add userauth <user>@<domain>:<pass> to event_socket to auth against user…

add userauth <user>@<domain>:<pass> to event_socket to auth against user directory uses esl-password esl-allowed-api esl-allowed-events and esl-allowed-log to control resource access git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@16160 d0543943-73ff-0310-b7d9-9358b9ac24b2

add userauth <user>@<domain>:<pass> to event_socket to auth against user…
add userauth <user>@<domain>:<pass> to event_socket to auth against user directory uses esl-password esl-allowed-api esl-allowed-events and esl-allowed-log to control resource access git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@16160 d0543943-73ff-0310-b7d9-9358b9ac24b2
87ca6ed5 · Anthony Minessale · ad2d74c5 · 87ca6ed5 · 87ca6ed5
--- a/src/mod/event_handlers/mod_event_socket/mod_event_socket.c
+++ b/src/mod/event_handlers/mod_event_socket/mod_event_socket.c
--- a/src/mod/xml_int/mod_xml_rpc/mod_xml_rpc.c
+++ b/src/mod/xml_int/mod_xml_rpc/mod_xml_rpc.c
@@ -227,18 +227,19 @@ static abyss_bool user_attributes (const char *user, const char *domain_name,
 		}
 	}
-	if (x_domain_root) {
-		switch_xml_free(x_domain_root);
-	}
 	if (ppasswd)
-		*ppasswd = passwd;
+		*ppasswd = strdup(passwd);
 	if (pvm_passwd)
-		*pvm_passwd = vm_passwd;
+		*pvm_passwd = strdup(vm_passwd);
 	if (palias)
-		*palias = alias;
+		*palias = strdup(alias);
 	if (pallowed_commands)
-		*pallowed_commands = allowed_commands;
+		*pallowed_commands = strdup(allowed_commands);
+	if (x_domain_root) {
+		switch_xml_free(x_domain_root);
+	}
 	return TRUE;
 }
@@ -293,7 +294,7 @@ static abyss_bool is_authorized (const TSession *r, const char *command)
 	if (!allowed_commands)
 		return FALSE;
-	dup = strdup (allowed_commands);
+	dup = allowed_commands;
 	argc = switch_separate_string (dup, ',', argv, (sizeof(argv) / sizeof(argv[0])));
 	for (i = 0; i < argc; i++) {
@@ -319,6 +320,7 @@ static abyss_bool http_directory_auth(TSession *r, char *domain_name)
 	const char *box = NULL;
 	int at = 0;
 	char *dp;
+	abyss_bool rval = FALSE;
 	p = RequestHeaderValue(r, "authorization");
@@ -445,8 +447,8 @@ static abyss_bool http_directory_auth(TSession *r, char *domain_name)
 				ResponseAddField(r, "freeswitch-user", (box ? box : user));
 				ResponseAddField(r, "freeswitch-domain", domain_name);
+				rval = TRUE;
-				return TRUE;
+				goto done;
 			}
 		}
 	}
@@ -456,7 +458,14 @@ static abyss_bool http_directory_auth(TSession *r, char *domain_name)
 	switch_snprintf(z, sizeof(z), "Basic realm=\"%s\"", domain_name ? domain_name : globals.realm);
 	ResponseAddField(r, "WWW-Authenticate", z);
 	ResponseStatus(r, 401);
-	return FALSE;
+ done:
+	switch_safe_free(mypass1);
+	switch_safe_free(mypass2);
+	switch_safe_free(box);
+	return rval;
 }
 abyss_bool auth_hook(TSession * r)