From: Joshua Colp Date: Thu, 24 May 2007 15:30:06 +0000 (+0000) Subject: Merged revisions 65902 via svnmerge from X-Git-Tag: 1.6.0-beta1~3^2~2589 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=22cf94111d84d01b2b2aaf12491409e2b5e82521;p=thirdparty%2Fasterisk.git Merged revisions 65902 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r65902 | file | 2007-05-24 11:27:23 -0400 (Thu, 24 May 2007) | 2 lines Add the ability to blacklist certain commands from being executed using the Command AMI action. (issue #9240 reported by junky) ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@65905 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/main/manager.c b/main/manager.c index 1fc5b05bdc..43dd43af59 100644 --- a/main/manager.c +++ b/main/manager.c @@ -131,6 +131,11 @@ static int manager_debug; /*!< enable some debugging code in the manager */ * HTTP sessions have managerid != 0, the value is used as a search key * to lookup sessions (using the mansession_id cookie). */ +static const char *command_blacklist[] = { + "module load", + "module unload", +}; + struct mansession { pthread_t ms_t; /*!< Execution thread, basically useless */ ast_mutex_t __lock; /*!< Thread lock -- don't use in action callbacks, it's already taken care of */ @@ -1795,9 +1800,16 @@ static int action_command(struct mansession *s, const struct message *m) const char *id = astman_get_header(m, "ActionID"); char *buf, *final_buf; char template[] = "/tmp/ast-ami-XXXXXX"; /* template for temporary file */ - int fd = mkstemp(template); + int fd = mkstemp(template), i = 0; off_t l; + for (i = 0; i < sizeof(command_blacklist) / sizeof(command_blacklist[0]); i++) { + if (!strncmp(cmd, command_blacklist[i], strlen(command_blacklist[i]))) { + astman_send_error(s, m, "Command blacklisted"); + return 0; + } + } + astman_append(s, "Response: Follows\r\nPrivilege: Command\r\n"); if (!ast_strlen_zero(id)) astman_append(s, "ActionID: %s\r\n", id);