Changeset 6055

Timestamp:

Jun 5, 2008, 6:16:59 PM (14 years ago)

Author:

charles

Message:

add authentication support to daemon & remote

Location:

trunk/daemon

Files:

• daemon.c (modified) (13 diffs)
• remote.c (modified) (7 diffs)
• transmission-daemon.1 (modified) (2 diffs)
• transmission-remote.1 (modified) (2 diffs)

trunk/daemon/daemon.c

@@ -39 +39 @@
     tr_benc d;
     const char * str;
-
-    tr_bencInitDict( &d, 12 );
+    char * username = tr_sessionGetRPCUsername( h );
+    char * password = tr_sessionGetRPCPassword( h );
+    char * auth = tr_strdup_printf( "%s:%s", username, password );
+
+    tr_bencInitDict( &d, 14 );
     tr_bencDictAddStr( &d, "download-dir", tr_sessionGetDownloadDir( h ) );
     tr_bencDictAddInt( &d, "peer-limit", tr_sessionGetPeerLimit( h ) );
     tr_bencDictAddInt( &d, "pex-allowed", tr_sessionIsPexEnabled( h ) );
     tr_bencDictAddInt( &d, "port", tr_sessionGetPeerPort( h ) );
+    tr_bencDictAddStr( &d, "auth", auth );
+    tr_bencDictAddInt( &d, "auth-required",
+                           tr_sessionIsRPCPasswordEnabled( h ) );
     tr_bencDictAddInt( &d, "port-forwarding-enabled",
                            tr_sessionIsPortForwardingEnabled( h ) );
@@ -68 +74 @@
 
     tr_bencFree( &d );
-}
-
-static void
-session_init( const char * configDir, int rpc_port, const char * rpc_acl )
+    tr_free( auth );
+    tr_free( password );
+    tr_free( username );
+}
+
+static int
+parseAuth( const char * auth, char ** username, char ** password )
+{
+    int err = 0;
+    const char * pch = strchr( auth, ':' );
+    if( !pch )
+        err = -1;
+    else {
+        *username = tr_strndup( auth, pch-auth );
+        *password = tr_strdup( pch+1 );
+    }
+    return err;
+}
+
+static void
+session_init( const char * configDir, int rpc_port,
+              const char * acl, const char * auth, int noauth )
 {
     tr_benc state;
@@ -85 +109 @@
     int encryption = TR_ENCRYPTION_PREFERRED;
     char downloadDir[MAX_PATH_LENGTH] = { '\0' };
-    const char * rpc_acl_fallback = TR_DEFAULT_RPC_ACL;
+    const char * acl_fallback = TR_DEFAULT_RPC_ACL;
     int64_t rpc_port_fallback = TR_DEFAULT_RPC_PORT;
+    int64_t auth_required_fallback = 0;
+    const char * auth_fallback = NULL;
     tr_ctor * ctor;
     tr_torrent ** torrents;
+    int auth_required;
+    char * user = NULL;
+    char * pass = NULL;
 
     if(( have_state = !tr_bencLoadFile( myConfigFilename, &state )))
@@ -101 +130 @@
         tr_bencDictFindInt( &state, "port", &peer_port );
         tr_bencDictFindInt( &state, "port-forwarding-enabled", &fwd_enabled );
-        tr_bencDictFindStr( &state, "rpc-acl", &rpc_acl_fallback );
+        tr_bencDictFindStr( &state, "rpc-acl", &acl_fallback );
+        tr_bencDictFindStr( &state, "auth", &auth_fallback );
+        tr_bencDictFindInt( &state, "auth-required", &auth_required_fallback );
         tr_bencDictFindInt( &state, "rpc-port", &rpc_port_fallback );
         tr_bencDictFindInt( &state, "speed-limit-down", &down_limit );
@@ -120 +151 @@
     if( rpc_port < 1 )
         rpc_port = rpc_port_fallback;
-    if( !rpc_acl || !*rpc_acl )
-        rpc_acl = rpc_acl_fallback;
+    if( !acl || !*acl )
+        acl = acl_fallback;
+    if( !auth || !*auth )
+        auth = auth_fallback;
+
+    if( auth && parseAuth( auth, &user, &pass ) ) {
+        tr_nerr( MY_NAME, "Unable to parse authentication string \"%s\"", auth );
+        abort( );
+    }
+
+    if( noauth ) {
+        /* user has explicitly turned off authentication */
+        user = NULL;
+        pass = NULL;
+    }
+
+    auth_required = user || pass;
 
     /* start the session */
@@ -133 +179 @@
                                     FALSE, /* is the blocklist enabled? */
                                     TR_DEFAULT_PEER_SOCKET_TOS,
-                                    TRUE, rpc_port, rpc_acl );
+                                    TRUE, rpc_port, acl,
+                                    auth_required, user, pass );
+
+    if( auth_required )
+        tr_ninf( MY_NAME, "requiring authentication" );
 
     /* load the torrents */
@@ -157 +207 @@
           "  -g --config-dir <dir>   Where to look for torrents and daemon-config.benc\n"
           "  -h --help               Display this message and exit\n"
+          "  -t --auth <user>:<pass> Username and password for authentication\n"
           "  -p --port n             Port to listen to for requests  (Default: "TR_DEFAULT_RPC_PORT_STR")\n"
           "\n"
@@ -166 +217 @@
 static void
 readargs( int argc, char ** argv,
-          int * nofork, int * port, char ** acl,
-          char ** configDir )
+          int * nofork, int * port,
+          char ** configDir,
+          char ** acl,
+          char ** auth,
+          int * noauth )
 {
     int opt;
-    char optstr[] = "a:fg:hp:";
+    char optstr[] = "a:fg:hnp:t:u:w:";
     struct option longopts[] = {
         { "acl",         required_argument,  NULL, 'a'  },
@@ -176 +230 @@
         { "config-dir",  required_argument,  NULL, 'g'  },
         { "help",        no_argument,        NULL, 'h'  },
+        { "noauth",      no_argument,        NULL, 'n'  },
         { "port",        required_argument,  NULL, 'p'  },
+        { "auth",        required_argument,  NULL, 't'  },
         { NULL,          0,                  NULL, '\0' }
     };
@@ -183 +239 @@
             case 'a': *acl = tr_strdup( optarg ); break;
             case 'f': *nofork = 1; break;
+            case 'n': *noauth = 1; break;
             case 'g': *configDir = tr_strdup( optarg ); break;
+            case 't': *auth = tr_strdup( optarg ); break;
             case 'p': *port = atoi( optarg ); break;
             default: daemonUsage( ); break;
@@ -254 +312 @@
 {
     int nofork = 0;
+    int noauth = 0;
     int port = TR_DEFAULT_RPC_PORT;
     char * configDir = NULL;
     char * acl = NULL;
+    char * auth = NULL;
 
     signal( SIGINT, gotsig );
@@ -264 +324 @@
     signal( SIGHUP, SIG_IGN );
 
-    readargs( argc, argv, &nofork, &port, &acl, &configDir );
+    readargs( argc, argv, &nofork, &port, &configDir, &acl, &auth, &noauth );
     if( configDir == NULL )
         configDir = tr_strdup_printf( "%s-daemon", tr_getDefaultConfigDir() );
@@ -277 +337 @@
     }
 
-    session_init( configDir, port, acl );
+    session_init( configDir, port, acl, auth, noauth );
 
     while( !closing )

trunk/daemon/remote.c

@@ -66 +66 @@
             "  -S --stop <int>           Stop the torrent with the given ID\n"
             "  -S --stop all             Stop all running torrents\n"
+            "  -t --auth <user>:<pass>   Username and password for authentication\n"
             "  -u --upload-limit <int>   Max upload rate in KiB/s\n"
             "  -U --upload-unlimited     No upload rate limit\n"
@@ -87 +88 @@
 static int reqCount = 0;
 static int debug = 0;
+static char * auth = NULL;
 
 static char*
@@ -115 +117 @@
 {
     int opt;
-    char optstr[] = "a:c:d:DeEf:ghlmMp:r:s:S:u:Uv:";
+    char optstr[] = "a:c:d:DeEf:ghlmMp:r:s:S:t:u:Uv:";
     
     const struct option longopts[] =
@@ -135 +137 @@
         { "start",              required_argument, NULL, 's' },
         { "stop",               required_argument, NULL, 'S' },
+        { "auth",               required_argument, NULL, 't' },
         { "upload-limit",       required_argument, NULL, 'u' },
         { "upload-unlimited",   no_argument,       NULL, 'U' },
@@ -153 +156 @@
         {
             case 'g': debug = 1;
+                      addArg = FALSE;
+                      break;
+            case 't': auth = tr_strdup( optarg );
                       addArg = FALSE;
                       break;
@@ -288 +294 @@
 
     if( tr_jsonParse( response, len, &top, NULL ) )
-       tr_nerr( MY_NAME, "Unable to parse response" );
+       tr_nerr( MY_NAME, "Unable to parse response \"%*.*s\"", (int)len, (int)len, (char*)response );
     else
     {
@@ -347 +353 @@
     curl_easy_setopt( curl, CURLOPT_POST, 1 );
     curl_easy_setopt( curl, CURLOPT_URL, url );
+    if( auth ) {
+        curl_easy_setopt( curl, CURLOPT_USERPWD, auth );
+        curl_easy_setopt( curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY );
+    }
 
     for( i=0; i<reqCount; ++i )

trunk/daemon/transmission-daemon.1

@@ -14 +14 @@
 .Op Fl g Ar directory
 .Op Fl p Ar port
+.Op Fl t Ar user:pass
 .Ek
 
@@ -39 +40 @@
 .It Fl g Fl -config-dir Ar directory
 Where to look for .torrent and config files on startup.
+.It Fl t Fl -auth Ar user:pass
+Requre
+.Ar username
+and
+.Ar password
+authentication
 .It Fl h Fl -help
 Print command-line option descriptions.

trunk/daemon/transmission-remote.1

@@ -25 +25 @@
 .Op Fl M
 .Op Fl p Ar port
+.Op Fl t Ar user:pass
 .Op Fl q
 .Oo
@@ -84 +85 @@
 .Ar port
 for use as a listening port to accept incoming peer connections.
+.It Fl t Fl -auth Ar user:pass
+.Ar Username
+and
+.Ar password
+for authentication
 
 .It Fl r Fl -remove Ar all | id | torrent-hash