diff options
author | Timo Teräs <timo.teras@iki.fi> | 2010-09-07 16:17:58 +0300 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2010-09-07 16:17:58 +0300 |
commit | ccdc549cd2540a19f4bff908555aebb2dc3b7bd5 (patch) | |
tree | 3433d463e05e9684a4e0b79f2334023e53a0f39f | |
parent | df7ffbb0628ec129af4f11353d7a51afd1f4052c (diff) | |
download | squark-ccdc549cd2540a19f4bff908555aebb2dc3b7bd5.tar.bz2 squark-ccdc549cd2540a19f4bff908555aebb2dc3b7bd5.tar.xz |
authdb: separate last access / login time
and tweak the authdb a bit.
-rw-r--r-- | authdb.c | 31 | ||||
-rw-r--r-- | authdb.h | 10 | ||||
-rw-r--r-- | squark-auth-ip.c | 8 | ||||
-rw-r--r-- | squark-filter.c | 4 |
4 files changed, 28 insertions, 25 deletions
@@ -159,9 +159,9 @@ void *authdb_get(struct authdb *adb, sockaddr_any *addr, struct authdb_entry *en for (i = 0; i < 3; i++) { memcpy(entry, &me->entries[e], sizeof(struct authdb_entry)); - if (entry->u.checksum == 0 && entry->u.login_time == 0) + if (entry->checksum == 0 && entry->p.login_time == 0) return &me->entries[e]; - if (entry->u.checksum == authdb_entry_checksum(entry)) + if (entry->checksum == authdb_entry_checksum(entry)) return &me->entries[e]; sched_yield(); } @@ -174,13 +174,13 @@ void *authdb_get(struct authdb *adb, sockaddr_any *addr, struct authdb_entry *en int authdb_set(void *token, struct authdb_entry *entry) { struct authdb_entry *mme = token; - uint32_t checksum = entry->u.checksum; + uint32_t checksum = entry->checksum; - entry->u.checksum = authdb_entry_checksum(entry); - if (mme->u.checksum != checksum) + entry->checksum = authdb_entry_checksum(entry); + if (mme->checksum != checksum) return 0; - mme->u.checksum = entry->u.checksum; + mme->checksum = ~0; memcpy(mme, entry, sizeof(*entry)); return 1; @@ -196,30 +196,33 @@ int authdb_check_login(void *token, struct authdb_entry *e, blob_t username, tim return 0; /* and dates */ - if (now > e->u.login_time + AUTHDB_LOGOFF_PERIOD) + if (now > e->last_activity_time + AUTHDB_LOGOFF_PERIOD) return 0; /* and that no one clobbered the entry */ - if (mme->u.checksum != e->u.checksum) + if (mme->checksum != e->checksum) return 0; /* refresh last activity */ - mme->u.login_time = now; + mme->last_activity_time = now; return 1; } void authdb_clear_entry(struct authdb_entry *entry) { - memset(&entry->p, 0, sizeof(entry->p)); - entry->u.login_time = 0; - entry->u.override_time = 0; + uint32_t checksum = entry->checksum; + + memset(entry, 0, sizeof(*entry)); + entry->checksum = checksum; } void authdb_commit_login(void *token, struct authdb_entry *e, time_t now) { /* fixme read stuff from config files */ - e->u.login_time = now; + e->p.login_time = now; + e->last_activity_time = now; + e->override_time = 0; authdb_set(token, e); } @@ -233,5 +236,5 @@ void authdb_commit_override(void *token, struct authdb_entry *e, time_t now) { struct authdb_entry *mme = token; - mme->u.override_time = now; + mme->override_time = now; } @@ -22,13 +22,11 @@ struct authdb_entry { sockaddr_any switch_ip; uint64_t block_categories; uint64_t hard_block_categories; - } p; - - struct { uint32_t login_time; - uint32_t override_time; - uint32_t checksum; - } u; + } p; + uint32_t last_activity_time; + uint32_t override_time; + uint32_t checksum; }; struct authdb_map_entry { diff --git a/squark-auth-ip.c b/squark-auth-ip.c index 6993e85..602969b 100644 --- a/squark-auth-ip.c +++ b/squark-auth-ip.c @@ -141,7 +141,7 @@ int main(int argc, char **argv) if (running < 0) { struct authdb_entry entry; void *token; - char buf1[64], buf2[64]; + char buf1[64], buf2[64], buf3[64]; if (ipaddr.any.sa_family == AF_UNSPEC) { fprintf(stderr, "IP-address not specified\n"); @@ -176,6 +176,7 @@ int main(int argc, char **argv) "Soft block mask: %016llx\n" "Hard block mask: %016llx\n" "Login time: %s" + "Last activity time: %s" "Override time: %s", ip.ptr, entry.p.login_name, @@ -187,8 +188,9 @@ int main(int argc, char **argv) entry.p.mac_address[5], entry.p.block_categories, entry.p.hard_block_categories, - entry.u.login_time ? ctime_r(&entry.u.login_time, buf1) : "<none>\n", - entry.u.override_time ? ctime_r(&entry.u.override_time, buf2) : "<none>\n"); + entry.p.login_time ? ctime_r(&entry.p.login_time, buf1) : "<none>\n", + entry.last_activity_time ? ctime_r(&entry.last_activity_time, buf2) : "<none>\n", + entry.override_time ? ctime_r(&entry.override_time, buf3) : "<none>\n"); break; case DO_LOGOUT: if (authdb_check_login(token, &entry, username, now)) diff --git a/squark-filter.c b/squark-filter.c index ce2d183..1fa1ec9 100644 --- a/squark-filter.c +++ b/squark-filter.c @@ -416,8 +416,8 @@ static void read_input(struct sqdb *db) if (!auth_ok) { send_redirect(redirect_login_page, id, url, BLOB_STR("auth"), username); } else if (((1ULL << category) & entry.p.block_categories) && - (now < entry.u.override_time || - now > entry.u.override_time + FILTER_OVERRIDE_TIMEOUT || + (now < entry.override_time || + now > entry.override_time + FILTER_OVERRIDE_TIMEOUT || ((1ULL << category) & entry.p.hard_block_categories))) { send_redirect(redirect_banned_page, id, url, get_category_name(db, category), username); } else |