access: add new option to override all ACL

This can be quite useful for debug/testing, especially when using
configuration provided by a user (saves deleting ACL files).

diff --git a/src/access.c b/src/access.c
index 44f8810887ae0ef15dd659c0e2df79cbb96977a6..25ee2948d60e8cd9e2d4aecceadaf7bf1a82f280 100644 (file)
--- a/src/access.c
+++ b/src/access.c
@@ -43,6 +43,8 @@ struct access_ticket_queue access_tickets;
 const char *superuser_username;
 const char *superuser_password;
 
+static int access_noacl;
+
 /**
  *
  */
@@ -229,6 +231,9 @@ access_verify(const char *username, const char *password,
   uint32_t bits = 0;
   access_entry_t *ae;
 
+  if (access_noacl)
+    return 0;
+
   if(username != NULL && superuser_username != NULL && 
      password != NULL && superuser_password != NULL && 
      !strcmp(username, superuser_username) &&
@@ -274,6 +279,9 @@ access_get_hashed(const char *username, const uint8_t digest[20],
   uint32_t r = 0;
   int match = 0;
 
+  if(access_noacl)
+    return 0xffffffff;
+
   if(superuser_username != NULL && superuser_password != NULL) {
 
     SHA1_Init(&shactx);
@@ -696,7 +704,7 @@ static const dtable_class_t access_dtc = {
  *
  */
 void
-access_init(int createdefault)
+access_init(int createdefault, int noacl)
 {
   dtable_t *dt;
   htsmsg_t *r, *m;
@@ -709,6 +717,10 @@ access_init(int createdefault)
     struct timeval tv;
   } randseed;
 
+  access_noacl = noacl;
+  if (noacl)
+    tvhlog(LOG_WARNING, "access", "Access control checking disabled");
+
   randseed.pid = getpid();
   gettimeofday(&randseed.tv, NULL);
   RAND_seed(&randseed, sizeof(randseed));
@@ -742,7 +754,7 @@ access_init(int createdefault)
     dtable_record_store(dt, ae->ae_id, r);
     htsmsg_destroy(r);
 
-    tvhlog(LOG_WARNING, "accesscontrol",
+    tvhlog(LOG_WARNING, "access",
           "Created default wide open access controle entry");
   }
 

diff --git a/src/access.h b/src/access.h
index 2ecc98734ad753161c319ea41038c8a3819108e4..2edb0ab903d2f7acbd2c0f79d06b8cc34cb4c725 100644 (file)
--- a/src/access.h
+++ b/src/access.h
@@ -110,6 +110,6 @@ uint32_t access_get_by_addr(struct sockaddr *src);
 /**
  *
  */
-void access_init(int createdefault);
+void access_init(int createdefault, int noacl);
 
 #endif /* ACCESS_H_ */

diff --git a/src/main.c b/src/main.c
index c7e2325563a9578c25aa74e8c576adc8358fcd8d..be27a602e7db483340096133865a03de893b16d8 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -365,6 +365,7 @@ main(int argc, char **argv)
               opt_syslog       = 0,
               opt_uidebug      = 0,
               opt_abort        = 0,
+              opt_noacl        = 0,
               opt_ipv6         = 0;
   const char *opt_config       = NULL,
              *opt_user         = NULL,
@@ -414,6 +415,8 @@ main(int argc, char **argv)
     {   0, "uidebug",   "Enable webUI debug",      OPT_BOOL, &opt_uidebug },
     { 'l', "log",       "Log to file",             OPT_STR,  &log_path    },
     { 'A', "abort",     "Immediately abort",       OPT_BOOL, &opt_abort   },
+    {   0, "noacl",     "Disable all access control checks",
+      OPT_BOOL, &opt_noacl },
 #if ENABLE_LINUXDVB
     { 'R', "dvbraw",    "Use rawts file to create virtual adapter",
       OPT_STR, &opt_dvb_raw },
@@ -598,7 +601,7 @@ main(int argc, char **argv)
 
   subscription_init();
 
-  access_init(opt_firstrun);
+  access_init(opt_firstrun, opt_noacl);
 
 #if ENABLE_LINUXDVB
   muxes_init();