From fdcef55ce1309c1fc86c5e492be8653d44d2812c Mon Sep 17 00:00:00 2001
From: Philipp Schafft <lion@lion.leolix.org>
Date: Thu, 11 Oct 2012 18:06:30 +0000
Subject: [PATCH] Added options "headers" and "header_prefix" to URL based
 listener auth. Someone should update the docs/ textes to good english.

svn path=/icecast/trunk/icecast/; revision=18648
---
 conf/icecast.xml.in            |  2 ++
 doc/icecast2_listenerauth.html |  9 +++++++
 src/auth_url.c                 | 49 +++++++++++++++++++++++++++++++++-
 3 files changed, 59 insertions(+), 1 deletion(-)

diff --git a/conf/icecast.xml.in b/conf/icecast.xml.in
index 828bdeae..f321dc1c 100644
--- a/conf/icecast.xml.in
+++ b/conf/icecast.xml.in
@@ -122,6 +122,8 @@
             <option name="mount_remove"    value="http://myauthserver.net/notify_mount.php"/>
             <option name="listener_add"    value="http://myauthserver.net/notify_listener.php"/>
             <option name="listener_remove" value="http://myauthserver.net/notify_listener.php"/>
+            <option name="headers"         value="x-pragma,x-token"/>
+            <option name="header_prefix"   value="ClientHeader."/>
         </authentication>
     </mount>
 
diff --git a/doc/icecast2_listenerauth.html b/doc/icecast2_listenerauth.html
index 9cb39d88..32644548 100644
--- a/doc/icecast2_listenerauth.html
+++ b/doc/icecast2_listenerauth.html
@@ -93,6 +93,8 @@ config file.  The following shows the list of options available :</p>
             &lt;option name="password" value="pass"/&gt;
             &lt;option name="auth_header" value="icecast-auth-user: 1"/&gt;
             &lt;option name="timelimit_header" value="icecast-auth-timelimit:"/&gt;
+            &lt;option name="headers"          value="x-pragma,x-token"/&gt;
+            &lt;option name="header_prefix"    value="ClientHeader."/&gt;
         &lt;/authentication&gt;
     &lt;/mount&gt;
 </pre>
@@ -150,6 +152,13 @@ but it could can anything you like, for instance
 <p>Listeners could have a time limit imposed on them, and if this header is sent back with a
 figure (which represents seconds) then that is how long the client will remain connected for.
 </p>
+<h3>headers</h3>
+<p>This is a list of HTTP headers provided by the client which should be passed to the authencation service.
+Those headers are prepended by the value of header_prefix and send as post parameters.
+</p>
+<h3>header_prefix</h3>
+<p>This is the prefix used for passing client headers. See headers for details.
+</p>
 <br />
 <h2>A note about players and authentication</h2>
 <p>We do not have an exaustive list of players that support listener authentication.  We use
diff --git a/src/auth_url.c b/src/auth_url.c
index e5265547..d3c9debd 100644
--- a/src/auth_url.c
+++ b/src/auth_url.c
@@ -85,6 +85,8 @@
 #define CATMODULE "auth_url"
 
 typedef struct {
+    char *pass_headers; // headers passed from client to addurl.
+    char *prefix_headers; // prefix for passed headers.
     char *addurl;
     char *removeurl;
     char *stream_start;
@@ -112,6 +114,8 @@ static void auth_url_clear(auth_t *self)
     curl_easy_cleanup (url->handle);
     free (url->username);
     free (url->password);
+    free (url->pass_headers);
+    free (url->prefix_headers);
     free (url->removeurl);
     free (url->addurl);
     free (url->stream_start);
@@ -266,6 +270,10 @@ static auth_result url_add_listener (auth_client *auth_user)
     char *mount, *ipaddr, *server;
     ice_config_t *config;
     char *userpwd = NULL, post [4096];
+    ssize_t post_offset;
+    char *pass_headers, *cur_header, *next_header;
+    const char *header_val;
+    char *header_valesc;
 
     if (url->addurl == NULL)
         return AUTH_OK;
@@ -294,7 +302,7 @@ static auth_result url_add_listener (auth_client *auth_user)
     mount = util_url_escape (mountreq);
     ipaddr = util_url_escape (client->con->ip);
 
-    snprintf (post, sizeof (post),
+    post_offset = snprintf (post, sizeof (post),
             "action=listener_add&server=%s&port=%d&client=%lu&mount=%s"
             "&user=%s&pass=%s&ip=%s&agent=%s",
             server, port, client->con->id, mount, username,
@@ -306,6 +314,35 @@ static auth_result url_add_listener (auth_client *auth_user)
     free (password);
     free (ipaddr);
 
+    pass_headers = NULL;
+    if (url->pass_headers)
+        pass_headers = strdup (url->pass_headers);
+    if (pass_headers)
+    {
+        cur_header = pass_headers;
+        while (cur_header)
+        {
+	    next_header = strstr (cur_header, ",");
+	    if (next_header)
+	    {
+		*next_header=0;
+                next_header++;
+	    }
+
+            header_val = httpp_getvar (client->parser, cur_header);
+            if (header_val)
+            {
+                header_valesc = util_url_escape (header_val);
+                post_offset += snprintf (post+post_offset, sizeof (post)-post_offset, "&%s%s=%s",
+                                         url->prefix_headers ? url->prefix_headers : "",
+                                         cur_header, header_valesc);
+                free (header_valesc);
+            }
+
+	    cur_header = next_header;
+        }
+    }
+
     if (strchr (url->addurl, '@') == NULL)
     {
         if (url->userpwd)
@@ -549,6 +586,16 @@ int auth_get_url_auth (auth_t *authenticator, config_options_t *options)
             free (url_info->password);
             url_info->password = strdup (options->value);
         }
+        if(!strcmp(options->name, "headers"))
+        {
+            free (url_info->pass_headers);
+            url_info->pass_headers = strdup (options->value);
+        }
+        if(!strcmp(options->name, "header_prefix"))
+        {
+            free (url_info->prefix_headers);
+            url_info->prefix_headers = strdup (options->value);
+        }
         if(!strcmp(options->name, "listener_add"))
         {
             free (url_info->addurl);