debian/patches/debian/0001-http-basic-auth.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

Author: Roman Chernobelskiy <1326903+rchernobelskiy@users.noreply.github.com>
Description: Add Authorization header as an env var (#489)

diff -Naurp ttyd.orig/src/protocol.c ttyd/src/protocol.c
--- ttyd.orig/src/protocol.c
+++ ttyd/src/protocol.c
@@ -102,6 +102,12 @@ static void pty_proc_free(struct pty_pro
   for (int i = 0; i < proc->argc; i++) {
     free(proc->args[i]);
   }
+
+  if (proc->authHeader != NULL) {
+    free(proc->authHeader);
+    proc->authHeader = NULL;
+  }
+
   uv_close((uv_handle_t *)&proc->pipe, close_cb);
 }
 
@@ -186,7 +192,7 @@ static int spawn_process(struct pss_tty
   fd_set_cloexec(lws_get_socket_fd(pss->wsi));
 
   // create process with pseudo-tty
-  proc->pid = pty_fork(&proc->pty, argv[0], argv, server->terminal_type);
+  proc->pid = pty_fork(&proc->pty, argv[0], argv, server->terminal_type, proc->authHeader);
   if (proc->pid < 0) {
     lwsl_err("pty_fork: %d (%s)\n", errno, strerror(errno));
     return 1;
@@ -280,6 +286,13 @@ int callback_tty(struct lws *wsi, enum l
         }
       }
 
+      // Save the Authorization header
+      int buf_len = 1 + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION);
+      if (buf_len > 1) {
+        proc->authHeader = xmalloc(buf_len);
+        lws_hdr_copy(wsi, proc->authHeader, buf_len, WSI_TOKEN_HTTP_AUTHORIZATION);
+      }
+
       LIST_INSERT_HEAD(&server->procs, proc, entry);
       server->client_count++;
 
diff -Naurp ttyd.orig/src/server.h ttyd/src/server.h
--- ttyd.orig/src/server.h
+++ ttyd/src/server.h
@@ -42,6 +42,7 @@ struct pss_http {
 struct pty_proc {
   char **args;
   int argc;
+  char *authHeader;
 
   pid_t pid;
   int status;
diff -Naurp ttyd.orig/src/terminal.c ttyd/src/terminal.c
--- ttyd.orig/src/terminal.c
+++ ttyd/src/terminal.c
@@ -16,13 +16,14 @@
 
 #include "utils.h"
 
-pid_t pty_fork(int *pty, const char *file, char *const argv[], const char *term) {
+pid_t pty_fork(int *pty, const char *file, char *const argv[], const char *term, const char *authHeader) {
   pid_t pid = forkpty(pty, NULL, NULL, NULL);
 
   if (pid < 0) {
     return pid;
   } else if (pid == 0) {
     setenv("TERM", term, true);
+    if (authHeader != NULL) setenv("HTTP_AUTHORIZATION", authHeader, true);
     int ret = execvp(file, argv);
     if (ret < 0) {
       perror("execvp failed\n");
diff -Naurp ttyd.orig/src/terminal.h ttyd/src/terminal.h
--- ttyd.orig/src/terminal.h
+++ ttyd/src/terminal.h
@@ -1,7 +1,7 @@
 #ifndef TTYD_TERMINAL_H
 #define TTYD_TERMINAL_H
 
-int pty_fork(int *pty, const char *file, char *const argv[], const char *term);
+int pty_fork(int *pty, const char *file, char *const argv[], const char *term, const char *authHeader);
 
 int pty_resize(int pty, int cols, int rows);