From: Joshua Colp <jcolp@digium.com>
Date: Mon, 14 Jan 2008 20:01:19 +0000 (+0000)
Subject: Make sure the user's manager secret exists, even if it is blank.
X-Git-Tag: 1.6.0-beta1~3^2~49
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e8dee9f9569a6956c527ad08bed0f6915ef4b68b;p=thirdparty%2Fasterisk.git

Make sure the user's manager secret exists, even if it is blank.
(closes issue #11749)
Reported by: srt


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@98830 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---

diff --git a/main/manager.c b/main/manager.c
index 0016cd9034..8e87af7137 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -997,7 +997,7 @@ static int authenticate(struct mansession *s, const struct message *m)
 		ast_log(LOG_NOTICE, "%s failed to pass IP ACL as '%s'\n", ast_inet_ntoa(s->sin.sin_addr), username);
 	} else if (!strcasecmp(astman_get_header(m, "AuthType"), "MD5")) {
 		const char *key = astman_get_header(m, "Key");
-		if (!ast_strlen_zero(key) && !ast_strlen_zero(s->challenge)) {
+		if (!ast_strlen_zero(key) && !ast_strlen_zero(s->challenge) && user->secret) {
 			int x;
 			int len = 0;
 			char md5key[256] = "";