From: Dietmar Konermann <dk@diddle-online.de>
Date: Tue, 23 Oct 2018 12:35:26 +0000 (+0200)
Subject: Make authentication ticket lifetime configurable
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7185713f42eeb82b9fcfcf0b18257c2948e9f95e;p=thirdparty%2Ftvheadend.git

Make authentication ticket lifetime configurable
---

diff --git a/src/access.c b/src/access.c
index a9e1990e4..330fb7f4f 100644
--- a/src/access.c
+++ b/src/access.c
@@ -39,8 +39,6 @@
 #include "tcp.h"
 #include "lang_codes.h"
 
-#define TICKET_LIFETIME (5*60) /* in seconds */
-
 struct access_entry_queue access_entries;
 struct access_ticket_queue access_tickets;
 struct passwd_entry_queue passwd_entries;
@@ -124,7 +122,7 @@ access_ticket_timeout(void *aux)
 const char *
 access_ticket_create(const char *resource, access_t *a)
 {
-  const int64_t lifetime = sec2mono(TICKET_LIFETIME);
+  const int64_t lifetime = sec2mono(config.ticket_expires);
   uint8_t buf[20];
   char id[41];
   uint_fast32_t i;
diff --git a/src/config.c b/src/config.c
index 35548a59a..cd4d31046 100644
--- a/src/config.c
+++ b/src/config.c
@@ -1695,6 +1695,7 @@ config_boot
   config.realm = strdup("tvheadend");
   config.info_area = strdup("login,storage,time");
   config.cookie_expires = 7;
+  config.ticket_expires = 5 * 60;
   config.dscp = -1;
   config.descrambler_buffer = 9000;
   config.epg_compress = 1;
@@ -2393,6 +2394,17 @@ const idclass_t config_class = {
       .opts   = PO_EXPERT,
       .group  = 5
     },
+    {
+      .type   = PT_U32,
+      .intextra = INTEXTRA_RANGE(1, 0x7ff, 1),
+      .id     = "ticket_expires",
+      .name   = N_("Ticket expiration (seconds)"),
+      .desc   = N_("The number of seconds in which authentication tickets generated by "
+                   "Tvheadend should expire."),
+      .off    = offsetof(config_t, ticket_expires),
+      .opts   = PO_EXPERT,
+      .group  = 5
+    },
     {
       .type   = PT_BOOL,
       .id     = "proxy",
diff --git a/src/config.h b/src/config.h
index 87891a337..19ada3c97 100644
--- a/src/config.h
+++ b/src/config.h
@@ -69,6 +69,7 @@ typedef struct config {
   int iptv_tpool_count;
   char *date_mask;
   int label_formatting;
+  uint32_t ticket_expires;
 } config_t;
 
 extern const idclass_t config_class;
diff --git a/src/webui/comet.c b/src/webui/comet.c
index de762d829..5f5b6d043 100644
--- a/src/webui/comet.c
+++ b/src/webui/comet.c
@@ -205,6 +205,9 @@ comet_access_update(http_connection_t *hc, comet_mailbox_t *cmb)
   if (config.cookie_expires)
     htsmsg_add_u32(m, "cookie_expires", config.cookie_expires);
 
+  if (config.ticket_expires)
+    htsmsg_add_u32(m, "ticket_expires", config.ticket_expires);
+
   if (config.info_area && config.info_area[0])
     htsmsg_add_str(m, "info_area", config.info_area);