[asterisk-commits] markster: trunk r47912 - /trunk/main/manager.c

[asterisk-commits at lists.digium.com]

Author: markster
Date: Tue Nov 21 23:49:06 2006
New Revision: 47912

URL: http://svn.digium.com/view/asterisk?view=rev&rev=47912
Log:
Restore some sense of security to manager

Modified:
    trunk/main/manager.c

Modified: trunk/main/manager.c
URL: http://svn.digium.com/view/asterisk/trunk/main/manager.c?view=diff&rev=47912&r1=47911&r2=47912
==============================================================================
--- trunk/main/manager.c (original)
+++ trunk/main/manager.c Tue Nov 21 23:49:06 2006
@@ -1981,6 +1981,10 @@
 		return 0;
 	}
 
+	if (!s->authenticated && strcasecmp(action, "Login") && strcasecmp(action, "Logoff") && strcasecmp(action, "Challenge")) {
+		astman_send_error(s, m, "Permission denied");
+		return 0;
+	}
 	/* XXX should we protect the list navigation ? */
 	for (tmp = first_action ; tmp; tmp = tmp->next) {
 		if (!strcasecmp(action, tmp->action)) {