]> git.ipfire.org Git - thirdparty/asterisk.git/commit
projects / thirdparty / asterisk.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd97f40) | patch
res_pjsip_authenticator_digest: Fix issue with missing auth and DONT_OPTIMIZE
authorGeorge Joseph <gjoseph@sangoma.com>
Fri, 17 Jan 2025 16:20:16 +0000 (09:20 -0700)
committerasterisk-org-access-app[bot] <120671045+asterisk-org-access-app[bot]@users.noreply.github.com>
Fri, 17 Jan 2025 20:32:51 +0000 (20:32 +0000)
commitff0fb401ae8372312070e4f911d5a46ffc42d137
tree451579533701e534f420ce797344515f6e325aaftree
parentcd97f4069db6d681e89bfc1a0e8cce31d72a05accommit | diff
res_pjsip_authenticator_digest: Fix issue with missing auth and DONT_OPTIMIZE

The return code fom digest_check_auth wasn't explicitly being initialized.
The return code also wasn't explicitly set to CHALLENGE when challenges
were sent.  When optimization was turned off (DONT_OPTIMIZE), the compiler
was setting it to "0"(CHALLENGE) which worked fine.  However, with
optimization turned on, it was setting it to "1" (SUCCESS) so if there was
no incoming Authorization header, the function was returning SUCCESS to the
distributor allowing the request to incorrectly succeed.

The return code is now initialized correctly and is now explicitly set
to CHALLENGE when we send challenges.
res/res_pjsip_authenticator_digest.c diff | blob | blame | history
Mirror of https://github.com/asterisk/asterisk.git