]> git.ipfire.org Git - thirdparty/freeswitch.git/commitdiff
fix userauth for real
authorAnthony Minessale <anthm@freeswitch.org>
Wed, 29 Dec 2010 20:44:05 +0000 (14:44 -0600)
committerAnthony Minessale <anthm@freeswitch.org>
Wed, 29 Dec 2010 20:44:05 +0000 (14:44 -0600)
src/mod/event_handlers/mod_event_socket/mod_event_socket.c

index 5702d2c574ae89914d275f22e2ae3314f4ded92b..9d575dba2ac5b2b77b9039e9a9ea06e3bcc80fee 100644 (file)
@@ -1452,7 +1452,7 @@ static switch_bool_t auth_api_command(listener_t *listener, const char *api_cmd,
        switch_bool_t ok = SWITCH_TRUE;
 
   top:
-
+       
        if (!switch_core_hash_find(listener->allowed_api_hash, check_cmd)) {
                ok = SWITCH_FALSE;
                goto end;
@@ -1556,12 +1556,16 @@ static switch_status_t parse_command(listener_t *listener, switch_event_t **even
 
                        user = cmd + 9;
 
-                       if ((pass = strchr(user, ':'))) {
+                       if ((domain_name = strchr(user, '@'))) {
+                               *domain_name++ = '\0';
+                       }
+
+                       if ((pass = strchr(domain_name, ':'))) {
                                *pass++ = '\0';
                        }
 
-                       if ((domain_name = strchr(user, '@'))) {
-                               *domain_name++ = '\0';
+                       if ((pass = strchr(user, ':'))) {
+                               *pass++ = '\0';
                        }
                        
                        if (zstr(user) || zstr(domain_name)) {
@@ -2044,21 +2048,31 @@ static switch_status_t parse_command(listener_t *listener, switch_event_t **even
                char *arg = NULL;
                strip_cr(api_cmd);
 
-               if (!(acs.console_execute = switch_true(console_execute))) {
-                       if ((arg = strchr(api_cmd, ' '))) {
-                               *arg++ = '\0';
+               if (listener->allowed_api_hash) {
+                       char *api_copy = strdup(api_cmd);
+                       char *arg_copy = NULL;
+                       int ok = 0;
+
+                       if ((arg_copy = strchr(api_copy, ' '))) {
+                               *arg_copy++ = '\0';
                        }
-               }
+                       
+                       ok = auth_api_command(listener, api_copy, arg_copy);
+                       free(api_copy);
 
-               if (listener->allowed_api_hash) {
-                       if (!auth_api_command(listener, api_cmd, arg)) {
+                       if (!ok) {
                                switch_snprintf(reply, reply_len, "-ERR permission denied");
                                status = SWITCH_STATUS_SUCCESS;
                                goto done;
                        }
                }
-
-
+               
+               if (!(acs.console_execute = switch_true(console_execute))) {
+                       if ((arg = strchr(api_cmd, ' '))) {
+                               *arg++ = '\0';
+                       }
+               }
+               
                acs.listener = listener;
                acs.api_cmd = api_cmd;
                acs.arg = arg;