[mpd] apply trusted_networks to MPD
This commit is contained in:
Wolfgang Scherer
ejurgensen
parent
ef767a08a4
commit
69ff42fc6a
32
src/httpd.c
32
src/httpd.c
|
|
@ -1400,25 +1400,15 @@ httpd_redirect_to_index(struct evhttp_request *req, const char *uri)
|
|||
httpd_send_reply(req, HTTP_MOVETEMP, "Moved", NULL, HTTPD_SEND_NO_GZIP);
|
||||
}
|
||||
|
||||
/* |:todo:|This is also needed for mpd and should probably go somewhere else. */
|
||||
bool
|
||||
httpd_peer_is_trusted(struct evhttp_request *req)
|
||||
peer_address_is_trusted(const char *addr)
|
||||
{
|
||||
struct evhttp_connection *evcon;
|
||||
cfg_t *section;
|
||||
const char *network;
|
||||
char *addr;
|
||||
uint16_t port;
|
||||
int i;
|
||||
int n;
|
||||
|
||||
evcon = evhttp_request_get_connection(req);
|
||||
if (!evcon)
|
||||
{
|
||||
DPRINTF(E_LOG, L_HTTPD, "Connection to client lost or missing\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
evhttp_connection_get_peer(evcon, &addr, &port);
|
||||
if (strncmp(addr, "::ffff:", strlen("::ffff:")) == 0)
|
||||
addr += strlen("::ffff:");
|
||||
|
||||
|
|
@ -1442,6 +1432,24 @@ httpd_peer_is_trusted(struct evhttp_request *req)
|
|||
return false;
|
||||
}
|
||||
|
||||
bool
|
||||
httpd_peer_is_trusted(struct evhttp_request *req)
|
||||
{
|
||||
struct evhttp_connection *evcon;
|
||||
char *addr;
|
||||
uint16_t port;
|
||||
|
||||
evcon = evhttp_request_get_connection(req);
|
||||
if (!evcon)
|
||||
{
|
||||
DPRINTF(E_LOG, L_HTTPD, "Connection to client lost or missing\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
evhttp_connection_get_peer(evcon, &addr, &port);
|
||||
return peer_address_is_trusted(addr);
|
||||
}
|
||||
|
||||
bool
|
||||
httpd_admin_check_auth(struct evhttp_request *req)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -147,6 +147,9 @@ httpd_redirect_to_admin(struct evhttp_request *req);
|
|||
void
|
||||
httpd_redirect_to_index(struct evhttp_request *req, const char *uri);
|
||||
|
||||
bool
|
||||
peer_address_is_trusted(const char *addr);
|
||||
|
||||
bool
|
||||
httpd_peer_is_trusted(struct evhttp_request *req);
|
||||
|
||||
|
|
|
|||
29
src/mpd.c
29
src/mpd.c
|
|
@ -4614,6 +4614,29 @@ mpd_input_filter(struct evbuffer *src, struct evbuffer *dst, ev_ssize_t lim, enu
|
|||
return BEV_OK;
|
||||
}
|
||||
|
||||
/* |:todo:| This should probably go somewhere else. */
|
||||
static const char *
|
||||
sockaddr_to_string(const struct sockaddr *address, char *addr_str, int addr_str_len)
|
||||
{
|
||||
const char *ret;
|
||||
|
||||
if (address->sa_family == AF_INET)
|
||||
{
|
||||
struct sockaddr_in *addr = (struct sockaddr_in *)address;
|
||||
ret = evutil_inet_ntop(AF_INET, &addr->sin_addr, addr_str, addr_str_len);
|
||||
}
|
||||
else if (address->sa_family == AF_INET6)
|
||||
{
|
||||
struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)address;
|
||||
ret = evutil_inet_ntop(AF_INET6, &addr6->sin6_addr, addr_str, addr_str_len);
|
||||
}
|
||||
else
|
||||
{
|
||||
ret = NULL;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* The connection listener callback function is invoked when a new connection was received.
|
||||
*
|
||||
|
|
@ -4645,6 +4668,12 @@ mpd_accept_conn_cb(struct evconnlistener *listener,
|
|||
}
|
||||
|
||||
cmd_ctx->authenticated = !cfg_getstr(cfg_getsec(cfg, "library"), "password");
|
||||
if (!cmd_ctx->authenticated)
|
||||
{
|
||||
char addr_str[INET6_ADDRSTRLEN];
|
||||
sockaddr_to_string(address, addr_str, sizeof(addr_str));
|
||||
cmd_ctx->authenticated = peer_address_is_trusted(addr_str);
|
||||
}
|
||||
|
||||
bev = bufferevent_filter_new(bev, mpd_input_filter, NULL, BEV_OPT_CLOSE_ON_FREE, free, cmd_ctx);
|
||||
bufferevent_setcb(bev, mpd_read_cb, NULL, mpd_event_cb, cmd_ctx);
|
||||
|
|
|
|||
Loading…
Reference in New Issue