diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-02-24 18:19:05 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-02-24 18:19:22 +0000 |
| commit | 88ed473809b8a8b34cf9e60f0c8ab5032cac57d5 (patch) | |
| tree | 5f53a2039b927acb617c26a2a487119a74b5a8ae | |
| parent | Adding /etc/default/ttyd to handle options used to start ttyd via systemd unit. (diff) | |
| download | ttyd-tmp-auth-header.tar.xz ttyd-tmp-auth-header.zip | |
Adding patch from Roman Chernobelskiy to add support for passing through http basic authentication.tmp-auth-header
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
| -rw-r--r-- | debian/patches/debian/0001-http-basic-auth.patch | 84 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
2 files changed, 85 insertions, 0 deletions
diff --git a/debian/patches/debian/0001-http-basic-auth.patch b/debian/patches/debian/0001-http-basic-auth.patch new file mode 100644 index 0000000..cb01a45 --- /dev/null +++ b/debian/patches/debian/0001-http-basic-auth.patch @@ -0,0 +1,84 @@ +Author: Roman Chernobelskiy <1326903+rchernobelskiy@users.noreply.github.com> +Description: Add Authorization header as an env var (#489) + +diff -Naurp ttyd.orig/src/protocol.c ttyd/src/protocol.c +--- ttyd.orig/src/protocol.c ++++ ttyd/src/protocol.c +@@ -102,6 +102,12 @@ static void pty_proc_free(struct pty_pro + for (int i = 0; i < proc->argc; i++) { + free(proc->args[i]); + } ++ ++ if (proc->authHeader != NULL) { ++ free(proc->authHeader); ++ proc->authHeader = NULL; ++ } ++ + uv_close((uv_handle_t *)&proc->pipe, close_cb); + } + +@@ -186,7 +192,7 @@ static int spawn_process(struct pss_tty + fd_set_cloexec(lws_get_socket_fd(pss->wsi)); + + // create process with pseudo-tty +- proc->pid = pty_fork(&proc->pty, argv[0], argv, server->terminal_type); ++ proc->pid = pty_fork(&proc->pty, argv[0], argv, server->terminal_type, proc->authHeader); + if (proc->pid < 0) { + lwsl_err("pty_fork: %d (%s)\n", errno, strerror(errno)); + return 1; +@@ -280,6 +286,13 @@ int callback_tty(struct lws *wsi, enum l + } + } + ++ // Save the Authorization header ++ int buf_len = 1 + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION); ++ if (buf_len > 1) { ++ proc->authHeader = xmalloc(buf_len); ++ lws_hdr_copy(wsi, proc->authHeader, buf_len, WSI_TOKEN_HTTP_AUTHORIZATION); ++ } ++ + LIST_INSERT_HEAD(&server->procs, proc, entry); + server->client_count++; + +diff -Naurp ttyd.orig/src/server.h ttyd/src/server.h +--- ttyd.orig/src/server.h ++++ ttyd/src/server.h +@@ -42,6 +42,7 @@ struct pss_http { + struct pty_proc { + char **args; + int argc; ++ char *authHeader; + + pid_t pid; + int status; +diff -Naurp ttyd.orig/src/terminal.c ttyd/src/terminal.c +--- ttyd.orig/src/terminal.c ++++ ttyd/src/terminal.c +@@ -16,13 +16,14 @@ + + #include "utils.h" + +-pid_t pty_fork(int *pty, const char *file, char *const argv[], const char *term) { ++pid_t pty_fork(int *pty, const char *file, char *const argv[], const char *term, const char *authHeader) { + pid_t pid = forkpty(pty, NULL, NULL, NULL); + + if (pid < 0) { + return pid; + } else if (pid == 0) { + setenv("TERM", term, true); ++ if (authHeader != NULL) setenv("HTTP_AUTHORIZATION", authHeader, true); + int ret = execvp(file, argv); + if (ret < 0) { + perror("execvp failed\n"); +diff -Naurp ttyd.orig/src/terminal.h ttyd/src/terminal.h +--- ttyd.orig/src/terminal.h ++++ ttyd/src/terminal.h +@@ -1,7 +1,7 @@ + #ifndef TTYD_TERMINAL_H + #define TTYD_TERMINAL_H + +-int pty_fork(int *pty, const char *file, char *const argv[], const char *term); ++int pty_fork(int *pty, const char *file, char *const argv[], const char *term, const char *authHeader); + + int pty_resize(int pty, int cols, int rows); + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..1a8ee6c --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +debian/0001-http-basic-auth.patch |