Allow the source password to be undefined.

This is to avoid falling back to a default password which may open security holes. svn path=/icecast/trunk/icecast/; revision=18125
2024-06-16 06:15:24 +00:00 · 2011-11-25 21:24:28 +00:00 · 2011-11-25 21:24:28 +00:00 · 530b78d7a1
commit 530b78d7a1
parent 99788838ac
4 changed files with 24 additions and 2 deletions
--- a/2
+++ b/2
@ -2,3 +2,5 @@ Jack Moffitt <jack@icecast.org>
 Michael Smith <msmith@icecast.org>
 oddsock <oddsock@xiph.org>
 Karl Heyes <karl@xiph.org>
+Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>
+Thomas B. "dm8tbr" Ruecker <thomas.rucker@tieto.com>
--- a/12
+++ b/12
@ -1,3 +1,15 @@
+2011-11-25 21:20  ph3-der-loewe
+
+	* trunk/icecast/AUTHORS, trunk/icecast/src/cfgfile.c.
+	  trunk/icecast/src/connection.c: Allow the source password
+	  to be undefined. This is to avoid falling back to a default
+	  password which may open security holes.
+
+----------------------------------------------------------------------
+	Everything above is post 2.3.2. The stuff below is incomplete.
+	The time zone above is UTC, the time zone below is unknown.
+	ph3-der-loewe, Fri Nov 25 21:20:58 UTC 2011
+----------------------------------------------------------------------
 2005-11-29 03:06  karl

 	* trunk/icecast/src/auth_url.c: update for authentication header
--- a/src/cfgfile.c
+++ b/src/cfgfile.c
@ -8,6 +8,8 @@
 *                      oddsock <oddsock@xiph.org>,
 *                      Karl Heyes <karl@xiph.org>
 *                      and others (see AUTHORS for details).
+ * Copyright 2011,      Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
+                        Thomas B. "dm8tbr" Ruecker <thomas.rucker@tieto.com>.
 */

 #ifdef HAVE_CONFIG_H
--- a/src/connection.c
+++ b/src/connection.c
@ -8,6 +8,7 @@
 *                      oddsock <oddsock@xiph.org>,
 *                      Karl Heyes <karl@xiph.org>
 *                      and others (see AUTHORS for details).
+ * Copyright 2011,      Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>
 */

 /* -*- c-basic-offset: 4; indent-tabs-mode: nil; -*- */
@ -1168,7 +1169,12 @@ static void _handle_shoutcast_compatible (client_queue_t *node)
        if (mountinfo && mountinfo->password)
            source_password = strdup (mountinfo->password);
        else
-            source_password = strdup (config->source_password);
+        {
+            if (config->source_password) 
+                source_password = strdup (config->source_password);
+            else
+                source_password = NULL;
+        }
        config_release_config();

        /* Get rid of trailing \r\n or \n after password */
@ -1198,7 +1204,7 @@ static void _handle_shoutcast_compatible (client_queue_t *node)
        }
        *ptr = '\0';

-        if (strcmp (client->refbuf->data, source_password) == 0)
+        if (source_password && strcmp (client->refbuf->data, source_password) == 0)
        {
            client->respcode = 200;
            /* send this non-blocking but if there is only a partial write