禁止默认http api密钥，删除管理员越过鉴权逻辑 (#2655 #2690)

http api secret禁止使用默认的035c73f7-bb6b-4889-a715-d9eb2d1925cc 删除admin_params的设定
2026-06-14 12:05:58 +08:00 · 2023-07-22 17:30:20 +08:00
parent a17e842da2
commit 25d5e410c3
4 changed files with 13 additions and 15 deletions
--- a/server/main.cpp
+++ b/server/main.cpp
@@ -351,6 +351,11 @@ int start_main(int argc,char *argv[]) {
 #endif //defined(ENABLE_SRT)

        try {
+            auto secret = mINI::Instance()[API::kSecret];
+            if (secret == "035c73f7-bb6b-4889-a715-d9eb2d1925cc" || secret.empty()) {
+                // 使用默认secret被禁止启动
+                throw std::invalid_argument("please modify the configuration named " + API::kSecret + " in " + g_ini_file);
+            }
            //rtsp服务器，端口默认554
            if (rtspPort) { rtspSrv->start<RtspSession>(rtspPort); }
            //rtsps服务器，端口默认322
@@ -388,8 +393,7 @@ int start_main(int argc,char *argv[]) {
 #endif//defined(ENABLE_SRT)

        } catch (std::exception &ex) {
-            WarnL << "端口占用或无权限:" << ex.what();
-            ErrorL << "程序启动失败，请修改配置文件中端口号后重试!";
+            ErrorL << "Start server failed: " << ex.what();
            sleep(1);
 #if !defined(_WIN32)
            if (pid != getpid() && kill_parent_if_failed) {