From 62be3c7b5b07f2e7ff2045d72a5d34d347559fa5 Mon Sep 17 00:00:00 2001
From: Vladimir Dubrovin <3proxy@3proxy.ru>
Date: Sun, 26 Apr 2026 19:56:38 +0300
Subject: [PATCH] cash the hash for auth cache

---
 src/hash.c       | 73 ++++++++++++++++++++++++++++++++++++++++--------
 src/proxy.h      |  4 +--
 src/structures.h |  8 ++++--
 3 files changed, 70 insertions(+), 15 deletions(-)

diff --git a/src/hash.c b/src/hash.c
index c4203ea..c004592 100644
--- a/src/hash.c
+++ b/src/hash.c
@@ -160,7 +160,7 @@ static void hashgrow(struct hashtable *ht){
 
 
 
-void hashadd(struct hashtable *ht, const void* name, const void* value, time_t expires){
+void hashadd(struct hashtable *ht, void* name, void* value, time_t expires){
     uint32_t hen, he;
     uint32_t *hep;
     int overwrite = 0;
@@ -172,7 +172,7 @@ void hashadd(struct hashtable *ht, const void* name, const void* value, time_t e
 	return;
     }
 
-    ht->index2hash(ht, name, hash);
+    ht->index2hash_add(ht, name, hash);
     pthread_mutex_lock(&hash_mutex);
     index = hashindex(ht->tablesize, hash);
 
@@ -211,7 +211,7 @@ void hashadd(struct hashtable *ht, const void* name, const void* value, time_t e
     pthread_mutex_unlock(&hash_mutex);
 }
 
-int hashresolv(struct hashtable *ht, const void* name, void* value, uint32_t *ttl){
+int hashresolv(struct hashtable *ht, void* name, void* value, uint32_t *ttl){
     uint8_t hash[MAX_HASH_SIZE];
     uint32_t *hep;
     uint32_t he;
@@ -220,7 +220,7 @@ int hashresolv(struct hashtable *ht, const void* name, void* value, uint32_t *tt
     if(!ht || !ht->ihashtable || !name) {
 	return 0;
     }
-    ht->index2hash(ht,name, hash);
+    ht->index2hash_search(ht,name, hash);
     pthread_mutex_lock(&hash_mutex);
     index = hashindex(ht->tablesize, hash);
     for(hep = ht->ihashtable + index; (he = *hep)!=0; ){
@@ -242,15 +242,15 @@ int hashresolv(struct hashtable *ht, const void* name, void* value, uint32_t *tt
     return 0;
 }
 
-void char_index2hash(const struct hashtable *ht, const void *index, uint8_t *hash){
-    const char* name = index;
+static void char_index2hash(const struct hashtable *ht, void *index, uint8_t *hash){
+    char* name = index;
 
     blake2b(hash, ht->hash_size, index, strlen((const char*)index), NULL, 0);
 }
 
-void param2hash(const struct hashtable *ht, const void *index, uint8_t *hash){
+static void param2hash_add(const struct hashtable *ht, void *index, uint8_t *hash){
     blake2b_state S;
-    const struct clientparam *param = (struct clientparam *)index;
+    struct clientparam *param = (struct clientparam *)index;
     unsigned type = param->srv->authcachetype;
 
     blake2b_init(&S, ht->hash_size);
@@ -265,8 +265,59 @@ void param2hash(const struct hashtable *ht, const void *index, uint8_t *hash){
     if((type & 1024))blake2b_update(&S, SAADDR(&param->srv->intsa), SAADDRLEN(&param->srv->intsa));
     if((type & 2048))blake2b_update(&S, SAPORT(&param->srv->intsa), 2);
     blake2b_final(&S, hash, ht->hash_size);
+    memcpy(param->hash, hash, ht->hash_size);
 }
 
-struct hashtable dns_table = {char_index2hash, 4, 16};
-struct hashtable dns6_table = {char_index2hash, 16, 16};
-struct hashtable auth_table = {param2hash, sizeof(struct authcache), 16};
+static void pw2hash_add(const struct hashtable *ht, void *index, uint8_t *hash){
+    char ** pw = (char **)index;
+    blake2b_state S;
+    
+    blake2b_init(&S, ht->hash_size);
+    if(pw[0])blake2b_update(&S, pw[0], strlen(pw[0]) + 1);
+    if(pw[1])blake2b_update(&S, pw[1], strlen(pw[1]) + 1);
+    blake2b_final(&S, hash, ht->hash_size);
+}
+
+
+static void pw2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
+    struct clientparam *param  = (struct clientparam *)index;
+
+    char *pw[2] = {(char *)param->username, (char *)param->password};
+    
+    pw2hash_add(ht, pw, hash);
+}
+
+static void pwnt2hash_add(const struct hashtable *ht, void *index, uint8_t *hash){
+    char ** pw = (char **)index;
+    blake2b_state S;
+    
+    blake2b_init(&S, ht->hash_size);
+    if(pw[0])blake2b_update(&S, pw[0], strlen(pw[0]) + 1);
+    if(pw[1])blake2b_update(&S, pw[1], strlen(pw[1]) + 1);
+    blake2b_final(&S, hash, ht->hash_size);
+}
+
+
+static void pwnt2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
+    struct clientparam *param  = (struct clientparam *)index;
+    unsigned char pass[40];    
+    char *pw[2] = {(char *)param->username, (char *)pass};
+
+    ntpwdhash(pass, param->password, 1);
+    pwnt2hash_add(ht, pw, hash);
+}
+
+void param2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
+    struct clientparam *param = (struct clientparam *)index;
+
+    memcpy(hash, param->hash, ht->hash_size);
+}
+
+
+
+struct hashtable dns_table = {char_index2hash, char_index2hash, 4, 12};
+struct hashtable dns6_table = {char_index2hash, char_index2hash, 16, 12};
+struct hashtable auth_table = {param2hash_add, param2hash_search, sizeof(struct authcache), 12};
+struct hashtable pw_table = {pw2hash_add, pw2hash_search, 0, 12};
+struct hashtable pwnt_table = {pwnt2hash_add, pwnt2hash_search, 0, 12};
+struct hashtable pwcr_table = {char_index2hash, char_index2hash, 64, 12};
diff --git a/src/proxy.h b/src/proxy.h
index 7770e94..d989cb2 100644
--- a/src/proxy.h
+++ b/src/proxy.h
@@ -245,8 +245,8 @@ void mschap(const unsigned char *win_password,
 
 void destroyhashtable(struct hashtable *ht);
 int inithashtable(struct hashtable *ht, unsigned tablesize, unsigned poolsize, unsigned growlimit);
-void hashadd(struct hashtable *ht, const void* name, const void* value, time_t expires);
-int hashresolv(struct hashtable *ht, const void* name, void* value, uint32_t *ttl);
+void hashadd(struct hashtable *ht, void* name, void* value, time_t expires);
+int hashresolv(struct hashtable *ht, void* name, void* value, uint32_t *ttl);
 
 int parsehost(int family, unsigned char *host, struct sockaddr *sa);
 int parsehostname(char *hostname, struct clientparam *param, uint16_t port);
diff --git a/src/structures.h b/src/structures.h
index be28e7e..1e18356 100644
--- a/src/structures.h
+++ b/src/structures.h
@@ -192,6 +192,9 @@ int
 #endif
 #endif
 
+#define MAX_HASH_SIZE (16)
+
+
 extern char* NULLADDR;
 typedef enum {
 	CLIENT,
@@ -585,6 +588,7 @@ struct clientparam {
 			waitserver64,
 			cycles,
 			threadid;
+	uint8_t hash[MAX_HASH_SIZE];
 
 	int	redirected,
 		operation,
@@ -755,10 +759,10 @@ struct child {
 	unsigned char **argv;
 };
 
-#define MAX_HASH_SIZE (16)
 
 struct hashtable {
-	void (*index2hash)(const struct hashtable *ht, const void *index, uint8_t *hash);
+	void (*index2hash_add)(const struct hashtable *ht, void *index, uint8_t *hash);
+	void (*index2hash_search)(const struct hashtable *ht, void *index, uint8_t *hash);
 	unsigned recsize;
 	unsigned hash_size;
 	unsigned poolsize;