diff options
author | Stef Walter <stef@memberwebs.com> | 2004-04-25 00:08:47 +0000 |
---|---|---|
committer | Stef Walter <stef@memberwebs.com> | 2004-04-25 00:08:47 +0000 |
commit | 36ab0775e1c5ec4352f36074cea8bfbe49302b80 (patch) | |
tree | 4b26db758323bae193318b3fc5cfa47517f5502c | |
parent | b9cab65e320fccc04cd06694e717db5e4abb5dcc (diff) |
Moved some common directives to the main config parser.
-rw-r--r-- | daemon/defaults.h | 1 | ||||
-rw-r--r-- | daemon/httpauthd.c | 15 | ||||
-rw-r--r-- | daemon/httpauthd.h | 3 | ||||
-rw-r--r-- | daemon/ldap.c | 24 | ||||
-rw-r--r-- | daemon/ntlm.c | 2 | ||||
-rw-r--r-- | daemon/simple.c | 29 | ||||
-rw-r--r-- | sample/httpauthd.conf | 7 |
7 files changed, 49 insertions, 32 deletions
diff --git a/daemon/defaults.h b/daemon/defaults.h index 755d12c..a72e51a 100644 --- a/daemon/defaults.h +++ b/daemon/defaults.h @@ -5,5 +5,6 @@ #define DEFAULT_PENDING_MAX 16 #define DEFAULT_PENDING_TIMEOUT 60 #define DEFAULT_TIMEOUT 900 +#define DEFAULT_CACHEMAX 1024 #endif /* __DEFAULTS_H__ */ diff --git a/daemon/httpauthd.c b/daemon/httpauthd.c index f640b5d..a2985a3 100644 --- a/daemon/httpauthd.c +++ b/daemon/httpauthd.c @@ -904,7 +904,8 @@ int config_parse(const char* file, ha_buffer_t* buf) /* These are the default options for the contexts */ memset(&defaults, 0, sizeof(defaults)); defaults.types = 0xFFFFFFFF; /* All types by default */ - defaults.timeout = DEFAULT_TIMEOUT; /* Timeout for cache */ + defaults.cache_timeout = DEFAULT_TIMEOUT; /* Timeout for cache */ + defaults.cache_max = DEFAULT_CACHEMAX; ha_bufreset(buf); @@ -1032,7 +1033,17 @@ int config_parse(const char* file, ha_buffer_t* buf) if(ha_confint(name, value, 0, 86400, &v) == HA_ERROR) exit(1); /* Message already printed */ - (ctx ? ctx : &defaults)->timeout = v; + (ctx ? ctx : &defaults)->cache_timeout = v; + recog = 1; + } + + else if(strcmp(name, "cachemax") == 0) + { + int v; + if(ha_confint(name, value, 0, 0x7FFFFFFF, &v) == HA_ERROR) + exit(1); /* Message already printed */ + + (ctx ? ctx : &defaults)->cache_max = v; recog = 1; } diff --git a/daemon/httpauthd.h b/daemon/httpauthd.h index b710444..55a4d90 100644 --- a/daemon/httpauthd.h +++ b/daemon/httpauthd.h @@ -174,7 +174,8 @@ typedef struct ha_context const char* name; /* A name assigned by the configuration file */ ha_handler_t* handler; /* The original handler structure */ unsigned int types; /* The types of authentication allowed */ - int timeout; /* Timeout for cached connections */ + int cache_timeout; /* Timeout for cached connections */ + int cache_max; /* Maximum amount of cached connections */ void* data; /* Handler specific data */ } ha_context_t; diff --git a/daemon/ldap.c b/daemon/ldap.c index 3ed7199..2474d09 100644 --- a/daemon/ldap.c +++ b/daemon/ldap.c @@ -74,6 +74,7 @@ typedef struct ldap_context int dobind; /* Bind to do simple authentication */ int cache_max; /* Maximum number of connections at once */ + int cache_timeout; int ldap_max; /* Number of open connections allowed */ int ldap_timeout; /* Maximum amount of time to dedicate to an ldap query */ @@ -103,6 +104,7 @@ static const ldap_context_t ldap_defaults = NULL, /* domains */ 1, /* dobind */ 1000, /* cache_max */ + 30, /* cache_timeout */ 10, /* ldap_max */ 30, /* ldap_timeout */ NULL, /* cache */ @@ -939,7 +941,7 @@ static int digest_ldap_challenge(ldap_context_t* ctx, ha_response_t* resp, } static int digest_ldap_response(ldap_context_t* ctx, const char* header, - const char* method, const char* uri, int timeout, + const char* method, const char* uri, ha_response_t* resp, ha_buffer_t* buf) { unsigned char nonce[DIGEST_NONCE_LEN]; @@ -972,7 +974,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header, rec = get_cached_digest(ctx, nonce); /* Check to see if we're stale */ - if((expiry + timeout) <= time(NULL)) + if((expiry + ctx->cache_timeout) <= time(NULL)) { stale = 1; goto finally; @@ -1011,7 +1013,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header, resp->detail = dg.username; /* Figure out if we need a new nonce */ - if((expiry + (timeout - (timeout / 8))) < time(NULL)) + if((expiry + (ctx->cache_timeout - (ctx->cache_timeout / 8))) < time(NULL)) { digest_makenonce(nonce, g_ldap_secret, NULL); stale = 1; @@ -1151,11 +1153,6 @@ int ldap_config(ha_context_t* context, const char* name, const char* value) return ha_confint(name, value, 0, 86400, &(ctx->ldap_timeout)); } - else if(strcmp(name, "cachemax") == 0) - { - return ha_confint(name, value, 0, 0x7FFFFFFF, &(ctx->cache_max)); - } - return HA_FALSE; } @@ -1216,6 +1213,10 @@ int ldap_inithand(ha_context_t* context) } memset(ctx->pool, 0, sizeof(LDAP*) * ctx->ldap_max); + + /* Copy some settings over for easy access */ + ctx->cache_max = context->cache_max; + ctx->cache_timeout = context->cache_timeout; } return HA_OK; @@ -1231,7 +1232,7 @@ void ldap_destroy(ha_context_t* context) /* Note: We don't need to be thread safe here anymore */ ldap_context_t* ctx = (ldap_context_t*)(context->data); - ASSERT(data); + ASSERT(ctx); if(ctx->cache) hash_free(ctx->cache); @@ -1265,7 +1266,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req, ha_lock(NULL); /* Purge out stale connection stuff. */ - hash_purge(ctx->cache, t - context->timeout); + hash_purge(ctx->cache, t - ctx->cache_timeout); ha_unlock(NULL); @@ -1281,8 +1282,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req, if(header) { ret = digest_ldap_response(ctx, header, req->args[AUTH_ARG_METHOD], - req->args[AUTH_ARG_URI], context->timeout, - resp, buf); + req->args[AUTH_ARG_URI], resp, buf); if(ret == HA_ERROR) return ret; } diff --git a/daemon/ntlm.c b/daemon/ntlm.c index d567fe2..28284b9 100644 --- a/daemon/ntlm.c +++ b/daemon/ntlm.c @@ -654,7 +654,7 @@ int ntlm_process(ha_context_t* context, ha_request_t* req, * well as half open connections which expire. */ hash_purge(ctx->pending, t - ctx->pending_timeout); - hash_purge(ctx->established, t - context->timeout); + hash_purge(ctx->established, t - context->cache_timeout); ha_unlock(NULL); diff --git a/daemon/simple.c b/daemon/simple.c index fdaa0e0..d51e9d9 100644 --- a/daemon/simple.c +++ b/daemon/simple.c @@ -25,10 +25,11 @@ unsigned char g_simple_secret[DIGEST_SECRET_LEN]; typedef struct simple_context { - const char* filename; /* The file name with the user names */ - const char* realm; /* The realm for basic authentication */ + const char* filename; /* The file name with the user names */ + const char* realm; /* The realm for basic authentication */ const char* domains; /* Domains for which digest auth is valid */ int cache_max; /* Maximum number of connections at once */ + int cache_timeout; /* Context ----------------------------------------------------------- */ hash_t* cache; /* Some cached records or basic */ @@ -41,7 +42,8 @@ static const simple_context_t simple_defaults = NULL, /* filename */ NULL, /* realm */ NULL, /* domains */ - 1000, /* cache_max */ + 0, /* cache_max */ + 0, /* cache_timeout */ NULL /* cache */ }; @@ -381,7 +383,7 @@ static int simple_digest_challenge(simple_context_t* ctx, ha_response_t* resp, } static int simple_digest_response(simple_context_t* ctx, const char* header, - const char* method, const char* uri, int timeout, + const char* method, const char* uri, ha_response_t* resp, ha_buffer_t* buf) { unsigned char nonce[DIGEST_NONCE_LEN]; @@ -414,7 +416,7 @@ static int simple_digest_response(simple_context_t* ctx, const char* header, rec = get_cached_digest(ctx, nonce); /* Check to see if we're stale */ - if((expiry + timeout) <= time(NULL)) + if((expiry + ctx->cache_timeout) <= time(NULL)) { stale = 1; goto finally; @@ -453,7 +455,7 @@ static int simple_digest_response(simple_context_t* ctx, const char* header, resp->detail = dg.username; /* Figure out if we need a new nonce */ - if((expiry + (timeout - (timeout / 8))) < time(NULL)) + if((expiry + (ctx->cache_timeout - (ctx->cache_timeout / 8))) < time(NULL)) { digest_makenonce(nonce, g_simple_secret, NULL); stale = 1; @@ -518,11 +520,6 @@ int simple_config(ha_context_t* context, const char* name, const char* value) return HA_OK; } - else if(strcmp(name, "cachemax") == 0) - { - return ha_confint(name, value, 0, 0x7FFFFFFF, &(ctx->cache_max)); - } - return HA_FALSE; } @@ -576,6 +573,11 @@ int simple_init(ha_context_t* context) ha_messagex(LOG_CRIT, "out of memory"); return HA_ERROR; } + + /* Copy some settings over for easy access */ + ctx->cache_max = context->cache_max; + ctx->cache_timeout = context->cache_timeout; + } return HA_OK; @@ -610,7 +612,7 @@ int simple_process(ha_context_t* context, ha_request_t* req, ha_lock(NULL); /* Purge the cache */ - hash_purge(ctx->cache, time(NULL) - context->timeout); + hash_purge(ctx->cache, time(NULL) - ctx->cache_timeout); ha_unlock(NULL); @@ -626,8 +628,7 @@ int simple_process(ha_context_t* context, ha_request_t* req, if(header) { ret = simple_digest_response(ctx, header, req->args[AUTH_ARG_METHOD], - req->args[AUTH_ARG_URI], context->timeout, - resp, buf); + req->args[AUTH_ARG_URI], resp, buf); if(ret == HA_ERROR) return ret; } diff --git a/sample/httpauthd.conf b/sample/httpauthd.conf index 142f766..a296c36 100644 --- a/sample/httpauthd.conf +++ b/sample/httpauthd.conf @@ -1,8 +1,11 @@ # Some comments # and blank lines -Socket: /var/run/blah.sock MaxThreads: 18 +CacheTimeout: 300 +AuthTypes: NTLM -Realm: My test realm +[Simple] +Realm: blah +PasswordFile: /data/projects/httpauth/sample/passwd.file |