access: add new option to override all ACL

This can be quite useful for debug/testing, especially when using
configuration provided by a user (saves deleting ACL files).
This commit is contained in:
Adam Sutton 2013-02-04 11:05:35 +00:00
parent 8b617c893e
commit 1726565e20
3 changed files with 19 additions and 4 deletions

View file

@ -43,6 +43,8 @@ struct access_ticket_queue access_tickets;
const char *superuser_username;
const char *superuser_password;
static int access_noacl;
/**
*
*/
@ -229,6 +231,9 @@ access_verify(const char *username, const char *password,
uint32_t bits = 0;
access_entry_t *ae;
if (access_noacl)
return 0;
if(username != NULL && superuser_username != NULL &&
password != NULL && superuser_password != NULL &&
!strcmp(username, superuser_username) &&
@ -274,6 +279,9 @@ access_get_hashed(const char *username, const uint8_t digest[20],
uint32_t r = 0;
int match = 0;
if(access_noacl)
return 0xffffffff;
if(superuser_username != NULL && superuser_password != NULL) {
SHA1_Init(&shactx);
@ -696,7 +704,7 @@ static const dtable_class_t access_dtc = {
*
*/
void
access_init(int createdefault)
access_init(int createdefault, int noacl)
{
dtable_t *dt;
htsmsg_t *r, *m;
@ -709,6 +717,10 @@ access_init(int createdefault)
struct timeval tv;
} randseed;
access_noacl = noacl;
if (noacl)
tvhlog(LOG_WARNING, "access", "Access control checking disabled");
randseed.pid = getpid();
gettimeofday(&randseed.tv, NULL);
RAND_seed(&randseed, sizeof(randseed));
@ -742,7 +754,7 @@ access_init(int createdefault)
dtable_record_store(dt, ae->ae_id, r);
htsmsg_destroy(r);
tvhlog(LOG_WARNING, "accesscontrol",
tvhlog(LOG_WARNING, "access",
"Created default wide open access controle entry");
}

View file

@ -110,6 +110,6 @@ uint32_t access_get_by_addr(struct sockaddr *src);
/**
*
*/
void access_init(int createdefault);
void access_init(int createdefault, int noacl);
#endif /* ACCESS_H_ */

View file

@ -365,6 +365,7 @@ main(int argc, char **argv)
opt_syslog = 0,
opt_uidebug = 0,
opt_abort = 0,
opt_noacl = 0,
opt_ipv6 = 0;
const char *opt_config = NULL,
*opt_user = NULL,
@ -414,6 +415,8 @@ main(int argc, char **argv)
{ 0, "uidebug", "Enable webUI debug", OPT_BOOL, &opt_uidebug },
{ 'l', "log", "Log to file", OPT_STR, &log_path },
{ 'A', "abort", "Immediately abort", OPT_BOOL, &opt_abort },
{ 0, "noacl", "Disable all access control checks",
OPT_BOOL, &opt_noacl },
#if ENABLE_LINUXDVB
{ 'R', "dvbraw", "Use rawts file to create virtual adapter",
OPT_STR, &opt_dvb_raw },
@ -598,7 +601,7 @@ main(int argc, char **argv)
subscription_init();
access_init(opt_firstrun);
access_init(opt_firstrun, opt_noacl);
#if ENABLE_LINUXDVB
muxes_init();