auth_rewrite at testing stage

From: Robert Collins <robert.collins@dont-contact.us>
Date: Thu, 26 Oct 2000 12:36:04 +1100

I've just checked in the working auth_rewrite.

This is the summary of whats changed (and what I will be doing before I am
"happy" with it).
* More common code between basic and ntlm authentication.
* Acl Match result caching for each cached auth usercode
* better memory usage for NTLM. (removed 1.2K from every conn struct)
* NTLM challenge-authenticate caching. (doesn;t control whether a challenge
is issued twice by a helper, but if it is, make use of that knowledge.)
* implemented a couple of the notes in the code re: "Optimise this to a
boolean etc:". Didn't quite do what may have been in their mind but I think
the result is good.
* Common auth_user hash table for ntlm and basic user details.
* removed the negative caching of a users details when the expiry period
passed. Instead we revalidate the user, and if the p/w is wrong, remove the
user, otherwise we keep the auth_user details - including the acl result
cache:-]

todo:
* modularise some of the basic authentication "niceties (ie ip addr change
detection)" so that ntlm can use them too without copying the code.
* plug a couple of memory leaks that don't affect short term running.
(Wanted to get it usable first).

The code is commented left right and centre, so if anyone wants to take a
look at it it should make sense straight up. Once I've finished my todo list
I'm hoping to merge it straight back into the ntlm branch. I haven't
included splay_tree proxy_auth lists in the code (yet) because if/when it's
merged back into the ntlm tag, we'll have more trouble merging ntlm into
HEAD.

Rob
Received on Wed Oct 25 2000 - 19:31:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:52 MST