Index: server/Slim/Control/CLI.pm
===================================================================
--- server/Slim/Control/CLI.pm (revision 2180)
+++ server/Slim/Control/CLI.pm (working copy)
@@ -16,8 +16,8 @@
use Slim::Utils::Misc;
use Slim::Utils::Strings qw(string);
use Slim::Utils::OSDetect;
+use Slim::Web::HTTP;
-
# This module provides a command-line interface to the server via a TCP/IP port.
# see the documentation in Stdio.pm for details on the command syntax
@@ -26,6 +26,7 @@
my $connected = 0;
my %outbuf = ();
my %listen = ();
+my %authenticated = ();
my $mdnsID;
@@ -168,7 +169,7 @@
closer($clientsock);
} else {
- s/$CR?$LF/\n/;
+ $firstline =~ s/$CR?$LF/\n/;
# process the commands
chomp $firstline;
@@ -185,11 +186,39 @@
my $output = "";
my $client = undef;
+ my $done = 0;
$::d_cli && msg("Clients: ". join " " ,Slim::Player::Client::clientIPs(), "\n");
$::d_cli && msg("Processing command: $command\n");
+
+ # flag this connection as requiring authentication if web authentication is required
+ if (!defined($authenticated{$clientsock})) {
+ $authenticated{$clientsock} = 1;
+ if (Slim::Utils::Prefs::get('authorize')) {
+ $authenticated{$clientsock} = 0;
+ }
+ }
+
+ # if auth required but not done yet, then insist on a "login" command
+ if ($authenticated{$clientsock} == 0) {
+ $::d_cli && msg("CLI connection requires authentication.\n");
+ # should this be localized? I think probably not, as localized responses
+ # would make the CLI client logic too complex
+ $output = "login required";
+ if ($command =~ m|^login\s*(\S*?)\:(\S*)|) {
+ # unescape: like other CLI command arguments, user and password should be URI-escaped
+ my ($user, $pass) = (Slim::Web::HTTP::unescape($1),Slim::Web::HTTP::unescape($2));
+ if (Slim::Web::HTTP::checkAuthorization($user, $pass)) {
+ $::d_cli && msg("CLI authentication successful.\n");
+ $authenticated{$clientsock} = 1;
+ $output = "login successful";
+ }
+ }
+ # set "done" flag so we don't take any further action on this command
+ $done = 1;
+ }
- if ($command =~ /^listen\s*(0|1|)/) {
+ if (($done == 0) && $command =~ /^listen\s*(0|1|)/) {
if ($1 eq 0) {
$listen{$clientsock} = undef;
} elsif ($1 eq 1) {
@@ -198,14 +227,16 @@
$listen{$clientsock} = $listen{$clientsock} ? undef : $clientsock;
}
}
+
+ if ($done == 0) {
+ $output = Slim::Control::Stdio::executeCmd($command);
+ }
- $output = Slim::Control::Stdio::executeCmd($command);
-
# if the callback isn't goint to print the response...
if (!$listen{$clientsock}) {
$output = "" unless defined $output;
-
+
$::d_cli && msg("Command line interface response: " . $output . "\n");
addresponse($clientsock, $output . $LF);
}
Index: server/HTML/EN/html/docs/cli-api.html
===================================================================
--- server/HTML/EN/html/docs/cli-api.html (revision 2180)
+++ server/HTML/EN/html/docs/cli-api.html (working copy)
@@ -16,6 +16,10 @@
To use the command line interface interactively, use the telnet command from your system's command prompt:
telnet localhost 9090 and when it connects, you can start typing commands.
+
+If you have set SlimServer to require Web username/password authentication, you will need to use the
+ "login" command to log in to the CLI interface before issuing any other commands. See the
+ "login" command documentation.
General command format
@@ -123,6 +127,17 @@
General commands
+login <username:password>
+The "login" command must be used to authenticate the CLI
+ client if SlimServer has been configured to require authentication
+ for the Web UI. If Web/CLI authentication is required, SlimServer
+ will ignore any CLI commands until the "login" command succeeds.
+Examples:
+
+ Request: "login username:password%20with%20spaces<LF>"
+ Response: "login successful<LF>"
+
+
debug <debugflag> <0|1|?|>
The "debug" command allows the caller to query, clear, set or toggle
the SlimServer's internal debug flags. Use 0 to clear, 1 to set, ? to query