mirror
/
transmission
mirror of https://github.com/transmission/transmission
1
0
Fork 0
Code Issues Releases Wiki Activity

add a separate flag for enabling/disabling the rpc address whitelist

This commit is contained in:
Charles Kerr 2008-10-01 22:59:29 +00:00
parent a616666541
commit 6cba9305ae
9 changed files with 114 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cli/cli.c
View File

@ -310,6 +310,7 @@ main( int argc,
peerSocketTOS,
TR_DEFAULT_RPC_ENABLED,
TR_DEFAULT_RPC_PORT,
TR_DEFAULT_RPC_WHITELIST_ENABLED,
TR_DEFAULT_RPC_WHITELIST,
FALSE, "fnord", "potzrebie",
TR_DEFAULT_PROXY_ENABLED,

45
daemon/daemon.c
View File

@ -33,25 +33,26 @@ static int closing = FALSE;
static tr_handle * mySession;
static char myConfigFilename[MAX_PATH_LENGTH];
#define KEY_BLOCKLIST "blocklist-enabled"
#define KEY_DOWNLOAD_DIR "download-dir"
#define KEY_ENCRYPTION "encryption"
#define KEY_LAZY_BITFIELD "lazy-bitfield-enabled"
#define KEY_PEER_LIMIT "max-peers-global"
#define KEY_PEER_PORT "peer-port"
#define KEY_PORT_FORWARDING "port-forwarding-enabled"
#define KEY_PEX_ENABLED "pex-enabled"
#define KEY_AUTH_REQUIRED "rpc-authentication-required"
#define KEY_USERNAME "rpc-username"
#define KEY_PASSWORD "rpc-password"
#define KEY_WHITELIST "rpc-whitelist"
#define KEY_RPC_PORT "rpc-port"
#define KEY_DSPEED "download-limit"
#define KEY_DSPEED_ENABLED "download-limit-enabled"
#define KEY_USPEED "upload-limit"
#define KEY_USPEED_ENABLED "upload-limit-enabled"
#define KEY_BLOCKLIST "blocklist-enabled"
#define KEY_DOWNLOAD_DIR "download-dir"
#define KEY_ENCRYPTION "encryption"
#define KEY_LAZY_BITFIELD "lazy-bitfield-enabled"
#define KEY_PEER_LIMIT "max-peers-global"
#define KEY_PEER_PORT "peer-port"
#define KEY_PORT_FORWARDING "port-forwarding-enabled"
#define KEY_PEX_ENABLED "pex-enabled"
#define KEY_AUTH_REQUIRED "rpc-authentication-required"
#define KEY_USERNAME "rpc-username"
#define KEY_PASSWORD "rpc-password"
#define KEY_WHITELIST "rpc-whitelist"
#define KEY_WHITELIST_ENABLED "rpc-whitelist-enabled"
#define KEY_RPC_PORT "rpc-port"
#define KEY_DSPEED "download-limit"
#define KEY_DSPEED_ENABLED "download-limit-enabled"
#define KEY_USPEED "upload-limit"
#define KEY_USPEED_ENABLED "upload-limit-enabled"
#define CONFIG_FILE "settings.json"
#define CONFIG_FILE "settings.json"
/***
**** Config File
@ -169,6 +170,7 @@ session_init( const char * configDir,
char mycwd[MAX_PATH_LENGTH];
tr_benc state, *dict = NULL;
int peerPort = -1, peers = -1;
int whitelistEnabled = -1;
int pexEnabled = -1;
int fwdEnabled = -1;
int upLimit = -1, upLimited = -1, downLimit = -1,
@ -208,6 +210,8 @@ session_init( const char * configDir,
TR_DEFAULT_BLOCKLIST_ENABLED );
getConfigInt( dict, KEY_RPC_PORT, &rpcPort,
TR_DEFAULT_RPC_PORT );
getConfigInt( dict, KEY_WHITELIST_ENABLED, &whitelistEnabled,
TR_DEFAULT_RPC_WHITELIST_ENABLED );
getConfigStr( dict, KEY_WHITELIST, &whitelist,
TR_DEFAULT_RPC_WHITELIST );
getConfigInt( dict, KEY_AUTH_REQUIRED, &authRequired, FALSE );
@ -231,8 +235,9 @@ session_init( const char * configDir,
TR_MSG_INF, 0,
blocklistEnabled,
TR_DEFAULT_PEER_SOCKET_TOS,
TRUE, rpcPort, whitelist, authRequired,
username, password,
TRUE, rpcPort,
whitelistEnabled, whitelist,
authRequired, username, password,
TR_DEFAULT_PROXY_ENABLED,
TR_DEFAULT_PROXY,
TR_DEFAULT_PROXY_PORT,

5
gtk/main.c
View File

@ -484,6 +484,7 @@ main( int argc,
pref_int_get( PREF_KEY_PEER_SOCKET_TOS ),
pref_flag_get( PREF_KEY_RPC_ENABLED ),
pref_int_get( PREF_KEY_RPC_PORT ),
pref_flag_get( PREF_KEY_RPC_WHITELIST_ENABLED ),
pref_string_get( PREF_KEY_RPC_WHITELIST ),
pref_flag_get( PREF_KEY_RPC_AUTH_ENABLED ),
pref_string_get( PREF_KEY_RPC_USERNAME ),
@ -1197,6 +1198,10 @@ prefschanged( TrCore * core UNUSED,
const char * s = pref_string_get( key );
tr_sessionSetRPCWhitelist( tr, s );
}
else if( !strcmp( key, PREF_KEY_RPC_WHITELIST_ENABLED ) )
{
tr_sessionSetRPCWhitelistEnabled( tr, pref_flag_get( key ) );
}
else if( !strcmp( key, PREF_KEY_RPC_USERNAME ) )
{
const char * s = pref_string_get( key );

34
gtk/tr-prefs.c
View File

@ -128,6 +128,8 @@ tr_prefs_init_global( void )
pref_flag_set_default ( PREF_KEY_RPC_ENABLED, TR_DEFAULT_RPC_ENABLED );
pref_int_set_default ( PREF_KEY_RPC_PORT, TR_DEFAULT_RPC_PORT );
pref_string_set_default ( PREF_KEY_RPC_WHITELIST, TR_DEFAULT_RPC_WHITELIST );
pref_flag_set_default ( PREF_KEY_RPC_WHITELIST_ENABLED, TR_DEFAULT_RPC_WHITELIST_ENABLED );
rand = g_rand_new ( );
for( i = 0; i < 16; ++i )
@ -594,8 +596,10 @@ struct remote_page
GtkWidget * remove_button;
GSList * widgets;
GSList * auth_widgets;
GSList * whitelist_widgets;
GtkToggleButton * rpc_tb;
GtkToggleButton * auth_tb;
GtkToggleButton * whitelist_tb;
};
static void
@ -686,6 +690,8 @@ refreshRPCSensitivity( struct remote_page * page )
page->rpc_tb );
const int auth_active = gtk_toggle_button_get_active(
page->auth_tb );
const int whitelist_active = gtk_toggle_button_get_active(
page->whitelist_tb );
GtkTreeSelection * sel = gtk_tree_view_get_selection( page->view );
const int have_addr =
gtk_tree_selection_get_selected( sel, NULL,
@ -700,6 +706,10 @@ refreshRPCSensitivity( struct remote_page * page )
gtk_widget_set_sensitive( GTK_WIDGET(
l->data ), rpc_active && auth_active );
for( l = page->whitelist_widgets; l != NULL; l = l->next )
gtk_widget_set_sensitive( GTK_WIDGET( l->data ),
rpc_active && whitelist_active );
gtk_widget_set_sensitive( page->remove_button,
rpc_active && have_addr && n_rules > 1 );
}
@ -760,6 +770,12 @@ webPage( GObject * core )
gtk_box_pack_start( GTK_BOX( h ), w, FALSE, FALSE, 0 );
hig_workarea_add_wide_control( t, &row, h );
/* port */
w = new_spin_button( PREF_KEY_RPC_PORT, core, 0, 65535, 1 );
page->widgets = g_slist_append( page->widgets, w );
w = hig_workarea_add_row( t, &row, _( "Listening _port:" ), w, NULL );
page->widgets = g_slist_append( page->widgets, w );
/* require authentication */
s = _( "_Require username" );
w = new_check_button( s, PREF_KEY_RPC_AUTH_ENABLED, core );
@ -783,11 +799,13 @@ webPage( GObject * core )
w = hig_workarea_add_row( t, &row, s, w, NULL );
page->auth_widgets = g_slist_append( page->auth_widgets, w );
/* port */
w = new_spin_button( PREF_KEY_RPC_PORT, core, 0, 65535, 1 );
page->widgets = g_slist_append( page->widgets, w );
w = hig_workarea_add_row( t, &row, _( "Listening _port:" ), w, NULL );
/* require authentication */
s = _( "Only allow the following IP _addresses to connect:" );
w = new_check_button( s, PREF_KEY_RPC_WHITELIST_ENABLED, core );
hig_workarea_add_wide_control( t, &row, w );
page->whitelist_tb = GTK_TOGGLE_BUTTON( w );
page->widgets = g_slist_append( page->widgets, w );
g_signal_connect( w, "clicked", G_CALLBACK( onRPCToggled ), page );
/* access control list */
{
@ -806,7 +824,7 @@ webPage( GObject * core )
g_signal_connect( w, "button-release-event",
G_CALLBACK( on_tree_view_button_released ), NULL );
page->widgets = g_slist_append( page->widgets, w );
page->whitelist_widgets = g_slist_append( page->whitelist_widgets, w );
v = page->view = GTK_TREE_VIEW( w );
gtk_tooltips_set_tip( tips, w,
_(
@ -833,11 +851,11 @@ webPage( GObject * core )
gtk_tree_view_append_column( v, c );
gtk_tree_view_set_headers_visible( v, FALSE );
s = _( "Allowed _IP Addresses:" );
s = _( "Addresses:" );
w = hig_workarea_add_row( t, &row, s, w, NULL );
gtk_misc_set_alignment( GTK_MISC( w ), 0.0f, 0.0f );
gtk_misc_set_padding( GTK_MISC( w ), 0, GUI_PAD );
page->widgets = g_slist_append( page->widgets, w );
page->whitelist_widgets = g_slist_append( page->whitelist_widgets, w );
h = gtk_hbox_new( TRUE, GUI_PAD );
w = gtk_button_new_from_stock( GTK_STOCK_REMOVE );
@ -847,7 +865,7 @@ webPage( GObject * core )
onWhitelistSelectionChanged( sel, page );
gtk_box_pack_start_defaults( GTK_BOX( h ), w );
w = gtk_button_new_from_stock( GTK_STOCK_ADD );
page->widgets = g_slist_append( page->widgets, w );
page->whitelist_widgets = g_slist_append( page->whitelist_widgets, w );
g_signal_connect( w, "clicked", G_CALLBACK( onAddWhitelistClicked ), page );
gtk_box_pack_start_defaults( GTK_BOX( h ), w );
w = gtk_hbox_new( FALSE, 0 );

1
gtk/tr-prefs.h
View File

@ -66,6 +66,7 @@ GtkWidget * tr_prefs_dialog_new( GObject * core,
#define PREF_KEY_RPC_PORT "rpc-port"
#define PREF_KEY_RPC_ENABLED "rpc-enabled"
#define PREF_KEY_RPC_WHITELIST "rpc-whitelist"
#define PREF_KEY_RPC_WHITELIST_ENABLED "rpc-whitelist-enabled"
#define PREF_KEY_RPC_AUTH_ENABLED "rpc-authentication-required"
#define PREF_KEY_RPC_PASSWORD "rpc-password"
#define PREF_KEY_RPC_USERNAME "rpc-username"

25
libtransmission/rpc-server.c
View File

@ -42,8 +42,9 @@
struct tr_rpc_server
{
unsigned int isEnabled : 1;
unsigned int isPasswordEnabled : 1;
unsigned int isEnabled : 1;
unsigned int isPasswordEnabled : 1;
unsigned int isWhitelistEnabled : 1;
uint16_t port;
struct evhttp * httpd;
tr_handle * session;
@ -367,6 +368,9 @@ isAddressAllowed( const tr_rpc_server * server,
{
const char * str;
if( !server->isWhitelistEnabled )
return 1;
for( str = server->whitelist; str && *str; )
{
const char * delimiter = strchr( str, ',' );
@ -411,7 +415,7 @@ handle_request( struct evhttp_request * req,
}
}
if( server->whitelist && !isAddressAllowed( server, req->remote_host ) )
if( !isAddressAllowed( server, req->remote_host ) )
{
send_simple_response( req, 401, "Unauthorized IP Address" );
}
@ -550,6 +554,19 @@ tr_rpcGetWhitelist( const tr_rpc_server * server )
return tr_strdup( server->whitelist ? server->whitelist : "" );
}
void
tr_rpcSetWhitelistEnabled( tr_rpc_server * server,
int isEnabled )
{
server->isWhitelistEnabled = isEnabled != 0;
}
int
tr_rpcGetWhitelistEnabled( const tr_rpc_server * server )
{
return server->isWhitelistEnabled;
}
/****
***** PASSWORD
****/
@ -625,6 +642,7 @@ tr_rpc_server *
tr_rpcInit( tr_handle * session,
int isEnabled,
uint16_t port,
int isWhitelistEnabled,
const char * whitelist,
int isPasswordEnabled,
const char * username,
@ -638,6 +656,7 @@ tr_rpcInit( tr_handle * session,
s->whitelist = tr_strdup( whitelist && *whitelist ? whitelist : TR_DEFAULT_RPC_WHITELIST );
s->username = tr_strdup( username );
s->password = tr_strdup( password );
s->isWhitelistEnabled = isWhitelistEnabled != 0;
s->isPasswordEnabled = isPasswordEnabled != 0;
s->isEnabled = isEnabled != 0;
if( isEnabled )

6
libtransmission/rpc-server.h
View File

@ -18,6 +18,7 @@ typedef struct tr_rpc_server tr_rpc_server;
tr_rpc_server * tr_rpcInit( struct tr_handle * session,
int isEnabled,
uint16_t port,
int isWhitelistEnabled,
const char * whitelist,
int isPasswordEnabled,
const char * username,
@ -39,6 +40,11 @@ int tr_rpcSetTest( const tr_rpc_server * server,
const char * whitelist,
char ** allocme_errmsg );
void tr_rpcSetWhitelistEnabled( tr_rpc_server * server,
int isEnabled );
int tr_rpcGetWhitelistEnabled( const tr_rpc_server * server );
void tr_rpcSetWhitelist( tr_rpc_server * server,
const char * whitelist );

20
libtransmission/session.c
View File

@ -216,6 +216,7 @@ tr_sessionInitFull( const char * configDir,
int peerSocketTOS,
int rpcIsEnabled,
uint16_t rpcPort,
int rpcWhitelistIsEnabled,
const char * rpcWhitelist,
int rpcAuthIsEnabled,
const char * rpcUsername,
@ -294,7 +295,8 @@ tr_sessionInitFull( const char * configDir,
tr_statsInit( h );
h->web = tr_webInit( h );
h->rpcServer = tr_rpcInit( h, rpcIsEnabled, rpcPort, rpcWhitelist,
h->rpcServer = tr_rpcInit( h, rpcIsEnabled, rpcPort,
rpcWhitelistIsEnabled, rpcWhitelist,
rpcAuthIsEnabled, rpcUsername, rpcPassword );
metainfoLookupRescan( h );
@ -326,6 +328,7 @@ tr_sessionInit( const char * configDir,
TR_DEFAULT_PEER_SOCKET_TOS,
TR_DEFAULT_RPC_ENABLED,
TR_DEFAULT_RPC_PORT,
TR_DEFAULT_RPC_WHITELIST_ENABLED,
TR_DEFAULT_RPC_WHITELIST,
FALSE,
"fnord",
@ -1015,6 +1018,21 @@ tr_sessionGetRPCWhitelist( const tr_session * session )
return tr_rpcGetWhitelist( session->rpcServer );
}
void
tr_sessionSetRPCWhitelistEnabled( tr_session * session,
int isEnabled )
{
return tr_rpcSetWhitelistEnabled( session->rpcServer,
isEnabled );
}
int
tr_sessionGetRPCWhitelistEnabled( const tr_session * session )
{
return tr_rpcGetWhitelistEnabled( session->rpcServer );
}
void
tr_sessionSetRPCPassword( tr_session * session,
const char * password )

9
libtransmission/transmission.h
View File

@ -131,6 +131,8 @@ tr_proxy_type;
/** @see tr_sessionInitFull */
#define TR_DEFAULT_RPC_WHITELIST "127.0.0.1"
/** @see tr_sessionInitFull */
#define TR_DEFAULT_RPC_WHITELIST_ENABLED 0
/** @see tr_sessionInitFull */
#define TR_DEFAULT_PROXY_ENABLED 0
/** @see tr_sessionInitFull */
#define TR_DEFAULT_PROXY NULL
@ -245,6 +247,7 @@ tr_encryption_mode;
* @see TR_DEFAULT_RPC_ENABLED
* @see TR_DEFAULT_RPC_PORT
* @see TR_DEFAULT_RPC_WHITELIST
* @see TR_DEFAULT_RPC_WHITELIST_ENABLED
* @see tr_sessionClose()
*/
tr_handle * tr_sessionInitFull( const char * configDir,
@ -266,6 +269,7 @@ tr_handle * tr_sessionInitFull( const char * configDir,
int peerSocketTOS,
int rpcIsEnabled,
uint16_t rpcPort,
int rpcWhitelistIsEnabled,
const char * rpcWhitelist,
int rpcPasswordIsEnabled,
const char * rpcUsername,
@ -361,6 +365,11 @@ void tr_sessionSetRPCWhitelist( tr_session * session,
@see tr_sessionSetRPCWhitelist */
char* tr_sessionGetRPCWhitelist( const tr_session * );
void tr_sessionSetRPCWhitelistEnabled( tr_session * session,
int isEnabled );
int tr_sessionGetRPCWhitelistEnabled( const tr_session * session );
void tr_sessionSetRPCPassword( tr_session * session,
const char * password );