summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2021-02-24 18:19:05 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2021-02-24 18:19:22 +0000
commit88ed473809b8a8b34cf9e60f0c8ab5032cac57d5 (patch)
tree5f53a2039b927acb617c26a2a487119a74b5a8ae
parentAdding /etc/default/ttyd to handle options used to start ttyd via systemd unit. (diff)
downloadttyd-88ed473809b8a8b34cf9e60f0c8ab5032cac57d5.tar.xz
ttyd-88ed473809b8a8b34cf9e60f0c8ab5032cac57d5.zip
Adding patch from Roman Chernobelskiy to add support for passing through http basic authentication.tmp-auth-header
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r--debian/patches/debian/0001-http-basic-auth.patch84
-rw-r--r--debian/patches/series1
2 files changed, 85 insertions, 0 deletions
diff --git a/debian/patches/debian/0001-http-basic-auth.patch b/debian/patches/debian/0001-http-basic-auth.patch
new file mode 100644
index 0000000..cb01a45
--- /dev/null
+++ b/debian/patches/debian/0001-http-basic-auth.patch
@@ -0,0 +1,84 @@
+Author: Roman Chernobelskiy <1326903+rchernobelskiy@users.noreply.github.com>
+Description: Add Authorization header as an env var (#489)
+
+diff -Naurp ttyd.orig/src/protocol.c ttyd/src/protocol.c
+--- ttyd.orig/src/protocol.c
++++ ttyd/src/protocol.c
+@@ -102,6 +102,12 @@ static void pty_proc_free(struct pty_pro
+ for (int i = 0; i < proc->argc; i++) {
+ free(proc->args[i]);
+ }
++
++ if (proc->authHeader != NULL) {
++ free(proc->authHeader);
++ proc->authHeader = NULL;
++ }
++
+ uv_close((uv_handle_t *)&proc->pipe, close_cb);
+ }
+
+@@ -186,7 +192,7 @@ static int spawn_process(struct pss_tty
+ fd_set_cloexec(lws_get_socket_fd(pss->wsi));
+
+ // create process with pseudo-tty
+- proc->pid = pty_fork(&proc->pty, argv[0], argv, server->terminal_type);
++ proc->pid = pty_fork(&proc->pty, argv[0], argv, server->terminal_type, proc->authHeader);
+ if (proc->pid < 0) {
+ lwsl_err("pty_fork: %d (%s)\n", errno, strerror(errno));
+ return 1;
+@@ -280,6 +286,13 @@ int callback_tty(struct lws *wsi, enum l
+ }
+ }
+
++ // Save the Authorization header
++ int buf_len = 1 + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION);
++ if (buf_len > 1) {
++ proc->authHeader = xmalloc(buf_len);
++ lws_hdr_copy(wsi, proc->authHeader, buf_len, WSI_TOKEN_HTTP_AUTHORIZATION);
++ }
++
+ LIST_INSERT_HEAD(&server->procs, proc, entry);
+ server->client_count++;
+
+diff -Naurp ttyd.orig/src/server.h ttyd/src/server.h
+--- ttyd.orig/src/server.h
++++ ttyd/src/server.h
+@@ -42,6 +42,7 @@ struct pss_http {
+ struct pty_proc {
+ char **args;
+ int argc;
++ char *authHeader;
+
+ pid_t pid;
+ int status;
+diff -Naurp ttyd.orig/src/terminal.c ttyd/src/terminal.c
+--- ttyd.orig/src/terminal.c
++++ ttyd/src/terminal.c
+@@ -16,13 +16,14 @@
+
+ #include "utils.h"
+
+-pid_t pty_fork(int *pty, const char *file, char *const argv[], const char *term) {
++pid_t pty_fork(int *pty, const char *file, char *const argv[], const char *term, const char *authHeader) {
+ pid_t pid = forkpty(pty, NULL, NULL, NULL);
+
+ if (pid < 0) {
+ return pid;
+ } else if (pid == 0) {
+ setenv("TERM", term, true);
++ if (authHeader != NULL) setenv("HTTP_AUTHORIZATION", authHeader, true);
+ int ret = execvp(file, argv);
+ if (ret < 0) {
+ perror("execvp failed\n");
+diff -Naurp ttyd.orig/src/terminal.h ttyd/src/terminal.h
+--- ttyd.orig/src/terminal.h
++++ ttyd/src/terminal.h
+@@ -1,7 +1,7 @@
+ #ifndef TTYD_TERMINAL_H
+ #define TTYD_TERMINAL_H
+
+-int pty_fork(int *pty, const char *file, char *const argv[], const char *term);
++int pty_fork(int *pty, const char *file, char *const argv[], const char *term, const char *authHeader);
+
+ int pty_resize(int pty, int cols, int rows);
+
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..1a8ee6c
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+debian/0001-http-basic-auth.patch