cx_str(groups[i])); |
147 } |
147 } |
148 cusr->ref = 1; |
148 cusr->ref = 1; |
149 |
149 |
150 /* |
150 /* |
151 * add the user to the auth cache |
151 * add the user to the auth cache |
162 |
162 |
163 // create map key |
163 // create map key |
164 size_t authdblen = strlen(authdb); |
164 size_t authdblen = strlen(authdb); |
165 size_t userlen = strlen(user->name); |
165 size_t userlen = strlen(user->name); |
166 size_t keylen = authdblen + userlen + 1; |
166 size_t keylen = authdblen + userlen + 1; |
167 char *key = malloc(keylen); |
167 unsigned char *key = malloc(keylen); |
168 memcpy(key, authdb, authdblen); |
168 memcpy(key, authdb, authdblen); |
169 key[authdblen] = 0; |
169 key[authdblen] = 0; |
170 memcpy(key + authdblen + 1, user->name, userlen); |
170 memcpy(key + authdblen + 1, user->name, userlen); |
171 UcxKey mapkey = ucx_key(key, keylen); |
171 CxHashKey mapkey = cx_hash_key_bytes(key, keylen); |
172 |
172 |
173 elm->key.data = key; |
173 elm->key.data.bytes = key; |
174 elm->key.len = mapkey.len; |
174 elm->key.len = mapkey.len; |
175 elm->key.hash = mapkey.hash; |
175 elm->key.hash = mapkey.hash; |
176 elm->slot = mapkey.hash%cache.size; |
176 elm->slot = mapkey.hash%cache.size; |
177 |
177 |
178 // add user to list and map |
178 // add user to list and map |
235 prevelm->next_elm = elm->next_elm; |
235 prevelm->next_elm = elm->next_elm; |
236 } else { |
236 } else { |
237 cache.map[elm->slot] = elm->next_elm; |
237 cache.map[elm->slot] = elm->next_elm; |
238 } |
238 } |
239 |
239 |
240 free(elm->key.data); |
240 free(elm->key.data.bytes); |
241 cached_user_unref(elm->user); |
241 cached_user_unref(elm->user); |
242 free(elm); |
242 free(elm); |
243 |
243 |
244 cache.count--; |
244 cache.count--; |
245 } |
245 } |
246 |
246 |
247 int cached_user_verify_password(CachedUser *user, char *password) { |
247 int cached_user_verify_password(CachedUser *user, const char *password) { |
248 if(!strcmp(user->password, password)) { |
248 if(!strcmp(user->password, password)) { |
249 return 1; |
249 return 1; |
250 } else { |
250 } else { |
251 return 0; |
251 return 0; |
252 } |
252 } |
253 } |
253 } |
254 |
254 |
255 int cached_user_check_group(CachedUser *user, char *group) { |
255 int cached_user_check_group(CachedUser *user, const char *group) { |
256 sstr_t grp = sstr(group); |
256 cxstring grp = cx_str(group); |
257 for(int i=0;i<user->numgroups;i++) { |
257 for(int i=0;i<user->numgroups;i++) { |
258 if(!sstrcmp(user->groups[i], grp)) { |
258 if(!cx_strcmp(cx_strcast(user->groups[i]), grp)) { |
259 return 1; |
259 return 1; |
260 } |
260 } |
261 } |
261 } |
262 return 0; |
262 return 0; |
263 } |
263 } |
281 /* |
281 /* |
282 * public API |
282 * public API |
283 * from public/auth.h |
283 * from public/auth.h |
284 */ |
284 */ |
285 |
285 |
286 User* authdb_get_user(AuthDB *db, char *user) { |
286 User* authdb_get_user(AuthDB *db, const char *user) { |
287 if(db->use_cache) { |
287 if(db->use_cache) { |
288 User *u = auth_cache_get(db->name, user); |
288 User *u = auth_cache_get(db->name, user); |
289 if(u) { |
289 if(u) { |
290 return u; |
290 return u; |
291 } |
291 } |
292 } |
292 } |
293 return db->get_user(db, user); |
293 return db->get_user(db, user); |
294 } |
294 } |
295 |
295 |
296 User* authdb_get_and_verify(AuthDB *db, char *user, char *password, int *pw) { |
296 User* authdb_get_and_verify(AuthDB *db, const char *user, const char *password, int *pw) { |
297 User *u = NULL; |
297 User *u = NULL; |
298 // try getting the user from the cache |
298 // try getting the user from the cache |
299 if(db->use_cache) { |
299 if(db->use_cache) { |
300 u = auth_cache_get(db->name, user); |
300 u = auth_cache_get(db->name, user); |
301 if(u) { |
301 if(u) { |