stv0g/tvheadend
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

ACL: Fix username match

Browse source
This commit is contained in:
Jaroslav Kysela 2014-09-16 15:05:22 +02:00
parent 972306d813
commit 89ee111a26
1 changed files with 29 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
src/access.c
View file

@ -248,6 +248,7 @@ access_verify(const char *username, const char *password,
{
uint32_t bits = 0;
access_entry_t *ae;
int match = 0;
if (access_noacl)
return 0;
@ -271,6 +272,8 @@ access_verify(const char *username, const char *password,
if(strcmp(ae->ae_username, username) ||
strcmp(ae->ae_password, password))
continue; /* username/password mismatch */
match = 1;
}
if(!netmask_verify(ae, src))
@ -278,6 +281,13 @@ access_verify(const char *username, const char *password,
bits |= ae->ae_rights;
}
/* Username was not matched - no access */
if (!match) {
if (username && *username != '\0')
bits = 0;
}
return (mask & bits) == mask ? 0 : -1;
}
@ -362,10 +372,20 @@ access_get(const char *username, const char *password, struct sockaddr *src)
if(!netmask_verify(ae, src))
continue; /* IP based access mismatches */
a->aa_match = 1;
if(ae->ae_username[0] != '*')
a->aa_match = 1;
access_update(a, ae);
}
/* Username was not matched - no access */
if (!a->aa_match) {
free(a->aa_username);
a->aa_username = NULL;
if (username && *username != '\0')
a->aa_rights = 0;
}
return a;
}
@ -418,12 +438,19 @@ access_get_hashed(const char *username, const uint8_t digest[20],
if(strcmp(ae->ae_username, username) || memcmp(d, digest, 20))
continue;
a->aa_match = 1;
}
a->aa_match = 1;
access_update(a, ae);
}
/* Username was not matched - no access */
if (!a->aa_match) {
if (username && *username != '\0')
a->aa_rights = 0;
}
return a;
}