-/* $Id: yaz-proxy.cpp,v 1.61 2006-04-22 07:03:34 adam Exp $
+/* $Id: yaz-proxy.cpp,v 1.70 2006-07-06 11:50:26 adam Exp $
Copyright (c) 1998-2006, Index Data.
This file is part of the yazproxy.
#define strncasecmp _strnicmp
#endif
-#define USE_AUTH_MSG 1
-
-#if USE_AUTH_MSG
class YAZ_EXPORT Auth_Msg : public IMsg_Thread {
public:
int m_ret;
void Auth_Msg::result()
{
- if (m_proxy->dec_ref(false))
+ if (m_proxy->dec_ref())
{
yaz_log(YLOG_LOG, "Auth_Msg::proxy deleted meanwhile");
}
delete this;
}
-#endif
-
void Yaz_Proxy::result_authentication(Z_APDU *apdu, int ret)
{
if (apdu == 0 || ret == 0)
Z_APDU *apdu_reject = zget_APDU(odr_encode(), Z_APDU_initResponse);
*apdu_reject->u.initResponse->result = 0;
send_to_client(apdu_reject);
- dec_ref(false);
+ dec_ref();
}
else
{
m_ref_count = 1;
m_main_ptr_dec = false;
m_peername = 0;
+ m_num_msg_threads = 0;
}
void Yaz_Proxy::inc_ref()
delete m_charset_converter;
xfree(m_optimize);
-#if HAVE_XSLT
+#if YAZ_HAVE_XSLT
if (m_stylesheet_xsp)
xsltFreeStylesheet((xsltStylesheetPtr) m_stylesheet_xsp);
#endif
{
int period = 60;
m_config->get_generic_info(&m_log_mask, &m_max_clients,
- &m_max_connect, &m_limit_connect, &period);
+ &m_max_connect, &m_limit_connect, &period,
+ &m_num_msg_threads);
m_connect.set_period(period);
}
return r;
int period = 60;
cfg->get_generic_info(&m_log_mask, &m_max_clients,
&m_max_connect, &m_limit_connect,
- &period);
+ &period, &m_num_msg_threads);
m_connect.set_period(period);
}
}
char session_str[200];
const char *peername = the_PDU_Observable->getpeername();
+ if (!peername)
+ peername = "nullpeer";
+
if (m_log_mask & PROXY_LOG_IP_CLIENT)
sprintf(session_str, "%ld:%d %.80s %d ",
(long) time(0), m_session_no, peername, 0);
new_proxy->set_default_target(m_default_target);
new_proxy->m_max_clients = m_max_clients;
new_proxy->m_log_mask = m_log_mask;
+ new_proxy->m_session_no = m_session_no;
+ new_proxy->m_num_msg_threads = m_num_msg_threads;
+#if 0
+ // in case we want to watch a particular client..
if (!strcmp(peername, "tcp:163.121.19.82")) // NIS GROUP
new_proxy->m_log_mask = 255;
+#endif
new_proxy->set_APDU_log(get_APDU_log());
if (new_proxy->m_log_mask & PROXY_LOG_APDU_CLIENT)
new_proxy->set_proxy_negotiation(m_proxy_negotiation_charset,
m_proxy_negotiation_lang, m_proxy_negotiation_default_charset);
// create thread object the first time we get an incoming connection
- if (!m_my_thread)
- m_my_thread = new Msg_Thread(m_socket_observable, 1);
+ if (!m_my_thread && m_num_msg_threads > 0)
+ {
+ yaz_log (YLOG_LOG, "%sStarting message thread management. number=%d",
+ session_str, m_num_msg_threads);
+ m_my_thread = new Msg_Thread(m_socket_observable, m_num_msg_threads);
+ }
new_proxy->m_my_thread = m_my_thread;
return new_proxy;
}
m_client_idletime = client_idletime;
timeout(m_client_idletime);
}
+
+ // get those FILE descriptors available
+ m_parent->low_socket_close();
if (cql2rpn_fname)
m_cql2rpn.set_pqf_file(cql2rpn_fname);
+ // reserve them again
+ m_parent->low_socket_open();
+
if (negotiation_charset || negotiation_lang || default_client_query_charset)
{
set_proxy_negotiation(negotiation_charset,
yaz_log (YLOG_LOG, "%sMAXCLIENTS %d Destroy %d",
m_session_str, parent->m_max_clients, c->m_seqno);
if (c->m_server && c->m_server != this)
- c->m_server->dec_ref(true);
+ c->m_server->dec_ref();
}
else
{
if (c->m_server && c->m_server != this)
{
c->m_server->m_client = 0;
- c->m_server->dec_ref(true);
+ c->m_server->dec_ref();
}
(parent->m_seqno)++;
c->m_target_idletime = m_target_idletime;
void Yaz_Proxy::convert_xsl_delay()
{
-#if HAVE_XSLT
+#if YAZ_HAVE_XSLT
Z_NamePlusRecord *npr = m_stylesheet_nprl->records[m_stylesheet_offset];
if (npr->which == Z_NamePlusRecord_databaseRecord)
{
{
m_timeout_mode = timeout_normal;
m_stylesheet_nprl = 0;
-#if HAVE_XSLT
+#if YAZ_HAVE_XSLT
if (m_stylesheet_xsp)
xsltFreeStylesheet((xsltStylesheetPtr) m_stylesheet_xsp);
#endif
z_HTTP_header_add(o, &hres->headers, "Connection", "Keep-Alive");
else
timeout(0);
+ if (code == 401)
+ z_HTTP_header_add(o, &hres->headers, "WWW-Authenticate",
+ "Basic realm=\"YAZ Proxy\"");
+
if (m_log_mask & PROXY_LOG_REQ_CLIENT)
{
z_HTTP_header_add(o, &hres->headers, "WWW-Authenticate", "Basic realm=\"YAZ Proxy\"");
static Z_SOAP_Handler soap_handlers[2] = {
-#if HAVE_XSLT
+#if YAZ_HAVE_XSLT
{"http://www.loc.gov/zing/srw/", 0,
(Z_SOAP_fun) yaz_srw_codec},
#endif
delete gdu;
yaz_log(YLOG_LOG, "%sUnable to encode package", m_session_str);
m_in_queue.clear();
- dec_ref(true);
+ dec_ref();
return;
}
m_in_queue.enqueue(gdu);
m_timeout_mode = timeout_busy;
inc_ref();
recv_GDU_reduce(g);
- if (dec_ref(false))
+ if (dec_ref())
break;
}
}
return ret;
}
+int Yaz_Proxy::handle_global_authentication(Z_APDU *apdu)
+{
+ if (apdu->which != Z_APDU_initRequest)
+ return 1; // pass if no init request
+ Z_InitRequest *req = apdu->u.initRequest;
+
+ Yaz_ProxyConfig *cfg = check_reconfigure();
+ if (!cfg)
+ return 1; // pass if no config
+
+ int ret;
+ if (req->idAuthentication == 0)
+ {
+ ret = cfg->global_client_authentication(0, 0, 0,
+ m_peername);
+ }
+ else if (req->idAuthentication->which == Z_IdAuthentication_idPass)
+ {
+ ret = cfg->global_client_authentication(
+ req->idAuthentication->u.idPass->userId,
+ req->idAuthentication->u.idPass->groupId,
+ req->idAuthentication->u.idPass->password,
+ m_peername);
+ }
+ else if (req->idAuthentication->which == Z_IdAuthentication_open)
+ {
+ char user[64], pass[64];
+ *user = '\0';
+ *pass = '\0';
+ sscanf(req->idAuthentication->u.open, "%63[^/]/%63s", user, pass);
+ ret = cfg->global_client_authentication(user, 0, pass,
+ m_peername);
+ }
+ else
+ ret = cfg->global_client_authentication(0, 0, 0, m_peername);
+ return ret;
+}
+
Z_APDU *Yaz_Proxy::handle_syntax_validation(Z_APDU *apdu)
{
m_marcxml_mode = none;
{
m_parent->low_socket_close();
-#if HAVE_XSLT
+#if YAZ_HAVE_XSLT
if (m_stylesheet_xsp)
xsltFreeStylesheet((xsltStylesheetPtr) m_stylesheet_xsp);
m_stylesheet_xsp = xsltParseStylesheetFile((const xmlChar*)
{
m_parent->low_socket_close();
-#if HAVE_XSLT
+#if YAZ_HAVE_XSLT
if (m_stylesheet_xsp)
xsltFreeStylesheet((xsltStylesheetPtr) m_stylesheet_xsp);
m_stylesheet_xsp = xsltParseStylesheetFile((const xmlChar*)
handle_charset_lang_negotiation(apdu2);
+ if (m_timeout_mode == timeout_busy)
+ m_timeout_mode = timeout_normal;
send_to_client(apdu2);
- m_timeout_mode = timeout_normal;
return;
}
}
m_client->m_init_flag = 1;
-#if USE_AUTH_MSG
- Auth_Msg *m = new Auth_Msg;
- m->m_proxy = this;
- z_APDU(odr_encode(), &apdu, 0, "encode");
- char *apdu_buf = odr_getbuf(odr_encode(), &m->m_apdu_len, 0);
- m->m_apdu_buf = (char*) nmem_malloc(m->m_nmem, m->m_apdu_len);
- memcpy(m->m_apdu_buf, apdu_buf, m->m_apdu_len);
- odr_reset(odr_encode());
-
- inc_ref();
- m_my_thread->put(m);
-#else
- int ret = handle_authentication(apdu);
- result_authentication(apdu, ret);
-#endif
+ if (m_num_msg_threads && m_my_thread)
+ {
+ Auth_Msg *m = new Auth_Msg;
+ m->m_proxy = this;
+ z_APDU(odr_encode(), &apdu, 0, "encode");
+ char *apdu_buf = odr_getbuf(odr_encode(), &m->m_apdu_len, 0);
+ m->m_apdu_buf = (char*) nmem_malloc(m->m_nmem, m->m_apdu_len);
+ memcpy(m->m_apdu_buf, apdu_buf, m->m_apdu_len);
+ odr_reset(odr_encode());
+
+ inc_ref();
+ m_my_thread->put(m);
+ }
+ else
+ {
+ int ret = handle_authentication(apdu);
+ result_authentication(apdu, ret);
+ }
}
void Yaz_Proxy::handle_incoming_Z_PDU(Z_APDU *apdu)
if (apdu->which == Z_APDU_searchRequest)
m_search_stat.add_bytes(1);
+ // Handle global authentication
+ if (!handle_global_authentication(apdu))
+ {
+ if (m_http_version)
+ { // HTTP. Send unauthorized
+ send_http_response(401);
+ return;
+ }
+ else
+ {
+ // Z39.50 just shutdown
+ timeout(0);
+ return;
+ }
+ return;
+ }
+
// Determine our client.
Z_OtherInformation **oi;
get_otherInfoAPDU(apdu, &oi);
m_parent->pre_init();
}
-bool Yaz_Proxy::dec_ref(bool main_ptr)
+bool Yaz_Proxy::dec_ref()
{
- main_ptr = false;
- assert(m_ref_count > 0);
- if (main_ptr)
- {
- if (m_main_ptr_dec)
- return false;
- m_main_ptr_dec = true;
- }
-
m_http_keepalive = 0;
--m_ref_count;
if (m_server)
{
m_waiting = 1; // ensure it's released from Yaz_Proxy::releaseClient
- m_server->dec_ref(true);
+ m_server->dec_ref();
}
else
delete this;
{
inc_request_no();
yaz_log (YLOG_LOG, "%sConnection closed by client", get_session_str());
- dec_ref(true);
+ dec_ref();
}
void Yaz_Proxy::send_response_fail_client(const char *addr)
inc_request_no();
m_in_queue.clear();
yaz_log (YLOG_LOG, "%sTimeout (client to proxy)", m_session_str);
- dec_ref(true);
+ dec_ref();
break;
case timeout_reduce:
timeout(m_client_idletime);
*imv1 = '\0';
if (imv0)
strcat(imv1, imv0);
+#ifdef VERSION
strcat(imv1, "/" VERSION);
+#endif
ir->implementationVersion = imv1;
// apply YAZ Proxy implementation name