Tune down auth logging a bit, increase debugging in ws handler to try and find wl500g problem

2025-02-03 01:46:02 -05:00 · 2007-04-16 21:31:56 +00:00 · 2007-04-16 21:31:56 +00:00 · d8ad7c7ebc
commit d8ad7c7ebc
parent e8ff234550
2 changed files with 42 additions and 24 deletions
--- a/src/configfile.c
+++ b/src/configfile.c
@ -168,6 +168,35 @@ int config_session=0;                                   /**< session counter */

 #define MAX_LINE 1024

+
+int config_password_required(WS_CONNINFO *pwsc,char *role) {
+    char *pw;
+
+    if(!strcmp(role,"admin")) {
+        pw = conf_alloc_string("general","admin_pw",NULL);
+        if(!pw) {
+            /* don't need a password from localhost
+               when the password isn't set */
+            if((pwsc->hostname) && (os_islocaladdr(pwsc->hostname)))
+                return FALSE;
+        }
+        free(pw);
+        return TRUE;
+    }
+
+    if(!strcmp(role,"user")) {
+        pw = conf_alloc_string("general","password",NULL);
+        if(pw) {
+            free(pw);
+            return TRUE;
+        }
+        return FALSE;
+    }
+
+    return TRUE; /* other class */
+}
+
+
 /**
 * used in auth handlers to see if the username and password
 * are sufficient to grant a specific role.  The roles "user" and
@ -178,10 +207,6 @@ int config_matches_role(WS_CONNINFO *pwsc, char *username,
                        char *password, char *role) {
    char *required_pw;
    int result;
-    char *my_username, *my_password;
-
-    my_username = username ? username : "";
-    my_password = password ? password : "";

    /* sanity check */
    if((strcasecmp(role,"admin") && strcasecmp(role,"user"))) {
@ -189,44 +214,35 @@ int config_matches_role(WS_CONNINFO *pwsc, char *username,
        return FALSE;
    }

+    if(password == NULL)
+        return !config_password_required(pwsc,role);
+
    /* if we have admin auth, we have everything */
    required_pw = conf_alloc_string("general","admin_pw",NULL);
-    if(!required_pw) { /* no password set */
-        if((pwsc->hostname) && (os_islocaladdr(pwsc->hostname)))
-            return TRUE;
-
-        DPRINTF(E_LOG,L_MISC,"Auth: attempt to gain admin privs "
-                "from %s (%s/%s)\n",pwsc->hostname, my_username, my_password);
-        return FALSE;
-    }
-
-    /* if the admin password is set, and we've set it */
-    if(!strcmp(required_pw, my_password)) {
+    if((required_pw) && (!strcmp(required_pw, password))) {
        free(required_pw);
        return TRUE;
    }

-    free(required_pw);
-    if(!strcasecmp("admin",role))  {/* must we have admin? */
-        DPRINTF(E_LOG,L_MISC,"Auth: attempt to gain admin privs "
-                "from %s (%s/%s)\n",pwsc->hostname, my_username, my_password);
-        return FALSE;
-    }
+    if(required_pw)
+        free(required_pw);
+
+    if(!strcasecmp(role,"admin"))
+       return FALSE;

    /* we're checking for user privs */
-    result = FALSE;
    required_pw = conf_alloc_string("general","password",NULL);

    if(!required_pw) /* none set */
        return TRUE;

-    if(!strcmp(required_pw,my_password))
+    if(!strcmp(required_pw,password))
        result = TRUE;

    free(required_pw);
    if(!result) {
        DPRINTF(E_LOG,L_MISC,"Auth: attempt to gain user privs "
-                "from %s (%s/%s)\n",pwsc->hostname, my_username, my_password);
+                "from %s (%s/%s)\n",pwsc->hostname, username, password);
    }
    return result;
 }
--- a/src/webserver.c
+++ b/src/webserver.c
@ -1395,6 +1395,8 @@ int ws_findhandler(WS_PRIVATE *pwsp, WS_CONNINFO *pwsc,
            pwsc->threadno);

    while(phandler) {
+        DPRINTF(E_DBG,L_WS,"Checking %s against handler for %s\n",
+                pwsc->uri, phandler->stem);
        if(!strncasecmp(phandler->stem,pwsc->uri,strlen(phandler->stem))) {
            /* that's a match */
            DPRINTF(E_DBG,L_WS,"Thread %d: URI Match!\n",pwsc->threadno);