diff options
author | dvossel <dvossel@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-10-09 17:18:54 +0000 |
---|---|---|
committer | dvossel <dvossel@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-10-09 17:18:54 +0000 |
commit | 97d1f3558b02e67853064d6bb384687e27b2ce6e (patch) | |
tree | a31a80e32f44d7c04d14e124a8f79323bccc13d4 /channels/chan_sip.c | |
parent | 875a684d0421458806697c5ccbfe7d08f28e7129 (diff) |
'auth=' did not parse md5 secret correctly
(closes issue https://issues.asterisk.org/view.php?id=15949)
Reported by: ebroad
Patches:
authparsefix.patch uploaded by ebroad (license 878)
15949_trunk.diff uploaded by dvossel (license 671)
Tested by: ebroad
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@223142 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'channels/chan_sip.c')
-rw-r--r-- | channels/chan_sip.c | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/channels/chan_sip.c b/channels/chan_sip.c index b77876794..47b1f9508 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -17475,7 +17475,6 @@ static struct sip_auth *add_realm_authentication(struct sip_auth *authlist, char { char authcopy[256]; char *username=NULL, *realm=NULL, *secret=NULL, *md5secret=NULL; - char *stringp; struct sip_auth *a, *b, *auth; if (ast_strlen_zero(configuration)) @@ -17485,25 +17484,24 @@ static struct sip_auth *add_realm_authentication(struct sip_auth *authlist, char ast_log(LOG_DEBUG, "Auth config :: %s\n", configuration); ast_copy_string(authcopy, configuration, sizeof(authcopy)); - stringp = authcopy; - username = stringp; - realm = strrchr(stringp, '@'); + username = authcopy; + /* split user[:secret] and realm */ + realm = strrchr(username, '@'); if (realm) *realm++ = '\0'; if (ast_strlen_zero(username) || ast_strlen_zero(realm)) { ast_log(LOG_WARNING, "Format for authentication entry is user[:secret]@realm at line %d\n", lineno); return authlist; } - stringp = username; - username = strsep(&stringp, ":"); - if (username) { - secret = strsep(&stringp, ":"); - if (!secret) { - stringp = username; - md5secret = strsep(&stringp,"#"); - } + + /* parse username at ':' for secret, or '#" for md5secret */ + if ((secret = strchr(username, ':'))) { + *secret++ = '\0'; + } else if ((md5secret = strchr(username, '#'))) { + *md5secret++ = '\0'; } + if (!(auth = ast_calloc(1, sizeof(*auth)))) return authlist; |