Add icesecret .ini parameter to "protect" local Ice connections

3 files changed, 27 insertions, 12 deletions

diff --git a/scripts/mkwrapper.pl b/scripts/mkwrapper.pl
index 740c1c141..246e37d01 100644
--- a/scripts/mkwrapper.pl
+++ b/scripts/mkwrapper.pl
@@ -18,6 +18,13 @@ sub func($$\@\@\@) {
 
     print I "void ::Murmur::${class}I::${func}_async(". join(", ", @{$wrapargs}).") {\n";
 #    print I "\tqWarning(\"CALL ${func}\");\n";
+    print I "\tif (! meta->mp.qsIceSecret.isEmpty()) {\n";
+    print I "\t\t::Ice::Context::const_iterator i = current.ctx.find(\"secret\");\n";
+    print I "\t\tif((i == current.ctx.end()) || (u8((*i).second) != meta->mp.qsIceSecret)) {\n";
+    print I "\t\t\tcb->ice_exception(InvalidSecretException());\n";
+    print I "\t\t\treturn;\n";
+    print I "\t\t}\n";
+    print I "\t}\n";
     print I "\tExecEvent *ie = new ExecEvent(boost::bind(&impl_${class}_$func, " . join(", ", @${callargs})."));\n";
     print I "\tQCoreApplication::instance()->postEvent(mi, ie);\n";
     print I "};\n";
diff --git a/scripts/murmur.ini b/scripts/murmur.ini
index 65178ac24..d454223f9 100644
--- a/scripts/murmur.ini
+++ b/scripts/murmur.ini
@@ -24,13 +24,19 @@ dbus=session
 # murmurd processes connected to the same D-Bus daemon.
 #dbusservice=net.sourceforge.mumble.murmur
 
-# If you want to use ZeroC ICE to communicate with Murmur, you need
+# If you want to use ZeroC Ice to communicate with Murmur, you need
 # to specify the endpoint to use. Since there is no authentication
 # with ICE, you should only use it if you trust all the users who have
 # shell access to your machine.
 # Please see the ICE documentation on how to specify endpoints.
 #ice="tcp -h 127.0.0.1 -p 6502"
 
+# Ice primarily uses local sockets. This means anyone who has a
+# user account on your machine can connect to the Ice services.
+# You can set a plaintext "secret" on the Ice conntection, and
+# any script attempting to access must then have this secret.
+#icesecret=
+
 # How many login attempts do we tolerate from one IP
 # inside a given timeframe before we ban the connection?
 # Note that this is global (shared between all virtual servers), and that
@@ -115,15 +121,6 @@ users=100
 #sslCert=
 #sslKey=
 
-# To enable username registration through
-# http://webserver/cgi-bin/mumble-server/register.cgi
-# then this value must be set to a valid email
-# and you must be running a SMTP server on this
-# machine.
-# This option is only used for a pre-packaged system-wide installation,
-# and does nothing if you just start murmurd yourself.
-#emailfrom=
-
 # If murmur is started as root, which user should it switch to?
 # This option is ignored if murmur isn't started with root privileges.
 #uname=
diff --git a/scripts/testcallback.py b/scripts/testcallback.py
index d31125a1d..0939794be 100755
--- a/scripts/testcallback.py
+++ b/scripts/testcallback.py
@@ -32,6 +32,8 @@ class ServerCallbackI(Murmur.ServerCallback):
          hash.update(cert)
          cert = X509.load_cert_der_string(cert)
          print cert.get_subject(), "issued by", cert.get_issuer(), "hash", hash.hexdigest()
+      if current:
+        print current.ctx
 
     def userDisconnected(self, p, current=None):
       print "disconnected"
@@ -72,11 +74,20 @@ class ServerContextCallbackI(Murmur.ServerContextCallback):
 if __name__ == "__main__":
     global contextR
 
+    prop = Ice.createProperties(sys.argv)
+    prop.setProperty("Ice.ImplicitContext", "Shared")
+
+    idd = Ice.InitializationData()
+    idd.properties = prop
+
+    ice = Ice.initialize(idd)
+
     print "Creating callbacks...",
-    ice = Ice.initialize(sys.argv)
 
-    meta = Murmur.MetaPrx.checkedCast(ice.stringToProxy('Meta:tcp -h 127.0.0.1 -p 6502'))
+    # If icesecret is set, we need to set it here as well.
+    ice.getImplicitContext().put("secret", "fourtytwo")
 
+    meta = Murmur.MetaPrx.checkedCast(ice.stringToProxy('Meta:tcp -h 127.0.0.1 -p 6502'))
     adapter = ice.createObjectAdapterWithEndpoints("Callback.Client", "tcp -h 127.0.0.1")
 
     metaR=Murmur.MetaCallbackPrx.uncheckedCast(adapter.addWithUUID(MetaCallbackI()))