271
272
evbuffer_drain( out, 2 );
274
276
tr_ninf( MY_NAME, _( "Deflated response from %zu bytes to %zu" ),
276
278
EVBUFFER_LENGTH( out ) );
277
280
evhttp_add_header( req->output_headers,
278
281
"Content-Encoding", "deflate" );
410
413
isAddressAllowed( const tr_rpc_server * server,
411
414
const char * address )
415
418
if( !server->isWhitelistEnabled )
418
for( str = server->whitelist; str && *str; )
420
const char * delimiter = strchr( str, ',' );
421
const int len = delimiter ? delimiter - str : (int)strlen( str );
422
char * token = tr_strndup( str, len );
423
const int match = tr_wildmat( address, token );
421
for( l=server->whitelist; l!=NULL; l=l->next )
422
if( tr_wildmat( address, l->data ) )
462
455
if( !isAddressAllowed( server, req->remote_host ) )
464
send_simple_response( req, 401, "Unauthorized IP Address" );
457
send_simple_response( req, 401,
458
"<p>Unauthorized IP Address.</p>"
459
"<p>Either disable the IP address whitelist or add your address to it.</p>"
460
"<p>If you're editing settings.json, see the 'rpc-whitelist' and 'rpc-whitelist-enabled' entries.</p>"
461
"<p>If you're still using ACLs, use a whitelist instead. See the transmission-daemon manpage for details.</p>" );
466
463
else if( server->isPasswordEnabled
467
464
&& ( !pass || !user || strcmp( server->username, user )
585
582
tr_rpcSetWhitelist( tr_rpc_server * server,
586
const char * whitelist )
583
const char * whitelistStr )
588
tr_free( server->whitelist );
589
server->whitelist = tr_strdup( whitelist );
588
/* keep the string */
589
tr_free( server->whitelistStr );
590
server->whitelistStr = tr_strdup( whitelistStr );
592
/* clear out the old whitelist entries */
593
while(( tmp = tr_list_pop_front( &server->whitelist )))
596
/* build the new whitelist entries */
597
for( walk=whitelistStr; walk && *walk; ) {
598
const char * delimiters = " ,;";
599
const size_t len = strcspn( walk, delimiters );
600
char * token = tr_strndup( walk, len );
601
tr_list_append( &server->whitelist, token );
602
if( strcspn( token, "+-" ) < len )
603
tr_ninf( MY_NAME, "Adding address to whitelist: %s (And it has a '+' or '-'! Are you using an old ACL by mistake?)", token );
605
tr_ninf( MY_NAME, "Adding address to whitelist: %s", token );
607
if( walk[len]=='\0' )
593
614
tr_rpcGetWhitelist( const tr_rpc_server * server )
595
return tr_strdup( server->whitelist ? server->whitelist : "" );
616
return tr_strdup( server->whitelistStr ? server->whitelistStr : "" );
694
718
s = tr_new0( tr_rpc_server, 1 );
695
719
s->session = session;
697
s->whitelist = tr_strdup( whitelist && *whitelist
699
: TR_DEFAULT_RPC_WHITELIST );
700
721
s->username = tr_strdup( username );
701
722
s->password = tr_strdup( password );
702
723
s->isWhitelistEnabled = isWhitelistEnabled != 0;
703
724
s->isPasswordEnabled = isPasswordEnabled != 0;
704
725
s->isEnabled = isEnabled != 0;
726
tr_rpcSetWhitelist( s, whitelist ? whitelist : TR_DEFAULT_RPC_WHITELIST );
706
728
tr_runInEventThread( session, startServer, s );
732
tr_ninf( MY_NAME, _( "Serving RPC and Web requests on port %d" ), (int)port );
734
if( isWhitelistEnabled )
735
tr_ninf( MY_NAME, _( "Whitelist enabled" ) );
737
if( isPasswordEnabled )
738
tr_ninf( MY_NAME, _( "Password required" ) );