<p>Jenkins2 <strong>merged</strong> this change.</p><p><a href="https://gerrit.asterisk.org/8938">View Change</a></p><div style="white-space:pre-wrap">Approvals:
  Sean Bright: Looks good to me, but someone else must approve
  Corey Farrell: Looks good to me, but someone else must approve
  Kevin Harwell: Looks good to me, approved
  Jenkins2: Approved for Submit

</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">manager: fix digest auth for ami/http mechanism.<br><br>Due to a fixed size buffer the digest authentication could be<br>incorrectly calculated if a large URI was provided, causing<br>authentication failure. The buffer is now dynamically allocated to allow<br>any size URI within the normal limits of the HTTP request size.<br><br>ASTERISK-27841<br><br>Change-Id: I660609db13b8f9e5f9567f339dd804f4985d41b3<br>---<br>M main/manager.c<br>1 file changed, 9 insertions(+), 2 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/main/manager.c b/main/manager.c<br>index 577c7f9..f1e44b3 100644<br>--- a/main/manager.c<br>+++ b/main/manager.c<br>@@ -8006,13 +8006,20 @@<br> <br>        /* compute the expected response to compare with what we received */<br>  {<br>-            char a2[256];<br>+                char *a2;<br>             char a2_hash[256];<br>            char resp[256];<br> <br>            /* XXX Now request method are hardcoded in A2 */<br>-             snprintf(a2, sizeof(a2), "%s:%s", ast_get_http_method(method), d.uri);<br>+             if (ast_asprintf(&a2, "%s:%s", ast_get_http_method(method), d.uri) < 0) {<br>+                   AST_RWLIST_UNLOCK(&users);<br>+                       ast_http_request_close_on_completion(ser);<br>+                   ast_http_error(ser, 500, "Server Error", "Internal Server Error (out of memory)");<br>+                       return 0;<br>+            }<br>+<br>          ast_md5_hash(a2_hash, a2);<br>+           ast_free(a2);<br> <br>              if (d.qop) {<br>                  /* RFC 2617 */<br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/8938">change 8938</a>. To unsubscribe, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/8938"/><meta itemprop="name" content="View Change"/></div></div>

<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: merged </div>
<div style="display:none"> Gerrit-Change-Id: I660609db13b8f9e5f9567f339dd804f4985d41b3 </div>
<div style="display:none"> Gerrit-Change-Number: 8938 </div>
<div style="display:none"> Gerrit-PatchSet: 4 </div>
<div style="display:none"> Gerrit-Owner: Jaco Kroon <jaco@uls.co.za> </div>
<div style="display:none"> Gerrit-Reviewer: Corey Farrell <git@cfware.com> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins2 </div>
<div style="display:none"> Gerrit-Reviewer: Joshua Colp <jcolp@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Kevin Harwell <kharwell@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Sean Bright <sean.bright@gmail.com> </div>