summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2004-04-25 00:08:47 +0000
committerStef Walter <stef@memberwebs.com>2004-04-25 00:08:47 +0000
commit36ab0775e1c5ec4352f36074cea8bfbe49302b80 (patch)
tree4b26db758323bae193318b3fc5cfa47517f5502c
parentb9cab65e320fccc04cd06694e717db5e4abb5dcc (diff)
Moved some common directives to the main config parser.
-rw-r--r--daemon/defaults.h1
-rw-r--r--daemon/httpauthd.c15
-rw-r--r--daemon/httpauthd.h3
-rw-r--r--daemon/ldap.c24
-rw-r--r--daemon/ntlm.c2
-rw-r--r--daemon/simple.c29
-rw-r--r--sample/httpauthd.conf7
7 files changed, 49 insertions, 32 deletions
diff --git a/daemon/defaults.h b/daemon/defaults.h
index 755d12c..a72e51a 100644
--- a/daemon/defaults.h
+++ b/daemon/defaults.h
@@ -5,5 +5,6 @@
#define DEFAULT_PENDING_MAX 16
#define DEFAULT_PENDING_TIMEOUT 60
#define DEFAULT_TIMEOUT 900
+#define DEFAULT_CACHEMAX 1024
#endif /* __DEFAULTS_H__ */
diff --git a/daemon/httpauthd.c b/daemon/httpauthd.c
index f640b5d..a2985a3 100644
--- a/daemon/httpauthd.c
+++ b/daemon/httpauthd.c
@@ -904,7 +904,8 @@ int config_parse(const char* file, ha_buffer_t* buf)
/* These are the default options for the contexts */
memset(&defaults, 0, sizeof(defaults));
defaults.types = 0xFFFFFFFF; /* All types by default */
- defaults.timeout = DEFAULT_TIMEOUT; /* Timeout for cache */
+ defaults.cache_timeout = DEFAULT_TIMEOUT; /* Timeout for cache */
+ defaults.cache_max = DEFAULT_CACHEMAX;
ha_bufreset(buf);
@@ -1032,7 +1033,17 @@ int config_parse(const char* file, ha_buffer_t* buf)
if(ha_confint(name, value, 0, 86400, &v) == HA_ERROR)
exit(1); /* Message already printed */
- (ctx ? ctx : &defaults)->timeout = v;
+ (ctx ? ctx : &defaults)->cache_timeout = v;
+ recog = 1;
+ }
+
+ else if(strcmp(name, "cachemax") == 0)
+ {
+ int v;
+ if(ha_confint(name, value, 0, 0x7FFFFFFF, &v) == HA_ERROR)
+ exit(1); /* Message already printed */
+
+ (ctx ? ctx : &defaults)->cache_max = v;
recog = 1;
}
diff --git a/daemon/httpauthd.h b/daemon/httpauthd.h
index b710444..55a4d90 100644
--- a/daemon/httpauthd.h
+++ b/daemon/httpauthd.h
@@ -174,7 +174,8 @@ typedef struct ha_context
const char* name; /* A name assigned by the configuration file */
ha_handler_t* handler; /* The original handler structure */
unsigned int types; /* The types of authentication allowed */
- int timeout; /* Timeout for cached connections */
+ int cache_timeout; /* Timeout for cached connections */
+ int cache_max; /* Maximum amount of cached connections */
void* data; /* Handler specific data */
}
ha_context_t;
diff --git a/daemon/ldap.c b/daemon/ldap.c
index 3ed7199..2474d09 100644
--- a/daemon/ldap.c
+++ b/daemon/ldap.c
@@ -74,6 +74,7 @@ typedef struct ldap_context
int dobind; /* Bind to do simple authentication */
int cache_max; /* Maximum number of connections at once */
+ int cache_timeout;
int ldap_max; /* Number of open connections allowed */
int ldap_timeout; /* Maximum amount of time to dedicate to an ldap query */
@@ -103,6 +104,7 @@ static const ldap_context_t ldap_defaults =
NULL, /* domains */
1, /* dobind */
1000, /* cache_max */
+ 30, /* cache_timeout */
10, /* ldap_max */
30, /* ldap_timeout */
NULL, /* cache */
@@ -939,7 +941,7 @@ static int digest_ldap_challenge(ldap_context_t* ctx, ha_response_t* resp,
}
static int digest_ldap_response(ldap_context_t* ctx, const char* header,
- const char* method, const char* uri, int timeout,
+ const char* method, const char* uri,
ha_response_t* resp, ha_buffer_t* buf)
{
unsigned char nonce[DIGEST_NONCE_LEN];
@@ -972,7 +974,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header,
rec = get_cached_digest(ctx, nonce);
/* Check to see if we're stale */
- if((expiry + timeout) <= time(NULL))
+ if((expiry + ctx->cache_timeout) <= time(NULL))
{
stale = 1;
goto finally;
@@ -1011,7 +1013,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header,
resp->detail = dg.username;
/* Figure out if we need a new nonce */
- if((expiry + (timeout - (timeout / 8))) < time(NULL))
+ if((expiry + (ctx->cache_timeout - (ctx->cache_timeout / 8))) < time(NULL))
{
digest_makenonce(nonce, g_ldap_secret, NULL);
stale = 1;
@@ -1151,11 +1153,6 @@ int ldap_config(ha_context_t* context, const char* name, const char* value)
return ha_confint(name, value, 0, 86400, &(ctx->ldap_timeout));
}
- else if(strcmp(name, "cachemax") == 0)
- {
- return ha_confint(name, value, 0, 0x7FFFFFFF, &(ctx->cache_max));
- }
-
return HA_FALSE;
}
@@ -1216,6 +1213,10 @@ int ldap_inithand(ha_context_t* context)
}
memset(ctx->pool, 0, sizeof(LDAP*) * ctx->ldap_max);
+
+ /* Copy some settings over for easy access */
+ ctx->cache_max = context->cache_max;
+ ctx->cache_timeout = context->cache_timeout;
}
return HA_OK;
@@ -1231,7 +1232,7 @@ void ldap_destroy(ha_context_t* context)
/* Note: We don't need to be thread safe here anymore */
ldap_context_t* ctx = (ldap_context_t*)(context->data);
- ASSERT(data);
+ ASSERT(ctx);
if(ctx->cache)
hash_free(ctx->cache);
@@ -1265,7 +1266,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req,
ha_lock(NULL);
/* Purge out stale connection stuff. */
- hash_purge(ctx->cache, t - context->timeout);
+ hash_purge(ctx->cache, t - ctx->cache_timeout);
ha_unlock(NULL);
@@ -1281,8 +1282,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req,
if(header)
{
ret = digest_ldap_response(ctx, header, req->args[AUTH_ARG_METHOD],
- req->args[AUTH_ARG_URI], context->timeout,
- resp, buf);
+ req->args[AUTH_ARG_URI], resp, buf);
if(ret == HA_ERROR)
return ret;
}
diff --git a/daemon/ntlm.c b/daemon/ntlm.c
index d567fe2..28284b9 100644
--- a/daemon/ntlm.c
+++ b/daemon/ntlm.c
@@ -654,7 +654,7 @@ int ntlm_process(ha_context_t* context, ha_request_t* req,
* well as half open connections which expire.
*/
hash_purge(ctx->pending, t - ctx->pending_timeout);
- hash_purge(ctx->established, t - context->timeout);
+ hash_purge(ctx->established, t - context->cache_timeout);
ha_unlock(NULL);
diff --git a/daemon/simple.c b/daemon/simple.c
index fdaa0e0..d51e9d9 100644
--- a/daemon/simple.c
+++ b/daemon/simple.c
@@ -25,10 +25,11 @@ unsigned char g_simple_secret[DIGEST_SECRET_LEN];
typedef struct simple_context
{
- const char* filename; /* The file name with the user names */
- const char* realm; /* The realm for basic authentication */
+ const char* filename; /* The file name with the user names */
+ const char* realm; /* The realm for basic authentication */
const char* domains; /* Domains for which digest auth is valid */
int cache_max; /* Maximum number of connections at once */
+ int cache_timeout;
/* Context ----------------------------------------------------------- */
hash_t* cache; /* Some cached records or basic */
@@ -41,7 +42,8 @@ static const simple_context_t simple_defaults =
NULL, /* filename */
NULL, /* realm */
NULL, /* domains */
- 1000, /* cache_max */
+ 0, /* cache_max */
+ 0, /* cache_timeout */
NULL /* cache */
};
@@ -381,7 +383,7 @@ static int simple_digest_challenge(simple_context_t* ctx, ha_response_t* resp,
}
static int simple_digest_response(simple_context_t* ctx, const char* header,
- const char* method, const char* uri, int timeout,
+ const char* method, const char* uri,
ha_response_t* resp, ha_buffer_t* buf)
{
unsigned char nonce[DIGEST_NONCE_LEN];
@@ -414,7 +416,7 @@ static int simple_digest_response(simple_context_t* ctx, const char* header,
rec = get_cached_digest(ctx, nonce);
/* Check to see if we're stale */
- if((expiry + timeout) <= time(NULL))
+ if((expiry + ctx->cache_timeout) <= time(NULL))
{
stale = 1;
goto finally;
@@ -453,7 +455,7 @@ static int simple_digest_response(simple_context_t* ctx, const char* header,
resp->detail = dg.username;
/* Figure out if we need a new nonce */
- if((expiry + (timeout - (timeout / 8))) < time(NULL))
+ if((expiry + (ctx->cache_timeout - (ctx->cache_timeout / 8))) < time(NULL))
{
digest_makenonce(nonce, g_simple_secret, NULL);
stale = 1;
@@ -518,11 +520,6 @@ int simple_config(ha_context_t* context, const char* name, const char* value)
return HA_OK;
}
- else if(strcmp(name, "cachemax") == 0)
- {
- return ha_confint(name, value, 0, 0x7FFFFFFF, &(ctx->cache_max));
- }
-
return HA_FALSE;
}
@@ -576,6 +573,11 @@ int simple_init(ha_context_t* context)
ha_messagex(LOG_CRIT, "out of memory");
return HA_ERROR;
}
+
+ /* Copy some settings over for easy access */
+ ctx->cache_max = context->cache_max;
+ ctx->cache_timeout = context->cache_timeout;
+
}
return HA_OK;
@@ -610,7 +612,7 @@ int simple_process(ha_context_t* context, ha_request_t* req,
ha_lock(NULL);
/* Purge the cache */
- hash_purge(ctx->cache, time(NULL) - context->timeout);
+ hash_purge(ctx->cache, time(NULL) - ctx->cache_timeout);
ha_unlock(NULL);
@@ -626,8 +628,7 @@ int simple_process(ha_context_t* context, ha_request_t* req,
if(header)
{
ret = simple_digest_response(ctx, header, req->args[AUTH_ARG_METHOD],
- req->args[AUTH_ARG_URI], context->timeout,
- resp, buf);
+ req->args[AUTH_ARG_URI], resp, buf);
if(ret == HA_ERROR)
return ret;
}
diff --git a/sample/httpauthd.conf b/sample/httpauthd.conf
index 142f766..a296c36 100644
--- a/sample/httpauthd.conf
+++ b/sample/httpauthd.conf
@@ -1,8 +1,11 @@
# Some comments
# and blank lines
-Socket: /var/run/blah.sock
MaxThreads: 18
+CacheTimeout: 300
+AuthTypes: NTLM
-Realm: My test realm
+[Simple]
+Realm: blah
+PasswordFile: /data/projects/httpauth/sample/passwd.file