9eec0a646b
This patch remove the limit of 32 groups. It also permit to use standard "pat_parse_str()" function in place of "pat_parse_strcat()". The "pat_parse_strcat()" is no longer used and its removed. Before this patch, the groups are stored in a bitfield, now they are stored in a list of strings. The matching is slower, but the number of groups is low and generally the list of allowed groups is short. The fetch function "smp_fetch_http_auth_grp()" used with the name "http_auth_group" return valid username. It can be used as string for displaying the username or with the acl "http_auth_group" for checking the group of the user. Maybe the names of the ACL and fetch methods are no longer suitable, but I keep the current names for conserving the compatibility with existing configurations. The function "userlist_postinit()" is created from verification code stored in the big function "check_config_validity()". The code is adapted to the new authentication storage system and it is moved in the "src/auth.c" file. This function is used to check the validity of the users declared in groups and to check the validity of groups declared on the "user" entries. This resolve function is executed before the check of all proxy because many acl needs solved users and groups.
60 lines
1.2 KiB
C
60 lines
1.2 KiB
C
/*
|
|
* User authentication & authorization.
|
|
*
|
|
* Copyright 2010 Krzysztof Piotr Oledzki <ole@ans.pl>
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version
|
|
* 2 of the License, or (at your option) any later version.
|
|
*
|
|
*/
|
|
|
|
#ifndef _TYPES_AUTH_H
|
|
#define _TYPES_AUTH_H
|
|
|
|
#include <common/config.h>
|
|
#include <common/mini-clist.h>
|
|
|
|
#include <types/auth.h>
|
|
|
|
#define AU_O_INSECURE 0x00000001 /* insecure, unencrypted password */
|
|
|
|
struct auth_groups {
|
|
struct auth_groups *next;
|
|
char *name;
|
|
char *groupusers; /* Just used during the configuration parsing. */
|
|
};
|
|
|
|
struct auth_groups_list {
|
|
struct auth_groups_list *next;
|
|
struct auth_groups *group;
|
|
};
|
|
|
|
struct auth_users {
|
|
struct auth_users *next;
|
|
unsigned int flags;
|
|
char *user, *pass;
|
|
union {
|
|
char *groups_names; /* Just used during the configuration parsing. */
|
|
struct auth_groups_list *groups;
|
|
} u;
|
|
};
|
|
|
|
struct userlist {
|
|
struct userlist *next;
|
|
char *name;
|
|
struct auth_users *users;
|
|
struct auth_groups *groups;
|
|
};
|
|
|
|
#endif /* _TYPES_AUTH_H */
|
|
|
|
/*
|
|
* Local variables:
|
|
* c-indent-level: 8
|
|
* c-basic-offset: 8
|
|
* End:
|
|
*/
|
|
|