mirror of
https://github.com/bluenviron/mediamtx
synced 2025-02-17 12:06:58 +00:00
do not switch to legacy authentication system when readUser, readPass, publishUser, publishPass are present but are empty (#3113)
This commit is contained in:
parent
2c857fc329
commit
dd3b268346
@ -94,14 +94,24 @@ func mustParseCIDR(v string) net.IPNet {
|
||||
return *ne
|
||||
}
|
||||
|
||||
func credentialIsNotEmpty(c *Credential) bool {
|
||||
return c != nil && *c != ""
|
||||
}
|
||||
|
||||
func ipNetworkIsNotEmpty(i *IPNetworks) bool {
|
||||
return i != nil && len(*i) != 0
|
||||
}
|
||||
|
||||
func anyPathHasDeprecatedCredentials(paths map[string]*OptionalPath) bool {
|
||||
for _, pa := range paths {
|
||||
if pa != nil {
|
||||
rva := reflect.ValueOf(pa.Values).Elem()
|
||||
if !rva.FieldByName("PublishUser").IsNil() || !rva.FieldByName("PublishPass").IsNil() ||
|
||||
!rva.FieldByName("PublishIPs").IsNil() ||
|
||||
!rva.FieldByName("ReadUser").IsNil() || !rva.FieldByName("ReadPass").IsNil() ||
|
||||
!rva.FieldByName("ReadIPs").IsNil() {
|
||||
if credentialIsNotEmpty(rva.FieldByName("PublishUser").Interface().(*Credential)) ||
|
||||
credentialIsNotEmpty(rva.FieldByName("PublishPass").Interface().(*Credential)) ||
|
||||
ipNetworkIsNotEmpty(rva.FieldByName("PublishIPs").Interface().(*IPNetworks)) ||
|
||||
credentialIsNotEmpty(rva.FieldByName("ReadUser").Interface().(*Credential)) ||
|
||||
credentialIsNotEmpty(rva.FieldByName("ReadPass").Interface().(*Credential)) ||
|
||||
ipNetworkIsNotEmpty(rva.FieldByName("ReadIPs").Interface().(*IPNetworks)) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
@ -460,10 +470,12 @@ func (conf *Conf) Validate() error {
|
||||
return fmt.Errorf("'authJWTJWKS' must be a HTTP URL")
|
||||
}
|
||||
deprecatedCredentialsMode := false
|
||||
if conf.PathDefaults.PublishUser != nil || conf.PathDefaults.PublishPass != nil ||
|
||||
conf.PathDefaults.PublishIPs != nil ||
|
||||
conf.PathDefaults.ReadUser != nil || conf.PathDefaults.ReadPass != nil ||
|
||||
conf.PathDefaults.ReadIPs != nil ||
|
||||
if credentialIsNotEmpty(conf.PathDefaults.PublishUser) ||
|
||||
credentialIsNotEmpty(conf.PathDefaults.PublishPass) ||
|
||||
ipNetworkIsNotEmpty(conf.PathDefaults.PublishIPs) ||
|
||||
credentialIsNotEmpty(conf.PathDefaults.ReadUser) ||
|
||||
credentialIsNotEmpty(conf.PathDefaults.ReadPass) ||
|
||||
ipNetworkIsNotEmpty(conf.PathDefaults.ReadIPs) ||
|
||||
anyPathHasDeprecatedCredentials(conf.OptionalPaths) {
|
||||
conf.AuthInternalUsers = []AuthInternalUser{
|
||||
{
|
||||
|
@ -383,17 +383,17 @@ func (pconf *Path) validate(
|
||||
if deprecatedCredentialsMode {
|
||||
func() {
|
||||
var user Credential = "any"
|
||||
if pconf.PublishUser != nil {
|
||||
if credentialIsNotEmpty(pconf.PublishUser) {
|
||||
user = *pconf.PublishUser
|
||||
}
|
||||
|
||||
var pass Credential
|
||||
if pconf.PublishPass != nil {
|
||||
if credentialIsNotEmpty(pconf.PublishPass) {
|
||||
pass = *pconf.PublishPass
|
||||
}
|
||||
|
||||
ips := IPNetworks{mustParseCIDR("0.0.0.0/0")}
|
||||
if pconf.PublishIPs != nil {
|
||||
if ipNetworkIsNotEmpty(pconf.PublishIPs) {
|
||||
ips = *pconf.PublishIPs
|
||||
}
|
||||
|
||||
@ -415,17 +415,17 @@ func (pconf *Path) validate(
|
||||
|
||||
func() {
|
||||
var user Credential = "any"
|
||||
if pconf.ReadUser != nil {
|
||||
if credentialIsNotEmpty(pconf.ReadUser) {
|
||||
user = *pconf.ReadUser
|
||||
}
|
||||
|
||||
var pass Credential
|
||||
if pconf.ReadPass != nil {
|
||||
if credentialIsNotEmpty(pconf.ReadPass) {
|
||||
pass = *pconf.ReadPass
|
||||
}
|
||||
|
||||
ips := IPNetworks{mustParseCIDR("0.0.0.0/0")}
|
||||
if pconf.ReadIPs != nil {
|
||||
if ipNetworkIsNotEmpty(pconf.ReadIPs) {
|
||||
ips = *pconf.ReadIPs
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user