From: Sven Wegener Date: Mon, 9 Nov 2015 19:45:36 +0000 (+0100) Subject: http: allow both ticket and username/password auth X-Git-Tag: v4.2.1~1613 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=85e1bbb;p=thirdparty%2Ftvheadend.git http: allow both ticket and username/password auth When the default account has not all privileges, downloading the playlist anonymously can result in URLs that can't be accessed with the ticket in the URLs. The client then prompts for username and password, you enter the correct credentials, but the credentials are not accepted. Allow username and password in case ticket authorization fails. Signed-off-by: Sven Wegener --- diff --git a/src/http.c b/src/http.c index b71c05b50..f2e6cb580 100644 --- a/src/http.c +++ b/src/http.c @@ -545,16 +545,21 @@ http_access_verify_ticket(http_connection_t *hc) int http_access_verify(http_connection_t *hc, int mask) { + int res = -1; + http_access_verify_ticket(hc); + if (hc->hc_access) + res = access_verify2(hc->hc_access, mask); - if (hc->hc_access == NULL) { + if (res) { + access_destroy(hc->hc_access); hc->hc_access = access_get(hc->hc_username, hc->hc_password, (struct sockaddr *)hc->hc_peer); - if (hc->hc_access == NULL) - return -1; + if (hc->hc_access) + res = access_verify2(hc->hc_access, mask); } - return access_verify2(hc->hc_access, mask); + return res; } /** @@ -571,18 +576,20 @@ http_access_verify_channel(http_connection_t *hc, int mask, if (ticket) http_access_verify_ticket(hc); - if (hc->hc_access == NULL) { + if (hc->hc_access) + res = access_verify2(hc->hc_access, mask); + + if (res) { + access_destroy(hc->hc_access); hc->hc_access = access_get(hc->hc_username, hc->hc_password, (struct sockaddr *)hc->hc_peer); - if (hc->hc_access == NULL) - return -1; + if (hc->hc_access) + res = access_verify2(hc->hc_access, mask); } - if (access_verify2(hc->hc_access, mask)) - return -1; + if (!channel_access(ch, hc->hc_access, 0)) + res = -1; - if (channel_access(ch, hc->hc_access, 0)) - res = 0; return res; }