From: Brett Bryant Date: Mon, 20 Sep 2010 23:58:26 +0000 (+0000) Subject: Merged revisions 287758 via svnmerge from X-Git-Tag: 1.6.2.15-rc1~90 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=45bda16900c3d565100169fbecb4c575f3f31062;p=thirdparty%2Fasterisk.git Merged revisions 287758 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r287758 | bbryant | 2010-09-20 19:57:08 -0400 (Mon, 20 Sep 2010) | 16 lines Fix misvalidation of meetme pins in conjunction with the 'a' MeetMe flag. When using the 'a' MeetMe flag and having a user and admin pin setup for your conference, using the user pin would gain you admin priviledges. Also, when no user pin was set, an admin pin was, the 'a' MeetMe flag wasn't used, and the user tried to enter a conference then they were still prompted for a pin and forced to hit #. (closes issue #17908) Reported by: kuj Patches: pins_2.patch uploaded by kuj (license 1111) Tested by: kuj Review: [full review board URL with trailing slash] ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.2@287759 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/apps/app_meetme.c b/apps/app_meetme.c index 4ef16189d9..59ba743555 100644 --- a/apps/app_meetme.c +++ b/apps/app_meetme.c @@ -3983,9 +3983,13 @@ static int conf_exec(struct ast_channel *chan, void *data) res = -1; } } else { - if (((!ast_strlen_zero(cnf->pin) && - !ast_test_flag(&confflags, CONFFLAG_ADMIN)) || - !ast_strlen_zero(cnf->pinadmin)) && + if (((!ast_strlen_zero(cnf->pin) && + !ast_test_flag(&confflags, CONFFLAG_ADMIN)) || + (!ast_strlen_zero(cnf->pinadmin) && + ast_test_flag(&confflags, CONFFLAG_ADMIN)) || + (!ast_strlen_zero(cnf->pin) && + ast_strlen_zero(cnf->pinadmin) && + ast_test_flag(&confflags, CONFFLAG_ADMIN))) && (!(cnf->users == 0 && cnf->isdynamic))) { char pin[MAX_PIN] = ""; int j; @@ -4000,9 +4004,11 @@ static int conf_exec(struct ast_channel *chan, void *data) res = ast_app_getdata(chan, "conf-getpin", pin + strlen(pin), sizeof(pin) - 1 - strlen(pin), 0); } if (res >= 0) { - if (!strcasecmp(pin, cnf->pin) || - (!ast_strlen_zero(cnf->pinadmin) && - !strcasecmp(pin, cnf->pinadmin))) { + if ((!strcasecmp(pin, cnf->pin) && + (ast_strlen_zero(cnf->pinadmin) || + !ast_test_flag(&confflags, CONFFLAG_ADMIN))) || + (!ast_strlen_zero(cnf->pinadmin) && + !strcasecmp(pin, cnf->pinadmin))) { /* Pin correct */ allowretry = 0; if (!ast_strlen_zero(cnf->pinadmin) && !strcasecmp(pin, cnf->pinadmin)) {