Add new functionality to http server that requires manager authentication for any path that includes a directory named 'private'. This patch also

requires manager authentication for any POST's being sent to the server as well to help secure uploads. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@118161 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2025-09-25 07:01:09 +00:00 · 2008-05-23 21:19:42 +00:00
parent 4ad72ce1cf
commit d32c2d6fd9
3 changed files with 43 additions and 5 deletions
--- a/main/manager.c
+++ b/main/manager.c
@@ -3292,7 +3292,7 @@ static char *contenttype[] = {
 * the value of the mansession_id cookie (0 is not valid and means
 * a session on the AMI socket).
 */
-static struct mansession *find_session(uint32_t ident)
+static struct mansession *find_session(uint32_t ident, int incinuse)
 {
 	struct mansession *s;

@@ -3303,7 +3303,7 @@ static struct mansession *find_session(uint32_t ident)
 	AST_LIST_TRAVERSE(&sessions, s, list) {
 		ast_mutex_lock(&s->__lock);
 		if (s->managerid == ident && !s->needdestroy) {
-			ast_atomic_fetchadd_int(&s->inuse, 1);
+			ast_atomic_fetchadd_int(&s->inuse, incinuse ? 1 : 0);
 			break;
 		}
 		ast_mutex_unlock(&s->__lock);
@@ -3313,6 +3313,21 @@ static struct mansession *find_session(uint32_t ident)
 	return s;
 }

+int astman_is_authed(uint32_t ident) 
+{
+	int authed;
+	struct mansession *s;
+
+	if (!(s = find_session(ident, 0)))
+		return 0;
+
+	authed = (s->authenticated != 0);
+
+	ast_mutex_unlock(&s->__lock);
+
+	return authed;
+}
+
 int astman_verify_session_readpermissions(uint32_t ident, int perm)
 {
 	int result = 0;
@@ -3603,7 +3618,7 @@ static struct ast_str *generic_http_callback(enum output_format format,
 		}
 	}

-	if (!(s = find_session(ident))) {
+	if (!(s = find_session(ident, 1))) {
 		/* Create new session.
 		 * While it is not in the list we don't need any locking
 		 */