From 88ed473809b8a8b34cf9e60f0c8ab5032cac57d5 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 24 Feb 2021 19:19:05 +0100 Subject: Adding patch from Roman Chernobelskiy to add support for passing through http basic authentication. Signed-off-by: Daniel Baumann --- debian/patches/debian/0001-http-basic-auth.patch | 84 ++++++++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 85 insertions(+) create mode 100644 debian/patches/debian/0001-http-basic-auth.patch create mode 100644 debian/patches/series diff --git a/debian/patches/debian/0001-http-basic-auth.patch b/debian/patches/debian/0001-http-basic-auth.patch new file mode 100644 index 0000000..cb01a45 --- /dev/null +++ b/debian/patches/debian/0001-http-basic-auth.patch @@ -0,0 +1,84 @@ +Author: Roman Chernobelskiy <1326903+rchernobelskiy@users.noreply.github.com> +Description: Add Authorization header as an env var (#489) + +diff -Naurp ttyd.orig/src/protocol.c ttyd/src/protocol.c +--- ttyd.orig/src/protocol.c ++++ ttyd/src/protocol.c +@@ -102,6 +102,12 @@ static void pty_proc_free(struct pty_pro + for (int i = 0; i < proc->argc; i++) { + free(proc->args[i]); + } ++ ++ if (proc->authHeader != NULL) { ++ free(proc->authHeader); ++ proc->authHeader = NULL; ++ } ++ + uv_close((uv_handle_t *)&proc->pipe, close_cb); + } + +@@ -186,7 +192,7 @@ static int spawn_process(struct pss_tty + fd_set_cloexec(lws_get_socket_fd(pss->wsi)); + + // create process with pseudo-tty +- proc->pid = pty_fork(&proc->pty, argv[0], argv, server->terminal_type); ++ proc->pid = pty_fork(&proc->pty, argv[0], argv, server->terminal_type, proc->authHeader); + if (proc->pid < 0) { + lwsl_err("pty_fork: %d (%s)\n", errno, strerror(errno)); + return 1; +@@ -280,6 +286,13 @@ int callback_tty(struct lws *wsi, enum l + } + } + ++ // Save the Authorization header ++ int buf_len = 1 + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION); ++ if (buf_len > 1) { ++ proc->authHeader = xmalloc(buf_len); ++ lws_hdr_copy(wsi, proc->authHeader, buf_len, WSI_TOKEN_HTTP_AUTHORIZATION); ++ } ++ + LIST_INSERT_HEAD(&server->procs, proc, entry); + server->client_count++; + +diff -Naurp ttyd.orig/src/server.h ttyd/src/server.h +--- ttyd.orig/src/server.h ++++ ttyd/src/server.h +@@ -42,6 +42,7 @@ struct pss_http { + struct pty_proc { + char **args; + int argc; ++ char *authHeader; + + pid_t pid; + int status; +diff -Naurp ttyd.orig/src/terminal.c ttyd/src/terminal.c +--- ttyd.orig/src/terminal.c ++++ ttyd/src/terminal.c +@@ -16,13 +16,14 @@ + + #include "utils.h" + +-pid_t pty_fork(int *pty, const char *file, char *const argv[], const char *term) { ++pid_t pty_fork(int *pty, const char *file, char *const argv[], const char *term, const char *authHeader) { + pid_t pid = forkpty(pty, NULL, NULL, NULL); + + if (pid < 0) { + return pid; + } else if (pid == 0) { + setenv("TERM", term, true); ++ if (authHeader != NULL) setenv("HTTP_AUTHORIZATION", authHeader, true); + int ret = execvp(file, argv); + if (ret < 0) { + perror("execvp failed\n"); +diff -Naurp ttyd.orig/src/terminal.h ttyd/src/terminal.h +--- ttyd.orig/src/terminal.h ++++ ttyd/src/terminal.h +@@ -1,7 +1,7 @@ + #ifndef TTYD_TERMINAL_H + #define TTYD_TERMINAL_H + +-int pty_fork(int *pty, const char *file, char *const argv[], const char *term); ++int pty_fork(int *pty, const char *file, char *const argv[], const char *term, const char *authHeader); + + int pty_resize(int pty, int cols, int rows); + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..1a8ee6c --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +debian/0001-http-basic-auth.patch -- cgit v1.2.3