mirror of
https://github.com/owntone/owntone-server.git
synced 2025-01-13 07:53:23 -05:00
Minor auth fixes
This commit is contained in:
parent
df3f9d8bfd
commit
29c4e25425
@ -178,6 +178,7 @@ int config_password_required(WS_CONNINFO *pwsc, char *role) {
|
|||||||
DPRINTF(E_DBG,L_MISC,"Checking if pw required for %s as %s\n",
|
DPRINTF(E_DBG,L_MISC,"Checking if pw required for %s as %s\n",
|
||||||
pwsc->uri, role);
|
pwsc->uri, role);
|
||||||
|
|
||||||
|
/* hack hack hack - this needs moved into the upnp plugin */
|
||||||
if(strncasecmp(pwsc->uri,"/upnp",5) == 0) {
|
if(strncasecmp(pwsc->uri,"/upnp",5) == 0) {
|
||||||
DPRINTF(E_DBG,L_MISC,"Nope\n");
|
DPRINTF(E_DBG,L_MISC,"Nope\n");
|
||||||
return FALSE;
|
return FALSE;
|
||||||
@ -188,6 +189,12 @@ int config_password_required(WS_CONNINFO *pwsc, char *role) {
|
|||||||
if((!pw) || ((pw) && (!strlen(pw)))) {
|
if((!pw) || ((pw) && (!strlen(pw)))) {
|
||||||
/* don't need a password from localhost
|
/* don't need a password from localhost
|
||||||
when the password isn't set */
|
when the password isn't set */
|
||||||
|
|
||||||
|
#ifdef WIN32
|
||||||
|
/* except on windows */
|
||||||
|
return FALSE;
|
||||||
|
#endif
|
||||||
|
|
||||||
if((pwsc->hostname) && (os_islocaladdr(pwsc->hostname))) {
|
if((pwsc->hostname) && (os_islocaladdr(pwsc->hostname))) {
|
||||||
if(pw) free(pw);
|
if(pw) free(pw);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
@ -227,11 +234,6 @@ int config_matches_role(WS_CONNINFO *pwsc, char *username,
|
|||||||
char *required_pw;
|
char *required_pw;
|
||||||
int result;
|
int result;
|
||||||
|
|
||||||
DPRINTF(E_LOG,L_MISC,"Checking %s/%s for %s\n",
|
|
||||||
username ? username : "NULL",
|
|
||||||
password ? password : "NULL",
|
|
||||||
role);
|
|
||||||
|
|
||||||
/* sanity check */
|
/* sanity check */
|
||||||
if((strcasecmp(role,"admin") != 0) &&
|
if((strcasecmp(role,"admin") != 0) &&
|
||||||
(strcasecmp(role,"user") !=0)) {
|
(strcasecmp(role,"user") !=0)) {
|
||||||
@ -252,8 +254,11 @@ int config_matches_role(WS_CONNINFO *pwsc, char *username,
|
|||||||
if(required_pw)
|
if(required_pw)
|
||||||
free(required_pw);
|
free(required_pw);
|
||||||
|
|
||||||
if(strcasecmp(role,"admin") == 0)
|
if(strcasecmp(role,"admin") == 0) {
|
||||||
|
DPRINTF(E_LOG,L_MISC,"Auth: failed attempt to gain admin privs by "
|
||||||
|
"%s from %s\n",username, pwsc->hostname);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
/* we're checking for user privs */
|
/* we're checking for user privs */
|
||||||
required_pw = conf_alloc_string("general","password",NULL);
|
required_pw = conf_alloc_string("general","password",NULL);
|
||||||
@ -267,8 +272,8 @@ int config_matches_role(WS_CONNINFO *pwsc, char *username,
|
|||||||
|
|
||||||
free(required_pw);
|
free(required_pw);
|
||||||
if(!result) {
|
if(!result) {
|
||||||
DPRINTF(E_LOG,L_MISC,"Auth: attempt to gain user privs "
|
DPRINTF(E_LOG,L_MISC,"Auth: failed attempt to gain user privs by "
|
||||||
"from %s (%s/%s)\n",pwsc->hostname, username, password);
|
"%s from %s\n",pwsc->hostname, username);
|
||||||
}
|
}
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
@ -579,6 +584,7 @@ void config_emit_config(WS_CONNINFO *pwsc, void *value, char *arg) {
|
|||||||
void config_emit_host(WS_CONNINFO *pwsc, void *value, char *arg) {
|
void config_emit_host(WS_CONNINFO *pwsc, void *value, char *arg) {
|
||||||
char *host;
|
char *host;
|
||||||
char *port;
|
char *port;
|
||||||
|
char hostname[256];
|
||||||
|
|
||||||
if(ws_getrequestheader(pwsc,"host")) {
|
if(ws_getrequestheader(pwsc,"host")) {
|
||||||
host = strdup(ws_getrequestheader(pwsc,"host"));
|
host = strdup(ws_getrequestheader(pwsc,"host"));
|
||||||
@ -589,7 +595,8 @@ void config_emit_host(WS_CONNINFO *pwsc, void *value, char *arg) {
|
|||||||
free(host);
|
free(host);
|
||||||
} else {
|
} else {
|
||||||
DPRINTF(E_LOG,L_CONF,"Didn't get a host header!\n");
|
DPRINTF(E_LOG,L_CONF,"Didn't get a host header!\n");
|
||||||
ws_writefd(pwsc,"localhost");
|
gethostname(hostname,sizeof(hostname));
|
||||||
|
ws_writefd(pwsc,hostname);
|
||||||
}
|
}
|
||||||
|
|
||||||
return;
|
return;
|
||||||
|
Loading…
Reference in New Issue
Block a user