From: Shuanglei Tao <tsl0922@gmail.com>
Date: Fri, 10 Mar 2017 18:05:16 +0000 (+0800)
Subject: Fix an issue that can bypass basic authentication
X-Git-Url: http://git.prime8.dev/?a=commitdiff_plain;h=4d31e534c0ec20582d91210990969c19b68ab3b0;p=ttyd.git

Fix an issue that can bypass basic authentication

Reported by Donato Ferrante (NCC Group).
---

diff --git a/src/protocol.c b/src/protocol.c
index b6025bf..025215e 100644
--- a/src/protocol.c
+++ b/src/protocol.c
@@ -311,12 +311,13 @@ callback_tty(struct lws *wsi, enum lws_callback_reasons reason,
                         struct json_object *o = NULL;
                         if (json_object_object_get_ex(obj, "AuthToken", &o)) {
                             const char *token = json_object_get_string(o);
-                            if (token == NULL || strcmp(token, server->credential)) {
+                            if (token != NULL && !strcmp(token, server->credential))
+                                client->authenticated = true;
+                            else
                                 lwsl_warn("WS authentication failed with token: %s\n", token);
-                                return 1;
-                            }
                         }
-                        client->authenticated = true;
+                        if (!client->authenticated)
+                            return 1;
                     }
                     int err = pthread_create(&client->thread, NULL, thread_run_command, client);
                     if (err != 0) {