From ae10c2c8fc3802aaf81216d4ce7b983d12244c56 Mon Sep 17 00:00:00 2001 From: bbryant Date: Mon, 20 Sep 2010 23:58:26 +0000 Subject: Merged revisions 287758 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r287758 | bbryant | 2010-09-20 19:57:08 -0400 (Mon, 20 Sep 2010) | 16 lines Fix misvalidation of meetme pins in conjunction with the 'a' MeetMe flag. When using the 'a' MeetMe flag and having a user and admin pin setup for your conference, using the user pin would gain you admin priviledges. Also, when no user pin was set, an admin pin was, the 'a' MeetMe flag wasn't used, and the user tried to enter a conference then they were still prompted for a pin and forced to hit #. (closes issue #17908) Reported by: kuj Patches: pins_2.patch uploaded by kuj (license 1111) Tested by: kuj Review: [full review board URL with trailing slash] ........ git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.2@287759 f38db490-d61c-443f-a65b-d21fe96a405b --- apps/app_meetme.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'apps') diff --git a/apps/app_meetme.c b/apps/app_meetme.c index 4ef16189d..59ba74355 100644 --- a/apps/app_meetme.c +++ b/apps/app_meetme.c @@ -3983,9 +3983,13 @@ static int conf_exec(struct ast_channel *chan, void *data) res = -1; } } else { - if (((!ast_strlen_zero(cnf->pin) && - !ast_test_flag(&confflags, CONFFLAG_ADMIN)) || - !ast_strlen_zero(cnf->pinadmin)) && + if (((!ast_strlen_zero(cnf->pin) && + !ast_test_flag(&confflags, CONFFLAG_ADMIN)) || + (!ast_strlen_zero(cnf->pinadmin) && + ast_test_flag(&confflags, CONFFLAG_ADMIN)) || + (!ast_strlen_zero(cnf->pin) && + ast_strlen_zero(cnf->pinadmin) && + ast_test_flag(&confflags, CONFFLAG_ADMIN))) && (!(cnf->users == 0 && cnf->isdynamic))) { char pin[MAX_PIN] = ""; int j; @@ -4000,9 +4004,11 @@ static int conf_exec(struct ast_channel *chan, void *data) res = ast_app_getdata(chan, "conf-getpin", pin + strlen(pin), sizeof(pin) - 1 - strlen(pin), 0); } if (res >= 0) { - if (!strcasecmp(pin, cnf->pin) || - (!ast_strlen_zero(cnf->pinadmin) && - !strcasecmp(pin, cnf->pinadmin))) { + if ((!strcasecmp(pin, cnf->pin) && + (ast_strlen_zero(cnf->pinadmin) || + !ast_test_flag(&confflags, CONFFLAG_ADMIN))) || + (!ast_strlen_zero(cnf->pinadmin) && + !strcasecmp(pin, cnf->pinadmin))) { /* Pin correct */ allowretry = 0; if (!ast_strlen_zero(cnf->pinadmin) && !strcasecmp(pin, cnf->pinadmin)) { -- cgit v1.2.3