Re: ReRead passwd file

On Wed, May 20, 1998 at 10:11:35AM +0200, Heiko Schlittermann wrote:
: On Wed, May 20, 1998 at 11:00:47AM +0200, Yuriy Kouznetsov wrote:
: : I am using squid with auth.. when i change password file (with cp new file over
: : current file) sometimes squid didn't reread password file and users than not in
: : password file use the proxy?? i try with "-k reconfigure" otion but no
: : change... when i restart squid all is OK...
: : another way to make this change on fly?
: :
: : cheers
:
: squid checks the passwd file every 5 or 6 minutes and rereads if
: necessary.
:
: I've patched that (as announced about 2 weeks ago, but nobody seemed to
: be interested :-/). Now I can use
:
: squid -k auth
:
: (or send a SIGWINCH to the squid process) to cause an immediatly reread
: of the passwd file.
:
:
: Additionally I've changed the passwd parsing code a little bit. Now
: squid can live with ordinary passwd files (having trailing stuff after
: the crypted password).

... after testing it in real life I'll append my patch (should applied
to squid-1.1.21.

It would be nice if someone could try it an notify me about any
success/failure and if the could probably find it's way into
the official source.

    Thanks,
        Heiko Schlittermann
---------------------------------------------------------------
datom * internet * support ** Heiko Schlittermann & Partner GbR
mailto:is@datom.de http://www.datom.de/is voice:+49-351-8029981
Heiko Schlittermann HS12-RIPE finger:heiko@datom.de -----------

diff -ru squid-1.1.21/ChangeLog squid-1.1.21.hs/ChangeLog
--- squid-1.1.21/ChangeLog Tue Mar 17 06:20:36 1998
+++ squid-1.1.21.hs/ChangeLog Thu Jun 4 13:34:27 1998
@@ -1,3 +1,10 @@
+Changes to ...
+
+ - Added a handler for SIGWINCH to let squid reread it's
+ proxy_auth data base. (Heiko Schlittermann)
+ - Let squid forgive about trailing `:' in the password file.
+ (Heiko Schlittermann)
+
 Changes to squid-1.1.21 (March 17, 1998):
 
         - Fixed ftpget's "Generated" timestamp trailer on error
 
diff -ru squid-1.1.21/src/client_side.c squid-1.1.21.hs/src/client_side.c
--- squid-1.1.21/src/client_side.c Fri Mar 6 19:33:10 1998
+++ squid-1.1.21.hs/src/client_side.c Thu Jun 4 13:34:27 1998
@@ -322,7 +322,7 @@
 /* Check the modification time on the file that holds the proxy
  * passwords every 'n' seconds, and if it has changed, reload it
  */
-#define CHECK_PROXY_FILE_TIME 300
+#define CHECK_PROXY_FILE_TIME 600
 
 const char *
 proxyAuthenticate(const char *headers)
@@ -368,7 +368,11 @@
      * a cgi-bin script, etc. If so, reload a fresh copy into memory
      */
 
- if ((squid_curtime - last_time) > CHECK_PROXY_FILE_TIME) {
+ if (reread_passwd || ((squid_curtime - last_time) > CHECK_PROXY_FILE_TIME)) {
+ if (reread_passwd) {
+ reread_passwd = 0;
+ debug(33, 5, "proxyAuthenticate: got signal to reread password file\n");
+ }
         debug(33, 5, "proxyAuthenticate: checking password file %s hasn't changed\n", Config.proxyAuth.File);
 
         if (stat(Config.proxyAuth.File, &buf) == 0) {
@@ -399,17 +403,18 @@
                 strcat(passwords, "\n");
                 fclose(f);
 
- user = strtok(passwords, ":");
- passwd = strtok(NULL, "\n");
-
                 debug(33, 5, "proxyAuthenticate: adding new passwords to hash table\n");
- while (user != NULL) {
- if (strlen(user) > 1 && passwd && strlen(passwd) > 1) {
- debug(33, 6, "proxyAuthenticate: adding %s, %s to hash table\n", user, passwd);
- hash_insert(validated, xstrdup(user), (void *) xstrdup(passwd));
- }
- user = strtok(NULL, ":");
- passwd = strtok(NULL, "\n");
+ {
+ char *pw = passwords;
+ while ((user = strtok(pw, ":")) && (passwd = strtok(NULL, "\n"))) {
+ char *c;
+ if (pw) pw = NULL;
+ if ((c = index(passwd, ':'))) *c = '\0';
+ if (strlen(user) && strlen(passwd)) {
+ debug(33, 6, "proxyAuthenticate: adding %s, %s to hash table\n", user, passwd);
+ hash_insert(validated, xstrdup(user), (void *) xstrdup(passwd));
+ }
+ }
                 }
 
                 xfree(passwords);
diff -ru squid-1.1.21/src/main.c squid-1.1.21.hs/src/main.c
--- squid-1.1.21/src/main.c Mon Dec 15 09:43:21 1997
+++ squid-1.1.21.hs/src/main.c Thu Jun 4 13:34:27 1998
@@ -132,6 +132,9 @@
 volatile int unbuffered_logs = 1; /* debug and hierarchy unbuffered by default */
 volatile int shutdown_pending = 0; /* set by SIGTERM handler (shut_down()) */
 volatile int reread_pending = 0; /* set by SIGHUP handler */
+#ifdef USE_PROXY_AUTH
+volatile int reread_passwd = 0; /* set by SIGWINCH handler */
+#endif
 const char *const version_string = SQUID_VERSION;
 const char *const appname = "squid";
 const char *const localhost = "127.0.0.1";
@@ -155,6 +158,9 @@
 
 static void rotate_logs _PARAMS((int));
 static void reconfigure _PARAMS((int));
+#ifdef USE_PROXY_AUTH
+static void auth _PARAMS((int));
+#endif
 static void mainInitialize _PARAMS((void));
 static void mainReinitialize _PARAMS((void));
 static void usage _PARAMS((void));
@@ -174,7 +180,7 @@
         " %s\n"
         " -h Print help message.\n"
         " -i Disable IP caching.\n"
- " -k reconfigure|rotate|shutdown|interrupt|kill|debug|check\n"
+ " -k reconfigure|rotate|shutdown|interrupt|kill|debug|check|auth\n"
         " Send signal to running copy and exit.\n"
         " -s Enable logging to syslog.\n"
         " -u port Specify ICP port number (default: %d), disable with 0.\n"
@@ -255,6 +261,10 @@
                 opt_send_signal = SIGINT;
             else if (!strncmp(optarg, "kill", strlen(optarg)))
                 opt_send_signal = SIGKILL;
+#ifdef USE_PROXY_AUTH
+ else if (!strncmp(optarg, "auth", strlen(optarg)))
+ opt_send_signal = SIGWINCH;
+#endif
             else if (!strncmp(optarg, "check", strlen(optarg)))
                 opt_send_signal = 0; /* SIGNULL */
             else
@@ -314,6 +324,20 @@
 #endif
 }
 
+#ifdef USE_PROXY_AUTH
+static void
+auth(int sig)
+{
+ debug(1, 1, "auth: SIGWINCH received\n");
+ debug(1, 1, "preparing reread of the password file %s\n", Config.proxyAuth.File);
+ reread_passwd = 1;
+#if !HAVE_SIGACTION
+ signal(sig, auth);
+#endif
+}
+#endif
+
+
 void
 shut_down(int sig)
 {
@@ -610,6 +634,9 @@
     squid_signal(SIGHUP, reconfigure, SA_RESTART);
     squid_signal(SIGTERM, shut_down, SA_NODEFER | SA_RESETHAND | SA_RESTART);
     squid_signal(SIGINT, shut_down, SA_NODEFER | SA_RESETHAND | SA_RESTART);
+#ifdef USE_PROXY_AUTH
+ squid_signal(SIGWINCH, auth, SA_RESTART);
+#endif
     debug(1, 0, "Ready to serve requests.\n");
 
     if (first_time) {
diff -ru squid-1.1.21/src/squid.h squid-1.1.21.hs/src/squid.h
--- squid-1.1.21/src/squid.h Tue Oct 21 18:08:53 1997
+++ squid-1.1.21.hs/src/squid.h Thu Jun 4 13:34:27 1998
@@ -327,6 +327,7 @@
 extern int vizSock;
 extern volatile int shutdown_pending; /* main.c */
 extern volatile int reread_pending; /* main.c */
+extern volatile int reread_passwd; /* main.c */
 extern int opt_unlink_on_reload; /* main.c */
 extern int opt_reload_hit_only; /* main.c */
 extern int opt_dns_tests; /* main.c */
Received on Thu Jun 04 1998 - 08:27:51 MDT