void
dnsSubmit(const char *lookup, HLPCB * callback, void *data)
{
char buf[256];
snprintf(buf, 256, "%s\n", lookup);
helperSubmit(dnsservers, buf, callback, data);
}
/* send the initial data to a digest authenticator module */
static void
authenticateDigestStart(auth_user_request_t * auth_user_request, RH * handler, void *data)
{
authenticateStateData *r = NULL;
char buf[8192];
digest_request_h *digest_request;
digest_user_h *digest_user;
assert(auth_user_request);
assert(handler);
assert(auth_user_request->auth_user->auth_type == AUTH_DIGEST);
assert(auth_user_request->auth_user->scheme_data != NULL);
assert(auth_user_request->scheme_data != NULL);
digest_request = auth_user_request->scheme_data;
digest_user = auth_user_request->auth_user->scheme_data;
debug(29, 9) ("authenticateStart: '\"%s\":\"%s\"'\n", digest_user->username,
digest_request->realm);
if (digestConfig->authenticate == NULL) {
handler(data, NULL);
return;
}
r = cbdataAlloc(authenticateStateData);
r->handler = handler;
cbdataLock(data);
r->data = data;
r->auth_user_request = auth_user_request;
authenticateAuthUserRequestLock(r->auth_user_request);
snprintf(buf, 8192, "\"%s\":\"%s\"\n", digest_user->username, digest_request->realm);
helperSubmit(digestauthenticators, buf, authenticateDigestHandleReply, r);
}
void
refreshCheckSubmit(StoreEntry * entry, REFRESHCHECK * callback, void *callback_data)
{
MemBuf buf;
const char *key;
refresh_check_helper *def = Config.Program.refresh_check;
refreshCheckState *state;
dlink_node *node;
refreshCheckState *oldstate = NULL;
if (!def) {
callback(callback_data, 0, NULL);
return;
}
key = makeRefreshCheckRequest(entry, def->format);
if (!key) {
callback(callback_data, 0, NULL);
return;
}
debug(84, 2) ("refreshCheckSubmit: for '%s'\n", key);
/* Check for a pending lookup to hook into */
for (node = def->queue.head; node; node = node->next) {
refreshCheckState *oldstatetmp = node->data;
if (entry == oldstatetmp->entry) {
oldstate = oldstatetmp;
break;
}
}
state = cbdataAlloc(refreshCheckState);
state->def = def;
cbdataLock(state->def);
state->entry = entry;
storeLockObject(entry);
state->callback = callback;
state->callback_data = callback_data;
cbdataLock(state->callback_data);
if (oldstate) {
/* Hook into pending lookup */
state->queue = oldstate->queue;
oldstate->queue = state;
} else {
/* No pending lookup found. Sumbit to helper */
/* Check for queue overload */
if (refreshCheckOverload(def)) {
debug(84, 1) ("refreshCheckSubmit: queue overload\n");
cbdataFree(state);
callback(callback_data, 0, "Overload");
return;
}
/* Send it off to the helper */
memBufDefInit(&buf);
memBufPrintf(&buf, "%s\n", key);
helperSubmit(def->helper, buf.buf, refreshCheckHandleReply, state);
dlinkAdd(state, &state->list, &def->queue);
memBufClean(&buf);
}
}
void
redirectStart(clientHttpRequest * http, RH * handler, void *data)
{
ConnStateData *conn = http->conn;
redirectStateData *r = NULL;
const char *fqdn;
char *urlgroup = conn->port->urlgroup;
char buf[8192];
char claddr[20];
char myaddr[20];
assert(http);
assert(handler);
debug(61, 5) ("redirectStart: '%s'\n", http->uri);
if (Config.onoff.redirector_bypass && redirectors->stats.queue_size) {
/* Skip redirector if there is one request queued */
n_bypassed++;
handler(data, NULL);
return;
}
r = cbdataAlloc(redirectStateData);
r->orig_url = xstrdup(http->uri);
r->client_addr = conn->log_addr;
r->client_ident = NULL;
if (http->request->auth_user_request)
r->client_ident = authenticateUserRequestUsername(http->request->auth_user_request);
else if (http->request->extacl_user) {
r->client_ident = http->request->extacl_user;
}
if (!r->client_ident && conn->rfc931[0])
r->client_ident = conn->rfc931;
#if USE_SSL
if (!r->client_ident)
r->client_ident = sslGetUserEmail(fd_table[conn->fd].ssl);
#endif
if (!r->client_ident)
r->client_ident = dash_str;
r->method_s = http->request->method->string;
r->handler = handler;
r->data = data;
cbdataLock(r->data);
if ((fqdn = fqdncache_gethostbyaddr(r->client_addr, 0)) == NULL)
fqdn = dash_str;
xstrncpy(claddr, inet_ntoa(r->client_addr), 20);
xstrncpy(myaddr, inet_ntoa(http->request->my_addr), 20);
snprintf(buf, 8191, "%s %s/%s %s %s %s myip=%s myport=%d",
r->orig_url,
claddr,
fqdn,
r->client_ident[0] ? rfc1738_escape(r->client_ident) : dash_str,
r->method_s,
urlgroup ? urlgroup : "-",
myaddr,
http->request->my_port);
debug(61, 6) ("redirectStart: sending '%s' to the helper\n", buf);
strcat(buf, "\n");
helperSubmit(redirectors, buf, redirectHandleReply, r);
}
/* send the initial data to a basic authenticator module */
static void
authenticateBasicStart(auth_user_request_t * auth_user_request, RH * handler, void *data)
{
authenticateStateData *r = NULL;
char buf[8192];
char user[1024], pass[1024];
basic_data *basic_auth;
assert(auth_user_request);
assert(handler);
assert(auth_user_request->auth_user->auth_type == AUTH_BASIC);
assert(auth_user_request->auth_user->scheme_data != NULL);
basic_auth = auth_user_request->auth_user->scheme_data;
debug(29, 9) ("authenticateStart: '%s:%s'\n", basic_auth->username,
basic_auth->passwd);
if (basicConfig->authenticate == NULL) {
handler(data, NULL);
return;
}
/* check to see if the auth_user already has a request outstanding */
if (basic_auth->flags.credentials_ok == 2) {
/* there is a request with the same credentials already being verified */
auth_basic_queue_node *node;
node = xmalloc(sizeof(auth_basic_queue_node));
assert(node);
/* save the details */
node->next = basic_auth->auth_queue;
basic_auth->auth_queue = node;
node->handler = handler;
node->data = data;
cbdataLock(data);
return;
} else {
r = cbdataAlloc(authenticateStateData);
r->handler = handler;
cbdataLock(data);
r->data = data;
r->auth_user_request = auth_user_request;
authenticateAuthUserRequestLock(r->auth_user_request);
/* mark the user as haveing verification in progress */
basic_auth->flags.credentials_ok = 2;
if (basicConfig->utf8) {
latin1_to_utf8(user, sizeof(user), basic_auth->username);
latin1_to_utf8(pass, sizeof(pass), basic_auth->passwd);
xstrncpy(user, rfc1738_escape(user), sizeof(user));
xstrncpy(pass, rfc1738_escape(pass), sizeof(pass));
} else {
xstrncpy(user, rfc1738_escape(basic_auth->username), sizeof(user));
xstrncpy(pass, rfc1738_escape(basic_auth->passwd), sizeof(pass));
}
snprintf(buf, sizeof(buf), "%s %s\n", user, pass);
helperSubmit(basicauthenticators, buf, authenticateBasicHandleReply, r);
}
}
void
dnsSubmit(const char *lookup, HLPCB * callback, void *data)
{
char buf[256];
static time_t first_warn = 0;
snprintf(buf, 256, "%s\n", lookup);
if (dnsservers->stats.queue_size >= dnsservers->n_running * 2) {
if (first_warn == 0)
first_warn = squid_curtime;
if (squid_curtime - first_warn > 3 * 60)
fatal("DNS servers not responding for 3 minutes");
debug(34, 1) ("dnsSubmit: queue overload, rejecting %s\n", lookup);
callback(data, (char *) "$fail Temporary network problem, please retry later");
return;
}
first_warn = 0;
helperSubmit(dnsservers, buf, callback, data);
}
void
redirectStart(clientHttpRequest * http, RH * handler, void *data)
{
ConnStateData *conn = http->conn;
redirectStateData *r = NULL;
const char *fqdn;
char buf[8192];
assert(http);
assert(handler);
debug(61, 5) ("redirectStart: '%s'\n", http->uri);
if (Config.onoff.redirector_bypass && redirectors->stats.queue_size) {
/* Skip redirector if there is one request queued */
n_bypassed++;
handler(data, NULL);
return;
}
r = cbdataAlloc(redirectStateData);
r->orig_url = xstrdup(http->uri);
r->client_addr = conn->log_addr;
if (http->request->auth_user_request)
r->client_ident = authenticateUserRequestUsername(http->request->auth_user_request);
else if (conn->rfc931[0]) {
r->client_ident = conn->rfc931;
} else {
r->client_ident = dash_str;
}
r->method_s = RequestMethodStr[http->request->method];
r->handler = handler;
r->data = data;
cbdataLock(r->data);
if ((fqdn = fqdncache_gethostbyaddr(r->client_addr, 0)) == NULL)
fqdn = dash_str;
snprintf(buf, 8192, "%s %s/%s %s %s\n",
r->orig_url,
inet_ntoa(r->client_addr),
fqdn,
r->client_ident[0] ? rfc1738_escape(r->client_ident) : dash_str,
r->method_s);
helperSubmit(redirectors, buf, redirectHandleReply, r);
}
void
authenticateStart(acl_proxy_auth_user * auth_user, RH * handler, void *data)
{
authenticateStateData *r = NULL;
char buf[8192];
assert(auth_user);
assert(handler);
debug(29, 5) ("authenticateStart: '%s:%s'\n", auth_user->user,
auth_user->passwd);
if (Config.Program.authenticate == NULL) {
handler(data, NULL);
return;
}
r = xcalloc(1, sizeof(authenticateStateData));
cbdataAdd(r, cbdataXfree, 0);
r->handler = handler;
cbdataLock(data);
r->data = data;
r->auth_user = auth_user;
snprintf(buf, 8192, "%s %s\n", r->auth_user->user, r->auth_user->passwd);
helperSubmit(authenticators, buf, authenticateHandleReply, r);
}
void
locationRewriteStart(HttpReply * rep, clientHttpRequest * http, RH * handler, void *data)
{
rewriteStateData *r = NULL;
const char *location = httpHeaderGetStr(&rep->header, HDR_LOCATION);
const char *urlgroup;
char buf[8192];
if (http->orig_request && http->orig_request->urlgroup)
urlgroup = http->orig_request->urlgroup;
else if (http->request && http->request->urlgroup)
urlgroup = http->request->urlgroup;
else
urlgroup = NULL;
assert(handler);
if (!urlgroup || !*urlgroup)
urlgroup = "-";
debug(29, 5) ("locationRewriteStart: '%s'\n", location);
if (Config.Program.location_rewrite.command == NULL) {
handler(data, NULL);
return;
}
if (Config.onoff.redirector_bypass && locrewriters->stats.queue_size) {
/* Skip rewriter if there is one request queued */
n_bypassed++;
handler(data, NULL);
return;
}
r = cbdataAlloc(rewriteStateData);
r->orig_url = xstrdup(location);
r->handler = handler;
r->data = data;
cbdataLock(r->data);
snprintf(buf, 8192, "%s %s %s\n",
r->orig_url, http->uri, urlgroup);
helperSubmit(locrewriters, buf, locationRewriteHandleReply, r);
}
void
externalAclLookup(aclCheck_t * ch, void *acl_data, EAH * callback, void *callback_data)
{
MemBuf buf;
external_acl_data *acl = acl_data;
external_acl *def = acl->def;
const char *key;
external_acl_entry *entry;
externalAclState *state;
if (acl->def->require_auth) {
int ti;
/* Make sure the user is authenticated */
if ((ti = aclAuthenticated(ch)) != 1) {
debug(82, 1) ("externalAclLookup: %s user authentication failure (%d)\n", acl->def->name, ti);
callback(callback_data, NULL);
return;
}
}
key = makeExternalAclKey(ch, acl);
if (!key) {
debug(82, 1) ("externalAclLookup: lookup in '%s', prerequisit failure\n", def->name);
callback(callback_data, NULL);
return;
}
debug(82, 2) ("externalAclLookup: lookup in '%s' for '%s'\n", def->name, key);
entry = hash_lookup(def->cache, key);
state = cbdataAlloc(externalAclState);
state->def = def;
cbdataLock(state->def);
state->callback = callback;
state->callback_data = callback_data;
state->key = xstrdup(key);
cbdataLock(state->callback_data);
if (entry && !external_acl_entry_expired(def, entry)) {
if (entry->result == -1) {
/* There is a pending lookup. Hook into it */
dlink_node *node;
for (node = def->queue.head; node; node = node->next) {
externalAclState *oldstate = node->data;
if (strcmp(state->key, oldstate->key) == 0) {
state->queue = oldstate->queue;
oldstate->queue = state;
return;
}
}
} else {
/* There is a cached valid result.. use it */
/* This should not really happen, but what the heck.. */
callback(callback_data, entry);
cbdataFree(state);
return;
}
}
/* Check for queue overload */
if (def->helper->stats.queue_size >= def->helper->n_running) {
int result = -1;
external_acl_entry *entry = hash_lookup(def->cache, key);
debug(82, 1) ("externalAclLookup: '%s' queue overload\n", def->name);
if (entry)
result = entry->result;
cbdataFree(state);
callback(callback_data, entry);
return;
}
/* Send it off to the helper */
memBufDefInit(&buf);
memBufPrintf(&buf, "%s\n", key);
helperSubmit(def->helper, buf.buf, externalAclHandleReply, state);
external_acl_cache_add(def, key, -1, NULL, NULL);
dlinkAdd(state, &state->list, &def->queue);
memBufClean(&buf);
}
