diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2016-01-24 17:41:38 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2016-01-24 17:41:38 +0200 |
commit | 8c67fbd51faa3c175fef8160e187c4ac6b123fb6 (patch) | |
tree | 5805ebc16b20aadc29798a6dadfefa8d48e298da | |
parent | eb80640a4753350f000cbe0ee49f5a6a2bd5bc75 (diff) | |
download | vmod-basicauth-8c67fbd51faa3c175fef8160e187c4ac6b123fb6.tar.gz vmod-basicauth-8c67fbd51faa3c175fef8160e187c4ac6b123fb6.tar.bz2 |
Use thread-specific storage for crypt_r data.varnish-4.0
* src/vmod_basicauth.c (thread_once, thread_key): New statics.
(init_function): Initialize thread_once.
(getpriv): New function.
(crypt_match): Take two parameters. Retrieve crypt_r data from the
thread-specific storage.
(plain_match, apr_match, sha1_match): Remove the pd parameter.
(match): Likewise.
(vmod_match): Change declaration.
* src/vmod_basicauth.vcc (match): Remove PRIV_VCL.
-rw-r--r-- | src/vmod_basicauth.c | 49 | ||||
-rw-r--r-- | src/vmod_basicauth.vcc | 2 |
2 files changed, 35 insertions, 16 deletions
diff --git a/src/vmod_basicauth.c b/src/vmod_basicauth.c index 9dc99c3..76dbbf3 100644 --- a/src/vmod_basicauth.c +++ b/src/vmod_basicauth.c @@ -84,39 +84,58 @@ base64_decode(const unsigned char *input, size_t input_len, } while (input_len > 0); return out - output; } + +static pthread_once_t thread_once = PTHREAD_ONCE_INIT; +static pthread_key_t thread_key; struct priv_data { struct crypt_data cdat; }; +static void +make_key() +{ + pthread_key_create(&thread_key, free); +} + + int init_function(struct vmod_priv *priv, const struct VCL_conf *conf) { - struct priv_data *p = malloc(sizeof(*p)); + pthread_once(&thread_once, make_key); +} + +static struct priv_data * +getpriv(void) +{ + struct priv_data *p = pthread_getspecific(thread_key); - p->cdat.initialized = 0; - priv->priv = p; - priv->free = free; - - return 0; + if (!p) { + p = malloc(sizeof(*p)); + p->cdat.initialized = 0; + if (pthread_setspecific(thread_key, p)) + abort(); + } + return p; } /* Matchers */ static int -crypt_match(const char *pass, const char *hash, struct priv_data *pd) +crypt_match(const char *pass, const char *hash) { + struct priv_data *pd = getpriv(); return strcmp(crypt_r(pass, hash, &pd->cdat), hash); } static int -plain_match(const char *pass, const char *hash, struct priv_data *pd) +plain_match(const char *pass, const char *hash) { return strcmp(pass, hash); } static int -apr_match(const char *pass, const char *hash, struct priv_data *pd) +apr_match(const char *pass, const char *hash) { unsigned char buf[120]; return strcmp(apr_md5_encode(pass, hash, buf, sizeof(buf)), hash); @@ -125,7 +144,7 @@ apr_match(const char *pass, const char *hash, struct priv_data *pd) #define SHA1_DIGEST_SIZE 20 static int -sha1_match(const char *pass, const char *hash, struct priv_data *pd) +sha1_match(const char *pass, const char *hash) { char hashbuf[SHA1_DIGEST_SIZE], resbuf[SHA1_DIGEST_SIZE]; int n; @@ -149,7 +168,7 @@ sha1_match(const char *pass, const char *hash, struct priv_data *pd) struct matcher { char *cm_pfx; size_t cm_len; - int (*cm_match)(const char *, const char *, struct priv_data *); + int (*cm_match)(const char *, const char *); }; static struct matcher match_tab[] = { @@ -162,7 +181,7 @@ static struct matcher match_tab[] = { }; static int -match(const char *pass, const char *hash, struct priv_data *pd) +match(const char *pass, const char *hash) { struct matcher *p; size_t plen = strlen(hash); @@ -170,7 +189,7 @@ match(const char *pass, const char *hash, struct priv_data *pd) for (p = match_tab; p->cm_match; p++) { if (p->cm_len < plen && memcmp(p->cm_pfx, hash, p->cm_len) == 0 && - p->cm_match(pass, hash, pd) == 0) + p->cm_match(pass, hash) == 0) return 0; } return 1; @@ -180,7 +199,7 @@ match(const char *pass, const char *hash, struct priv_data *pd) #define BASICLEN (sizeof(BASICPREF)-1) VCL_BOOL -vmod_match(MOD_CTX sp, struct vmod_priv *priv, VCL_STRING file, VCL_STRING s) +vmod_match(MOD_CTX sp, VCL_STRING file, VCL_STRING s) { char buf[1024]; char lbuf[1024]; @@ -237,7 +256,7 @@ vmod_match(MOD_CTX sp, struct vmod_priv *priv, VCL_STRING file, VCL_STRING s) *q++ = 0; if (strcmp(p, buf)) continue; - rc = match(pass, q, priv->priv) == 0; + rc = match(pass, q) == 0; // syslog(LOG_AUTHPRIV|LOG_DEBUG, "user=%s, rc=%d",p,rc); break; } diff --git a/src/vmod_basicauth.vcc b/src/vmod_basicauth.vcc index cda0d66..bebc1a2 100644 --- a/src/vmod_basicauth.vcc +++ b/src/vmod_basicauth.vcc @@ -30,7 +30,7 @@ Four kinds of password hashes are supported: Apache MD5, crypt, SHA1, and plaintext. $Init init_function -$Function BOOL match(PRIV_VCL, STRING, STRING) +$Function BOOL match(STRING, STRING) Description The **match** function returns **TRUE** or **FALSE** depending on whether |