aniani/icecast-server
1
0
Fork 0
mirror of https://gitlab.xiph.org/xiph/icecast-server.git synced 2024-06-23 06:25:24 +00:00
Code

Fix: SECURITY allow global admins to access all mounts

Browse Source
This commit is contained in:
Philipp Schafft 2015-01-05 16:58:43 +00:00
parent 3d8245f71a
commit a52e2e1a35
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/connection.c
View File

@ -1337,7 +1337,8 @@ static void _handle_authentication_global(client_t *client, void *uri, auth_resu
auth_stack_release(client->authstack);
client->authstack = NULL;
if (result != AUTH_NOMATCH) {
if (result != AUTH_NOMATCH &&
!(result == AUTH_OK && client->admin_command != -1 && acl_test_admin(client->acl, client->admin_command) == ACL_POLICY_DENY)) {
_handle_authed_client(client, uri, result);
return;
}
@ -1387,7 +1388,8 @@ static void _handle_authentication_mount_default(client_t *client, void *uri, au
auth_stack_release(client->authstack);
client->authstack = NULL;
if (result != AUTH_NOMATCH) {
if (result != AUTH_NOMATCH &&
!(result == AUTH_OK && client->admin_command != -1 && acl_test_admin(client->acl, client->admin_command) == ACL_POLICY_DENY)) {
_handle_authed_client(client, uri, result);
return;
}