From: Alexander A. Klimov <alexander.klimov@icinga.com>
Date: Wed, 20 Feb 2019 15:07:41 +0000 (+0100)
Subject: ApiListener: fix self-made security hole
X-Git-Tag: v2.11.0-rc1~174^2~25
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=19625e62efa3895273a651327356f56ecf1cee9f;p=icinga2

ApiListener: fix self-made security hole
---

diff --git a/lib/remote/apilistener.cpp b/lib/remote/apilistener.cpp
index ebe18358b..d56c532bf 100644
--- a/lib/remote/apilistener.cpp
+++ b/lib/remote/apilistener.cpp
@@ -629,6 +629,8 @@ void ApiListener::NewClientHandlerInternal(boost::asio::yield_context yc, const
 			log << " (no Endpoint object found for identity)";
 		}
 	} else {
+		verify_ok = false;
+
 		Log(LogInformation, "ApiListener")
 			<< "New client connection " << conninfo << " (no client certificate)";
 	}