diff options
author | Joshua Colp <jcolp@digium.com> | 2015-05-05 10:13:23 -0500 |
---|---|---|
committer | Gerrit Code Review <gerrit2@gerrit.digium.api> | 2015-05-05 10:13:23 -0500 |
commit | f45833c9ade260f8cf866e65cd29eb146bdd559e (patch) | |
tree | e254e4b48ceeabe4d8ad87393e203e74fa700454 /main/manager.c | |
parent | 4f4aaa0c30d04f7dc6d0939dbfef1d320b3302d2 (diff) | |
parent | 11ffcf662f6b19eb0e9d5f8914d379ebef0177c4 (diff) |
Merge "Restrict functionality when ACLs are misconfigured."
Diffstat (limited to 'main/manager.c')
-rw-r--r-- | main/manager.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/main/manager.c b/main/manager.c index 2ff9df930..846f6e604 100644 --- a/main/manager.c +++ b/main/manager.c @@ -8977,7 +8977,13 @@ static int __init_manager(int reload, int by_external_config) } else if (!strcasecmp(var->name, "deny") || !strcasecmp(var->name, "permit") || !strcasecmp(var->name, "acl")) { - ast_append_acl(var->name, var->value, &user->acl, NULL, &acl_subscription_flag); + int acl_error = 0; + + ast_append_acl(var->name, var->value, &user->acl, &acl_error, &acl_subscription_flag); + if (acl_error) { + ast_log(LOG_ERROR, "Invalid ACL '%s' for manager user '%s' on line %d. Deleting user\n"); + user->keep = 0; + } } else if (!strcasecmp(var->name, "read") ) { user->readperm = get_perm(var->value); } else if (!strcasecmp(var->name, "write") ) { |