aniani/icecast-server
0
0
Fork 0
mirror of https://gitlab.xiph.org/xiph/icecast-server.git synced 2025-06-30 22:18:19 -04:00
Code

Update: Pass configuration down to Auth and ACL parsing

Browse Source
This commit is contained in:
Philipp Schafft 2021-06-23 14:43:21 +00:00
parent 76e3e6ad6b
commit f869d5eb7b
5 changed files with 34 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/acl.c
View File

@ -121,7 +121,7 @@ acl_t *acl_new(void)
return ret; return ret;
} }
acl_t *acl_new_from_xml_node(xmlNodePtr node) acl_t *acl_new_from_xml_node(ice_config_t *configuration, xmlNodePtr node)
{ {
acl_t * ret; acl_t * ret;
char * tmp; char * tmp;
@ -212,8 +212,7 @@ acl_t *acl_new_from_xml_node(xmlNodePtr node)
if (xmlIsBlankNode(child)) if (xmlIsBlankNode(child))
continue; continue;
if (xmlStrcmp(child->name, XMLSTR("http-headers")) == 0) { if (xmlStrcmp(child->name, XMLSTR("http-headers")) == 0) {
/* FIXME: Pass real configuration parameter here. */ config_parse_http_headers(child->xmlChildrenNode, &(ret->http_headers), configuration);
config_parse_http_headers(child->xmlChildrenNode, &(ret->http_headers), NULL);
} }
} while ((child = child->next)); } while ((child = child->next));
} }

2
src/acl.h
View File

@ -33,7 +33,7 @@ typedef enum acl_policy_tag {
/* basic functions to work with ACLs */ /* basic functions to work with ACLs */
acl_t * acl_new(void); acl_t * acl_new(void);
acl_t * acl_new_from_xml_node(xmlNodePtr node); acl_t * acl_new_from_xml_node(ice_config_t *configuration, xmlNodePtr node);
void acl_addref(acl_t * acl); void acl_addref(acl_t * acl);
void acl_release(acl_t * acl); void acl_release(acl_t * acl);

9
src/auth.c
View File

@ -795,7 +795,7 @@ static inline int auth_get_authenticator__permission_alter(auth_t *auth, xmlNode
return 0; return 0;
} }
auth_t *auth_get_authenticator(xmlNodePtr node) auth_t *auth_get_authenticator(ice_config_t *configuration, xmlNodePtr node)
{ {
auth_t *auth = calloc(1, sizeof(auth_t)); auth_t *auth = calloc(1, sizeof(auth_t));
config_options_t *options = NULL, **next_option = &options; config_options_t *options = NULL, **next_option = &options;
@ -931,11 +931,10 @@ auth_t *auth_get_authenticator(xmlNodePtr node)
*next_option = opt; *next_option = opt;
next_option = &opt->next; next_option = &opt->next;
} else if (xmlStrcmp (child->name, XMLSTR("http-headers")) == 0) { } else if (xmlStrcmp (child->name, XMLSTR("http-headers")) == 0) {
/* FIXME: Pass real configuration parameter here. */ config_parse_http_headers(child->xmlChildrenNode, &(auth->http_headers), configuration);
config_parse_http_headers(child->xmlChildrenNode, &(auth->http_headers), NULL);
} else if (xmlStrcmp (child->name, XMLSTR("acl")) == 0) { } else if (xmlStrcmp (child->name, XMLSTR("acl")) == 0) {
if (!auth->acl) { if (!auth->acl) {
auth->acl = acl_new_from_xml_node(child); auth->acl = acl_new_from_xml_node(configuration, child);
} else { } else {
ICECAST_LOG_ERROR("More than one ACL defined in role! Not supported (yet)."); ICECAST_LOG_ERROR("More than one ACL defined in role! Not supported (yet).");
} }
@ -972,7 +971,7 @@ auth_t *auth_get_authenticator(xmlNodePtr node)
if (!auth->acl) { if (!auth->acl) {
/* If we did not get a <acl> try ACL as part of <role> (old style). */ /* If we did not get a <acl> try ACL as part of <role> (old style). */
auth->acl = acl_new_from_xml_node(node); auth->acl = acl_new_from_xml_node(configuration, node);
} }
if (!auth->acl) { if (!auth->acl) {
auth_release(auth); auth_release(auth);

2
src/auth.h
View File

@ -186,7 +186,7 @@ void auth_shutdown(void);
auth_result auth_str2result(const char *str); auth_result auth_str2result(const char *str);
auth_t *auth_get_authenticator(xmlNodePtr node); auth_t *auth_get_authenticator(ice_config_t *configuration, xmlNodePtr node);
void auth_release(auth_t *authenticator); void auth_release(auth_t *authenticator);
void auth_addref(auth_t *authenticator); void auth_addref(auth_t *authenticator);

49
src/cfgfile.c
View File

@ -529,7 +529,8 @@ static void __found_bad_tag(ice_config_t *configuration, xmlNodePtr node, enum b
free(name); free(name);
} }
static void __append_old_style_auth(auth_stack_t **stack, static void __append_old_style_auth(ice_config_t *configuration,
auth_stack_t **stack,
const char *name, const char *name,
const char *type, const char *type,
const char *username, const char *username,
@ -585,7 +586,7 @@ static void __append_old_style_auth(auth_stack_t **stack,
xmlSetProp(pass, XMLSTR("value"), XMLSTR(password)); xmlSetProp(pass, XMLSTR("value"), XMLSTR(password));
} }
auth = auth_get_authenticator(role); auth = auth_get_authenticator(configuration, role);
auth_stack_push(stack, auth); auth_stack_push(stack, auth);
auth_release(auth); auth_release(auth);
@ -606,7 +607,8 @@ static void __append_option_tag(xmlNodePtr parent,
xmlSetProp(node, XMLSTR("value"), XMLSTR(value)); xmlSetProp(node, XMLSTR("value"), XMLSTR(value));
} }
static void __append_old_style_urlauth(auth_stack_t **stack, static void __append_old_style_urlauth(ice_config_t *configuration,
auth_stack_t **stack,
const char *client_add, const char *client_add,
const char *client_remove, const char *client_remove,
const char *action_add, const char *action_add,
@ -654,7 +656,7 @@ static void __append_old_style_urlauth(auth_stack_t **stack,
__append_option_tag(role, "headers", headers); __append_option_tag(role, "headers", headers);
__append_option_tag(role, "header_prefix", header_prefix); __append_option_tag(role, "header_prefix", header_prefix);
auth = auth_get_authenticator(role); auth = auth_get_authenticator(configuration, role);
if (auth) { if (auth) {
auth_stack_push(stack, auth); auth_stack_push(stack, auth);
auth_release(auth); auth_release(auth);
@ -1324,7 +1326,7 @@ static void _parse_root(xmlDocPtr doc,
} }
if (mount) { if (mount) {
if (!mount->authstack) { if (!mount->authstack) {
__append_old_style_auth(&mount->authstack, __append_old_style_auth(configuration, &mount->authstack,
CONFIG_LEGACY_SOURCE_NAME_GLOBAL, CONFIG_LEGACY_SOURCE_NAME_GLOBAL,
AUTH_TYPE_STATIC, "source", AUTH_TYPE_STATIC, "source",
source_password, NULL, source_password, NULL,
@ -1433,7 +1435,7 @@ static void _parse_limits(xmlDocPtr doc,
} while ((node = node->next)); } while ((node = node->next));
} }
static void _parse_authentication_node(xmlNodePtr node, auth_stack_t **authstack) static void _parse_authentication_node(ice_config_t *configuration, xmlNodePtr node, auth_stack_t **authstack)
{ {
xmlChar *tmp; xmlChar *tmp;
@ -1454,7 +1456,7 @@ static void _parse_authentication_node(xmlNodePtr node, auth_stack_t **authstac
if (xmlIsBlankNode(child)) if (xmlIsBlankNode(child))
continue; continue;
if (xmlStrcmp(child->name, XMLSTR("role")) == 0) { if (xmlStrcmp(child->name, XMLSTR("role")) == 0) {
auth_t *auth = auth_get_authenticator(child); auth_t *auth = auth_get_authenticator(configuration, child);
auth_stack_push(authstack, auth); auth_stack_push(authstack, auth);
auth_release(auth); auth_release(auth);
} }
@ -1463,7 +1465,8 @@ static void _parse_authentication_node(xmlNodePtr node, auth_stack_t **authstac
static void _parse_mount_oldstyle_authentication(mount_proxy *mount, static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
xmlNodePtr node, xmlNodePtr node,
auth_stack_t **authstack) auth_stack_t **authstack,
ice_config_t *configuration)
{ {
int allow_duplicate_users = 1; int allow_duplicate_users = 1;
auth_t *auth; auth_t *auth;
@ -1496,13 +1499,13 @@ static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
if (!allow_duplicate_users) if (!allow_duplicate_users)
xmlSetProp(node, XMLSTR("connections-per-user"), XMLSTR("0")); xmlSetProp(node, XMLSTR("connections-per-user"), XMLSTR("0"));
auth = auth_get_authenticator(node); auth = auth_get_authenticator(configuration, node);
if (auth) { if (auth) {
auth_stack_push(authstack, auth); auth_stack_push(authstack, auth);
auth_release(auth); auth_release(auth);
} }
__append_old_style_auth(authstack, NULL, AUTH_TYPE_ANONYMOUS, __append_old_style_auth(configuration, authstack, NULL, AUTH_TYPE_ANONYMOUS,
NULL, NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, NULL, 0, NULL); NULL, NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, NULL, 0, NULL);
} else if (strcmp(type, AUTH_TYPE_URL) == 0) { } else if (strcmp(type, AUTH_TYPE_URL) == 0) {
/* This block is super fun! Attention! Super fun ahead! Ladies and Gentlemen take care and watch your children! */ /* This block is super fun! Attention! Super fun ahead! Ladies and Gentlemen take care and watch your children! */
@ -1584,17 +1587,17 @@ static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
__append_old_style_url_event(&mount->event, "source-disconnect", __append_old_style_url_event(&mount->event, "source-disconnect",
mount_add, "mount_remove", username, password); mount_add, "mount_remove", username, password);
__append_old_style_urlauth(authstack, listener_add, listener_remove, __append_old_style_urlauth(configuration, authstack, listener_add, listener_remove,
"listener_add", "listener_remove", username, password, 0, "listener_add", "listener_remove", username, password, 0,
auth_header, timelimit_header, headers, header_prefix); auth_header, timelimit_header, headers, header_prefix);
__append_old_style_urlauth(authstack, stream_auth, NULL, "stream_auth", __append_old_style_urlauth(configuration, authstack, stream_auth, NULL, "stream_auth",
NULL, username, password, 1, auth_header, timelimit_header, NULL, username, password, 1, auth_header, timelimit_header,
headers, header_prefix); headers, header_prefix);
if (listener_add) if (listener_add)
__append_old_style_auth(authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL, __append_old_style_auth(configuration, authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, NULL, 0, NULL); NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, NULL, 0, NULL);
if (stream_auth) if (stream_auth)
__append_old_style_auth(authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL, __append_old_style_auth(configuration, authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
NULL, CONFIG_LEGACY_SOURCE_METHODS, NULL, 0, NULL); NULL, CONFIG_LEGACY_SOURCE_METHODS, NULL, 0, NULL);
if (mount_add) if (mount_add)
@ -1622,7 +1625,7 @@ static void _parse_mount_oldstyle_authentication(mount_proxy *mount,
} else { } else {
ICECAST_LOG_ERROR("Unknown authentication type in legacy mode. " ICECAST_LOG_ERROR("Unknown authentication type in legacy mode. "
"Anonymous listeners and global login for sources disabled."); "Anonymous listeners and global login for sources disabled.");
__append_old_style_auth(authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL, __append_old_style_auth(configuration, authstack, NULL, AUTH_TYPE_ANONYMOUS, NULL,
NULL, NULL, NULL, 0, NULL); NULL, NULL, NULL, 0, NULL);
} }
xmlFree(type); xmlFree(type);
@ -1739,9 +1742,9 @@ static void _parse_mount(xmlDocPtr doc,
tmp = (char *)xmlGetProp(node, XMLSTR("type")); tmp = (char *)xmlGetProp(node, XMLSTR("type"));
if (tmp) { if (tmp) {
xmlFree(tmp); xmlFree(tmp);
_parse_mount_oldstyle_authentication(mount, node, &authstack); _parse_mount_oldstyle_authentication(mount, node, &authstack, configuration);
} else { } else {
_parse_authentication_node(node, &authstack); _parse_authentication_node(configuration, node, &authstack);
} }
} else if (xmlStrcmp(node->name, XMLSTR("on-connect")) == 0) { } else if (xmlStrcmp(node->name, XMLSTR("on-connect")) == 0) {
tmp = (char *)xmlNodeListGetString(doc, node->xmlChildrenNode, 1); tmp = (char *)xmlNodeListGetString(doc, node->xmlChildrenNode, 1);
@ -1826,7 +1829,7 @@ static void _parse_mount(xmlDocPtr doc,
if (password) { if (password) {
auth_stack_t *old_style = NULL; auth_stack_t *old_style = NULL;
__append_old_style_auth(&old_style, CONFIG_LEGACY_SOURCE_NAME_MOUNT, __append_old_style_auth(configuration, &old_style, CONFIG_LEGACY_SOURCE_NAME_MOUNT,
AUTH_TYPE_STATIC, username ? username : "source", password, NULL, AUTH_TYPE_STATIC, username ? username : "source", password, NULL,
CONFIG_LEGACY_SOURCE_METHODS, CONFIG_LEGACY_SOURCE_ALLOW_WEB, CONFIG_LEGACY_SOURCE_ALLOW_ADMIN); CONFIG_LEGACY_SOURCE_METHODS, CONFIG_LEGACY_SOURCE_ALLOW_WEB, CONFIG_LEGACY_SOURCE_ALLOW_ADMIN);
if (authstack) { if (authstack) {
@ -2166,7 +2169,7 @@ static void _parse_listen_socket(xmlDocPtr doc,
} else if (xmlStrcmp(node->name, XMLSTR("listen-backlog")) == 0) { } else if (xmlStrcmp(node->name, XMLSTR("listen-backlog")) == 0) {
__read_int(configuration, doc, node, &listener->listen_backlog); __read_int(configuration, doc, node, &listener->listen_backlog);
} else if (xmlStrcmp(node->name, XMLSTR("authentication")) == 0) { } else if (xmlStrcmp(node->name, XMLSTR("authentication")) == 0) {
_parse_authentication_node(node, &(listener->authstack)); _parse_authentication_node(configuration, node, &(listener->authstack));
} else if (xmlStrcmp(node->name, XMLSTR("http-headers")) == 0) { } else if (xmlStrcmp(node->name, XMLSTR("http-headers")) == 0) {
config_parse_http_headers(node->xmlChildrenNode, &(listener->http_headers), configuration); config_parse_http_headers(node->xmlChildrenNode, &(listener->http_headers), configuration);
} else { } else {
@ -2238,7 +2241,7 @@ static void _parse_authentication(xmlDocPtr doc, xmlNodePtr node,
xmlFree(configuration->shoutcast_user); xmlFree(configuration->shoutcast_user);
configuration->shoutcast_user = (char *)xmlNodeListGetString(doc, node->xmlChildrenNode, 1); configuration->shoutcast_user = (char *)xmlNodeListGetString(doc, node->xmlChildrenNode, 1);
} else if (xmlStrcmp(node->name, XMLSTR("role")) == 0) { } else if (xmlStrcmp(node->name, XMLSTR("role")) == 0) {
auth_t *auth = auth_get_authenticator(node); auth_t *auth = auth_get_authenticator(configuration, node);
auth_stack_push(&new_style, auth); auth_stack_push(&new_style, auth);
auth_release(auth); auth_release(auth);
} else { } else {
@ -2247,11 +2250,11 @@ static void _parse_authentication(xmlDocPtr doc, xmlNodePtr node,
} while ((node = node->next)); } while ((node = node->next));
if (admin_password && admin_username) if (admin_password && admin_username)
__append_old_style_auth(&old_style, CONFIG_LEGACY_ADMIN_NAME, AUTH_TYPE_STATIC, __append_old_style_auth(configuration, &old_style, CONFIG_LEGACY_ADMIN_NAME, AUTH_TYPE_STATIC,
admin_username, admin_password, NULL, CONFIG_LEGACY_ADMIN_METHODS, CONFIG_LEGACY_ADMIN_ALLOW_WEB, CONFIG_LEGACY_ADMIN_ALLOW_ADMIN); admin_username, admin_password, NULL, CONFIG_LEGACY_ADMIN_METHODS, CONFIG_LEGACY_ADMIN_ALLOW_WEB, CONFIG_LEGACY_ADMIN_ALLOW_ADMIN);
if (relay_password && relay_username) if (relay_password && relay_username)
__append_old_style_auth(&old_style, CONFIG_LEGACY_RELAY_NAME, AUTH_TYPE_STATIC, __append_old_style_auth(configuration, &old_style, CONFIG_LEGACY_RELAY_NAME, AUTH_TYPE_STATIC,
relay_username, relay_password, NULL, CONFIG_LEGACY_RELAY_METHODS, CONFIG_LEGACY_RELAY_ALLOW_WEB, CONFIG_LEGACY_RELAY_ALLOW_ADMIN); relay_username, relay_password, NULL, CONFIG_LEGACY_RELAY_METHODS, CONFIG_LEGACY_RELAY_ALLOW_WEB, CONFIG_LEGACY_RELAY_ALLOW_ADMIN);
if (admin_password) if (admin_password)
@ -2271,7 +2274,7 @@ static void _parse_authentication(xmlDocPtr doc, xmlNodePtr node,
} }
/* default unauthed anonymous account */ /* default unauthed anonymous account */
__append_old_style_auth(&old_style, CONFIG_LEGACY_ANONYMOUS_NAME, AUTH_TYPE_ANONYMOUS, __append_old_style_auth(configuration, &old_style, CONFIG_LEGACY_ANONYMOUS_NAME, AUTH_TYPE_ANONYMOUS,
NULL, NULL, NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, CONFIG_LEGACY_ANONYMOUS_ALLOW_WEB, CONFIG_LEGACY_ANONYMOUS_ALLOW_ADMIN); NULL, NULL, NULL, CONFIG_LEGACY_ANONYMOUS_METHODS, CONFIG_LEGACY_ANONYMOUS_ALLOW_WEB, CONFIG_LEGACY_ANONYMOUS_ALLOW_ADMIN);
if (!old_style) if (!old_style)
ICECAST_LOG_ERROR("BAD. old_style=NULL"); ICECAST_LOG_ERROR("BAD. old_style=NULL");