Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-11-24 16:23:40 +01:00
Code Releases Activity

Check account auth provided in WebAdmin is a local host (#3000)

Browse Source
This commit is contained in:
Badlop 2019-08-22 17:11:48 +02:00
parent 07ef1775cd
commit a51aa2bc44
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/ejabberd_web_admin.erl
View File

@ -265,6 +265,13 @@ get_auth_admin(Auth, HostHTTP, RPath, Method) ->
get_auth_account(HostOfRule, AccessRule, User, Server, get_auth_account(HostOfRule, AccessRule, User, Server,
Pass) -> Pass) ->
case lists:member(Server, ejabberd_config:get_myhosts()) of
true -> get_auth_account2(HostOfRule, AccessRule, User, Server, Pass);
false -> {unauthorized, <<"inexistent-host">>}
end.
get_auth_account2(HostOfRule, AccessRule, User, Server,
Pass) ->
case ejabberd_auth:check_password(User, <<"">>, Server, Pass) of case ejabberd_auth:check_password(User, <<"">>, Server, Pass) of
true -> true ->
case any_rules_allowed(HostOfRule, AccessRule, case any_rules_allowed(HostOfRule, AccessRule,