Don't crash if a manager connection provides a username that exists in

manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012) git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@61786 f38db490-d61c-443f-a65b-d21fe96a405b
author: russell <russell@f38db490-d61c-443f-a65b-d21fe96a405b> 2007-04-24 21:33:59 +0000
committer: russell <russell@f38db490-d61c-443f-a65b-d21fe96a405b> 2007-04-24 21:33:59 +0000
commit: 2b4c20088ff86fceab51a734440de475489f680b (patch)
tree: 3011173cd077585b60f41e87a79feb99468b1cac /manager.c
parent: c35b8feb796ede6c15a88f288c4207c4f12eae8f (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/manager.c b/manager.c
index e83c55e20..f884a9d24 100644
--- a/manager.c
+++ b/manager.c
@@ -533,7 +533,8 @@ static int authenticate(struct mansession *s, struct message *m)
 				} else if (ha)
 					ast_free_ha(ha);
 				if (!strcasecmp(authtype, "MD5")) {
-					if (!ast_strlen_zero(key) && s->challenge) {
+					if (!ast_strlen_zero(key) && 
+					    !ast_strlen_zero(s->challenge) && !ast_strlen_zero(password)) {
 						int x;
 						int len=0;
 						char md5key[256] = "";
author	russell <russell@f38db490-d61c-443f-a65b-d21fe96a405b>	2007-04-24 21:33:59 +0000
committer	russell <russell@f38db490-d61c-443f-a65b-d21fe96a405b>	2007-04-24 21:33:59 +0000
commit	2b4c20088ff86fceab51a734440de475489f680b (patch)
tree	3011173cd077585b60f41e87a79feb99468b1cac /manager.c
parent	c35b8feb796ede6c15a88f288c4207c4f12eae8f (diff)