<p>Kevin Harwell <strong>submitted</strong> this change.</p><p><a href="https://gerrit.asterisk.org/c/asterisk/+/15099">View Change</a></p><div style="white-space:pre-wrap">Approvals:
Kevin Harwell: Looks good to me, approved; Approved for Submit
George Joseph: Looks good to me, but someone else must approve
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">chan_sip: On authentication, pick MD5 for sure.<br><br>RFC 8760 added new digest-access-authentication schemes. Testing<br>revealed that chan_sip does not pick MD5 if several schemes are offered<br>by the User Agent Server (UAS). This change does not implement any of<br>the new schemes like SHA-256. This change makes sure, MD5 is picked so<br>UAS with SHA-2 enabled, like the service www.linphone.org/freesip, can<br>still be used. This should have worked since day one because SIP/2.0<br>already envisioned several schemes (see RFC 3261 and its augmented BNF<br>for 'algorithm' which includes 'token' as third alternative; note: if<br>'algorithm' was not present, MD5 is still assumed even in RFC 7616).<br><br>Change-Id: I61ca0b1f74b5ec2b5f3062c2d661cafeaf597fcd<br>---<br>M channels/chan_sip.c<br>1 file changed, 6 insertions(+), 3 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/channels/chan_sip.c b/channels/chan_sip.c</span><br><span>index 78c0bb3..9e3365b 100644</span><br><span>--- a/channels/chan_sip.c</span><br><span>+++ b/channels/chan_sip.c</span><br><span>@@ -23077,6 +23077,7 @@</span><br><span> char tmp[512];</span><br><span> char *c;</span><br><span> char oldnonce[256];</span><br><span style="color: hsl(120, 100%, 40%);">+ int start = 0;</span><br><span> </span><br><span> /* table of recognised keywords, and places where they should be copied */</span><br><span> const struct x {</span><br><span>@@ -23091,9 +23092,11 @@</span><br><span> { NULL, 0 },</span><br><span> };</span><br><span> </span><br><span style="color: hsl(0, 100%, 40%);">- ast_copy_string(tmp, sip_get_header(req, header), sizeof(tmp));</span><br><span style="color: hsl(0, 100%, 40%);">- if (ast_strlen_zero(tmp))</span><br><span style="color: hsl(0, 100%, 40%);">- return -1;</span><br><span style="color: hsl(120, 100%, 40%);">+ do {</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_copy_string(tmp, __get_header(req, header, &start), sizeof(tmp));</span><br><span style="color: hsl(120, 100%, 40%);">+ if (ast_strlen_zero(tmp))</span><br><span style="color: hsl(120, 100%, 40%);">+ return -1;</span><br><span style="color: hsl(120, 100%, 40%);">+ } while (strcasestr(tmp, "algorithm=") && !strcasestr(tmp, "algorithm=MD5"));</span><br><span> if (strncasecmp(tmp, "Digest ", strlen("Digest "))) {</span><br><span> ast_log(LOG_WARNING, "missing Digest.\n");</span><br><span> return -1;</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/c/asterisk/+/15099">change 15099</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/c/asterisk/+/15099"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 18 </div>
<div style="display:none"> Gerrit-Change-Id: I61ca0b1f74b5ec2b5f3062c2d661cafeaf597fcd </div>
<div style="display:none"> Gerrit-Change-Number: 15099 </div>
<div style="display:none"> Gerrit-PatchSet: 3 </div>
<div style="display:none"> Gerrit-Owner: Alexander Traud <pabstraud@compuserve.com> </div>
<div style="display:none"> Gerrit-Reviewer: Friendly Automation </div>
<div style="display:none"> Gerrit-Reviewer: George Joseph <gjoseph@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Kevin Harwell <kharwell@digium.com> </div>
<div style="display:none"> Gerrit-MessageType: merged </div>