From 85e1bbb42e12443011642d98b036d7e3a46f6c11 Mon Sep 17 00:00:00 2001 From: Sven Wegener Date: Mon, 9 Nov 2015 20:45:36 +0100 Subject: [PATCH] http: allow both ticket and username/password auth When the default account has not all privileges, downloading the playlist anonymously can result in URLs that can't be accessed with the ticket in the URLs. The client then prompts for username and password, you enter the correct credentials, but the credentials are not accepted. Allow username and password in case ticket authorization fails. Signed-off-by: Sven Wegener --- src/http.c | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/src/http.c b/src/http.c index b71c05b50..f2e6cb580 100644 --- a/src/http.c +++ b/src/http.c @@ -545,16 +545,21 @@ http_access_verify_ticket(http_connection_t *hc) int http_access_verify(http_connection_t *hc, int mask) { + int res = -1; + http_access_verify_ticket(hc); + if (hc->hc_access) + res = access_verify2(hc->hc_access, mask); - if (hc->hc_access == NULL) { + if (res) { + access_destroy(hc->hc_access); hc->hc_access = access_get(hc->hc_username, hc->hc_password, (struct sockaddr *)hc->hc_peer); - if (hc->hc_access == NULL) - return -1; + if (hc->hc_access) + res = access_verify2(hc->hc_access, mask); } - return access_verify2(hc->hc_access, mask); + return res; } /** @@ -571,18 +576,20 @@ http_access_verify_channel(http_connection_t *hc, int mask, if (ticket) http_access_verify_ticket(hc); - if (hc->hc_access == NULL) { + if (hc->hc_access) + res = access_verify2(hc->hc_access, mask); + + if (res) { + access_destroy(hc->hc_access); hc->hc_access = access_get(hc->hc_username, hc->hc_password, (struct sockaddr *)hc->hc_peer); - if (hc->hc_access == NULL) - return -1; + if (hc->hc_access) + res = access_verify2(hc->hc_access, mask); } - if (access_verify2(hc->hc_access, mask)) - return -1; + if (!channel_access(ch, hc->hc_access, 0)) + res = -1; - if (channel_access(ch, hc->hc_access, 0)) - res = 0; return res; } -- 2.47.3