diff options
author | markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> | 2003-05-05 06:14:25 +0000 |
---|---|---|
committer | markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> | 2003-05-05 06:14:25 +0000 |
commit | 1d55ef4a3e78c00ce605a5a9abc30cf0eecfeb80 (patch) | |
tree | e29f62b9d4615431f77274c80a7b6570e46901c8 /manager.c | |
parent | afaea3bbc74e0f6ccb979ebf8cfb0ae620115d34 (diff) |
Add access control to management interface
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@961 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'manager.c')
-rwxr-xr-x | manager.c | 22 |
1 files changed, 21 insertions, 1 deletions
@@ -36,6 +36,7 @@ #include <asterisk/app.h> #include <asterisk/pbx.h> #include <asterisk/md5.h> +#include <asterisk/acl.h> static int enabled = 0; static int portno = DEFAULT_MANAGER_PORT; @@ -207,7 +208,26 @@ static int authenticate(struct mansession *s, struct message *m) if (strcasecmp(cat, "general")) { /* This is a user */ if (!strcasecmp(cat, user)) { - char *password = ast_variable_retrieve(cfg, cat, "secret"); + struct ast_variable *v; + struct ast_ha *ha = NULL; + char *password = NULL; + v = ast_variable_browse(cfg, cat); + while (v) { + if (!strcasecmp(v->name, "secret")) { + password = v->value; + } else if (!strcasecmp(v->name, "permit") || + !strcasecmp(v->name, "deny")) { + ha = ast_append_ha(v->name, v->value, ha); + } + v = v->next; + } + if (ha && !ast_apply_ha(ha, &(s->sin))) { + ast_log(LOG_NOTICE, "%s failed to pass IP ACL as '%s'\n", inet_ntoa(s->sin.sin_addr), user); + ast_free_ha(ha); + ast_destroy(cfg); + return -1; + } else if (ha) + ast_free_ha(ha); if (!strcasecmp(authtype, "MD5")) { if (key && strlen(key) && s->challenge) { int x; |