mirror of
https://gitlab.xiph.org/xiph/icecast-server.git
synced 2025-06-30 22:18:19 -04:00
Update: Pass configuration down to Auth and ACL parsing
This commit is contained in:
parent
76e3e6ad6b
commit
f869d5eb7b
@ -121,7 +121,7 @@ acl_t *acl_new(void)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
acl_t *acl_new_from_xml_node(xmlNodePtr node)
|
acl_t *acl_new_from_xml_node(ice_config_t *configuration, xmlNodePtr node)
|
||||||
{
|
{
|
||||||
acl_t * ret;
|
acl_t * ret;
|
||||||
char * tmp;
|
char * tmp;
|
||||||
@ -212,8 +212,7 @@ acl_t *acl_new_from_xml_node(xmlNodePtr node)
|
|||||||
if (xmlIsBlankNode(child))
|
if (xmlIsBlankNode(child))
|
||||||
continue;
|
continue;
|
||||||
if (xmlStrcmp(child->name, XMLSTR("http-headers")) == 0) {
|
if (xmlStrcmp(child->name, XMLSTR("http-headers")) == 0) {
|
||||||
/* FIXME: Pass real configuration parameter here. */
|
config_parse_http_headers(child->xmlChildrenNode, &(ret->http_headers), configuration);
|
||||||
config_parse_http_headers(child->xmlChildrenNode, &(ret->http_headers), NULL);
|
|
||||||
}
|
}
|
||||||
} while ((child = child->next));
|
} while ((child = child->next));
|
||||||
}
|
}
|
||||||
|
@ -33,7 +33,7 @@ typedef enum acl_policy_tag {
|
|||||||
|
|
||||||
/* basic functions to work with ACLs */
|
/* basic functions to work with ACLs */
|
||||||
acl_t * acl_new(void);
|
acl_t * acl_new(void);
|
||||||
acl_t * acl_new_from_xml_node(xmlNodePtr node);
|
acl_t * acl_new_from_xml_node(ice_config_t *configuration, xmlNodePtr node);
|
||||||
|
|
||||||
void acl_addref(acl_t * acl);
|
void acl_addref(acl_t * acl);
|
||||||
void acl_release(acl_t * acl);
|
void acl_release(acl_t * acl);
|
||||||
|
@ -795,7 +795,7 @@ static inline int auth_get_authenticator__permission_alter(auth_t *auth, xmlNode
|
|||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
auth_t *auth_get_authenticator(xmlNodePtr node)
|
auth_t *auth_get_authenticator(ice_config_t *configuration, xmlNodePtr node)
|
||||||
{
|
{
|
||||||
auth_t *auth = calloc(1, sizeof(auth_t));
|
auth_t *auth = calloc(1, sizeof(auth_t));
|
||||||
config_options_t *options = NULL, **next_option = &options;
|
config_options_t *options = NULL, **next_option = &options;
|
||||||
@ -931,11 +931,10 @@ auth_t *auth_get_authenticator(xmlNodePtr node)
|
|||||||
*next_option = opt;
|
*next_option = opt;
|
||||||
next_option = &opt->next;
|
next_option = &opt->next;
|
||||||
} else if (xmlStrcmp (child->name, XMLSTR("http-headers")) == 0) {
|
} else if (xmlStrcmp (child->name, XMLSTR("http-headers")) == 0) {
|
||||||
/* FIXME: Pass real configuration parameter here. */
|
config_parse_http_headers(child->xmlChildrenNode, &(auth->http_headers), configuration);
|
||||||
config_parse_http_headers(child->xmlChildrenNode, &(auth->http_headers), NULL);
|
|
||||||
} else if (xmlStrcmp (child->name, XMLSTR("acl")) == 0) {
|
} else if (xmlStrcmp (child->name, XMLSTR("acl")) == 0) {
|
||||||
if (!auth->acl) {
|
if (!auth->acl) {
|
||||||
auth->acl = acl_new_from_xml_node(child);
|
auth->acl = acl_new_from_xml_node(configuration, child);
|
||||||
} else {
|
} else {
|
||||||
ICECAST_LOG_ERROR("More than one ACL defined in role! Not supported (yet).");
|
ICECAST_LOG_ERROR("More than one ACL defined in role! Not supported (yet).");
|
||||||
}
|
}
|
||||||
@ -972,7 +971,7 @@ auth_t *auth_get_authenticator(xmlNodePtr node)
|
|||||||
|
|
||||||
if (!auth->acl) {
|
if (!auth->acl) {
|
||||||
/* If we did not get a <acl> try ACL as part of <role> (old style). */
|
/* If we did not get a <acl> try ACL as part of <role> (old style). */
|
||||||
auth->acl = acl_new_from_xml_node(node);
|
auth->acl = acl_new_from_xml_node(configuration, node);
|
||||||
}
|
}
|
||||||
if (!auth->acl) {
|
if (!auth->acl) {
|
||||||
auth_release(auth);
|
auth_release(auth);
|
||||||
|
@ -186,7 +186,7 @@ void auth_shutdown(void);
|
|||||||
|
|
||||||
auth_result auth_str2result(const char *str);
|
auth_result auth_str2result(const char *str);
|
||||||
|
|
||||||
auth_t *auth_get_authenticator(xmlNodePtr node);
|
auth_t *auth_get_authenticator(ice_config_t *configuration, xmlNodePtr node);
|
||||||
void auth_release(auth_t *authenticator);
|
void auth_release(auth_t *authenticator);
|
||||||
void auth_addref(auth_t *authenticator);
|
void auth_addref(auth_t *authenticator);
|
||||||
|
|
||||||
|
@ -529,7 +529,8 @@ static void __found_bad_tag(ice_config_t *configuration, xmlNodePtr node, enum b
|
|||||||
free(name);
|
free(name);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void __append_old_style_auth(auth_stack_t **stack,
|
static void __append_old_style_auth(ice_config_t *configuration,
|
||||||
|
auth_stack_t **stack,
|
||||||
const char *name,
|
const char *name,
|
||||||
const char *type,
|
const char *type,
|
||||||
const char *username,
|
const char *username,
|
||||||
@ -585,7 +586,7 @@ static void __append_old_style_auth(auth_stack_t **stack,
|
|||||||
xmlSetProp(pass, XMLSTR("value"), XMLSTR(password));
|
xmlSetProp(pass, XMLSTR("value"), XMLSTR(password));
|
||||||
}
|
}
|
||||||
|
|
||||||
auth = auth_get_authenticator(role);
|
auth = auth_get_authenticator(configuration, role);
|
||||||
auth_stack_push(stack, auth);
|
auth_stack_push(stack, auth);
|
||||||
auth_release(auth);
|
auth_release(auth);
|
||||||
|
|
||||||
@ -606,7 +607,8 @@ static void __append_option_tag(xmlNodePtr parent,
|
|||||||
xmlSetProp(node, XMLSTR("value"), XMLSTR(value));
|
xmlSetProp(node, XMLSTR("value"), XMLSTR(value));
|
||||||
}
|
}
|
||||||
|
|
||||||
static void __append_old_style_urlauth(auth_stack_t **stack,
|
static void __append_old_style_urlauth(ice_config_t *configuration,
|
||||||
|
auth_stack_t **stack,
|
||||||
const char *client_add,
|
const char *client_add,
|
||||||
const char *client_remove,
|
const char *client_remove,
|
||||||
const char *action_add,
|
const char *action_add,
|
||||||
@ -654,7 +656,7 @@ static void __append_old_style_urlauth(auth_stack_t **stack,
|
|||||||
__append_option_tag(role, "headers", headers);
|
__append_option_tag(role, "headers", headers);
|
||||||
__append_option_tag(role, "header_prefix", header_prefix);
|
__append_option_tag(role, "header_prefix", header_prefix);
|
||||||
|
|
||||||
auth = auth_get_authenticator(role);
|
auth = auth_get_authenticator(configuration, role);
|
||||||
if (auth) {
|
if (auth) {
|
||||||
auth_stack_push(stack, auth);
|
auth_stack_push(stack, auth);
|
||||||
auth_release(auth);
|
auth_release(auth);
|
||||||
@ -1324,7 +1326,7 @@ static void _parse_root(xmlDocPtr doc,
|
|||||||
}
|
}
|
||||||
if (mount) {
|
if (mount) {
|
||||||
if (!mount->authstack) {
|
if (!mount->authstack) {
|
||||||
__append_old_style_auth(&mount->authstack,
|
__append_old_style_auth(configuration, &mount->authstack,
|
||||||
CONFIG_LEGACY_SOURCE_NAME_GLOBAL,
|
CONFIG_LEGACY_SOURCE_NAME_GLOBAL,
|
||||||
AUTH_TYPE_STATIC, "source",
|
AUTH_TYPE_STATIC, "source",
|
||||||
source_password, NULL,
|
source_password, NULL,
|
||||||
@ -1433,7 +1435,7 @@ static void _parse_limits(xmlDocPtr doc,
|
|||||||
} while ((node = node->next));
|
} while ((node = node->next));
|
||||||
}
|
}
|
||||||
|
|
||||||
static void _parse_authentication_node(xmlNodePtr node, auth_stack_t **authstack)
|
static void _parse_authentication_node(ice_config_t *configuration, xmlNodePtr node, auth_stack_t **authstack)
|
||||||
{
|
{
|
||||||
xmlChar *tmp;
|
xmlChar *tmp;
|
||||||
|
|
||||||
@ -1454,7 +1456,7 @@ static void _parse_authentication_node(xmlNodePtr node, auth_stack_t **authstac
|
|||||||
if (xmlIsBlankNode(child))
|
if (xmlIsBlankNode(child))
|
||||||
continue;
|
continue;
|
||||||
if (xmlStrcmp(child->name, XMLSTR("role")) == 0) {
|
if (xmlStrcmp(child->name, XMLSTR("role")) == 0) {
|
||||||
auth_t *auth = auth_get_authenticator(child);
|
auth_t *auth = auth_get_authenticator(configuration, child);
|
||||||
auth_stack_push(authstack, auth);
|
auth_stack_push(authstack, auth);
|
||||||
auth_release(auth);
|
auth_release(auth);
|
||||||
}
|
}
|
||||||
@ -1463,7 +1465,8 @@ static void _parse_authentication_node(xmlNodePtr node, auth_stack_t **authstac
|
|||||||
|
|
||||||
static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
|
static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
|
||||||
xmlNodePtr node,
|
xmlNodePtr node,
|
||||||
auth_stack_t **authstack)
|
auth_stack_t **authstack,
|
||||||
|
ice_config_t *configuration)
|
||||||
{
|
{
|
||||||
int allow_duplicate_users = 1;
|
int allow_duplicate_users = 1;
|
||||||
auth_t *auth;
|
auth_t *auth;
|
||||||
@ -1496,13 +1499,13 @@ static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
|
|||||||
if (!allow_duplicate_users)
|
if (!allow_duplicate_users)
|
||||||
xmlSetProp(node, XMLSTR("connections-per-user"), XMLSTR("0"));
|
xmlSetProp(node, XMLSTR("connections-per-user"), XMLSTR("0"));
|
||||||
|
|
||||||
auth = auth_get_authenticator(node);
|
auth = auth_get_authenticator(configuration, node);
|
||||||
if (auth) {
|
if (auth) {
|
||||||
auth_stack_push(authstack, auth);
|
auth_stack_push(authstack, auth);
|
||||||
auth_release(auth);
|
auth_release(auth);
|
||||||
}
|
}
|
||||||
|
|
||||||
__append_old_style_auth(authstack, NULL, AUTH_TYPE_ANONYMOUS,
|
__append_old_style_auth(configuration, authstack, NULL, AUTH_TYPE_ANONYMOUS,
|
||||||
NULL, NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, NULL, 0, NULL);
|
NULL, NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, NULL, 0, NULL);
|
||||||
} else if (strcmp(type, AUTH_TYPE_URL) == 0) {
|
} else if (strcmp(type, AUTH_TYPE_URL) == 0) {
|
||||||
/* This block is super fun! Attention! Super fun ahead! Ladies and Gentlemen take care and watch your children! */
|
/* This block is super fun! Attention! Super fun ahead! Ladies and Gentlemen take care and watch your children! */
|
||||||
@ -1584,17 +1587,17 @@ static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
|
|||||||
__append_old_style_url_event(&mount->event, "source-disconnect",
|
__append_old_style_url_event(&mount->event, "source-disconnect",
|
||||||
mount_add, "mount_remove", username, password);
|
mount_add, "mount_remove", username, password);
|
||||||
|
|
||||||
__append_old_style_urlauth(authstack, listener_add, listener_remove,
|
__append_old_style_urlauth(configuration, authstack, listener_add, listener_remove,
|
||||||
"listener_add", "listener_remove", username, password, 0,
|
"listener_add", "listener_remove", username, password, 0,
|
||||||
auth_header, timelimit_header, headers, header_prefix);
|
auth_header, timelimit_header, headers, header_prefix);
|
||||||
__append_old_style_urlauth(authstack, stream_auth, NULL, "stream_auth",
|
__append_old_style_urlauth(configuration, authstack, stream_auth, NULL, "stream_auth",
|
||||||
NULL, username, password, 1, auth_header, timelimit_header,
|
NULL, username, password, 1, auth_header, timelimit_header,
|
||||||
headers, header_prefix);
|
headers, header_prefix);
|
||||||
if (listener_add)
|
if (listener_add)
|
||||||
__append_old_style_auth(authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
|
__append_old_style_auth(configuration, authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
|
||||||
NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, NULL, 0, NULL);
|
NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, NULL, 0, NULL);
|
||||||
if (stream_auth)
|
if (stream_auth)
|
||||||
__append_old_style_auth(authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
|
__append_old_style_auth(configuration, authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
|
||||||
NULL, CONFIG_LEGACY_SOURCE_METHODS, NULL, 0, NULL);
|
NULL, CONFIG_LEGACY_SOURCE_METHODS, NULL, 0, NULL);
|
||||||
|
|
||||||
if (mount_add)
|
if (mount_add)
|
||||||
@ -1622,7 +1625,7 @@ static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
|
|||||||
} else {
|
} else {
|
||||||
ICECAST_LOG_ERROR("Unknown authentication type in legacy mode. "
|
ICECAST_LOG_ERROR("Unknown authentication type in legacy mode. "
|
||||||
"Anonymous listeners and global login for sources disabled.");
|
"Anonymous listeners and global login for sources disabled.");
|
||||||
__append_old_style_auth(authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
|
__append_old_style_auth(configuration, authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
|
||||||
NULL, NULL, NULL, 0, NULL);
|
NULL, NULL, NULL, 0, NULL);
|
||||||
}
|
}
|
||||||
xmlFree(type);
|
xmlFree(type);
|
||||||
@ -1739,9 +1742,9 @@ static void _parse_mount(xmlDocPtr doc,
|
|||||||
tmp = (char *)xmlGetProp(node, XMLSTR("type"));
|
tmp = (char *)xmlGetProp(node, XMLSTR("type"));
|
||||||
if (tmp) {
|
if (tmp) {
|
||||||
xmlFree(tmp);
|
xmlFree(tmp);
|
||||||
_parse_mount_oldstyle_authentication(mount, node, &authstack);
|
_parse_mount_oldstyle_authentication(mount, node, &authstack, configuration);
|
||||||
} else {
|
} else {
|
||||||
_parse_authentication_node(node, &authstack);
|
_parse_authentication_node(configuration, node, &authstack);
|
||||||
}
|
}
|
||||||
} else if (xmlStrcmp(node->name, XMLSTR("on-connect")) == 0) {
|
} else if (xmlStrcmp(node->name, XMLSTR("on-connect")) == 0) {
|
||||||
tmp = (char *)xmlNodeListGetString(doc, node->xmlChildrenNode, 1);
|
tmp = (char *)xmlNodeListGetString(doc, node->xmlChildrenNode, 1);
|
||||||
@ -1826,7 +1829,7 @@ static void _parse_mount(xmlDocPtr doc,
|
|||||||
|
|
||||||
if (password) {
|
if (password) {
|
||||||
auth_stack_t *old_style = NULL;
|
auth_stack_t *old_style = NULL;
|
||||||
__append_old_style_auth(&old_style, CONFIG_LEGACY_SOURCE_NAME_MOUNT,
|
__append_old_style_auth(configuration, &old_style, CONFIG_LEGACY_SOURCE_NAME_MOUNT,
|
||||||
AUTH_TYPE_STATIC, username ? username : "source", password, NULL,
|
AUTH_TYPE_STATIC, username ? username : "source", password, NULL,
|
||||||
CONFIG_LEGACY_SOURCE_METHODS, CONFIG_LEGACY_SOURCE_ALLOW_WEB, CONFIG_LEGACY_SOURCE_ALLOW_ADMIN);
|
CONFIG_LEGACY_SOURCE_METHODS, CONFIG_LEGACY_SOURCE_ALLOW_WEB, CONFIG_LEGACY_SOURCE_ALLOW_ADMIN);
|
||||||
if (authstack) {
|
if (authstack) {
|
||||||
@ -2166,7 +2169,7 @@ static void _parse_listen_socket(xmlDocPtr doc,
|
|||||||
} else if (xmlStrcmp(node->name, XMLSTR("listen-backlog")) == 0) {
|
} else if (xmlStrcmp(node->name, XMLSTR("listen-backlog")) == 0) {
|
||||||
__read_int(configuration, doc, node, &listener->listen_backlog);
|
__read_int(configuration, doc, node, &listener->listen_backlog);
|
||||||
} else if (xmlStrcmp(node->name, XMLSTR("authentication")) == 0) {
|
} else if (xmlStrcmp(node->name, XMLSTR("authentication")) == 0) {
|
||||||
_parse_authentication_node(node, &(listener->authstack));
|
_parse_authentication_node(configuration, node, &(listener->authstack));
|
||||||
} else if (xmlStrcmp(node->name, XMLSTR("http-headers")) == 0) {
|
} else if (xmlStrcmp(node->name, XMLSTR("http-headers")) == 0) {
|
||||||
config_parse_http_headers(node->xmlChildrenNode, &(listener->http_headers), configuration);
|
config_parse_http_headers(node->xmlChildrenNode, &(listener->http_headers), configuration);
|
||||||
} else {
|
} else {
|
||||||
@ -2238,7 +2241,7 @@ static void _parse_authentication(xmlDocPtr doc, xmlNodePtr node,
|
|||||||
xmlFree(configuration->shoutcast_user);
|
xmlFree(configuration->shoutcast_user);
|
||||||
configuration->shoutcast_user = (char *)xmlNodeListGetString(doc, node->xmlChildrenNode, 1);
|
configuration->shoutcast_user = (char *)xmlNodeListGetString(doc, node->xmlChildrenNode, 1);
|
||||||
} else if (xmlStrcmp(node->name, XMLSTR("role")) == 0) {
|
} else if (xmlStrcmp(node->name, XMLSTR("role")) == 0) {
|
||||||
auth_t *auth = auth_get_authenticator(node);
|
auth_t *auth = auth_get_authenticator(configuration, node);
|
||||||
auth_stack_push(&new_style, auth);
|
auth_stack_push(&new_style, auth);
|
||||||
auth_release(auth);
|
auth_release(auth);
|
||||||
} else {
|
} else {
|
||||||
@ -2247,11 +2250,11 @@ static void _parse_authentication(xmlDocPtr doc, xmlNodePtr node,
|
|||||||
} while ((node = node->next));
|
} while ((node = node->next));
|
||||||
|
|
||||||
if (admin_password && admin_username)
|
if (admin_password && admin_username)
|
||||||
__append_old_style_auth(&old_style, CONFIG_LEGACY_ADMIN_NAME, AUTH_TYPE_STATIC,
|
__append_old_style_auth(configuration, &old_style, CONFIG_LEGACY_ADMIN_NAME, AUTH_TYPE_STATIC,
|
||||||
admin_username, admin_password, NULL, CONFIG_LEGACY_ADMIN_METHODS, CONFIG_LEGACY_ADMIN_ALLOW_WEB, CONFIG_LEGACY_ADMIN_ALLOW_ADMIN);
|
admin_username, admin_password, NULL, CONFIG_LEGACY_ADMIN_METHODS, CONFIG_LEGACY_ADMIN_ALLOW_WEB, CONFIG_LEGACY_ADMIN_ALLOW_ADMIN);
|
||||||
|
|
||||||
if (relay_password && relay_username)
|
if (relay_password && relay_username)
|
||||||
__append_old_style_auth(&old_style, CONFIG_LEGACY_RELAY_NAME, AUTH_TYPE_STATIC,
|
__append_old_style_auth(configuration, &old_style, CONFIG_LEGACY_RELAY_NAME, AUTH_TYPE_STATIC,
|
||||||
relay_username, relay_password, NULL, CONFIG_LEGACY_RELAY_METHODS, CONFIG_LEGACY_RELAY_ALLOW_WEB, CONFIG_LEGACY_RELAY_ALLOW_ADMIN);
|
relay_username, relay_password, NULL, CONFIG_LEGACY_RELAY_METHODS, CONFIG_LEGACY_RELAY_ALLOW_WEB, CONFIG_LEGACY_RELAY_ALLOW_ADMIN);
|
||||||
|
|
||||||
if (admin_password)
|
if (admin_password)
|
||||||
@ -2271,7 +2274,7 @@ static void _parse_authentication(xmlDocPtr doc, xmlNodePtr node,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* default unauthed anonymous account */
|
/* default unauthed anonymous account */
|
||||||
__append_old_style_auth(&old_style, CONFIG_LEGACY_ANONYMOUS_NAME, AUTH_TYPE_ANONYMOUS,
|
__append_old_style_auth(configuration, &old_style, CONFIG_LEGACY_ANONYMOUS_NAME, AUTH_TYPE_ANONYMOUS,
|
||||||
NULL, NULL, NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, CONFIG_LEGACY_ANONYMOUS_ALLOW_WEB, CONFIG_LEGACY_ANONYMOUS_ALLOW_ADMIN);
|
NULL, NULL, NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, CONFIG_LEGACY_ANONYMOUS_ALLOW_WEB, CONFIG_LEGACY_ANONYMOUS_ALLOW_ADMIN);
|
||||||
if (!old_style)
|
if (!old_style)
|
||||||
ICECAST_LOG_ERROR("BAD. old_style=NULL");
|
ICECAST_LOG_ERROR("BAD. old_style=NULL");
|
||||||
|
Loading…
x
Reference in New Issue
Block a user