[asterisk-users] Bug in Dial() string processing
Antony.Stone at asterisk.open.source.it
Thu Oct 29 07:24:38 CDT 2020
On Tuesday 27 October 2020 at 11:00:10, Antony Stone wrote:
> I've discovered a bug in the Dial() string processing (for Asterisk 13.14.1
> at least).
I've now confirmed that the same bug exists in 16.2.1
A Dial() command containing a SIP username/password combination which has a !
character in it is incorrectly parsed and fails.
> According to the documentation in channels/chan_sip.c the Dial() string
> syntax is:
> * SIP/devicename
> * or SIP/username at domain (SIP uri)
> * or SIP/username[:password[:md5secret[:authname[:transport]]]]@host[:port]
> * or SIP/devicename/extension
> * or SIP/devicename/extension/IPorHost
> * or SIP/username at domain//IPorHost
> * and there is an optional [!dnid] argument you can append to alter the
> * To: header.
> The bug is in the last part - the optional !dnid argument.
> This should parse for a ! *following* any of the above syntaxes and assign
> whatever follows it to dnid. If there is more than one ! in the entire
> string, dnid should follow the final one.
> Unfortunately, the string parsing checks *first* for a ! and assigns
> everything following the first occurrence to dnid, and then attempts to
> parse whatever preceded it according to the above possibilities.
> This means that if a SIP password, for example, contains a !, it is
> impossible to use the stated syntax
> Note that in this syntax, @host is non-optional, therefore parsing for a !
> preceding the @host part and regarding what follows the ! as dnid is
"The future is already here. It's just not evenly distributed yet."
- William Gibson
Please reply to the list;
please *don't* CC me.
More information about the asterisk-users