'auth=' did not parse md5 secret correctly

(closes issue https://issues.asterisk.org/view.php?id=15949)
Reported by: ebroad
Patches:
      authparsefix.patch uploaded by ebroad (license 878)
      15949_trunk.diff uploaded by dvossel (license 671)
Tested by: ebroad


git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@223142 f38db490-d61c-443f-a65b-d21fe96a405b

1 files changed, 10 insertions, 12 deletions

diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index b77876794..47b1f9508 100644
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -17475,7 +17475,6 @@ static struct sip_auth *add_realm_authentication(struct sip_auth *authlist, char
 {
 	char authcopy[256];
 	char *username=NULL, *realm=NULL, *secret=NULL, *md5secret=NULL;
-	char *stringp;
 	struct sip_auth *a, *b, *auth;
 
 	if (ast_strlen_zero(configuration))
@@ -17485,25 +17484,24 @@ static struct sip_auth *add_realm_authentication(struct sip_auth *authlist, char
 		ast_log(LOG_DEBUG, "Auth config ::  %s\n", configuration);
 
 	ast_copy_string(authcopy, configuration, sizeof(authcopy));
-	stringp = authcopy;
 
-	username = stringp;
-	realm = strrchr(stringp, '@');
+	username = authcopy;
+	/* split user[:secret] and realm */
+	realm = strrchr(username, '@');
 	if (realm)
 		*realm++ = '\0';
 	if (ast_strlen_zero(username) || ast_strlen_zero(realm)) {
 		ast_log(LOG_WARNING, "Format for authentication entry is user[:secret]@realm at line %d\n", lineno);
 		return authlist;
 	}
-	stringp = username;
-	username = strsep(&stringp, ":");
-	if (username) {
-		secret = strsep(&stringp, ":");
-		if (!secret) {
-			stringp = username;
-			md5secret = strsep(&stringp,"#");
-		}
+
+	/* parse username at ':' for secret, or '#" for md5secret */
+	if ((secret = strchr(username, ':'))) {
+		*secret++ = '\0';
+	} else if ((md5secret = strchr(username, '#'))) {
+		*md5secret++ = '\0';
 	}
+
 	if (!(auth = ast_calloc(1, sizeof(*auth))))
 		return authlist;