[asterisk-bugs] [Asterisk 0017908]: [patch] MeetMe PIN handling broken
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Aug 31 19:06:57 CDT 2010
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=17908
======================================================================
Reported By: kuj
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 17908
Category: Applications/app_meetme
Reproducibility: always
Severity: minor
Priority: normal
Status: ready for testing
Asterisk Version: 1.4.35
JIRA: SWP-2123
Regression: No
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2010-08-24 20:35 CDT
Last Modified: 2010-08-31 19:06 CDT
======================================================================
Summary: [patch] MeetMe PIN handling broken
Description:
The handling of PINs in app_meetme is broken. Users are prompted for PINs
that don't exist, and regular users can gain conference admin privileges
without a conference's admin PIN.
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0015704 [patch] MeetMe privilege escalation in ...
======================================================================
----------------------------------------------------------------------
(0126517) kuj (reporter) - 2010-08-31 19:06
https://issues.asterisk.org/view.php?id=17908#c126517
----------------------------------------------------------------------
Dialplan used for testing:
exten => 100,1,Goto(confline,s,1)
exten => 101,1,Goto(confline-adm,s,1)
[confline]
exten => s,1,Background(enter-conf-call-number)
exten => s,n,WaitExten(20)
; Participants always dial a 3-digit conference number, optionally
followed
; by the #-sign
exten => _XXX,1,MeetMe(${EXTEN},xwsp)
exten => _XXX,n,Hangup()
exten => _XXX#,1,Goto(${EXTEN:-4:3},1) ; emulates "StripLSD(1)"
[confline-adm]
identical to [confline] except for MeetMe flags used: "Aaxs"
meetme.conf:
============
conf => 200
conf => 201,1
conf => 202,,2
conf => 203,1,2
test results:
=============
(key: n/p: not prompted for pin, logged into meetme successfully,
U: prompts for PIN, login successful with "user pin" (or single
PIN)
A: prompts for PIN, login successful with "admin pin"
U|A: either PIN accepted)
Ext | conf 200 201 202 203
----------------------------------------------
100 | n/p U n/p U|A
101 | n/p n/p A A
I believe the combo 101/201 (trying to become admin, with only one PIN set
on the conference) should prompt for a PIN, and should accept the single
PIN for admin mode. Therefore, my original patch was incomplete.
pins_2.patch fixes this oversight, and yields the following test results:
Ext | conf 200 201 202 203
----------------------------------------------
100 | n/p U n/p U|A
101 | n/p U A A
That should be exactly what I would expect from the PIN check.
Issue History
Date Modified Username Field Change
======================================================================
2010-08-31 19:06 kuj Note Added: 0126517
======================================================================
More information about the asterisk-bugs
mailing list