[svn-commits] bebuild: tag certified-1.8.11-cert7 r372082 - in /certified/tags/1.8.11-cert7...
SVN commits to the Digium repositories
svn-commits at lists.digium.com
Thu Aug 30 14:23:31 CDT 2012
Author: bebuild
Date: Thu Aug 30 14:23:27 2012
New Revision: 372082
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=372082
Log:
Merge changes for AST-2012-012,AST-2012-013
Removed:
certified/tags/1.8.11-cert7/certified-asterisk-1.8.11-cert6-summary.html
certified/tags/1.8.11-cert7/certified-asterisk-1.8.11-cert6-summary.txt
Modified:
certified/tags/1.8.11-cert7/ (props changed)
certified/tags/1.8.11-cert7/.version
certified/tags/1.8.11-cert7/ChangeLog
certified/tags/1.8.11-cert7/README-SERIOUSLY.bestpractices.txt
certified/tags/1.8.11-cert7/channels/chan_iax2.c
certified/tags/1.8.11-cert7/main/manager.c
Propchange: certified/tags/1.8.11-cert7/
------------------------------------------------------------------------------
Binary property 'branch-1.8-merged' - no diff available.
Propchange: certified/tags/1.8.11-cert7/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Aug 30 14:23:27 2012
@@ -1,1 +1,2 @@
/branches/1.8:357665,358162,359656,359706,359979,360086,360884,367781,367843,368604,368759
+/certified/branches/1.8.11:372030
Modified: certified/tags/1.8.11-cert7/.version
URL: http://svnview.digium.com/svn/asterisk/certified/tags/1.8.11-cert7/.version?view=diff&rev=372082&r1=372081&r2=372082
==============================================================================
--- certified/tags/1.8.11-cert7/.version (original)
+++ certified/tags/1.8.11-cert7/.version Thu Aug 30 14:23:27 2012
@@ -1,1 +1,1 @@
-1.8.11-cert6
+1.8.11-cert7
Modified: certified/tags/1.8.11-cert7/ChangeLog
URL: http://svnview.digium.com/svn/asterisk/certified/tags/1.8.11-cert7/ChangeLog?view=diff&rev=372082&r1=372081&r2=372082
==============================================================================
--- certified/tags/1.8.11-cert7/ChangeLog (original)
+++ certified/tags/1.8.11-cert7/ChangeLog Thu Aug 30 14:23:27 2012
@@ -1,3 +1,13 @@
+2012-08-30 Asterisk Development Team <asteriskteam at digium.com>
+
+ * Asterisk 1.8.11-cert7 Released.
+
+ * AST-2012-013: Resolve ACL rules being ignored during calls by some
+ IAX2 peers
+
+ * AST-2012-012: Resolve AMI User Unauthorized Shell Access through
+ ExternalIVR
+
2012-08-24 Asterisk Development Team <asteriskteam at digium.com>
* Certified Asterisk 1.8.11-cert6 Released.
Modified: certified/tags/1.8.11-cert7/README-SERIOUSLY.bestpractices.txt
URL: http://svnview.digium.com/svn/asterisk/certified/tags/1.8.11-cert7/README-SERIOUSLY.bestpractices.txt?view=diff&rev=372082&r1=372081&r2=372082
==============================================================================
--- certified/tags/1.8.11-cert7/README-SERIOUSLY.bestpractices.txt (original)
+++ certified/tags/1.8.11-cert7/README-SERIOUSLY.bestpractices.txt Thu Aug 30 14:23:27 2012
@@ -22,6 +22,9 @@
* Reducing Pattern Match Typos:
Using the 'same' prefix, or using Goto()
+
+* Manager Class Authorizations:
+ Recognizing potential issues with certain classes of authorization
----------------
Additional Links
@@ -293,3 +296,51 @@
exten => error,1,Verbose(2,Unable to lookup technology or device for extension)
same => n,Playback(silence/1&num-not-in-db)
same => n,Hangup()
+
+
+============================
+Manager Class Authorizations
+============================
+
+Manager accounts have associated class authorizations that define what actions
+and events that account can execute/receive. In order to run Asterisk commands
+or dialplan applications that affect the system Asterisk executes on, the
+"system" class authorization should be set on the account.
+
+However, Manager commands that originate new calls into the Asterisk dialplan
+have the potential to alter or affect the system as well, even though the
+class authorization for origination commands is "originate". Take, for example,
+the Originate manager command:
+
+Action: Originate
+Channel: SIP/foo
+Exten: s
+Context: default
+Priority: 1
+Application: System
+Data: echo hello world!
+
+This manager command will attempt to execute an Asterisk application, System,
+which is normally associated with the "system" class authorication. While some
+checks have been put into Asterisk to take this into account, certain dialplan
+configurations and/or clever manipulation of the Originate manager action can
+circumvent these checks. For example, take the following dialplan:
+
+exten => s,1,Verbose(Incoming call)
+same => n,MixMonitor(foo.wav,,${EXEC_COMMAND})
+same => n,Dial(SIP/bar)
+same => n,Hangup()
+
+Whatever has been defined in the variable EXEC_COMMAND will be executed after
+MixMonitor has finished recording the call. The dialplan writer may have
+intended that this variable to be set by some other location in the dialplan;
+however, the Manager action Originate allows for channel variables to be set by
+the account initiating the new call. This could allow the Originate action to
+execute some command on the system by setting the EXEC_COMMAND dialplan variable
+in the Variable: header.
+
+In general, you should treat the Manager class authorization "originate" the
+same as the class authorization "system". Good system configuration, such as
+not running Asterisk as root, can prevent serious problems from arising when
+allowing external connections to originate calls into Asterisk.
+
Modified: certified/tags/1.8.11-cert7/channels/chan_iax2.c
URL: http://svnview.digium.com/svn/asterisk/certified/tags/1.8.11-cert7/channels/chan_iax2.c?view=diff&rev=372082&r1=372081&r2=372082
==============================================================================
--- certified/tags/1.8.11-cert7/channels/chan_iax2.c (original)
+++ certified/tags/1.8.11-cert7/channels/chan_iax2.c Thu Aug 30 14:23:27 2012
@@ -7615,10 +7615,10 @@
i = ao2_iterator_init(users, 0);
while ((user = ao2_iterator_next(&i))) {
if ((ast_strlen_zero(iaxs[callno]->username) || /* No username specified */
- !strcmp(iaxs[callno]->username, user->name)) /* Or this username specified */
- && ast_apply_ha(user->ha, &addr) /* Access is permitted from this IP */
+ !strcmp(iaxs[callno]->username, user->name)) /* Or this username specified */
+ && ast_apply_ha(user->ha, &addr) == AST_SENSE_ALLOW /* Access is permitted from this IP */
&& (ast_strlen_zero(iaxs[callno]->context) || /* No context specified */
- apply_context(user->contexts, iaxs[callno]->context))) { /* Context is permitted */
+ apply_context(user->contexts, iaxs[callno]->context))) { /* Context is permitted */
if (!ast_strlen_zero(iaxs[callno]->username)) {
/* Exact match, stop right now. */
if (best)
@@ -7674,8 +7674,9 @@
user = best;
if (!user && !ast_strlen_zero(iaxs[callno]->username)) {
user = realtime_user(iaxs[callno]->username, sin);
- if (user && !ast_strlen_zero(iaxs[callno]->context) && /* No context specified */
- !apply_context(user->contexts, iaxs[callno]->context)) { /* Context is permitted */
+ if (user && (ast_apply_ha(user->ha, &addr) == AST_SENSE_DENY /* Access is denied from this IP */
+ || (!ast_strlen_zero(iaxs[callno]->context) && /* No context specified */
+ !apply_context(user->contexts, iaxs[callno]->context)))) { /* Context is permitted */
user = user_unref(user);
}
}
Modified: certified/tags/1.8.11-cert7/main/manager.c
URL: http://svnview.digium.com/svn/asterisk/certified/tags/1.8.11-cert7/main/manager.c?view=diff&rev=372082&r1=372081&r2=372082
==============================================================================
--- certified/tags/1.8.11-cert7/main/manager.c (original)
+++ certified/tags/1.8.11-cert7/main/manager.c Thu Aug 30 14:23:27 2012
@@ -4065,6 +4065,7 @@
strcasestr(app, "agi") || /* AGI(/bin/rm,-rf /)
EAGI(/bin/rm,-rf /) */
strcasestr(app, "mixmonitor") || /* MixMonitor(blah,,rm -rf) */
+ strcasestr(app, "externalivr") || /* ExternalIVR(rm -rf) */
(strstr(appdata, "SHELL") && (bad_appdata = 1)) || /* NoOp(${SHELL(rm -rf /)}) */
(strstr(appdata, "EVAL") && (bad_appdata = 1)) /* NoOp(${EVAL(${some_var_containing_SHELL})}) */
)) {
More information about the svn-commits
mailing list