Commit fb75de8dcb1073e9b3e07a4ee733ba55a3280121
1 parent
acf4bc99
Implemented authentication for list operator
(closes #7)
Showing
2 changed files
with
9 additions
and
2 deletions
dyndns.cfg.dist
| ... | ... | @@ -26,6 +26,8 @@ |
| 26 | 26 | # hours, weeks or seconds. format: [0-9]+[mhws]? |
| 27 | 27 | |
| 28 | 28 | # Authentication Settings |
| 29 | +#domain_list_key = off # List operation, 'off' to disable, '' to always | |
| 30 | + # allow and other values to enable with secret | |
| 29 | 31 | #auth_mode = remote # either 'static', 'remote' or 'both' |
| 30 | 32 | #static_signer = # required for AuthMode 'static' or 'both' |
| 31 | 33 | #static_key = # required for AuthMode 'static' or 'both' |
| ... | ... |
dyndns.pl
| ... | ... | @@ -41,6 +41,8 @@ my @DNSDomain = ( '?', '!', 0 ); # DNS Domain to support, match hostname with: |
| 41 | 41 | my $ExpandCNAMEs = 1; # CNAME levels to expand (0 to disable) |
| 42 | 42 | my $AllowDebugKey = 'off'; # Debuging, 'off' to disable, '' for always on |
| 43 | 43 | # and other values to enable with debug= param. |
| 44 | +my $DomainListKey = 'off'; # List operation, 'off' to disable, '' to always | |
| 45 | + # allow and other values to enable with secret | |
| 44 | 46 | my $AuthMode = 'remote'; # either 'static', 'remote' or 'both' |
| 45 | 47 | my $StaticSigner = ''; # required for AuthMode 'static' or 'both' |
| 46 | 48 | my $StaticKey = ''; # required for AuthMode 'static' or 'both' |
| ... | ... | @@ -133,7 +135,6 @@ my $CE = 'Configuration Error'; |
| 133 | 135 | my $PE = 'Required parameter missing'; |
| 134 | 136 | sub fail($$;$) { |
| 135 | 137 | my ($errormsg, $debugmsg, $exitcode) = @_; |
| 136 | - print $debug . "\n"; | |
| 137 | 138 | print $cgi->header(-status=>$exitcode || 503, -type=>'text/plain'), |
| 138 | 139 | "ERROR - $errormsg" . ($debug ? ": $debugmsg\n" : "\n"); |
| 139 | 140 | exit 0; |
| ... | ... | @@ -323,6 +324,10 @@ sub handle_list($$$$) { |
| 323 | 324 | my ($mode, $host, $dnsdomain, $debug) = @_; |
| 324 | 325 | my $title = "DynDNS Updater - $dnsdomain"; |
| 325 | 326 | |
| 327 | + fail("Operation not allowed", ($DomainListKey eq 'off') ? "List is disabled" | |
| 328 | + : "No/incorrect authentication information provided", 403) | |
| 329 | + if ($DomainListKey eq 'off') || (($DomainListKey cmp '') && ($DomainListKey cmp $cgi->param('secret'))); | |
| 330 | + | |
| 326 | 331 | print $cgi->header(-status=>200), |
| 327 | 332 | $cgi->start_html(-title => $title), |
| 328 | 333 | $cgi->h1($title); |
| ... | ... | @@ -354,7 +359,7 @@ if ($ConfigFile cmp 'ignore') { |
| 354 | 359 | $CFGFile =~ s/(\.pl)?$/.cfg/; |
| 355 | 360 | if (open (CONFIG, $CFGFile)) { |
| 356 | 361 | my %CONFIG = ( |
| 357 | - allow_debug_key => \$AllowDebugKey, | |
| 362 | + allow_debug_key => \$AllowDebugKey, domain_list_key => \$DomainListKey, | |
| 358 | 363 | dns_server => \$DNSServer, dns_domain => \@DNSDomain, |
| 359 | 364 | expand_cnames => \$ExpandCNAMEs, auth_mode => \$AuthMode, |
| 360 | 365 | static_signer => \$StaticSigner, static_key => \$StaticKey, |
| ... | ... |