[svn-commits] elguero: trunk r389009 - /trunk/channels/chan_iax2.c

SVN commits to the Digium repositories svn-commits at lists.digium.com
Fri May 17 15:25:01 CDT 2013 

Author: elguero
Date: Fri May 17 15:24:56 2013
New Revision: 389009

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=389009
Log:
Remove Character Limit On "inkeys" For IAX2

Currently, the buffer for processing "inkeys" is limited to 256 characters.  If
the user has many keys and the names of those key files are long, the 256
character limit is not enough.

* Change inkeys buffer to be dynamic

(closes issue ASTERISK-21398)
Reported by: Pavel Kopchyk
Tested by: Pavel Kopchyk, Michael L. Young
Patches:
    asterisk-21398-iax2-inkeys-dynamic-buffer_v3.diff
					by Michael L. Young (license 5026)

Review: https://reviewboard.asterisk.org/r/2501/

Modified:
    trunk/channels/chan_iax2.c

Modified: trunk/channels/chan_iax2.c
URL: http://svnview.digium.com/svn/asterisk/trunk/channels/chan_iax2.c?view=diff&rev=389009&r1=389008&r2=389009
==============================================================================
--- trunk/channels/chan_iax2.c (original)
+++ trunk/channels/chan_iax2.c Fri May 17 15:24:56 2013
@@ -6262,7 +6262,7 @@
 		struct MD5Context md5;
 		unsigned char digest[16];
 		char *tmppw, *stringp;
-		
+
 		tmppw = ast_strdupa(iaxs[callno]->secret);
 		stringp = tmppw;
 		while ((tmppw = strsep(&stringp, ";"))) {
@@ -7824,10 +7824,13 @@
 	if ((p->authmethods & IAX_AUTH_RSA) && !ast_strlen_zero(rsasecret) && !ast_strlen_zero(p->inkeys)) {
 		struct ast_key *key;
 		char *keyn;
-		char tmpkey[256];
+		char *tmpkey;
 		char *stringp=NULL;
-		ast_copy_string(tmpkey, p->inkeys, sizeof(tmpkey));
-		stringp=tmpkey;
+		if (!(tmpkey = ast_strdup(p->inkeys))) {
+			ast_log(LOG_ERROR, "Unable to create a temporary string for parsing stored 'inkeys'\n");
+			return res;
+		}
+		stringp = tmpkey;
 		keyn = strsep(&stringp, ":");
 		while(keyn) {
 			key = ast_key_get(keyn, AST_KEY_PUBLIC);
@@ -7838,11 +7841,12 @@
 				ast_log(LOG_WARNING, "requested inkey '%s' for RSA authentication does not exist\n", keyn);
 			keyn = strsep(&stringp, ":");
 		}
+		ast_free(tmpkey);
 	} else if (p->authmethods & IAX_AUTH_MD5) {
 		struct MD5Context md5;
 		unsigned char digest[16];
 		char *tmppw, *stringp;
-		
+
 		tmppw = ast_strdupa(p->secret);
 		stringp = tmppw;
 		while((tmppw = strsep(&stringp, ";"))) {
@@ -7945,10 +7949,13 @@
 	/* Check secret against what we have on file */
 	if (!ast_strlen_zero(rsasecret) && (p->authmethods & IAX_AUTH_RSA) && !ast_strlen_zero(iaxs[callno]->challenge)) {
 		if (!ast_strlen_zero(p->inkeys)) {
-			char tmpkeys[256];
+			char *tmpkey;
 			char *stringp=NULL;
-			ast_copy_string(tmpkeys, p->inkeys, sizeof(tmpkeys));
-			stringp=tmpkeys;
+			if (!(tmpkey = ast_strdup(p->inkeys))) {
+				ast_log(LOG_ERROR, "Unable to create a temporary string for parsing stored 'inkeys'\n");
+				goto return_unref;
+			}
+			stringp = tmpkey;
 			keyn = strsep(&stringp, ":");
 			while(keyn) {
 				key = ast_key_get(keyn, AST_KEY_PUBLIC);
@@ -7959,6 +7966,7 @@
 					ast_log(LOG_WARNING, "requested inkey '%s' does not exist\n", keyn);
 				keyn = strsep(&stringp, ":");
 			}
+			ast_free(tmpkey);
 			if (!keyn) {
 				if (authdebug)
 					ast_log(LOG_NOTICE, "Host %s failed RSA authentication with inkeys '%s'\n", peer, p->inkeys);
@@ -14579,8 +14587,13 @@
 	struct ast_data *data_user, *data_authmethods, *data_enum_node;
 	struct iax2_user *user;
 	struct ao2_iterator i;
-	char auth[90];
+	struct ast_str *auth;
 	char *pstr = "";
+
+	if (!(auth = ast_str_create(90))) {
+		ast_log(LOG_ERROR, "Unable to create temporary string for storing 'secret'\n");
+		return 0;
+	}
 
 	i = ao2_iterator_init(users, 0);
 	for (; (user = ao2_iterator_next(&i)); user_unref(user)) {
@@ -14594,13 +14607,13 @@
 		iax2_data_add_codecs(data_user, "codecs", user->capability);
 
 		if (!ast_strlen_zero(user->secret)) {
-			ast_copy_string(auth, user->secret, sizeof(auth));
+			ast_str_set(&auth, 0, "%s", user->secret);
 		} else if (!ast_strlen_zero(user->inkeys)) {
-			snprintf(auth, sizeof(auth), "Key: %s", user->inkeys);
+			ast_str_set(&auth, 0, "Key: %s", user->inkeys);
 		} else {
-			ast_copy_string(auth, "no secret", sizeof(auth));
-		}
-		ast_data_add_password(data_user, "secret", auth);
+			ast_str_set(&auth, 0, "no secret");
+		}
+		ast_data_add_password(data_user, "secret", ast_str_buffer(auth));
 
 		ast_data_add_str(data_user, "context", user->contexts ? user->contexts->context : DEFAULT_CONTEXT);
 
@@ -14640,6 +14653,7 @@
 	}
 	ao2_iterator_destroy(&i);
 
+	ast_free(auth);
 	return 0;
 }

More information about the svn-commits mailing list