Feature #4461 » 4461-extra-debug.patch
src/access.c | ||
---|---|---|
461 | 461 |
/* |
462 | 462 |
* |
463 | 463 |
*/ |
464 |
static void
|
|
465 |
access_dump_a(access_t *a) |
|
464 |
void |
|
465 |
access_dump_a(const access_t *a)
|
|
466 | 466 |
{ |
467 | 467 |
htsmsg_field_t *f; |
468 | 468 |
size_t l = 0; |
469 | 469 |
char buf[1024]; |
470 | 470 |
int first; |
471 | 471 | |
472 |
if (!a) { |
|
473 |
tvhinfo(LS_ACCESS, "<nopermission>"); |
|
474 |
} |
|
475 | ||
472 | 476 |
tvh_strlcatf(buf, sizeof(buf), l, |
473 | 477 |
"%s:%s [%c%c%c%c%c%c%c%c%c%c%c], conn=%u:s%u:r%u:l%u%s", |
474 | 478 |
a->aa_representative ?: "<no-id>", |
... | ... | |
533 | 537 |
access_dump_tags("exclude ", buf, sizeof(buf), &l, a->aa_chtags_exclude); |
534 | 538 |
access_dump_tags("", buf, sizeof(buf), &l, a->aa_chtags); |
535 | 539 | |
536 |
tvhtrace(LS_ACCESS, "%s", buf);
|
|
540 |
tvhinfo(LS_ACCESS, "%s", buf);
|
|
537 | 541 |
} |
538 | 542 | |
539 | 543 |
/* |
... | ... | |
725 | 729 |
access_entry_t *ae; |
726 | 730 |
int nouser = tvh_str_default(username, NULL) == NULL; |
727 | 731 |
char *s; |
732 |
tvhinfo(LS_ACCESS, "access_get for user <%s>", username?:"<none>"); |
|
728 | 733 | |
729 |
if (!access_noacl && access_ip_blocked(src)) |
|
734 |
if (!access_noacl && access_ip_blocked(src)) { |
|
735 |
tvhinfo(LS_ACCESS, "No permission due to access_ip_blocked"); |
|
730 | 736 |
return a; |
737 |
} |
|
731 | 738 | |
732 | 739 |
if (!passwd_verify(a, username, verify, aux)) { |
733 | 740 |
a->aa_username = strdup(username); |
734 | 741 |
a->aa_representative = strdup(username); |
735 | 742 |
if(!passwd_verify2(username, verify, aux, |
736 |
superuser_username, superuser_password)) |
|
743 |
superuser_username, superuser_password)) { |
|
744 |
tvhinfo(LS_ACCESS, "access_full 1"); |
|
737 | 745 |
return access_full(a); |
746 |
} |
|
738 | 747 |
} else { |
739 | 748 |
s = alloca(50); |
740 | 749 |
tcp_get_str_from_ip(src, s, 50); |
741 | 750 |
a->aa_representative = strdup(s); |
742 | 751 |
if(!passwd_verify2(username, verify, aux, |
743 |
superuser_username, superuser_password)) |
|
752 |
superuser_username, superuser_password)) { |
|
753 |
tvhinfo(LS_ACCESS, "access_full 2"); |
|
744 | 754 |
return access_full(a); |
755 |
} |
|
745 | 756 |
username = NULL; |
746 | 757 |
} |
747 | 758 | |
748 |
if (access_noacl) |
|
759 |
if (access_noacl) { |
|
760 |
tvhinfo(LS_ACCESS, "access_full 3"); |
|
749 | 761 |
return access_full(a); |
762 |
} |
|
750 | 763 | |
751 | 764 |
TAILQ_FOREACH(ae, &access_entries, ae_link) { |
752 | 765 | |
... | ... | |
759 | 772 |
continue; /* Didn't get one */ |
760 | 773 |
} |
761 | 774 | |
762 |
if(!netmask_verify(&ae->ae_ipmasks, src)) |
|
775 |
if(!netmask_verify(&ae->ae_ipmasks, src)) { |
|
776 |
tvhinfo(LS_ACCESS, "netmask_verify fail"); |
|
763 | 777 |
continue; /* IP based access mismatches */ |
778 |
} |
|
764 | 779 | |
765 | 780 |
if(ae->ae_username[0] != '*') |
766 | 781 |
a->aa_match = 1; |
... | ... | |
770 | 785 | |
771 | 786 |
/* Username was not matched - no access */ |
772 | 787 |
if (!a->aa_match) { |
788 |
tvhinfo(LS_ACCESS, "aa_match nouser=%d", nouser); |
|
773 | 789 |
free(a->aa_username); |
774 | 790 |
a->aa_username = NULL; |
775 | 791 |
if (!nouser) |
src/access.h | ||
---|---|---|
300 | 300 |
access_t *access_get(struct sockaddr_storage *src, const char *username, |
301 | 301 |
verify_callback_t verify, void *aux); |
302 | 302 | |
303 |
void access_dump_a(const access_t *a); |
|
303 | 304 |
/** |
304 | 305 |
* |
305 | 306 |
*/ |
src/webui/webui.c | ||
---|---|---|
1646 | 1646 |
static access_t *hdhomerun_verify_user_permission(const http_connection_t *hc, |
1647 | 1647 |
const char *fail_log_reason) |
1648 | 1648 |
{ |
1649 |
tvhinfo(LS_ACCESS, "hdhomerun_verify_user_permission"); |
|
1649 | 1650 |
/* Not explicitly enabled? Then all calls fail. */ |
1650 | 1651 |
if (!config.hdhomerun_server_enable) { |
1651 | 1652 |
tvhwarn(LS_WEBUI, "hdhomerun server not enabled but received request [%s]", |
... | ... | |
1655 | 1656 | |
1656 | 1657 |
const char *hdhr_user = config.hdhomerun_server_username ?: ""; |
1657 | 1658 |
access_t *perm = access_get(hc->hc_peer, hdhr_user, hdhomerun_server_verify_callback, NULL); |
1658 | ||
1659 |
access_dump_a(perm); |
|
1659 | 1660 |
if (access_verify2(perm, ACCESS_STREAMING)) { |
1660 | 1661 |
/* Failed */ |
1661 |
tvhwarn(LS_WEBUI, "hdhomerun server received request but no streaming permission for user [%s] [%d] [%s]", |
|
1662 |
access_dump_a(perm); |
|
1663 |
tvhwarn(LS_WEBUI, "hdhomerun server received request but no streaming permission for user [%s] [%s] [%s] [%d] [%s]", |
|
1662 | 1664 |
hdhr_user ?: "<none>", |
1665 |
perm? (perm->aa_username ?: "<none>") : "<noperm>", |
|
1666 |
perm? (perm->aa_representative ?: "<none>") : "<noperm>", |
|
1663 | 1667 |
perm? perm->aa_rights : 0, |
1664 | 1668 |
fail_log_reason?:""); |
1665 | 1669 |
access_destroy(perm); |
1666 | 1670 |
return NULL; |
1667 | 1671 |
} else { |
1672 |
tvhinfo(LS_ACCESS, "hdhomerun_verify_user_permission: OK"); |
|
1668 | 1673 |
return perm; |
1669 | 1674 |
} |
1670 | 1675 |
} |