From 1d334db1bf8405bfa98437bb185c1e37dde79531 Mon Sep 17 00:00:00 2001
From: Timo Hirvonen <tihirvon@gmail.com>
Date: Sat, 28 Oct 2006 21:17:46 +0300
Subject: [PATCH] Add simple authentication support for cmus-remote

---
 main.c    | 51 ++++++++++++++++++++++++++++++++++-----------------
 options.c | 23 +++++++++++++++++++++++
 options.h |  1 +
 server.c  | 14 ++++++++++++++
 4 files changed, 72 insertions(+), 17 deletions(-)

diff --git a/main.c b/main.c
index 6311dbd..a0a8bc1 100644
--- a/main.c
+++ b/main.c
@@ -22,6 +22,7 @@
 
 static int sock;
 static int raw_args = 0;
+static char *passwd;
 
 static void gethostbyname_failed(void)
 {
@@ -42,6 +43,24 @@ static void gethostbyname_failed(void)
 	die("gethostbyname: %s\n", error);
 }
 
+static void write_line(const char *line)
+{
+	if (write_all(sock, line, strlen(line)) == -1)
+		die_errno("write");
+}
+
+static void send_cmd(const char *format, ...)
+{
+	char buf[512];
+	va_list ap;
+
+	va_start(ap, format);
+	vsnprintf(buf, sizeof(buf), format, ap);
+	va_end(ap);
+
+	write_line(buf);
+}
+
 static void remote_connect(const char *address)
 {
 	union {
@@ -52,6 +71,10 @@ static void remote_connect(const char *address)
 	int addrlen;
 
 	if (strchr(address, '/')) {
+		if (passwd)
+			warn("password ignored for unix connections\n");
+		passwd = NULL;
+
 		addr.sa.sa_family = AF_UNIX;
 		strncpy(addr.un.sun_path, address, sizeof(addr.un.sun_path) - 1);
 
@@ -61,6 +84,9 @@ static void remote_connect(const char *address)
 		int port = DEFAULT_PORT;
 		struct hostent *hent;
 
+		if (!passwd)
+			die("password required for tcp/ip connection\n");
+
 		if (s) {
 			*s++ = 0;
 			port = atoi(s);
@@ -95,24 +121,9 @@ static void remote_connect(const char *address)
 		}
 		die_errno("connect");
 	}
-}
 
-static void write_line(const char *line)
-{
-	if (write_all(sock, line, strlen(line)) == -1)
-		die_errno("write");
-}
-
-static void send_cmd(const char *format, ...)
-{
-	char buf[512];
-	va_list ap;
-
-	va_start(ap, format);
-	vsnprintf(buf, sizeof(buf), format, ap);
-	va_end(ap);
-
-	write_line(buf);
+	if (passwd)
+		send_cmd("%s\n", passwd);
 }
 
 static char *file_url_absolute(const char *str)
@@ -130,6 +141,7 @@ static char *file_url_absolute(const char *str)
 
 enum flags {
 	FLAG_SERVER,
+	FLAG_PASSWD,
 	FLAG_HELP,
 	FLAG_VERSION,
 
@@ -155,6 +167,7 @@ enum flags {
 
 static struct option options[NR_FLAGS + 1] = {
 	{ 0, "server", 1 },
+	{ 0, "passwd", 1 },
 	{ 0, "help", 0 },
 	{ 0, "version", 0 },
 
@@ -188,6 +201,7 @@ static const char *usage =
 "\n"
 "      --server ADDR    connect using ADDR instead of ~/.cmus/socket\n"
 "                       ADDR is either a UNIX socket or host[:port]\n"
+"      --passwd PASSWD  password to use for TCP/IP connection\n"
 "      --help           display this help and exit\n"
 "      --version        " VERSION "\n"
 "\n"
@@ -248,6 +262,9 @@ int main(int argc, char *argv[])
 		case FLAG_SERVER:
 			server = arg;
 			break;
+		case FLAG_PASSWD:
+			passwd = arg;
+			break;
 		case FLAG_VOLUME:
 			volume = arg;
 			nr_cmds++;
diff --git a/options.c b/options.c
index 1f59f61..ae8edcd 100644
--- a/options.c
+++ b/options.c
@@ -36,6 +36,7 @@
 
 char *output_plugin = NULL;
 char *status_display_program = NULL;
+char *server_password;
 int auto_reshuffle = 0;
 int confirm_run = 1;
 int show_hidden = 0;
@@ -286,6 +287,27 @@ static void set_output_plugin(unsigned int id, const char *buf)
 	}
 }
 
+static void get_passwd(unsigned int id, char *buf)
+{
+	if (server_password)
+		strcpy(buf, server_password);
+}
+
+static void set_passwd(unsigned int id, const char *buf)
+{
+	int len = strlen(buf);
+
+	if (len == 0) {
+		free(server_password);
+		server_password = NULL;
+	} else if (len < 6) {
+		error_msg("unsafe password");
+	} else {
+		free(server_password);
+		server_password = xstrdup(buf);
+	}
+}
+
 static void get_softvol_state(unsigned int id, char *buf)
 {
 	sprintf(buf, "%d %d", soft_vol_l, soft_vol_r);
@@ -679,6 +701,7 @@ static const struct {
 	DN(id3_default_charset)
 	DN(lib_sort)
 	DN(output_plugin)
+	DN(passwd)
 	DN(pl_sort)
 	DT(play_library)
 	DT(play_sorted)
diff --git a/options.h b/options.h
index 3c9aa25..7606e4a 100644
--- a/options.h
+++ b/options.h
@@ -83,6 +83,7 @@ enum {
 
 extern char *output_plugin;
 extern char *status_display_program;
+extern char *server_password;
 extern int auto_reshuffle;
 extern int confirm_run;
 extern int show_hidden;
diff --git a/server.c b/server.c
index 9e78662..04c9f03 100644
--- a/server.c
+++ b/server.c
@@ -20,6 +20,7 @@
 #include "server.h"
 #include "prog.h"
 #include "command_mode.h"
+#include "options.h"
 #include "debug.h"
 
 #include <unistd.h>
@@ -48,6 +49,7 @@ static void read_commands(int fd)
 {
 	char buf[1024];
 	int pos = 0;
+	int authenticated = addr.sa.sa_family == AF_UNIX;
 
 	while (1) {
 		int rc, s, i;
@@ -72,6 +74,18 @@ static void read_commands(int fd)
 			line = buf + s;
 			s = i + 1;
 
+			if (!authenticated) {
+				if (!server_password) {
+					d_print("password is unset, tcp/ip disabled\n");
+					return;
+				}
+				authenticated = !strcmp(line, server_password);
+				if (!authenticated) {
+					d_print("authentication failed\n");
+					return;
+				}
+				continue;
+			}
 			run_command(line);
 		}
 		memmove(buf, buf + s, pos - s);
-- 
2.11.4.GIT