[asterisk-commits] dvossel: branch 1.4 r223142 - /branches/1.4/channels/chan_sip.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Fri Oct 9 12:18:58 CDT 2009 

Author: dvossel
Date: Fri Oct  9 12:18:54 2009
New Revision: 223142

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=223142
Log:
'auth=' did not parse md5 secret correctly

(closes issue https://issues.asterisk.org/view.php?id=15949)
Reported by: ebroad
Patches:
      authparsefix.patch uploaded by ebroad (license 878)
      15949_trunk.diff uploaded by dvossel (license 671)
Tested by: ebroad

Modified:
    branches/1.4/channels/chan_sip.c

Modified: branches/1.4/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.4/channels/chan_sip.c?view=diff&rev=223142&r1=223141&r2=223142
==============================================================================
--- branches/1.4/channels/chan_sip.c (original)
+++ branches/1.4/channels/chan_sip.c Fri Oct  9 12:18:54 2009
@@ -17475,7 +17475,6 @@
 {
 	char authcopy[256];
 	char *username=NULL, *realm=NULL, *secret=NULL, *md5secret=NULL;
-	char *stringp;
 	struct sip_auth *a, *b, *auth;
 
 	if (ast_strlen_zero(configuration))
@@ -17485,25 +17484,24 @@
 		ast_log(LOG_DEBUG, "Auth config ::  %s\n", configuration);
 
 	ast_copy_string(authcopy, configuration, sizeof(authcopy));
-	stringp = authcopy;
-
-	username = stringp;
-	realm = strrchr(stringp, '@');
+
+	username = authcopy;
+	/* split user[:secret] and realm */
+	realm = strrchr(username, '@');
 	if (realm)
 		*realm++ = '\0';
 	if (ast_strlen_zero(username) || ast_strlen_zero(realm)) {
 		ast_log(LOG_WARNING, "Format for authentication entry is user[:secret]@realm at line %d\n", lineno);
 		return authlist;
 	}
-	stringp = username;
-	username = strsep(&stringp, ":");
-	if (username) {
-		secret = strsep(&stringp, ":");
-		if (!secret) {
-			stringp = username;
-			md5secret = strsep(&stringp,"#");
-		}
-	}
+
+	/* parse username at ':' for secret, or '#" for md5secret */
+	if ((secret = strchr(username, ':'))) {
+		*secret++ = '\0';
+	} else if ((md5secret = strchr(username, '#'))) {
+		*md5secret++ = '\0';
+	}
+
 	if (!(auth = ast_calloc(1, sizeof(*auth))))
 		return authlist;

More information about the asterisk-commits mailing list