2026-06-15 12:00:10 +08:00
5 changed files with 11 additions and 28 deletions
--- a/src/auth.c
+++ b/src/auth.c
@ -843,7 +843,7 @@ int doauth(struct clientparam * param){
 				ac.sinsl_family = *SAFAMILY(&param->sinsl);
 				memcpy(ac.sinsl_addr, SAADDR(&param->sinsl), SAADDRLEN(&param->sinsl));
 			    }
-			    hashadd(&auth_table, param, &ac, conf.time + param->srv->authcachetime);
+			    hashadd(&auth_table, param, &ac, conf.time + conf.authcachetime);
 			}
 			break;
 		}
@ -971,14 +971,13 @@ struct auth authfuncs[] = {
 	{authfuncs+4, dnsauth, checkACL, "dnsname"},
 	{authfuncs+5, strongauth, checkACL, "strong"},
 	{authfuncs+6, cacheauth, checkACL, "cache"},
-	{authfuncs+7, cacheauth, NULL, "cacheacl"},
 #ifndef NORADIUS
 #define AUTHOFFSET 1
-	{authfuncs+8, radauth, checkACL, "radius"},
+	{authfuncs+7, radauth, checkACL, "radius"},
 #else
 #define AUTHOFFSET 0
 #endif
-	{authfuncs+8+AUTHOFFSET, NULL, NULL, "none"},
+	{authfuncs+7+AUTHOFFSET, NULL, NULL, "none"},
 	{NULL, NULL, NULL, ""}
 };

--- a/src/conf.c
+++ b/src/conf.c
@ -662,7 +662,7 @@ static int h_nscache(int argc, unsigned char **argv){
 		fprintf(stderr, "Invalid NS cache size: %d\n", res);
 		return 1;
 	}
-	if(dns_table.growlimit != res && inithashtable(&dns_table, (res >> 2), (res >> 2), res)){
+	if(inithashtable(&dns_table, (res << 2), (res << 2), res)){
 		fprintf(stderr, "Failed to initialize NS cache\n");
 		return 2;
 	}
@ -685,7 +685,7 @@ static int h_nscache6(int argc, unsigned char **argv){
 		fprintf(stderr, "Invalid NS cache size: %d\n", res);
 		return 1;
 	}
-	if(dns6_table.growlimit != res &&inithashtable(&dns6_table, (res>>2), (res>>2), res)){
+	if(inithashtable(&dns6_table, (res<<2), (res<<2), res)){
 		fprintf(stderr, "Failed to initialize NS cache\n");
 		return 2;
 	}
@ -1438,18 +1438,12 @@ static int h_authcache(int argc, unsigned char **argv){
 	if(strstr((char *) *(argv + 1), "limit")) conf.authcachetype |= 8;
 	if(strstr((char *) *(argv + 1), "acl")) conf.authcachetype |= 16;
 	if(strstr((char *) *(argv + 1), "ext")) conf.authcachetype |= 32;
-	if(strstr((char *) *(argv + 1), "dstaddr")) conf.authcachetype |= 64;
-	if(strstr((char *) *(argv + 1), "dstport")) conf.authcachetype |= 128;
-	if(strstr((char *) *(argv + 1), "dsthost")) conf.authcachetype |= 256;
-	if(strstr((char *) *(argv + 1), "dstoper")) conf.authcachetype |= 512;
-	if(strstr((char *) *(argv + 1), "srvaddr")) conf.authcachetype |= 1024;
-	if(strstr((char *) *(argv + 1), "srvport")) conf.authcachetype |= 2048;
 	if(argc > 2) conf.authcachetime = (unsigned) atoi((char *) *(argv + 2));
 	if(argc > 3) authcachesize  = (unsigned) atoi((char *) *(argv + 3));
 	if(!conf.authcachetype) conf.authcachetype = 6;
 	if(!conf.authcachetime) conf.authcachetime = 600;
 	if(!authcachesize) authcachesize = 65536*4;
-	if(auth_table.growlimit != authcachesize && inithashtable(&auth_table, authcachesize < 1024? authcachesize:1024, authcachesize < 1024? authcachesize:1024, authcachesize)){
+	if(inithashtable(&auth_table, 1024, 1024, authcachesize)){
 		fprintf(stderr, "Failed to initialize auth cache\n");
 		return 2;
 	}
--- a/src/hash.c
+++ b/src/hash.c
@ -230,19 +230,12 @@ void char_index2hash(const struct hashtable *ht, const void *index, uint8_t *has
 void param2hash(const struct hashtable *ht, const void *index, uint8_t *hash){
    blake2b_state S;
    const struct clientparam *param = (struct clientparam *)index;
-    unsigned type = param->srv->authcachetype;

    blake2b_init(&S, ht->hash_size);
-    if((type & 2) && param->username)blake2b_update(&S, param->username, strlen((const char *)param->username) + 1);
-    if((type & 4) && param->password)blake2b_update(&S, param->password, strlen((const char *)param->password) + 1);
-    if((type & 1) && !(type & 8))blake2b_update(&S, SAADDR(&param->sincr), SAADDRLEN(&param->sincr));
-    if((type & 16))blake2b_update(&S, &param->srv->acl, sizeof(param->srv->acl));
-    if((type & 64))blake2b_update(&S, SAADDR(&param->req), SAADDRLEN(&param->req));
-    if((type & 128))blake2b_update(&S, SAPORT(&param->req), 2);
-    if((type & 256) && param->hostname)blake2b_update(&S, param->hostname, strlen((const char *)param->hostname) + 1);
-    if((type & 512))blake2b_update(&S, &param->operation, sizeof(param->operation));
-    if((type & 1024))blake2b_update(&S, SAADDR(&param->srv->intsa), SAADDRLEN(&param->srv->intsa));
-    if((type & 2048))blake2b_update(&S, SAPORT(&param->srv->intsa), 2);
+    if((conf.authcachetype & 2) && param->username)blake2b_update(&S, param->username, strlen((const char *)param->username) + 1);
+    if((conf.authcachetype & 4) && param->password)blake2b_update(&S, param->password, strlen((const char *)param->password) + 1);
+    if((conf.authcachetype & 1) && !(conf.authcachetype & 8))blake2b_update(&S, SAADDR(&param->sincr), SAADDRLEN(&param->sincr));
+    if((conf.authcachetype & 16))blake2b_update(&S, &param->srv->acl, sizeof(param->srv->acl));
    blake2b_final(&S, hash, ht->hash_size);
 }

--- a/src/proxymain.c
+++ b/src/proxymain.c
@ -1028,8 +1028,6 @@ void srvinit(struct srvparam * srv, struct clientparam *param){
 srv->extsa6 = conf.extsa6;
 #endif
 srv->so = so;
- srv->authcachetime = conf.authcachetime;
- srv->authcachetype = conf.authcachetype;
 }

 void srvinit2(struct srvparam * srv, struct clientparam *param){
--- a/src/structures.h
+++ b/src/structures.h
@ -529,7 +529,6 @@ struct srvparam {
 	int usesplice;
 #endif
 	unsigned bufsize;
-	unsigned authcachetype, authcachetime;
 	unsigned logdumpsrv, logdumpcli;
 	PROXYSOCKADDRTYPE intsa, intNat, extNat;
 #ifndef NOIPV6
@ -666,7 +665,7 @@ struct extparam {
 	int stacksize,
 		counterd, haveerror, rotate, paused, archiverc,
 		demon, maxchild, backlog, needreload, timetoexit, version, noforce, bandlimver, parentretries;
-	unsigned authcachetype, authcachetime;
+	int authcachetype, authcachetime;
 	int filtermaxsize;
 	int gracetraf, gracenum, gracedelay;
 	int maxseg;