refactor cache into userdata structure

Makefile.orig

@@ -124,5 +124,5 @@ $(CDBLIB):
 pwdb.cdb: pwdb.in
  $(CDB) -c -m pwdb.cdb pwdb.in
 clean :
- rm -f *.o *.so 
+ rm -f *.o *.so np
  (cd contrib/tinycdb-0.78; make realclean )

auth-plug.c

@@ -48,6 +48,7 @@
 #include "be-postgres.h"
 #include "be-ldap.h"
 
+#include "userdata.h"
 #include "cache.h"
 
 #define STRINGIFY(x) #x
@@ -76,15 +77,6 @@ struct backend_p {
  f_aclcheck *aclcheck;
 };
 
-struct userdata {
- struct backend_p **be_list;
- char *superusers; /* Static glob list */
- int authentication_be; /* Back-end number user was authenticated in */
- int fallback_be; /* Backend to use for anonymous connections */
- char *anonusername; /* Configured name of anonymous MQTT user */
- time_t cachetics; /* number of seconds to cache ACL lookups */
-};
-
 int pbkdf2_check(char *password, char *hash);
 
 int mosquitto_auth_plugin_version(void)
@@ -124,6 +116,7 @@ int mosquitto_auth_plugin_init(void **userdata, struct mosquitto_auth_opt *auth_
  ud->fallback_be = -1;
  ud->anonusername = NULL;
  ud->cachetics = 300;
+ ud->aclcache = NULL;
 
  /*
  * Shove all options Mosquitto gives the plugin into a hash,
@@ -327,6 +320,9 @@ int mosquitto_auth_plugin_cleanup(void *userdata, struct mosquitto_auth_opt *aut
  free(ud->superusers);
  if (ud->anonusername)
  free(ud->anonusername);
+ if (ud->aclcache != NULL) {
+ /* FIXME */
+ }
 
  return MOSQ_ERR_SUCCESS;
 }
@@ -417,7 +413,7 @@ int mosquitto_auth_acl_check(void *userdata, const char *clientid, const char *u
  access == MOSQ_ACL_READ ? "MOSQ_ACL_READ" : "MOSQ_ACL_WRITE" );
 
 
- granted = cache_q(clientid, username, topic, access, ud->cachetics);
+ granted = cache_q(clientid, username, topic, access, userdata);
  if (granted != MOSQ_ERR_UNKNOWN) {
  _log(DEBUG, "aclcheck(%s, %s, %d) CACHEDAUTH: %d",
  username, topic, access, granted);
@@ -493,7 +489,7 @@ int mosquitto_auth_acl_check(void *userdata, const char *clientid, const char *u
 
  outout: /* goto fail goto fail */
 
- acl_cache(clientid, username, topic, access, granted, ud->cachetics);
+ acl_cache(clientid, username, topic, access, granted, userdata);
  return (granted);
 
 }

backends.h

@@ -34,9 +34,14 @@
 # define FALSE (0)
 #endif
 
+#ifndef __BACKENDS_H
+# define __BACKENDS_H
+
 typedef void (f_kill)(void *conf);
 typedef char *(f_getuser)(void *conf, const char *username, const char *password, int *authenticated);
 typedef int (f_superuser)(void *conf, const char *username);
 typedef int (f_aclcheck)(void *conf, const char *clientid, const char *username, const char *topic, int acc);
 
 void t_expand(const char *clientid, const char *username, char *in, char **res);
+
+#endif

cache.c

@@ -32,20 +32,12 @@
 #include <string.h>
 #include <time.h>
 #include <mosquitto.h>
+#include "userdata.h"
 #include "cache.h"
 #include <openssl/evp.h>
 #include <openssl/sha.h>
 #include "uthash.h"
 
-struct aclcache {
- char hex[SHA_DIGEST_LENGTH * 2 + 1]; /* key within struct */
- int granted;
- time_t tics;
- UT_hash_handle hh;
-};
-
-static struct aclcache *aclcache = NULL;
-
 static unsigned int sha_hash(const char *data, size_t size, unsigned char *out)
 {
  unsigned int md_len = -1;
@@ -91,47 +83,51 @@ static void hexify(const char *clientid, const char *username, const char *topic
  * granted is what Mosquitto auth-plug actually granted
  */
 
-void acl_cache(const char *clientid, const char *username, const char *topic, int access, int granted, time_t cachetics)
+void acl_cache(const char *clientid, const char *username, const char *topic, int access, int granted, void *userdata)
 {
  char hex[SHA_DIGEST_LENGTH * 2 + 1];
  struct aclcache *a;
+ struct userdata *ud = (struct userdata *)userdata;
+ time_t cachetics = ud->cachetics;
 
  hexify(clientid, username, topic, access, hex);
 
- HASH_FIND_STR(aclcache, hex, a);
+ HASH_FIND_STR(ud->aclcache, hex, a);
  if (a) {
  granted = a->granted;
 
  if (time(NULL) > (a->tics + cachetics)) {
  printf("EXPIRED!!!!!!!!!!!!!\n");
- HASH_DEL(aclcache, a);
+ HASH_DEL(ud->aclcache, a);
  }
  } else {
  a = (struct aclcache *)malloc(sizeof(struct aclcache));
  strcpy(a->hex, hex);
  a->granted = granted;
  a->tics = time(NULL);
- HASH_ADD_STR(aclcache, hex, a);
+ HASH_ADD_STR(ud->aclcache, hex, a);
  }
 }
 
-int cache_q(const char *clientid, const char *username, const char *topic, int access, time_t cachetics)
+int cache_q(const char *clientid, const char *username, const char *topic, int access, void *userdata)
 {
  char hex[SHA_DIGEST_LENGTH * 2 + 1];
  struct aclcache *a;
+ struct userdata *ud = (struct userdata *)userdata;
+ time_t cachetics = ud->cachetics;
  int granted = MOSQ_ERR_UNKNOWN;
 
  hexify(clientid, username, topic, access, hex);
 
- HASH_FIND_STR(aclcache, hex, a);
+ HASH_FIND_STR(ud->aclcache, hex, a);
  if (a) {
  // printf("---> CACHED! %d\n", a->granted);
 
  granted = a->granted;
 
  if (time(NULL) > (a->tics + cachetics)) {
  printf("EXPIRED!!!!!!!!!!!!!\n");
- HASH_DEL(aclcache, a);
+ HASH_DEL(ud->aclcache, a);
  }
  }
 

cache.h

@@ -27,5 +27,21 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
-void acl_cache(const char *clientid, const char *username, const char *topic, int access, int granted, time_t cachetics);
-int cache_q(const char *clientid, const char *username, const char *topic, int access, time_t cachetics);
+#include <time.h>
+#include "uthash.h"
+#include <openssl/sha.h>
+
+#ifndef __CACHE_H
+# define __CACHE_H
+
+struct aclcache {
+ char hex[SHA_DIGEST_LENGTH * 2 + 1]; /* key within struct */
+ int granted;
+ time_t tics;
+ UT_hash_handle hh;
+};
+
+void acl_cache(const char *clientid, const char *username, const char *topic, int access, int granted, void *userdata);
+int cache_q(const char *clientid, const char *username, const char *topic, int access, void *userdata);
+
+#endif

userdata.h

@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2013, 2014 Jan-Piet Mens <jpmens()gmail.com>
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of mosquitto nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <time.h>
+#include "backends.h"
+#include "cache.h"
+
+#ifndef __USERDATA_H
+# define _USERDATA_H
+
+struct userdata {
+ struct backend_p **be_list;
+ char *superusers; /* Static glob list */
+ int authentication_be; /* Back-end number user was authenticated in */
+ int fallback_be; /* Backend to use for anonymous connections */
+ char *anonusername; /* Configured name of anonymous MQTT user */
+ time_t cachetics; /* number of seconds to cache ACL lookups */
+ struct aclcache *aclcache;
+};
+
+#endif