summaryrefslogtreecommitdiffabout
authorSergey Poznyakoff <gray@gnu.org.ua>2016-01-24 15:41:38 (GMT)
committer Sergey Poznyakoff <gray@gnu.org.ua>2016-01-24 15:41:38 (GMT)
commit8c67fbd51faa3c175fef8160e187c4ac6b123fb6 (patch) (side-by-side diff)
tree5805ebc16b20aadc29798a6dadfefa8d48e298da
parenteb80640a4753350f000cbe0ee49f5a6a2bd5bc75 (diff)
downloadvmod-basicauth-varnish-4.0.tar.gz
vmod-basicauth-varnish-4.0.tar.bz2
Use thread-specific storage for crypt_r data.varnish-4.0
* src/vmod_basicauth.c (thread_once, thread_key): New statics. (init_function): Initialize thread_once. (getpriv): New function. (crypt_match): Take two parameters. Retrieve crypt_r data from the thread-specific storage. (plain_match, apr_match, sha1_match): Remove the pd parameter. (match): Likewise. (vmod_match): Change declaration. * src/vmod_basicauth.vcc (match): Remove PRIV_VCL.
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--src/vmod_basicauth.c49
-rw-r--r--src/vmod_basicauth.vcc2
2 files changed, 35 insertions, 16 deletions
diff --git a/src/vmod_basicauth.c b/src/vmod_basicauth.c
index 9dc99c3..76dbbf3 100644
--- a/src/vmod_basicauth.c
+++ b/src/vmod_basicauth.c
@@ -84,39 +84,58 @@ base64_decode(const unsigned char *input, size_t input_len,
} while (input_len > 0);
return out - output;
}
+
+static pthread_once_t thread_once = PTHREAD_ONCE_INIT;
+static pthread_key_t thread_key;
struct priv_data {
struct crypt_data cdat;
};
+static void
+make_key()
+{
+ pthread_key_create(&thread_key, free);
+}
+
+
int
init_function(struct vmod_priv *priv, const struct VCL_conf *conf)
{
- struct priv_data *p = malloc(sizeof(*p));
+ pthread_once(&thread_once, make_key);
+}
+
+static struct priv_data *
+getpriv(void)
+{
+ struct priv_data *p = pthread_getspecific(thread_key);
- p->cdat.initialized = 0;
- priv->priv = p;
- priv->free = free;
-
- return 0;
+ if (!p) {
+ p = malloc(sizeof(*p));
+ p->cdat.initialized = 0;
+ if (pthread_setspecific(thread_key, p))
+ abort();
+ }
+ return p;
}
/* Matchers */
static int
-crypt_match(const char *pass, const char *hash, struct priv_data *pd)
+crypt_match(const char *pass, const char *hash)
{
+ struct priv_data *pd = getpriv();
return strcmp(crypt_r(pass, hash, &pd->cdat), hash);
}
static int
-plain_match(const char *pass, const char *hash, struct priv_data *pd)
+plain_match(const char *pass, const char *hash)
{
return strcmp(pass, hash);
}
static int
-apr_match(const char *pass, const char *hash, struct priv_data *pd)
+apr_match(const char *pass, const char *hash)
{
unsigned char buf[120];
return strcmp(apr_md5_encode(pass, hash, buf, sizeof(buf)), hash);
@@ -125,7 +144,7 @@ apr_match(const char *pass, const char *hash, struct priv_data *pd)
#define SHA1_DIGEST_SIZE 20
static int
-sha1_match(const char *pass, const char *hash, struct priv_data *pd)
+sha1_match(const char *pass, const char *hash)
{
char hashbuf[SHA1_DIGEST_SIZE], resbuf[SHA1_DIGEST_SIZE];
int n;
@@ -149,7 +168,7 @@ sha1_match(const char *pass, const char *hash, struct priv_data *pd)
struct matcher {
char *cm_pfx;
size_t cm_len;
- int (*cm_match)(const char *, const char *, struct priv_data *);
+ int (*cm_match)(const char *, const char *);
};
static struct matcher match_tab[] = {
@@ -162,7 +181,7 @@ static struct matcher match_tab[] = {
};
static int
-match(const char *pass, const char *hash, struct priv_data *pd)
+match(const char *pass, const char *hash)
{
struct matcher *p;
size_t plen = strlen(hash);
@@ -170,7 +189,7 @@ match(const char *pass, const char *hash, struct priv_data *pd)
for (p = match_tab; p->cm_match; p++) {
if (p->cm_len < plen &&
memcmp(p->cm_pfx, hash, p->cm_len) == 0 &&
- p->cm_match(pass, hash, pd) == 0)
+ p->cm_match(pass, hash) == 0)
return 0;
}
return 1;
@@ -180,7 +199,7 @@ match(const char *pass, const char *hash, struct priv_data *pd)
#define BASICLEN (sizeof(BASICPREF)-1)
VCL_BOOL
-vmod_match(MOD_CTX sp, struct vmod_priv *priv, VCL_STRING file, VCL_STRING s)
+vmod_match(MOD_CTX sp, VCL_STRING file, VCL_STRING s)
{
char buf[1024];
char lbuf[1024];
@@ -237,7 +256,7 @@ vmod_match(MOD_CTX sp, struct vmod_priv *priv, VCL_STRING file, VCL_STRING s)
*q++ = 0;
if (strcmp(p, buf))
continue;
- rc = match(pass, q, priv->priv) == 0;
+ rc = match(pass, q) == 0;
// syslog(LOG_AUTHPRIV|LOG_DEBUG, "user=%s, rc=%d",p,rc);
break;
}
diff --git a/src/vmod_basicauth.vcc b/src/vmod_basicauth.vcc
index cda0d66..bebc1a2 100644
--- a/src/vmod_basicauth.vcc
+++ b/src/vmod_basicauth.vcc
@@ -30,7 +30,7 @@ Four kinds of password hashes are supported: Apache MD5, crypt, SHA1,
and plaintext.
$Init init_function
-$Function BOOL match(PRIV_VCL, STRING, STRING)
+$Function BOOL match(STRING, STRING)
Description
The **match** function returns **TRUE** or **FALSE** depending on whether

Return to:

Send suggestions and report system problems to the System administrator.