Username Header [PATCH]

Hola Ladies and Gents,
        Below is a patch to squid-head-200201020000 which implements
"Username Headers." The basic idea here is to specify a list of domain
names which will receive a Proxy-Authenticated username. This is useful in
my company as a unified logon, and may be useful to others as well.

This feature adds one configuration option which is a list of domain
suffixes to try to match against. By default the list is empty, and thus
adds almost no overhead for folks who do not want this feature.

If a list of domain names are present, the patch attempts to match the
requested web page with any of the domains. If successful it will add an
HTTP header like this:

HTTP_X_PROXY_USERNAME: bherrick

This is, of course, not even close to a secure way to authenticate users.
However, in a small controlled intranet environment, it gives a useful
hint for web scripts.

Questions, comments and concerns are of course welcome. Please CC me on
any traffic concerning this patch as I am not subscribed to the list.

-- 
Ben Herrick
System Administrator
Globalcom, Inc.
333 West Wacker Drive Suite 1500
Chicago, Il 60606-1231
Phone: 312.893.0176
Pager: 800.205.7564
Fax: 312.492.1414
Service: 800.589.1531
mailto:bherrick@global-com.com
============== CUT HERE ==============
--- squid-head-200201020000/src/HttpHeader.c	Wed Jan  2 16:00:32 2002
+++ squid-head-200201020000/src/HttpHeader.c.gc	Wed Jan  2 16:02:07 2002
@@ -122,6 +122,7 @@
     {"X-Cache", HDR_X_CACHE, ftStr},
     {"X-Cache-Lookup", HDR_X_CACHE_LOOKUP, ftStr},
     {"X-Forwarded-For", HDR_X_FORWARDED_FOR, ftStr},
+    {"X-Proxy-Username", HDR_X_PROXY_USERNAME, ftStr},
     {"X-Request-URI", HDR_X_REQUEST_URI, ftStr},
     {"X-Squid-Error", HDR_X_SQUID_ERROR, ftStr},
     {"Negotiate", HDR_NEGOTIATE, ftStr},
@@ -207,7 +208,7 @@
     HDR_IF_MATCH, HDR_IF_MODIFIED_SINCE, HDR_IF_NONE_MATCH,
     HDR_IF_RANGE, HDR_MAX_FORWARDS, HDR_PROXY_CONNECTION,
     HDR_PROXY_AUTHORIZATION, HDR_RANGE, HDR_REFERER, HDR_REQUEST_RANGE,
-    HDR_USER_AGENT, HDR_X_FORWARDED_FOR
+    HDR_USER_AGENT, HDR_X_FORWARDED_FOR, HDR_X_PROXY_USERNAME
 };
 
 /* header accounting */
--- squid-head-200201020000/src/cf.data.pre	Mon Dec 24 23:46:35 2001
+++ squid-head-200201020000/src/cf.data.pre.gc	Wed Jan  2 16:12:55 2002
@@ -2466,6 +2466,20 @@
 DOC_END
 
 
+NAME: username_header
+TYPE: wordlist
+LOC: Config.usernameHeader
+DEFAULT: none
+DOC_START
+	Appends an X-PROXY-USERNAME to the list of headers sent to
+	the upstream webserver. The argument is a list of one or more
+	domain names which should receive username information.
+
+Example
+ username_header yourdomain.com affiliatedomain.com
+DOC_END
+
+
 NAME: append_domain
 TYPE: string
 LOC:  Config.appendDomain
--- squid-head-200201020000/src/enums.h	Fri Dec 21 03:47:34 2001
+++ squid-head-200201020000/src/enums.h.gc	Wed Jan  2 16:06:02 2002
@@ -237,6 +237,7 @@
     HDR_X_CACHE,
     HDR_X_CACHE_LOOKUP,		/* tmp hack, remove later */
     HDR_X_FORWARDED_FOR,
+    HDR_X_PROXY_USERNAME,
     HDR_X_REQUEST_URI,		/* appended if ADD_X_REQUEST_URI is #defined */
     HDR_X_SQUID_ERROR,
     HDR_NEGOTIATE,
--- squid-head-200201020000/src/http.c	Thu Dec 27 20:39:42 2001
+++ squid-head-200201020000/src/http.c.gc	Wed Jan  2 16:42:02 2002
@@ -732,6 +732,7 @@
     const HttpHeader *hdr_in = &orig_request->header;
     int we_do_ranges;
     const HttpHeaderEntry *e;
+    wordlist *w = NULL;
     String strVia;
     String strFwd;
     HttpHeaderPos pos = HttpHeaderInitPos;
@@ -836,6 +837,18 @@
 	default:
 	    /* pass on all other header fields */
 	    httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e));
+	}
+    }
+
+    /* append X-Proxy-Username */
+    if ((w = Config.usernameHeader) != NULL) {
+	if (!httpHeaderHas(hdr_out, HDR_X_PROXY_USERNAME) && request->user_ident) {
+	    for (; w; w = w->next) {
+		if (strstr(request->host, w->key) != NULL) {
+		    httpHeaderPutStr(hdr_out, HDR_X_PROXY_USERNAME, request->user_ident);
+		    break;
+		}
+	    }
 	}
     }
 
--- squid-head-200201020000/src/structs.h	Wed Jan  2 16:15:00 2002
+++ squid-head-200201020000/src/structs.h.gc	Wed Jan  2 16:14:49 2002
@@ -489,6 +489,7 @@
 	char *host;
 	u_short port;
     } Accel;
+    wordlist *usernameHeader;
     char *appendDomain;
     size_t appendDomainLen;
     char *debugOptions;
============== CUT HERE ==============