API tools faq
paste
Advertisement
Guest User

transmission-auth-bypass-2.92.patch

a guest
Jun 5th, 2016
222
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 11.04 KB | None | 0 0
raw download clone embed print report
  1. diff -Naur transmission-2.92/daemon/daemon.c transmission-2.92.new/daemon/daemon.c
  2. --- transmission-2.92/daemon/daemon.c   2016-02-23 15:22:59.365863760 +1100
  3. +++ transmission-2.92.new/daemon/daemon.c   2016-06-05 11:24:15.024000000 +1000
  4. @@ -107,6 +107,7 @@
  5.      { 'p', "port", "RPC port (Default: " TR_DEFAULT_RPC_PORT_STR ")", "p", 1, "<port>" },
  6.      { 't', "auth", "Require authentication", "t", 0, NULL },
  7.      { 'T', "no-auth", "Don't require authentication", "T", 0, NULL },
  8. +    { 969, "auth-bypass", "Authentication not required for IP addresses.", NULL, 1, "<list>" },
  9.      { 'u', "username", "Set username for authentication", "u", 1, "<username>" },
  10.      { 'v', "password", "Set password for authentication", "v", 1, "<password>" },
  11.      { 'V', "version", "Show version number and exit", "V", 0, NULL },
  12. @@ -384,6 +385,9 @@
  13.                        break;
  14.              case 'T': tr_variantDictAddBool (settings, TR_KEY_rpc_authentication_required, false);
  15.                        break;
  16. +            case 969: tr_variantDictAddStr  (settings, TR_KEY_rpc_auth_bypass_whitelist, optarg);
  17. +                      tr_variantDictAddBool (settings, TR_KEY_rpc_auth_bypass_enabled, true);
  18. +                      break;
  19.              case 'u': tr_variantDictAddStr (settings, TR_KEY_rpc_username, optarg);
  20.                        break;
  21.              case 'v': tr_variantDictAddStr (settings, TR_KEY_rpc_password, optarg);
  22. diff -Naur transmission-2.92/libtransmission/quark.c transmission-2.92.new/libtransmission/quark.c
  23. --- transmission-2.92/libtransmission/quark.c   2016-01-10 05:02:58.738698801 +1100
  24. +++ transmission-2.92.new/libtransmission/quark.c   2016-06-05 12:03:15.324000000 +1000
  25. @@ -286,6 +286,8 @@
  26.    { "rename-partial-files", 20 },
  27.    { "reqq", 4 },
  28.    { "result", 6 },
  29. +  { "rpc-auth-bypass-enabled", 23 },
  30. +  { "rpc-auth-bypass-whitelist", 25 },
  31.    { "rpc-authentication-required", 27 },
  32.    { "rpc-bind-address", 16 },
  33.    { "rpc-enabled", 11 },
  34. diff -Naur transmission-2.92/libtransmission/quark.h transmission-2.92.new/libtransmission/quark.h
  35. --- transmission-2.92/libtransmission/quark.h   2015-06-29 05:23:49.613528096 +1000
  36. +++ transmission-2.92.new/libtransmission/quark.h   2016-06-05 11:24:15.024000000 +1000
  37. @@ -288,6 +288,8 @@
  38.    TR_KEY_rename_partial_files,
  39.    TR_KEY_reqq,
  40.    TR_KEY_result,
  41. +  TR_KEY_rpc_auth_bypass_enabled,
  42. +  TR_KEY_rpc_auth_bypass_whitelist,
  43.    TR_KEY_rpc_authentication_required,
  44.    TR_KEY_rpc_bind_address,
  45.    TR_KEY_rpc_enabled,
  46. diff -Naur transmission-2.92/libtransmission/rpc-server.c transmission-2.92.new/libtransmission/rpc-server.c
  47. --- transmission-2.92/libtransmission/rpc-server.c  2016-01-10 05:02:58.740698836 +1100
  48. +++ transmission-2.92.new/libtransmission/rpc-server.c  2016-06-05 13:19:47.048000000 +1000
  49. @@ -52,6 +52,7 @@
  50.      bool               isEnabled;
  51.      bool               isPasswordEnabled;
  52.      bool               isWhitelistEnabled;
  53. +    bool               isAuthBypassEnabled;
  54.      tr_port            port;
  55.      char             * url;
  56.      struct in_addr     bindAddress;
  57. @@ -63,6 +64,8 @@
  58.      char             * password;
  59.      char             * whitelistStr;
  60.      tr_list          * whitelist;
  61. +    char             * authBypassWhitelistStr;
  62. +    tr_list          * authBypassWhitelist;
  63.  
  64.      char             * sessionId;
  65.      time_t             sessionIdExpiresAt;
  66. @@ -589,6 +592,21 @@
  67.  }
  68.  
  69.  static bool
  70. +isAddressAuthBypassed (const tr_rpc_server * server, const char * address)
  71. +{
  72. +  tr_list * l;
  73. +
  74. +  if (!server->isAuthBypassEnabled)
  75. +    return false;
  76. +
  77. +  for (l=server->authBypassWhitelist; l!=NULL; l=l->next)
  78. +    if (tr_wildmat (address, l->data))
  79. +      return true;
  80. +
  81. +  return false;
  82. +}
  83. +
  84. +static bool
  85.  test_session_id (struct tr_rpc_server * server, struct evhttp_request * req)
  86.  {
  87.    const char * ours = get_current_session_id (server);
  88. @@ -638,6 +656,7 @@
  89.              "<p>If you're still using ACLs, use a whitelist instead. See the transmission-daemon manpage for details.</p>");
  90.          }
  91.        else if (server->isPasswordEnabled
  92. +                 && !isAddressAuthBypassed(server, req->remote_host)
  93.                   && (!pass || !user || strcmp (server->username, user)
  94.                                       || !tr_ssha1_matches (server->password,
  95.                                                             pass)))
  96. @@ -931,6 +950,62 @@
  97.  }
  98.  
  99.  /****
  100. +*****  AUTHBYPASS
  101. +****/
  102. +
  103. +void
  104. +tr_rpcSetAuthBypassWhitelist (tr_rpc_server * server, const char * authBypassWhitelistStr)
  105. +{
  106. +  void * tmp;
  107. +  const char * walk;
  108. +
  109. +  /* keep the string */
  110. +  tmp = server->authBypassWhitelistStr;
  111. +  server->authBypassWhitelistStr = tr_strdup (authBypassWhitelistStr);
  112. +  tr_free (tmp);
  113. +
  114. +  /* clear out the old authBypassWhitelist entries */
  115. +  while ((tmp = tr_list_pop_front (&server->authBypassWhitelist)))
  116. +    tr_free (tmp);
  117. +
  118. +  /* build the new authBypassWhitelist entries */
  119. +  for (walk=authBypassWhitelistStr; walk && *walk;)
  120. +    {
  121. +      const char * delimiters = " ,;";
  122. +      const size_t len = strcspn (walk, delimiters);
  123. +      char * token = tr_strndup (walk, len);
  124. +      tr_list_append (&server->authBypassWhitelist, token);
  125. +      tr_logAddNamedInfo (MY_NAME, "Adding address to authBypassWhitelist: %s", token);
  126. +
  127. +      if (walk[len]=='\0')
  128. +        break;
  129. +
  130. +      walk += len + 1;
  131. +    }
  132. +}
  133. +
  134. +const char*
  135. +tr_rpcGetAuthBypassWhitelist (const tr_rpc_server * server)
  136. +{
  137. +  return server->authBypassWhitelistStr ? server->authBypassWhitelistStr : "";
  138. +}
  139. +
  140. +void
  141. +tr_rpcSetAuthBypassEnabled (tr_rpc_server  * server,
  142. +                            bool             isEnabled)
  143. +{
  144. +  assert (tr_isBool (isEnabled));
  145. +
  146. +  server->isAuthBypassEnabled = isEnabled;
  147. +}
  148. +
  149. +bool
  150. +tr_rpcGetAuthBypassEnabled (const tr_rpc_server * server)
  151. +{
  152. +  return server->isAuthBypassEnabled;
  153. +}
  154. +
  155. +/****
  156.  *****  PASSWORD
  157.  ****/
  158.  
  159. @@ -1063,6 +1138,12 @@
  160.    else
  161.      tr_rpcSetWhitelistEnabled (s, boolVal);
  162.  
  163. +  key = TR_KEY_rpc_auth_bypass_enabled;
  164. +  if (!tr_variantDictFindBool (settings, key, &boolVal))
  165. +    missing_settings_key (key);
  166. +  else
  167. +    tr_rpcSetAuthBypassEnabled (s, boolVal);
  168. +
  169.    key = TR_KEY_rpc_authentication_required;
  170.    if (!tr_variantDictFindBool (settings, key, &boolVal))
  171.      missing_settings_key (key);
  172. @@ -1075,6 +1156,12 @@
  173.    else
  174.      tr_rpcSetWhitelist (s, str);
  175.  
  176. +  key = TR_KEY_rpc_auth_bypass_whitelist;
  177. +  if (!tr_variantDictFindStr (settings, key, &str, NULL) && str)
  178. +    missing_settings_key (key);
  179. +  else
  180. +    tr_rpcSetAuthBypassWhitelist (s, str);
  181. +
  182.    key = TR_KEY_rpc_username;
  183.    if (!tr_variantDictFindStr (settings, key, &str, NULL))
  184.      missing_settings_key (key);
  185. @@ -1119,3 +1206,4 @@
  186.  
  187.    return s;
  188.  }
  189. +
  190. diff -Naur transmission-2.92/libtransmission/rpc-server.h transmission-2.92.new/libtransmission/rpc-server.h
  191. --- transmission-2.92/libtransmission/rpc-server.h  2014-12-11 06:22:42.938222700 +1100
  192. +++ transmission-2.92.new/libtransmission/rpc-server.h  2016-06-05 11:24:15.028000000 +1000
  193. @@ -65,4 +65,15 @@
  194.  
  195.  const char*     tr_rpcGetBindAddress (const tr_rpc_server * server);
  196.  
  197. +void            tr_rpcSetAuthBypassEnabled (tr_rpc_server  * server,
  198. +                                                     bool             isEnabled);
  199. +
  200. +bool            tr_rpcGetAuthBypassEnabled (const tr_rpc_server * server);
  201. +
  202. +void            tr_rpcSetAuthBypassWhitelist (tr_rpc_server * server,
  203. +                                              const char *    whitelist);
  204. +
  205. +const char*     tr_rpcGetAuthBypassWhitelist (const tr_rpc_server * server);
  206. +
  207. +
  208.  #endif
  209. diff -Naur transmission-2.92/libtransmission/session.c transmission-2.92.new/libtransmission/session.c
  210. --- transmission-2.92/libtransmission/session.c 2016-01-10 05:02:58.743698889 +1100
  211. +++ transmission-2.92.new/libtransmission/session.c 2016-06-05 11:24:15.028000000 +1000
  212. @@ -352,6 +352,8 @@
  213.    tr_variantDictAddReal (d, TR_KEY_ratio_limit,                     2.0);
  214.    tr_variantDictAddBool (d, TR_KEY_ratio_limit_enabled,             false);
  215.    tr_variantDictAddBool (d, TR_KEY_rename_partial_files,            true);
  216. +  tr_variantDictAddBool (d, TR_KEY_rpc_auth_bypass_enabled,         false);
  217. +  tr_variantDictAddBool (d, TR_KEY_rpc_auth_bypass_whitelist,       "");
  218.    tr_variantDictAddBool (d, TR_KEY_rpc_authentication_required,     false);
  219.    tr_variantDictAddStr  (d, TR_KEY_rpc_bind_address,                "0.0.0.0");
  220.    tr_variantDictAddBool (d, TR_KEY_rpc_enabled,                     false);
  221. @@ -424,6 +426,8 @@
  222.    tr_variantDictAddReal (d, TR_KEY_ratio_limit,                  s->desiredRatio);
  223.    tr_variantDictAddBool (d, TR_KEY_ratio_limit_enabled,          s->isRatioLimited);
  224.    tr_variantDictAddBool (d, TR_KEY_rename_partial_files,         tr_sessionIsIncompleteFileNamingEnabled (s));
  225. +  tr_variantDictAddBool (d, TR_KEY_rpc_auth_bypass_enabled,      tr_sessionGetRPCAuthBypassEnabled (s));
  226. +  tr_variantDictAddStr  (d, TR_KEY_rpc_auth_bypass_whitelist,    tr_sessionGetRPCAuthBypassWhitelist (s));
  227.    tr_variantDictAddBool (d, TR_KEY_rpc_authentication_required,  tr_sessionIsRPCPasswordEnabled (s));
  228.    tr_variantDictAddStr  (d, TR_KEY_rpc_bind_address,             tr_sessionGetRPCBindAddress (s));
  229.    tr_variantDictAddBool (d, TR_KEY_rpc_enabled,                  tr_sessionIsRPCEnabled (s));
  230. @@ -2723,6 +2727,39 @@
  231.    return tr_rpcGetBindAddress (session->rpcServer);
  232.  }
  233.  
  234. +void
  235. +tr_sessionSetRPCAuthBypassWhitelist (tr_session * session,
  236. +                           const char * whitelist)
  237. +{
  238. +  assert (tr_isSession (session));
  239. +
  240. +  tr_rpcSetAuthBypassWhitelist (session->rpcServer, whitelist);
  241. +}
  242. +
  243. +const char*
  244. +tr_sessionGetRPCAuthBypassWhitelist (const tr_session * session)
  245. +{
  246. +  assert (tr_isSession (session));
  247. +
  248. +  return tr_rpcGetAuthBypassWhitelist (session->rpcServer);
  249. +}
  250. +
  251. +void
  252. +tr_sessionSetRPCAuthBypassEnabled (tr_session * session, bool isEnabled)
  253. +{
  254. +  assert (tr_isSession (session));
  255. +
  256. +  tr_rpcSetAuthBypassEnabled (session->rpcServer, isEnabled);
  257. +}
  258. +
  259. +bool
  260. +tr_sessionGetRPCAuthBypassEnabled (const tr_session * session)
  261. +{
  262. +  assert (tr_isSession (session));
  263. +
  264. +  return tr_rpcGetAuthBypassEnabled (session->rpcServer);
  265. +}
  266. +
  267.  /****
  268.  *****
  269.  ****/
  270. diff -Naur transmission-2.92/libtransmission/transmission.h transmission-2.92.new/libtransmission/transmission.h
  271. --- transmission-2.92/libtransmission/transmission.h    2016-01-01 05:33:37.576878516 +1100
  272. +++ transmission-2.92.new/libtransmission/transmission.h    2016-06-05 11:24:15.028000000 +1000
  273. @@ -392,6 +392,16 @@
  274.  
  275.  bool tr_sessionGetRPCWhitelistEnabled (const tr_session * session);
  276.  
  277. +void tr_sessionSetRPCAuthBypassWhitelist (tr_session * session,
  278. +                                          const char * whitelist);
  279. +
  280. +const char* tr_sessionGetRPCAuthBypassWhitelist (const tr_session *);
  281. +
  282. +void  tr_sessionSetRPCAuthBypassEnabled (tr_session * session,
  283. +                                        bool         isEnabled);
  284. +
  285. +bool tr_sessionGetRPCAuthBypassEnabled (const tr_session * session);
  286. +
  287.  void  tr_sessionSetRPCPassword (tr_session * session,
  288.                                  const char * password);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!