access: add new option to override all ACL
This can be quite useful for debug/testing, especially when using configuration provided by a user (saves deleting ACL files).
This commit is contained in:
parent
8b617c893e
commit
1726565e20
3 changed files with 19 additions and 4 deletions
16
src/access.c
16
src/access.c
|
@ -43,6 +43,8 @@ struct access_ticket_queue access_tickets;
|
|||
const char *superuser_username;
|
||||
const char *superuser_password;
|
||||
|
||||
static int access_noacl;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
|
@ -229,6 +231,9 @@ access_verify(const char *username, const char *password,
|
|||
uint32_t bits = 0;
|
||||
access_entry_t *ae;
|
||||
|
||||
if (access_noacl)
|
||||
return 0;
|
||||
|
||||
if(username != NULL && superuser_username != NULL &&
|
||||
password != NULL && superuser_password != NULL &&
|
||||
!strcmp(username, superuser_username) &&
|
||||
|
@ -274,6 +279,9 @@ access_get_hashed(const char *username, const uint8_t digest[20],
|
|||
uint32_t r = 0;
|
||||
int match = 0;
|
||||
|
||||
if(access_noacl)
|
||||
return 0xffffffff;
|
||||
|
||||
if(superuser_username != NULL && superuser_password != NULL) {
|
||||
|
||||
SHA1_Init(&shactx);
|
||||
|
@ -696,7 +704,7 @@ static const dtable_class_t access_dtc = {
|
|||
*
|
||||
*/
|
||||
void
|
||||
access_init(int createdefault)
|
||||
access_init(int createdefault, int noacl)
|
||||
{
|
||||
dtable_t *dt;
|
||||
htsmsg_t *r, *m;
|
||||
|
@ -709,6 +717,10 @@ access_init(int createdefault)
|
|||
struct timeval tv;
|
||||
} randseed;
|
||||
|
||||
access_noacl = noacl;
|
||||
if (noacl)
|
||||
tvhlog(LOG_WARNING, "access", "Access control checking disabled");
|
||||
|
||||
randseed.pid = getpid();
|
||||
gettimeofday(&randseed.tv, NULL);
|
||||
RAND_seed(&randseed, sizeof(randseed));
|
||||
|
@ -742,7 +754,7 @@ access_init(int createdefault)
|
|||
dtable_record_store(dt, ae->ae_id, r);
|
||||
htsmsg_destroy(r);
|
||||
|
||||
tvhlog(LOG_WARNING, "accesscontrol",
|
||||
tvhlog(LOG_WARNING, "access",
|
||||
"Created default wide open access controle entry");
|
||||
}
|
||||
|
||||
|
|
|
@ -110,6 +110,6 @@ uint32_t access_get_by_addr(struct sockaddr *src);
|
|||
/**
|
||||
*
|
||||
*/
|
||||
void access_init(int createdefault);
|
||||
void access_init(int createdefault, int noacl);
|
||||
|
||||
#endif /* ACCESS_H_ */
|
||||
|
|
|
@ -365,6 +365,7 @@ main(int argc, char **argv)
|
|||
opt_syslog = 0,
|
||||
opt_uidebug = 0,
|
||||
opt_abort = 0,
|
||||
opt_noacl = 0,
|
||||
opt_ipv6 = 0;
|
||||
const char *opt_config = NULL,
|
||||
*opt_user = NULL,
|
||||
|
@ -414,6 +415,8 @@ main(int argc, char **argv)
|
|||
{ 0, "uidebug", "Enable webUI debug", OPT_BOOL, &opt_uidebug },
|
||||
{ 'l', "log", "Log to file", OPT_STR, &log_path },
|
||||
{ 'A', "abort", "Immediately abort", OPT_BOOL, &opt_abort },
|
||||
{ 0, "noacl", "Disable all access control checks",
|
||||
OPT_BOOL, &opt_noacl },
|
||||
#if ENABLE_LINUXDVB
|
||||
{ 'R', "dvbraw", "Use rawts file to create virtual adapter",
|
||||
OPT_STR, &opt_dvb_raw },
|
||||
|
@ -598,7 +601,7 @@ main(int argc, char **argv)
|
|||
|
||||
subscription_init();
|
||||
|
||||
access_init(opt_firstrun);
|
||||
access_init(opt_firstrun, opt_noacl);
|
||||
|
||||
#if ENABLE_LINUXDVB
|
||||
muxes_init();
|
||||
|
|
Loading…
Add table
Reference in a new issue