Commit 27abfbbd authored by Philipp Schafft's avatar Philipp Schafft 🦁

Fix: Do not crash URL Auth is used with stream_auth and no credentials are given

This fixes a crash (NULL reference) in case URL Auth is used
and stream_auth is trigged with no credentials passed by the client.
Username and password is now set to empty strings and transmited to
the backend server this way.

See #2191 for more details and to keep track of the problem.

Closes: #2191, DEB#782120
parent 3baa4e46
......@@ -539,10 +539,20 @@ static void url_stream_auth (auth_client *auth_user)
host = util_url_escape (config->hostname);
port = config->port;
config_release_config ();
user = util_url_escape (client->username);
pass = util_url_escape (client->password);
ipaddr = util_url_escape (client->con->ip);
if (client->username) {
user = util_url_escape(client->username);
} else {
user = strdup("");
}
if (client->password) {
pass = util_url_escape(client->password);
} else {
pass = strdup("");
}
snprintf (post, sizeof (post),
"action=stream_auth&mount=%s&ip=%s&server=%s&port=%d&user=%s&pass=%s%s",
mount, ipaddr, host, port, user, pass, admin);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment