[asterisk-bugs] [JIRA] (ASTERISK-29397) pjsip: Asterisk isn't tolerant of RFC8760 UASs

Friendly Automation (JIRA) noreply at issues.asterisk.org
Thu May 20 14:21:17 CDT 2021


    [ https://issues.asterisk.org/jira/browse/ASTERISK-29397?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=254970#comment-254970 ] 

Friendly Automation commented on ASTERISK-29397:
------------------------------------------------

Change 15891 merged by Friendly Automation:
res_pjsip_outbound_authenticator_digest: Be tolerant of RFC8760 UASs

[https://gerrit.asterisk.org/c/asterisk/+/15891|https://gerrit.asterisk.org/c/asterisk/+/15891]

> pjsip: Asterisk isn't tolerant of RFC8760 UASs
> ----------------------------------------------
>
>                 Key: ASTERISK-29397
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-29397
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip_outbound_authenticator_digest
>    Affects Versions: 16.17.0, 18.3.0
>            Reporter: George Joseph
>            Assignee: George Joseph
>            Severity: Major
>
> We are not currently tolerant of RFC8760 compliant UASs that send us multiple WWW-Authenticate headers.  If they send us one using SHA-256 and a second one using MD5, we fail when we see SHA-256 and don't continue to look for more WWW-Authenticate  headers.  I have a patch that at least makes us tolerant.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list