Commit 5965554d authored by Karl Heyes's avatar Karl Heyes

update for authentication header via libcurl. allows for http://user:pass@host..

else the param specified user/pass. In the case of listener_add/remove use
the client provided user/pass if no others are specified.

svn path=/icecast/trunk/icecast/; revision=10498
parent d670683e
......@@ -86,6 +86,7 @@ typedef struct {
int auth_header_len;
char *timelimit_header;
int timelimit_header_len;
char *userpwd;
CURL *handle;
char errormsg [CURL_ERROR_SIZE];
} auth_url;
......@@ -106,10 +107,19 @@ static void auth_url_clear(auth_t *self)
free (url->stream_end);
free (url->auth_header);
free (url->timelimit_header);
free (url->userpwd);
free (url);
}
/* make sure that prompting at the console does not occur */
static int my_getpass(void *client, char *prompt, char *buffer, int buflen)
{
buffer[0] = '\0';
return 0;
}
static int handle_returned_header (void *ptr, size_t size, size_t nmemb, void *stream)
{
auth_client *auth_user = stream;
......@@ -159,8 +169,10 @@ static auth_result url_remove_client (auth_client *auth_user)
char *username, *password, *mount, *server;
ice_config_t *config;
int port;
char post [4096];
char *userpwd = NULL, post [4096];
if (url->removeurl == NULL)
return AUTH_OK;
config = config_get_config ();
server = util_url_escape (config->hostname);
port = config->port;
......@@ -192,6 +204,29 @@ static auth_result url_remove_client (auth_client *auth_user)
free (username);
free (password);
if (strchr (url->removeurl, '@') == NULL)
{
if (url->userpwd)
curl_easy_setopt (url->handle, CURLOPT_USERPWD, url->userpwd);
else
{
/* auth'd requests may not have a user/pass, but may use query args */
if (client->username && client->password)
{
int len = strlen (client->username) + strlen (client->password) + 2;
userpwd = malloc (len);
snprintf (userpwd, len, "%s:%s", client->username, client->password);
curl_easy_setopt (url->handle, CURLOPT_USERPWD, userpwd);
}
else
curl_easy_setopt (url->handle, CURLOPT_USERPWD, "");
}
}
else
{
/* url has user/pass but libcurl may need to clear any existing settings */
curl_easy_setopt (url->handle, CURLOPT_USERPWD, "");
}
curl_easy_setopt (url->handle, CURLOPT_URL, url->removeurl);
curl_easy_setopt (url->handle, CURLOPT_POSTFIELDS, post);
curl_easy_setopt (url->handle, CURLOPT_WRITEHEADER, auth_user);
......@@ -199,6 +234,8 @@ static auth_result url_remove_client (auth_client *auth_user)
if (curl_easy_perform (url->handle))
WARN2 ("auth to server %s failed with %s", url->removeurl, url->errormsg);
free (userpwd);
return AUTH_OK;
}
......@@ -212,7 +249,7 @@ static auth_result url_add_client (auth_client *auth_user)
char *agent, *user_agent, *username, *password;
char *mount, *ipaddr, *server;
ice_config_t *config;
char post [4096];
char *userpwd = NULL, post [4096];
if (url->addurl == NULL)
return AUTH_OK;
......@@ -253,6 +290,29 @@ static auth_result url_add_client (auth_client *auth_user)
free (password);
free (ipaddr);
if (strchr (url->addurl, '@') == NULL)
{
if (url->userpwd)
curl_easy_setopt (url->handle, CURLOPT_USERPWD, url->userpwd);
else
{
/* auth'd requests may not have a user/pass, but may use query args */
if (client->username && client->password)
{
int len = strlen (client->username) + strlen (client->password) + 2;
userpwd = malloc (len);
snprintf (userpwd, len, "%s:%s", client->username, client->password);
curl_easy_setopt (url->handle, CURLOPT_USERPWD, userpwd);
}
else
curl_easy_setopt (url->handle, CURLOPT_USERPWD, "");
}
}
else
{
/* url has user/pass but libcurl may need to clear any existing settings */
curl_easy_setopt (url->handle, CURLOPT_USERPWD, "");
}
curl_easy_setopt (url->handle, CURLOPT_URL, url->addurl);
curl_easy_setopt (url->handle, CURLOPT_POSTFIELDS, post);
curl_easy_setopt (url->handle, CURLOPT_WRITEHEADER, auth_user);
......@@ -260,6 +320,8 @@ static auth_result url_add_client (auth_client *auth_user)
res = curl_easy_perform (url->handle);
free (userpwd);
if (res)
{
WARN2 ("auth to server %s failed with %s", url->addurl, url->errormsg);
......@@ -306,6 +368,15 @@ static void url_stream_start (auth_client *auth_user)
free (server);
free (mount);
if (strchr (url->stream_start, '@') == NULL)
{
if (url->userpwd)
curl_easy_setopt (url->handle, CURLOPT_USERPWD, url->userpwd);
else
curl_easy_setopt (url->handle, CURLOPT_USERPWD, "");
}
else
curl_easy_setopt (url->handle, CURLOPT_USERPWD, "");
curl_easy_setopt (url->handle, CURLOPT_URL, stream_start_url);
curl_easy_setopt (url->handle, CURLOPT_POSTFIELDS, post);
curl_easy_setopt (url->handle, CURLOPT_WRITEHEADER, auth_user);
......@@ -349,7 +420,16 @@ static void url_stream_end (auth_client *auth_user)
free (server);
free (mount);
curl_easy_setopt (url->handle, CURLOPT_URL, stream_end_url);
if (strchr (url->stream_end, '@') == NULL)
{
if (url->userpwd)
curl_easy_setopt (url->handle, CURLOPT_USERPWD, url->userpwd);
else
curl_easy_setopt (url->handle, CURLOPT_USERPWD, "");
}
else
curl_easy_setopt (url->handle, CURLOPT_USERPWD, "");
curl_easy_setopt (url->handle, CURLOPT_URL, url->stream_end);
curl_easy_setopt (url->handle, CURLOPT_POSTFIELDS, post);
curl_easy_setopt (url->handle, CURLOPT_WRITEHEADER, auth_user);
......@@ -438,8 +518,16 @@ int auth_get_url_auth (auth_t *authenticator, config_options_t *options)
curl_easy_setopt (url_info->handle, CURLOPT_WRITEDATA, url_info->handle);
curl_easy_setopt (url_info->handle, CURLOPT_NOSIGNAL, 1L);
curl_easy_setopt (url_info->handle, CURLOPT_TIMEOUT, 15L);
curl_easy_setopt (url_info->handle, CURLOPT_PASSWDFUNCTION, my_getpass);
curl_easy_setopt (url_info->handle, CURLOPT_ERRORBUFFER, &url_info->errormsg[0]);
if (url_info->username && url_info->password)
{
int len = strlen (url_info->username) + strlen (url_info->password) + 2;
url_info->userpwd = malloc (len);
snprintf (url_info->userpwd, len, "%s:%s", url_info->username, url_info->password);
}
authenticator->state = url_info;
INFO0("URL based authentication setup");
return 0;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment