Changeset 6055


Ignore:
Timestamp:
Jun 5, 2008, 6:16:59 PM (14 years ago)
Author:
charles
Message:

add authentication support to daemon & remote

Location:
trunk/daemon
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/daemon/daemon.c

    r5913 r6055  
    3939    tr_benc d;
    4040    const char * str;
    41 
    42     tr_bencInitDict( &d, 12 );
     41    char * username = tr_sessionGetRPCUsername( h );
     42    char * password = tr_sessionGetRPCPassword( h );
     43    char * auth = tr_strdup_printf( "%s:%s", username, password );
     44
     45    tr_bencInitDict( &d, 14 );
    4346    tr_bencDictAddStr( &d, "download-dir", tr_sessionGetDownloadDir( h ) );
    4447    tr_bencDictAddInt( &d, "peer-limit", tr_sessionGetPeerLimit( h ) );
    4548    tr_bencDictAddInt( &d, "pex-allowed", tr_sessionIsPexEnabled( h ) );
    4649    tr_bencDictAddInt( &d, "port", tr_sessionGetPeerPort( h ) );
     50    tr_bencDictAddStr( &d, "auth", auth );
     51    tr_bencDictAddInt( &d, "auth-required",
     52                           tr_sessionIsRPCPasswordEnabled( h ) );
    4753    tr_bencDictAddInt( &d, "port-forwarding-enabled",
    4854                           tr_sessionIsPortForwardingEnabled( h ) );
     
    6874
    6975    tr_bencFree( &d );
    70 }
    71 
    72 static void
    73 session_init( const char * configDir, int rpc_port, const char * rpc_acl )
     76    tr_free( auth );
     77    tr_free( password );
     78    tr_free( username );
     79}
     80
     81static int
     82parseAuth( const char * auth, char ** username, char ** password )
     83{
     84    int err = 0;
     85    const char * pch = strchr( auth, ':' );
     86    if( !pch )
     87        err = -1;
     88    else {
     89        *username = tr_strndup( auth, pch-auth );
     90        *password = tr_strdup( pch+1 );
     91    }
     92    return err;
     93}
     94
     95static void
     96session_init( const char * configDir, int rpc_port,
     97              const char * acl, const char * auth, int noauth )
    7498{
    7599    tr_benc state;
     
    85109    int encryption = TR_ENCRYPTION_PREFERRED;
    86110    char downloadDir[MAX_PATH_LENGTH] = { '\0' };
    87     const char * rpc_acl_fallback = TR_DEFAULT_RPC_ACL;
     111    const char * acl_fallback = TR_DEFAULT_RPC_ACL;
    88112    int64_t rpc_port_fallback = TR_DEFAULT_RPC_PORT;
     113    int64_t auth_required_fallback = 0;
     114    const char * auth_fallback = NULL;
    89115    tr_ctor * ctor;
    90116    tr_torrent ** torrents;
     117    int auth_required;
     118    char * user = NULL;
     119    char * pass = NULL;
    91120
    92121    if(( have_state = !tr_bencLoadFile( myConfigFilename, &state )))
     
    101130        tr_bencDictFindInt( &state, "port", &peer_port );
    102131        tr_bencDictFindInt( &state, "port-forwarding-enabled", &fwd_enabled );
    103         tr_bencDictFindStr( &state, "rpc-acl", &rpc_acl_fallback );
     132        tr_bencDictFindStr( &state, "rpc-acl", &acl_fallback );
     133        tr_bencDictFindStr( &state, "auth", &auth_fallback );
     134        tr_bencDictFindInt( &state, "auth-required", &auth_required_fallback );
    104135        tr_bencDictFindInt( &state, "rpc-port", &rpc_port_fallback );
    105136        tr_bencDictFindInt( &state, "speed-limit-down", &down_limit );
     
    120151    if( rpc_port < 1 )
    121152        rpc_port = rpc_port_fallback;
    122     if( !rpc_acl || !*rpc_acl )
    123         rpc_acl = rpc_acl_fallback;
     153    if( !acl || !*acl )
     154        acl = acl_fallback;
     155    if( !auth || !*auth )
     156        auth = auth_fallback;
     157
     158    if( auth && parseAuth( auth, &user, &pass ) ) {
     159        tr_nerr( MY_NAME, "Unable to parse authentication string \"%s\"", auth );
     160        abort( );
     161    }
     162
     163    if( noauth ) {
     164        /* user has explicitly turned off authentication */
     165        user = NULL;
     166        pass = NULL;
     167    }
     168
     169    auth_required = user || pass;
    124170
    125171    /* start the session */
     
    133179                                    FALSE, /* is the blocklist enabled? */
    134180                                    TR_DEFAULT_PEER_SOCKET_TOS,
    135                                     TRUE, rpc_port, rpc_acl );
     181                                    TRUE, rpc_port, acl,
     182                                    auth_required, user, pass );
     183
     184    if( auth_required )
     185        tr_ninf( MY_NAME, "requiring authentication" );
    136186
    137187    /* load the torrents */
     
    157207          "  -g --config-dir <dir>   Where to look for torrents and daemon-config.benc\n"
    158208          "  -h --help               Display this message and exit\n"
     209          "  -t --auth <user>:<pass> Username and password for authentication\n"
    159210          "  -p --port n             Port to listen to for requests  (Default: "TR_DEFAULT_RPC_PORT_STR")\n"
    160211          "\n"
     
    166217static void
    167218readargs( int argc, char ** argv,
    168           int * nofork, int * port, char ** acl,
    169           char ** configDir )
     219          int * nofork, int * port,
     220          char ** configDir,
     221          char ** acl,
     222          char ** auth,
     223          int * noauth )
    170224{
    171225    int opt;
    172     char optstr[] = "a:fg:hp:";
     226    char optstr[] = "a:fg:hnp:t:u:w:";
    173227    struct option longopts[] = {
    174228        { "acl",         required_argument,  NULL, 'a'  },
     
    176230        { "config-dir",  required_argument,  NULL, 'g'  },
    177231        { "help",        no_argument,        NULL, 'h'  },
     232        { "noauth",      no_argument,        NULL, 'n'  },
    178233        { "port",        required_argument,  NULL, 'p'  },
     234        { "auth",        required_argument,  NULL, 't'  },
    179235        { NULL,          0,                  NULL, '\0' }
    180236    };
     
    183239            case 'a': *acl = tr_strdup( optarg ); break;
    184240            case 'f': *nofork = 1; break;
     241            case 'n': *noauth = 1; break;
    185242            case 'g': *configDir = tr_strdup( optarg ); break;
     243            case 't': *auth = tr_strdup( optarg ); break;
    186244            case 'p': *port = atoi( optarg ); break;
    187245            default: daemonUsage( ); break;
     
    254312{
    255313    int nofork = 0;
     314    int noauth = 0;
    256315    int port = TR_DEFAULT_RPC_PORT;
    257316    char * configDir = NULL;
    258317    char * acl = NULL;
     318    char * auth = NULL;
    259319
    260320    signal( SIGINT, gotsig );
     
    264324    signal( SIGHUP, SIG_IGN );
    265325
    266     readargs( argc, argv, &nofork, &port, &acl, &configDir );
     326    readargs( argc, argv, &nofork, &port, &configDir, &acl, &auth, &noauth );
    267327    if( configDir == NULL )
    268328        configDir = tr_strdup_printf( "%s-daemon", tr_getDefaultConfigDir() );
     
    277337    }
    278338
    279     session_init( configDir, port, acl );
     339    session_init( configDir, port, acl, auth, noauth );
    280340
    281341    while( !closing )
  • trunk/daemon/remote.c

    r5951 r6055  
    6666            "  -S --stop <int>           Stop the torrent with the given ID\n"
    6767            "  -S --stop all             Stop all running torrents\n"
     68            "  -t --auth <user>:<pass>   Username and password for authentication\n"
    6869            "  -u --upload-limit <int>   Max upload rate in KiB/s\n"
    6970            "  -U --upload-unlimited     No upload rate limit\n"
     
    8788static int reqCount = 0;
    8889static int debug = 0;
     90static char * auth = NULL;
    8991
    9092static char*
     
    115117{
    116118    int opt;
    117     char optstr[] = "a:c:d:DeEf:ghlmMp:r:s:S:u:Uv:";
     119    char optstr[] = "a:c:d:DeEf:ghlmMp:r:s:S:t:u:Uv:";
    118120   
    119121    const struct option longopts[] =
     
    135137        { "start",              required_argument, NULL, 's' },
    136138        { "stop",               required_argument, NULL, 'S' },
     139        { "auth",               required_argument, NULL, 't' },
    137140        { "upload-limit",       required_argument, NULL, 'u' },
    138141        { "upload-unlimited",   no_argument,       NULL, 'U' },
     
    153156        {
    154157            case 'g': debug = 1;
     158                      addArg = FALSE;
     159                      break;
     160            case 't': auth = tr_strdup( optarg );
    155161                      addArg = FALSE;
    156162                      break;
     
    288294
    289295    if( tr_jsonParse( response, len, &top, NULL ) )
    290        tr_nerr( MY_NAME, "Unable to parse response" );
     296       tr_nerr( MY_NAME, "Unable to parse response \"%*.*s\"", (int)len, (int)len, (char*)response );
    291297    else
    292298    {
     
    347353    curl_easy_setopt( curl, CURLOPT_POST, 1 );
    348354    curl_easy_setopt( curl, CURLOPT_URL, url );
     355    if( auth ) {
     356        curl_easy_setopt( curl, CURLOPT_USERPWD, auth );
     357        curl_easy_setopt( curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY );
     358    }
    349359
    350360    for( i=0; i<reqCount; ++i )
  • trunk/daemon/transmission-daemon.1

    r5861 r6055  
    1414.Op Fl g Ar directory
    1515.Op Fl p Ar port
     16.Op Fl t Ar user:pass
    1617.Ek
    1718
     
    3940.It Fl g Fl -config-dir Ar directory
    4041Where to look for .torrent and config files on startup.
     42.It Fl t Fl -auth Ar user:pass
     43Requre
     44.Ar username
     45and
     46.Ar password
     47authentication
    4148.It Fl h Fl -help
    4249Print command-line option descriptions.
  • trunk/daemon/transmission-remote.1

    r5868 r6055  
    2525.Op Fl M
    2626.Op Fl p Ar port
     27.Op Fl t Ar user:pass
    2728.Op Fl q
    2829.Oo
     
    8485.Ar port
    8586for use as a listening port to accept incoming peer connections.
     87.It Fl t Fl -auth Ar user:pass
     88.Ar Username
     89and
     90.Ar password
     91for authentication
    8692
    8793.It Fl r Fl -remove Ar all | id | torrent-hash
Note: See TracChangeset for help on using the changeset viewer.