[asterisk-commits] file: branch 1.4 r65902 -
/branches/1.4/main/manager.c
asterisk-commits at lists.digium.com
asterisk-commits at lists.digium.com
Thu May 24 08:27:24 MST 2007
Author: file
Date: Thu May 24 10:27:23 2007
New Revision: 65902
URL: http://svn.digium.com/view/asterisk?view=rev&rev=65902
Log:
Add the ability to blacklist certain commands from being executed using the Command AMI action. (issue #9240 reported by junky)
Modified:
branches/1.4/main/manager.c
Modified: branches/1.4/main/manager.c
URL: http://svn.digium.com/view/asterisk/branches/1.4/main/manager.c?view=diff&rev=65902&r1=65901&r2=65902
==============================================================================
--- branches/1.4/main/manager.c (original)
+++ branches/1.4/main/manager.c Thu May 24 10:27:23 2007
@@ -127,6 +127,11 @@
{ EVENT_FLAG_CONFIG, "config" },
{ -1, "all" },
{ 0, "none" },
+};
+
+static const char *command_blacklist[] = {
+ "module load",
+ "module unload",
};
struct mansession {
@@ -1620,8 +1625,15 @@
const char *id = astman_get_header(m, "ActionID");
char *buf, *final_buf;
char template[] = "/tmp/ast-ami-XXXXXX"; /* template for temporary file */
- int fd = mkstemp(template);
+ int fd = mkstemp(template), i = 0;
off_t l;
+
+ for (i = 0; i < sizeof(command_blacklist) / sizeof(command_blacklist[0]); i++) {
+ if (!strncmp(cmd, command_blacklist[i], strlen(command_blacklist[i]))) {
+ astman_send_error(s, m, "Command blacklisted");
+ return 0;
+ }
+ }
astman_append(s, "Response: Follows\r\nPrivilege: Command\r\n");
if (!ast_strlen_zero(id))
More information about the asterisk-commits
mailing list