From 4d31e534c0ec20582d91210990969c19b68ab3b0 Mon Sep 17 00:00:00 2001
From: Shuanglei Tao <tsl0922@gmail.com>
Date: Sat, 11 Mar 2017 02:05:16 +0800
Subject: [PATCH] Fix an issue that can bypass basic authentication

Reported by Donato Ferrante (NCC Group).
---
 src/protocol.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/protocol.c b/src/protocol.c
index b6025bf..025215e 100644
--- a/src/protocol.c
+++ b/src/protocol.c
@@ -311,12 +311,13 @@ callback_tty(struct lws *wsi, enum lws_callback_reasons reason,
                         struct json_object *o = NULL;
                         if (json_object_object_get_ex(obj, "AuthToken", &o)) {
                             const char *token = json_object_get_string(o);
-                            if (token == NULL || strcmp(token, server->credential)) {
+                            if (token != NULL && !strcmp(token, server->credential))
+                                client->authenticated = true;
+                            else
                                 lwsl_warn("WS authentication failed with token: %s\n", token);
-                                return 1;
-                            }
                         }
-                        client->authenticated = true;
+                        if (!client->authenticated)
+                            return 1;
                     }
                     int err = pthread_create(&client->thread, NULL, thread_run_command, client);
                     if (err != 0) {
-- 
2.43.4