From 1c23dbef0405d8ca9776737a209fb5b549219bc8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Sun, 7 Nov 2010 01:57:30 +0200
Subject: authdb, auth-ip: make logout_timeout configurable

 * authdb: change to use squark.conf instead of filter.conf
 * authdb: config option logout_timeout added (defaults to 15mins)
 * auth-ip: add -r parameter to refresh login time

fixes #452
---
 src/authdb.c | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

(limited to 'src/authdb.c')

diff --git a/src/authdb.c b/src/authdb.c
index 85fb44e..d48c43d 100644
--- a/src/authdb.c
+++ b/src/authdb.c
@@ -8,6 +8,7 @@
 #include <time.h>
 #include <grp.h>
 
+#include "config.h"
 #include "authdb.h"
 #include "filterdb.h"
 #include "addr.h"
@@ -16,7 +17,6 @@
 #define ALIGN(s,a)		(((s) + a - 1) & ~(a - 1))
 
 #define AUTHDB_IP_PER_ME		256
-#define AUTHDB_LOGOFF_PERIOD		(15*60)		/* 15 mins */
 #define AUTHDB_SHM_SIZE			ALIGN(sizeof(struct authdb_entry[AUTHDB_IP_PER_ME]), 4096)
 
 static struct authdb_map_entry *authdb_me_open(sockaddr_any *addr, int create)
@@ -201,7 +201,9 @@ int authdb_set(void *token, struct authdb_entry *entry)
 	return 1;
 }
 
-int authdb_check_login(void *token, struct authdb_entry *e, blob_t username, time_t now)
+int authdb_check_login(void *token, struct authdb_entry *e,
+		       blob_t username, time_t now,
+		       struct authdb_config *adbc)
 {
 	struct authdb_entry *mme = token;
 
@@ -211,15 +213,17 @@ int authdb_check_login(void *token, struct authdb_entry *e, blob_t username, tim
 		return 0;
 
 	/* and dates */
-	if (now > e->last_activity_time + AUTHDB_LOGOFF_PERIOD)
+	if (now > e->last_activity_time + adbc->logout_timeout)
 		return 0;
 
 	/* and that no one clobbered the entry */
 	if (mme->checksum != e->checksum)
 		return 0;
 
-	/* refresh last activity */
-	mme->last_activity_time = now;
+	/* refresh last activity -- avoid writes to page so
+	 * caches don't get invalidated too often */
+	if (now > mme->last_activity_time + 2)
+		mme->last_activity_time = now;
 
 	return 1;
 }
@@ -330,7 +334,7 @@ int adbc_refresh(struct authdb_config *cfg, time_t now)
 	if (cfg->last_check != 0 && cfg->last_check + 2*60 > now)
 		return 0;
 
-	if (stat("/etc/squark/filter.conf", &st) != 0)
+	if (stat(squark_config, &st) != 0)
 		return -1;
 
 	if (cfg->last_change == st.st_ctime)
@@ -338,12 +342,14 @@ int adbc_refresh(struct authdb_config *cfg, time_t now)
 
 	/* check timestamp */
 
-	in = fopen("/etc/squark/filter.conf", "r");
+	in = fopen(squark_config, "r");
 	if (in == NULL)
 		return -1;
 
 	cfg->block_categories = 0;
 	cfg->hard_block_categories = 0;
+	cfg->logout_timeout = DEFAULT_LOGOUT_TIMEOUT;
+
 	while (1) {
 		b = read_word(in, &lineno, BLOB_BUF(word1));
 		if (blob_is_null(b))
@@ -356,6 +362,8 @@ int adbc_refresh(struct authdb_config *cfg, time_t now)
 			cfg->hard_block_categories |= to_category(cfg->db, p);
 		} else if (blob_cmp(b, BLOB_STR("warn")) == 0) {
 			cfg->block_categories |= to_category(cfg->db, p);
+		} else if (blob_cmp(b, BLOB_STR("logout_timeout")) == 0) {
+			cfg->logout_timeout = blob_pull_uint(&p, 10);
 		}
 	}
 	cfg->block_categories |= cfg->hard_block_categories;
-- 
cgit v1.2.3