1
0
mirror of https://gitlab.xiph.org/xiph/icecast-server.git synced 2025-01-03 14:56:34 -05:00

Feature: Added new <role> properties: match-method, and nomatch-method. This is more inline with the other properties

This commit is contained in:
Philipp Schafft 2018-09-13 10:37:33 +00:00
parent d317b6fbdc
commit 8bd43eb3d4
2 changed files with 53 additions and 10 deletions

View File

@ -379,7 +379,7 @@ static void auth_add_client(auth_t *auth, client_t *client, void (*on_no_match)(
return; return;
} }
if (!auth->method[client->parser->req_type]) { if (auth->filter_method[client->parser->req_type] == AUTH_MATCHTYPE_NOMATCH) {
if (on_no_match) { if (on_no_match) {
on_no_match(client, on_result, userdata); on_no_match(client, on_result, userdata);
} else if (on_result) { } else if (on_result) {
@ -542,6 +542,46 @@ static inline void auth_get_authenticator__filter_admin(auth_t *auth, xmlNodePtr
} }
} }
static inline int auth_get_authenticator__filter_method(auth_t *auth, xmlNodePtr node, const char *name, auth_matchtype_t matchtype)
{
char * tmp = (char*)xmlGetProp(node, XMLSTR(name));
if (tmp) {
char *cur = tmp;
while (cur) {
char *next = strstr(cur, ",");
httpp_request_type_e idx;
if (next) {
*next = 0;
next++;
for (; *next == ' '; next++);
}
if (strcmp(cur, "*") == 0) {
size_t i;
for (i = 0; i < (sizeof(auth->filter_method)/sizeof(*(auth->filter_method))); i++)
auth->filter_method[i] = matchtype;
break;
}
idx = httpp_str_to_method(cur);
if (idx == httpp_req_unknown) {
ICECAST_LOG_ERROR("Can not add known method \"%H\" to role's %s", cur, name);
return -1;
}
auth->filter_method[idx] = matchtype;
cur = next;
}
free(tmp);
}
return 0;
}
auth_t *auth_get_authenticator(xmlNodePtr node) auth_t *auth_get_authenticator(xmlNodePtr node)
{ {
auth_t *auth = calloc(1, sizeof(auth_t)); auth_t *auth = calloc(1, sizeof(auth_t));
@ -579,8 +619,8 @@ auth_t *auth_get_authenticator(xmlNodePtr node)
char *cur = method; char *cur = method;
char *next; char *next;
for (i = 0; i < (sizeof(auth->method)/sizeof(*auth->method)); i++) for (i = 0; i < (sizeof(auth->filter_method)/sizeof(*auth->filter_method)); i++)
auth->method[i] = 0; auth->filter_method[i] = AUTH_MATCHTYPE_NOMATCH;
while (cur) { while (cur) {
httpp_request_type_e idx; httpp_request_type_e idx;
@ -593,8 +633,8 @@ auth_t *auth_get_authenticator(xmlNodePtr node)
} }
if (strcmp(cur, "*") == 0) { if (strcmp(cur, "*") == 0) {
for (i = 0; i < (sizeof(auth->method)/sizeof(*auth->method)); i++) for (i = 0; i < (sizeof(auth->filter_method)/sizeof(*auth->filter_method)); i++)
auth->method[i] = 1; auth->filter_method[i] = AUTH_MATCHTYPE_MATCH;
break; break;
} }
@ -603,17 +643,20 @@ auth_t *auth_get_authenticator(xmlNodePtr node)
auth_release(auth); auth_release(auth);
return NULL; return NULL;
} }
auth->method[idx] = 1; auth->filter_method[idx] = AUTH_MATCHTYPE_MATCH;
cur = next; cur = next;
} }
xmlFree(method); xmlFree(method);
} else { } else {
for (i = 0; i < (sizeof(auth->method)/sizeof(*auth->method)); i++) for (i = 0; i < (sizeof(auth->filter_method)/sizeof(*auth->filter_method)); i++)
auth->method[i] = 1; auth->filter_method[i] = AUTH_MATCHTYPE_MATCH;
} }
auth_get_authenticator__filter_method(auth, node, "match-method", AUTH_MATCHTYPE_MATCH);
auth_get_authenticator__filter_method(auth, node, "nomatch-method", AUTH_MATCHTYPE_NOMATCH);
tmp = (char*)xmlGetProp(node, XMLSTR("match-web")); tmp = (char*)xmlGetProp(node, XMLSTR("match-web"));
if (tmp) { if (tmp) {
if (strcmp(tmp, "*") == 0) { if (strcmp(tmp, "*") == 0) {
@ -879,7 +922,7 @@ acl_t *auth_stack_get_anonymous_acl(auth_stack_t *stack, httpp_request_ty
while (!ret && stack) { while (!ret && stack) {
auth_t *auth = auth_stack_get(stack); auth_t *auth = auth_stack_get(stack);
if (auth->method[method] && strcmp(auth->type, AUTH_TYPE_ANONYMOUS) == 0) { if (auth->filter_method[method] != AUTH_MATCHTYPE_NOMATCH && strcmp(auth->type, AUTH_TYPE_ANONYMOUS) == 0) {
acl_addref(ret = auth->acl); acl_addref(ret = auth->acl);
} }
auth_release(auth); auth_release(auth);

View File

@ -87,7 +87,7 @@ struct auth_tag
char *mount; char *mount;
/* filters */ /* filters */
int method[httpp_req_unknown+1]; auth_matchtype_t filter_method[httpp_req_unknown+1];
auth_matchtype_t filter_web_policy; auth_matchtype_t filter_web_policy;
auth_matchtype_t filter_admin_policy; auth_matchtype_t filter_admin_policy;
struct { struct {