Merged revisions 223132 via svnmerge from

https://origsvn.digium.com/svn/asterisk/trunk

........
  r223132 | dvossel | 2009-10-09 11:54:02 -0500 (Fri, 09 Oct 2009) | 9 lines

  'auth=' did not parse md5 secret correctly

  (closes issue #15949)
  Reported by: ebroad
  Patches:
        authparsefix.patch uploaded by ebroad (license 878)
        15949_trunk.diff uploaded by dvossel (license 671)
  Tested by: ebroad
........

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.1@223134 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 6aab11a4b4530cec87937485c905e7dc85b1e6d1..46843885ee73f6396e08bfe6878ad45cee793b36 100644 (file)
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -21964,7 +21964,6 @@ static struct sip_auth *add_realm_authentication(struct sip_auth *authlist, cons
 {
        char authcopy[256];
        char *username=NULL, *realm=NULL, *secret=NULL, *md5secret=NULL;
-       char *stringp;
        struct sip_auth *a, *b, *auth;
 
        if (ast_strlen_zero(configuration))
@@ -21973,25 +21972,24 @@ static struct sip_auth *add_realm_authentication(struct sip_auth *authlist, cons
        ast_debug(1, "Auth config ::  %s\n", configuration);
 
        ast_copy_string(authcopy, configuration, sizeof(authcopy));
-       stringp = authcopy;
+       username = authcopy;
 
-       username = stringp;
-       realm = strrchr(stringp, '@');
+       /* split user[:secret] and relm */
+       realm = strrchr(username, '@');
        if (realm)
                *realm++ = '\0';
        if (ast_strlen_zero(username) || ast_strlen_zero(realm)) {
                ast_log(LOG_WARNING, "Format for authentication entry is user[:secret]@realm at line %d\n", lineno);
                return authlist;
        }
-       stringp = username;
-       username = strsep(&stringp, ":");
-       if (username) {
-               secret = strsep(&stringp, ":");
-               if (!secret) {
-                       stringp = username;
-                       md5secret = strsep(&stringp, "#");
-               }
+
+       /* parse username at ':' for secret, or '#" for md5secret */
+       if ((secret = strchr(username, ':'))) {
+               *secret++ = '\0';
+       } else if ((md5secret = strchr(username, '#'))) {
+               *md5secret++ = '\0';
        }
+
        if (!(auth = ast_calloc(1, sizeof(*auth))))
                return authlist;