diff options
author | bbryant <bbryant@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-05-23 21:37:07 +0000 |
---|---|---|
committer | bbryant <bbryant@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-05-23 21:37:07 +0000 |
commit | 6c2a246cb723cdd61fca296509bf8585b6ace513 (patch) | |
tree | 396ab612a057a3a8b31efdd63468593e11dd3930 /main/manager.c | |
parent | 4a2b4f6d063a702ad95911657d1ccc3c3f31c603 (diff) |
Merged revisions 118161 via svnmerge from
https://origsvn.digium.com/svn/asterisk/trunk
........
r118161 | bbryant | 2008-05-23 16:19:42 -0500 (Fri, 23 May 2008) | 3 lines
Add new functionality to http server that requires manager authentication for any path that includes a directory named 'private'. This patch also
requires manager authentication for any POST's being sent to the server as well to help secure uploads.
........
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.0@118168 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'main/manager.c')
-rw-r--r-- | main/manager.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/main/manager.c b/main/manager.c index 27bac8634..64be6d226 100644 --- a/main/manager.c +++ b/main/manager.c @@ -3140,7 +3140,7 @@ static char *contenttype[] = { * the value of the mansession_id cookie (0 is not valid and means * a session on the AMI socket). */ -static struct mansession *find_session(uint32_t ident) +static struct mansession *find_session(uint32_t ident, int incinuse) { struct mansession *s; @@ -3151,7 +3151,7 @@ static struct mansession *find_session(uint32_t ident) AST_LIST_TRAVERSE(&sessions, s, list) { ast_mutex_lock(&s->__lock); if (s->managerid == ident && !s->needdestroy) { - ast_atomic_fetchadd_int(&s->inuse, 1); + ast_atomic_fetchadd_int(&s->inuse, incinuse ? 1 : 0); break; } ast_mutex_unlock(&s->__lock); @@ -3161,6 +3161,21 @@ static struct mansession *find_session(uint32_t ident) return s; } +int astman_is_authed(uint32_t ident) +{ + int authed; + struct mansession *s; + + if (!(s = find_session(ident, 0))) + return 0; + + authed = (s->authenticated != 0); + + ast_mutex_unlock(&s->__lock); + + return authed; +} + int astman_verify_session_readpermissions(uint32_t ident, int perm) { int result = 0; @@ -3451,7 +3466,7 @@ static struct ast_str *generic_http_callback(enum output_format format, } } - if (!(s = find_session(ident))) { + if (!(s = find_session(ident, 1))) { /* Create new session. * While it is not in the list we don't need any locking */ |