webserver: Refactor password into a class var

diff --git a/pdns/webserver.cc b/pdns/webserver.cc
index f71a144071f5dc6e1334d0f4a11bc48796bfc3db..d375dd2a28ef22035a535b85a0a8139cea3c48a6 100644 (file)
--- a/pdns/webserver.cc
+++ b/pdns/webserver.cc
@@ -175,11 +175,9 @@ void WebServer::registerApiHandler(const string& url, HandlerFunction handler) {
   d_registerApiHandlerCalled = true;
 }
 
-static void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp) {
-  const string& web_password = arg()["webserver-password"];
-
-  if (!web_password.empty()) {
-    bool auth_ok = req->compareAuthorization(web_password);
+static void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp, const string &password) {
+  if (!password.empty()) {
+    bool auth_ok = req->compareAuthorization(password);
     if (!auth_ok) {
       g_log<<Logger::Debug<<"HTTP Request \"" << req->url.path << "\": Web Authentication failed" << endl;
       throw HttpUnauthorizedException("Basic");
@@ -190,7 +188,7 @@ static void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, Htt
 }
 
 void WebServer::registerWebHandler(const string& url, HandlerFunction handler) {
-  HandlerFunction f = boost::bind(&webWrapper, handler, _1, _2);
+  HandlerFunction f = boost::bind(&webWrapper, handler, _1, _2, d_webserverPassword);
   registerBareHandler(url, f);
 }
 

diff --git a/pdns/webserver.hh b/pdns/webserver.hh
index 42714572333a4a3295c91127bca761ddc46d7c2d..196d1bb33e60421a5315f31a0076a96b64a35d65 100644 (file)
--- a/pdns/webserver.hh
+++ b/pdns/webserver.hh
@@ -152,6 +152,13 @@ public:
     d_apikey = apikey;
   }
 
+  void setPassword(const string &password) {
+    if (d_registerWebHandlerCalled) {
+      throw PDNSException("registerWebHandler has been called, can not change password");
+    }
+    d_webserverPassword = password;
+  }
+
   void bind();
   void go();
 
@@ -176,6 +183,9 @@ protected:
 
   std::string d_apikey;
   bool d_registerApiHandlerCalled{false};
+
+  std::string d_webserverPassword;
+  bool d_registerWebHandlerCalled{false};
 };
 
 #endif /* WEBSERVER_HH */

diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc
index 48e89777377c3d868396b32bb02559d1b85481a5..96f3ac52f16bf82864abceba727232969afe652f 100644 (file)
--- a/pdns/ws-auth.cc
+++ b/pdns/ws-auth.cc
@@ -63,6 +63,7 @@ AuthWebServer::AuthWebServer()
   if(arg().mustDo("webserver") || arg().mustDo("api")) {
     d_ws = new WebServer(arg()["webserver-address"], arg().asNum("webserver-port"));
     d_ws->setApiKey(arg()["api-key"]);
+    d_ws->setPassword(arg()["webserver-password"]);
     d_ws->bind();
   }
 }

diff --git a/pdns/ws-recursor.cc b/pdns/ws-recursor.cc
index e9d48615cc45b01294c84018acd499ae5fafb725..012ce3c9b240784829f6e49247f78141a3502d97 100644 (file)
--- a/pdns/ws-recursor.cc
+++ b/pdns/ws-recursor.cc
@@ -451,6 +451,7 @@ RecursorWebServer::RecursorWebServer(FDMultiplexer* fdm)
 
   d_ws = new AsyncWebServer(fdm, arg()["webserver-address"], arg().asNum("webserver-port"));
   d_ws->setApiKey(arg()["api-key"]);
+  d_ws->setPassword(arg()["webserver-password"]);
   d_ws->bind();
 
   // legacy dispatch