Commit 530b78d7 authored by Philipp Schafft's avatar Philipp Schafft 🦁

Allow the source password to be undefined.

This is to avoid falling back to a default password which may open security holes.

svn path=/icecast/trunk/icecast/; revision=18125
parent 99788838
......@@ -2,3 +2,5 @@ Jack Moffitt <jack@icecast.org>
Michael Smith <msmith@icecast.org>
oddsock <oddsock@xiph.org>
Karl Heyes <karl@xiph.org>
Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>
Thomas B. "dm8tbr" Ruecker <thomas.rucker@tieto.com>
2011-11-25 21:20 ph3-der-loewe
* trunk/icecast/AUTHORS, trunk/icecast/src/cfgfile.c.
trunk/icecast/src/connection.c: Allow the source password
to be undefined. This is to avoid falling back to a default
password which may open security holes.
----------------------------------------------------------------------
Everything above is post 2.3.2. The stuff below is incomplete.
The time zone above is UTC, the time zone below is unknown.
ph3-der-loewe, Fri Nov 25 21:20:58 UTC 2011
----------------------------------------------------------------------
2005-11-29 03:06 karl
* trunk/icecast/src/auth_url.c: update for authentication header
......
......@@ -8,6 +8,8 @@
* oddsock <oddsock@xiph.org>,
* Karl Heyes <karl@xiph.org>
* and others (see AUTHORS for details).
* Copyright 2011, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
Thomas B. "dm8tbr" Ruecker <thomas.rucker@tieto.com>.
*/
#ifdef HAVE_CONFIG_H
......
......@@ -8,6 +8,7 @@
* oddsock <oddsock@xiph.org>,
* Karl Heyes <karl@xiph.org>
* and others (see AUTHORS for details).
* Copyright 2011, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>
*/
/* -*- c-basic-offset: 4; indent-tabs-mode: nil; -*- */
......@@ -1168,7 +1169,12 @@ static void _handle_shoutcast_compatible (client_queue_t *node)
if (mountinfo && mountinfo->password)
source_password = strdup (mountinfo->password);
else
source_password = strdup (config->source_password);
{
if (config->source_password)
source_password = strdup (config->source_password);
else
source_password = NULL;
}
config_release_config();
/* Get rid of trailing \r\n or \n after password */
......@@ -1198,7 +1204,7 @@ static void _handle_shoutcast_compatible (client_queue_t *node)
}
*ptr = '\0';
if (strcmp (client->refbuf->data, source_password) == 0)
if (source_password && strcmp (client->refbuf->data, source_password) == 0)
{
client->respcode = 200;
/* send this non-blocking but if there is only a partial write
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment