Commit fb75de8dcb1073e9b3e07a4ee733ba55a3280121

Authored by Frederik Lindenaar
1 parent acf4bc99

Implemented authentication for list operator

(closes #7)
Showing 2 changed files with 9 additions and 2 deletions
dyndns.cfg.dist
@@ -26,6 +26,8 @@ @@ -26,6 +26,8 @@
26 # hours, weeks or seconds. format: [0-9]+[mhws]? 26 # hours, weeks or seconds. format: [0-9]+[mhws]?
27 27
28 # Authentication Settings 28 # Authentication Settings
  29 +#domain_list_key = off # List operation, 'off' to disable, '' to always
  30 + # allow and other values to enable with secret
29 #auth_mode = remote # either 'static', 'remote' or 'both' 31 #auth_mode = remote # either 'static', 'remote' or 'both'
30 #static_signer = # required for AuthMode 'static' or 'both' 32 #static_signer = # required for AuthMode 'static' or 'both'
31 #static_key = # required for AuthMode 'static' or 'both' 33 #static_key = # required for AuthMode 'static' or 'both'
dyndns.pl
@@ -41,6 +41,8 @@ my @DNSDomain = ( '?', '!', 0 ); # DNS Domain to support, match hostname with: @@ -41,6 +41,8 @@ my @DNSDomain = ( '?', '!', 0 ); # DNS Domain to support, match hostname with:
41 my $ExpandCNAMEs = 1; # CNAME levels to expand (0 to disable) 41 my $ExpandCNAMEs = 1; # CNAME levels to expand (0 to disable)
42 my $AllowDebugKey = 'off'; # Debuging, 'off' to disable, '' for always on 42 my $AllowDebugKey = 'off'; # Debuging, 'off' to disable, '' for always on
43 # and other values to enable with debug= param. 43 # and other values to enable with debug= param.
  44 +my $DomainListKey = 'off'; # List operation, 'off' to disable, '' to always
  45 + # allow and other values to enable with secret
44 my $AuthMode = 'remote'; # either 'static', 'remote' or 'both' 46 my $AuthMode = 'remote'; # either 'static', 'remote' or 'both'
45 my $StaticSigner = ''; # required for AuthMode 'static' or 'both' 47 my $StaticSigner = ''; # required for AuthMode 'static' or 'both'
46 my $StaticKey = ''; # required for AuthMode 'static' or 'both' 48 my $StaticKey = ''; # required for AuthMode 'static' or 'both'
@@ -133,7 +135,6 @@ my $CE = 'Configuration Error'; @@ -133,7 +135,6 @@ my $CE = 'Configuration Error';
133 my $PE = 'Required parameter missing'; 135 my $PE = 'Required parameter missing';
134 sub fail($$;$) { 136 sub fail($$;$) {
135 my ($errormsg, $debugmsg, $exitcode) = @_; 137 my ($errormsg, $debugmsg, $exitcode) = @_;
136 - print $debug . "\n";  
137 print $cgi->header(-status=>$exitcode || 503, -type=>'text/plain'), 138 print $cgi->header(-status=>$exitcode || 503, -type=>'text/plain'),
138 "ERROR - $errormsg" . ($debug ? ": $debugmsg\n" : "\n"); 139 "ERROR - $errormsg" . ($debug ? ": $debugmsg\n" : "\n");
139 exit 0; 140 exit 0;
@@ -323,6 +324,10 @@ sub handle_list($$$$) { @@ -323,6 +324,10 @@ sub handle_list($$$$) {
323 my ($mode, $host, $dnsdomain, $debug) = @_; 324 my ($mode, $host, $dnsdomain, $debug) = @_;
324 my $title = "DynDNS Updater - $dnsdomain"; 325 my $title = "DynDNS Updater - $dnsdomain";
325 326
  327 + fail("Operation not allowed", ($DomainListKey eq 'off') ? "List is disabled"
  328 + : "No/incorrect authentication information provided", 403)
  329 + if ($DomainListKey eq 'off') || (($DomainListKey cmp '') && ($DomainListKey cmp $cgi->param('secret')));
  330 +
326 print $cgi->header(-status=>200), 331 print $cgi->header(-status=>200),
327 $cgi->start_html(-title => $title), 332 $cgi->start_html(-title => $title),
328 $cgi->h1($title); 333 $cgi->h1($title);
@@ -354,7 +359,7 @@ if ($ConfigFile cmp 'ignore') { @@ -354,7 +359,7 @@ if ($ConfigFile cmp 'ignore') {
354 $CFGFile =~ s/(\.pl)?$/.cfg/; 359 $CFGFile =~ s/(\.pl)?$/.cfg/;
355 if (open (CONFIG, $CFGFile)) { 360 if (open (CONFIG, $CFGFile)) {
356 my %CONFIG = ( 361 my %CONFIG = (
357 - allow_debug_key => \$AllowDebugKey, 362 + allow_debug_key => \$AllowDebugKey, domain_list_key => \$DomainListKey,
358 dns_server => \$DNSServer, dns_domain => \@DNSDomain, 363 dns_server => \$DNSServer, dns_domain => \@DNSDomain,
359 expand_cnames => \$ExpandCNAMEs, auth_mode => \$AuthMode, 364 expand_cnames => \$ExpandCNAMEs, auth_mode => \$AuthMode,
360 static_signer => \$StaticSigner, static_key => \$StaticKey, 365 static_signer => \$StaticSigner, static_key => \$StaticKey,