diff options
author | Russell Bryant <russell@russellbryant.com> | 2007-04-24 21:37:00 +0000 |
---|---|---|
committer | Russell Bryant <russell@russellbryant.com> | 2007-04-24 21:37:00 +0000 |
commit | a751038fbe201b2e6de1c54a6570f364bb3fa00d (patch) | |
tree | f37804e8b78b9ad8974c59b8f62140c550774570 /main/manager.c | |
parent | f3ab33014a4f415c4f4ed5192bc6c87f435873eb (diff) |
Merged revisions 61787 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
................
r61787 | russell | 2007-04-24 16:34:53 -0500 (Tue, 24 Apr 2007) | 12 lines
Merged revisions 61786 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.2
........
r61786 | russell | 2007-04-24 16:33:59 -0500 (Tue, 24 Apr 2007) | 4 lines
Don't crash if a manager connection provides a username that exists in
manager.conf but does not have a password, and also requests MD5
authentication. (ASA-2007-012)
........
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@61788 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'main/manager.c')
-rw-r--r-- | main/manager.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/main/manager.c b/main/manager.c index 88dba48ee..8b0381e61 100644 --- a/main/manager.c +++ b/main/manager.c @@ -984,7 +984,8 @@ static int authenticate(struct mansession *s, const struct message *m) } if (!strcasecmp(astman_get_header(m, "AuthType"), "MD5")) { const char *key = astman_get_header(m, "Key"); - if (!ast_strlen_zero(key) && !ast_strlen_zero(s->challenge)) { + if (!ast_strlen_zero(key) && !ast_strlen_zero(s->challenge) && + !ast_strlen_zero(password)) { int x; int len = 0; char md5key[256] = ""; |