From: Adam Dickmeiss <adam@indexdata.dk>
Date: Sat, 23 Oct 2004 23:12:23 +0000 (+0000)
Subject: Fixed bug #189: Bad authenticated session transfer.
X-Git-Tag: YAZPROXY.0.9~28
X-Git-Url: http://git.indexdata.com/?p=yazproxy-moved-to-github.git;a=commitdiff_plain;h=676640cef321916c94661bd53749130d86555bb9

Fixed bug #189: Bad authenticated session transfer.
New config element "authentication" which specifies authentication
(Open v2/v3 Z39.50) to be used for backend.
---

diff --git a/NEWS b/NEWS
index 4c7ca70..d1e2c3d 100644
--- a/NEWS
+++ b/NEWS
@@ -1,10 +1,14 @@
+Fixed bug #189: Bad authenticated session transfer.
 
-New attribute "backendcharset" for syntax section which specifies
+New config element "authentication" which specifies authentication
+(Open v2/v3 Z39.50) to be used for backend.
+
+New config attribute "backendcharset" for syntax element which specifies
 charset (encoding) for record that is returned by backend. If omitted
 the proxy assumes backend record encoding is MARC-8 (for backwards
 compatibility). 
 
-New attribute "backendtype" for syntax section which specifies
+New config attribute "backendtype" for syntax element which specifies
 record syntax to be transmitted to backend. This allows proxy to
 offer a record syntax different from that offered by backend.
 
diff --git a/etc/config.xml b/etc/config.xml
index d620a3f..6bc751c 100644
--- a/etc/config.xml
+++ b/etc/config.xml
@@ -1,14 +1,14 @@
 <?xml version="1.0"?>
-<!-- $Id: config.xml,v 1.5 2004-10-18 21:49:21 adam Exp $ -->
+<!-- $Id: config.xml,v 1.6 2004-10-23 23:12:23 adam Exp $ -->
 <proxy xmlns="http://indexdata.dk/yazproxy/schema/0.8/"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://indexdata.dk/yazproxy/schema/0.8/ yazproxy.xsd"
 >
 <!-- Config can be checked with xerces-c++: PParse -n -s config.xml -->
-  <target name="bagel" default="1">
-    <url>indexdata.dk</url>
-    <target-timeout>240</target-timeout>
-    <client-timeout>180</client-timeout>
+  <target name="localhost" default="1">
+    <url>localhost:9999</url>
+    <target-timeout>30</target-timeout>
+    <client-timeout>60</client-timeout>
     <keepalive>
       <bandwidth>1000000</bandwidth>
       <pdu>1000</pdu>
@@ -34,54 +34,11 @@
        </serverInfo>
     </explain>
     <cql2rpn>pqf.properties</cql2rpn>
-  </target>
-  <target name="localhost">
-    <url>localhost:9999</url>
-    <target-timeout>300</target-timeout>
-    <client-timeout>180</client-timeout>
-    <keepalive/> <!-- keepalive enabled -->
-    <limit><!-- limits .. -->
-      <bandwidth>50000</bandwidth>
-      <pdu>60</pdu>
-      <retrieve>50</retrieve>
-    </limit>
-    <attribute type="1" value="1-1023"/>
-    <attribute type="1" value="*" error="114"/>
-    <syntax type="usmarc"/>
-    <syntax type="grs1"/>
-    <syntax type="xml" marcxml="1" stylesheet="MARC21slim2SRWDC.xsl"
-      identifier="info:srw/schema/1/dc-v1.1"
-	>
-      <name>dc</name>
-    </syntax>
-    <syntax type="xml" marcxml="1"
-      identifier="info:srw/schema/1/marcxml-v1.1"
-      >
-      <name>marcxml</name>
-    </syntax>
-    <syntax type="xml" marcxml="1" stylesheet="MARC21slim2MODS.xsl"
-      identifier="http://www.loc.gov/mods"
-      >
-      <name>mods2</name>
-    </syntax>
-    <syntax type="xml" marcxml="1" stylesheet="MARC21slim2MODS3.xsl"
-      identifier="info:srw/schema/1/mods-v3.0"
-      >
-      <name>mods3</name>
-    </syntax>
-    <syntax type="none"/>
-    <syntax type="*" error="238"/>
-    <preinit>2</preinit>
-    <explain xmlns="http://explain.z3950.org/dtd/2.0/">
-       <serverInfo>
-       <host>localhost</host>
-       <port>9000</port>
-       <database>Default</database>
-       </serverInfo>
-    </explain>
-    <cql2rpn>pqf.properties</cql2rpn>
+    <authentication>adam/x</authentication>
   </target>
   <target name="*">
+    <target-timeout>60</target-timeout>
+    <client-timeout>30</client-timeout>
     <!-- everything else -->
   </target>
   <max-clients>50</max-clients>
diff --git a/etc/yazproxy.xsd b/etc/yazproxy.xsd
index 14ef66a..531a339 100644
--- a/etc/yazproxy.xsd
+++ b/etc/yazproxy.xsd
@@ -1,6 +1,6 @@
 <?xml version="1.0"?>
 <!-- XML Schema for YAZ proxy config file.
-    $Id: yazproxy.xsd,v 1.5 2004-10-18 21:49:22 adam Exp $
+    $Id: yazproxy.xsd,v 1.6 2004-10-23 23:12:23 adam Exp $
 -->
 <xs:schema
   xmlns:xs="http://www.w3.org/2001/XMLSchema"
@@ -33,6 +33,7 @@
      <xs:element ref="preinit" minOccurs="0"/>
      <xs:element ref="exp:explain" minOccurs="0"/>
      <xs:element ref="cql2rpn" minOccurs="0"/>
+     <xs:element ref="authentication" minOccurs="0"/>
    </xs:sequence>
    <xs:attribute name="default" type="xs:string" use="optional"/>
    <xs:attribute name="name" type="xs:string"/>
@@ -48,6 +49,7 @@
  <xs:element name="retrieve" type="xs:integer"/>
  <xs:element name="preinit" type="xs:integer"/>
  <xs:element name="cql2rpn" type="xs:string"/>
+ <xs:element name="authentication" type="xs:string"/>
 
  <xs:element name="keepalive">
   <xs:complexType>
diff --git a/include/yazproxy/proxy.h b/include/yazproxy/proxy.h
index 542ec8a..c9c64ee 100644
--- a/include/yazproxy/proxy.h
+++ b/include/yazproxy/proxy.h
@@ -1,4 +1,4 @@
-/* $Id: proxy.h,v 1.7 2004-10-18 22:10:57 adam Exp $
+/* $Id: proxy.h,v 1.8 2004-10-23 23:12:24 adam Exp $
    Copyright (c) 1998-2004, Index Data.
 
 This file is part of the yaz-proxy.
@@ -56,7 +56,8 @@ public:
 		      int *keepalive_limit_bw,
 		      int *keepalive_limit_pdu,
 		      int *pre_init,
-		      const char **cql2rpn);
+		      const char **cql2rpn,
+		      const char **authentication);
     
     void get_generic_info(int *log_mask, int *max_clients);
 
@@ -66,7 +67,8 @@ public:
 			 int *max_clients,
 			 int *keepalive_limit_bw, int *keepalive_limit_pdu,
 			 int *pre_init,
-			 const char **cql2rpn);
+			 const char **cql2rpn,
+			 const char **authentication);
 
     int check_query(ODR odr, const char *name, Z_Query *query, char **addinfo);
     int check_syntax(ODR odr, const char *name,
diff --git a/src/yaz-proxy-config.cpp b/src/yaz-proxy-config.cpp
index 21497ec..0486e73 100644
--- a/src/yaz-proxy-config.cpp
+++ b/src/yaz-proxy-config.cpp
@@ -1,4 +1,4 @@
-/* $Id: yaz-proxy-config.cpp,v 1.7 2004-10-18 22:10:57 adam Exp $
+/* $Id: yaz-proxy-config.cpp,v 1.8 2004-10-23 23:12:24 adam Exp $
    Copyright (c) 1998-2004, Index Data.
 
 This file is part of the yaz-proxy.
@@ -47,7 +47,8 @@ class Yaz_ProxyConfigP {
 			    int *limit_bw, int *limit_pdu, int *limit_req,
 			    int *target_idletime, int *client_idletime,
 			    int *keepalive_limit_bw, int *keepalive_limit_pdu,
-			    int *pre_init, const char **cql2rpn);
+			    int *pre_init, const char **cql2rpn,
+			    const char **authentication);
     void return_limit(xmlNodePtr ptr,
 		      int *limit_bw, int *limit_pdu, int *limit_req);
     int check_type_1(ODR odr, xmlNodePtr ptr, Z_RPNQuery *query,
@@ -176,7 +177,8 @@ void Yaz_ProxyConfigP::return_target_info(xmlNodePtr ptr,
 					  int *keepalive_limit_bw,
 					  int *keepalive_limit_pdu,
 					  int *pre_init,
-					  const char **cql2rpn)
+					  const char **cql2rpn,
+					  const char **authentication)
 {
     *pre_init = 0;
     int no_url = 0;
@@ -240,6 +242,13 @@ void Yaz_ProxyConfigP::return_target_info(xmlNodePtr ptr,
 	    if (t)
 		*cql2rpn = t;
 	}
+	if (ptr->type == XML_ELEMENT_NODE 
+	    && !strcmp((const char *) ptr->name, "authentication"))
+	{
+	    const char *t = get_text(ptr);
+	    if (t)
+		*authentication = t;
+	}
     }
 }
 #endif
@@ -680,7 +689,8 @@ int Yaz_ProxyConfig::get_target_no(int no,
 				   int *keepalive_limit_bw,
 				   int *keepalive_limit_pdu,
 				   int *pre_init,
-				   const char **cql2rpn)
+				   const char **cql2rpn,
+				   const char **authentication)
 {
 #if HAVE_XSLT
     xmlNodePtr ptr;
@@ -707,7 +717,7 @@ int Yaz_ProxyConfig::get_target_no(int no,
 		    limit_bw, limit_pdu, limit_req,
 		    target_idletime, client_idletime,
 		    keepalive_limit_bw, keepalive_limit_pdu,
-		    pre_init, cql2rpn);
+		    pre_init, cql2rpn, authentication);
 		return 1;
 	    }
 	    i++;
@@ -904,7 +914,8 @@ void Yaz_ProxyConfig::get_target_info(const char *name,
 				      int *keepalive_limit_bw,
 				      int *keepalive_limit_pdu,
 				      int *pre_init,
-				      const char **cql2rpn)
+				      const char **cql2rpn,
+				      const char **authentication)
 {
 #if HAVE_XSLT
     xmlNodePtr ptr;
@@ -940,7 +951,7 @@ void Yaz_ProxyConfig::get_target_info(const char *name,
 	m_cp->return_target_info(ptr, url, limit_bw, limit_pdu, limit_req,
 				 target_idletime, client_idletime,
 				 keepalive_limit_bw, keepalive_limit_pdu,
-				 pre_init, cql2rpn);
+				 pre_init, cql2rpn, authentication);
     }
 #else
     *url = name;
diff --git a/src/yaz-proxy.cpp b/src/yaz-proxy.cpp
index 68defcb..66d7da9 100644
--- a/src/yaz-proxy.cpp
+++ b/src/yaz-proxy.cpp
@@ -1,4 +1,4 @@
-/* $Id: yaz-proxy.cpp,v 1.9 2004-10-20 20:35:33 adam Exp $
+/* $Id: yaz-proxy.cpp,v 1.10 2004-10-23 23:12:24 adam Exp $
    Copyright (c) 1998-2004, Index Data.
 
 This file is part of the yaz-proxy.
@@ -395,6 +395,7 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie,
 	proxy_host = m_default_target;
 	int client_idletime = -1;
 	const char *cql2rpn_fname = 0;
+	const char *authentication = 0;
 	url[0] = m_default_target;
 	url[1] = 0;
 	if (cfg)
@@ -407,7 +408,8 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie,
 				 &m_keepalive_limit_bw,
 				 &m_keepalive_limit_pdu,
 				 &pre_init,
-				 &cql2rpn_fname);
+				 &cql2rpn_fname,
+				 &authentication);
 	}
 	if (client_idletime != -1)
 	{
@@ -416,6 +418,8 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie,
 	}
 	if (cql2rpn_fname)
 	    m_cql2rpn.set_pqf_file(cql2rpn_fname);
+	if (authentication)
+	    set_proxy_authentication(authentication);
 	if (!url[0])
 	{
 	    yaz_log(LOG_LOG, "%sNo default target", m_session_str);
@@ -473,15 +477,17 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie,
 	    }
 	}
     }
-    else if (!c)
+    else if (!c && apdu->which == Z_APDU_initRequest
+	     && apdu->u.initRequest->idAuthentication == 0)
     {
-	// don't have a client session yet. Search in session w/o cookie
+	// anonymous sessions without cookie.
+	// if authentication is set it is NOT anonymous se we can't share them.
 	for (c = parent->m_clientPool; c; c = c->m_next)
 	{
-	    assert (c->m_prev);
-	    assert (*c->m_prev == c);
+	    assert(c->m_prev);
+	    assert(*c->m_prev == c);
 	    if (c->m_server == 0 && c->m_cookie == 0 && 
-		c->m_waiting == 0 &&
+		c->m_waiting == 0 && 
 		!strcmp(m_proxyTarget, c->get_hostname()))
 	    {
 		// found it in cache
@@ -528,6 +534,12 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie,
                     odr_strdup (odr_encode(), m_proxy_authentication);
             }
         }
+	else
+	{
+	    // the client use authentication. We set the keepalive PDU
+	    // to 0 so we don't cache it in releaseClient
+	    m_keepalive_limit_pdu = 0;
+	}
 	// go through list of clients - and find the lowest/oldest one.
 	Yaz_ProxyClient *c_min = 0;
 	int min_seq = -1;
@@ -2291,7 +2303,6 @@ void Yaz_Proxy::releaseClient()
         assert (m_client->m_waiting != 2);
 	// Tell client (if any) that no server connection is there..
 	m_client->m_server = 0;
-	m_invalid_session = 0;
 	m_client = 0;
     }
     else if (m_client)
@@ -2423,6 +2434,7 @@ void Yaz_Proxy::pre_init()
     int keepalive_limit_bw, keepalive_limit_pdu;
     int pre_init;
     const char *cql2rpn = 0;
+    const char *authentication = 0;
 
     Yaz_ProxyConfig *cfg = check_reconfigure();
 
@@ -2440,7 +2452,8 @@ void Yaz_Proxy::pre_init()
 					  &keepalive_limit_bw,
 					  &keepalive_limit_pdu,
 					  &pre_init,
-					  &cql2rpn) ; i++)
+					  &cql2rpn,
+					  &authentication) ; i++)
     {
 	if (pre_init)
 	{