diff options
author | Sean Bright <sean@malleable.com> | 2011-05-04 14:40:08 +0000 |
---|---|---|
committer | Sean Bright <sean@malleable.com> | 2011-05-04 14:40:08 +0000 |
commit | 34734f727fcf72cec6986d20f6a6716ea2373814 (patch) | |
tree | af40bf4dea5438798e9b59b24d7659bcd12f7d0d | |
parent | a3fd2b77b66933f3eaa829d7e7e64199ded86a4c (diff) |
Merged revisions 316663 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r316663 | seanbright | 2011-05-04 10:35:05 -0400 (Wed, 04 May 2011) | 8 lines
Only return a single error via AMI when requesting a forbidden action.
(closes issue #19216)
Reported by: oej
Patches:
issue19216-1.8-r316204.patch uploaded by seanbright (license 71)
Tested by: seanbright
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@316664 65c4cc65-6c06-0410-ace0-fbb531ad65f3
-rw-r--r-- | main/manager.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/main/manager.c b/main/manager.c index d3c307416..9b8c9654d 100644 --- a/main/manager.c +++ b/main/manager.c @@ -4497,18 +4497,25 @@ static int process_message(struct mansession *s, const struct message *m) } if (s->session->writeperm & tmp->authority || tmp->authority == 0) { call_func = tmp->func; - } else { - astman_send_error(s, m, "Permission denied"); - report_req_not_allowed(s, action); } break; } AST_RWLIST_UNLOCK(&actions); - if (tmp && call_func) { - /* call AMI function after actions list are unlocked */ - ast_debug(1, "Running action '%s'\n", tmp->action); - ret = call_func(s, m); + if (tmp) { + if (call_func) { + /* Call our AMI function after we unlock our actions lists */ + ast_debug(1, "Running action '%s'\n", tmp->action); + ret = call_func(s, m); + } else { + /* If we found our action but don't have a function pointer, access + * was denied, so bail out. + */ + report_req_not_allowed(s, action); + mansession_lock(s); + astman_send_error(s, m, "Permission denied"); + mansession_unlock(s); + } } else { char buf[512]; if (!tmp) { |