From: David Vossel Date: Fri, 9 Oct 2009 17:10:28 +0000 (+0000) Subject: Merged revisions 223132 via svnmerge from X-Git-Tag: 1.6.1.10-rc1~67 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=003220b57f60389cf486ebae179070cbb8c9048b;p=thirdparty%2Fasterisk.git Merged revisions 223132 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ........ r223132 | dvossel | 2009-10-09 11:54:02 -0500 (Fri, 09 Oct 2009) | 9 lines 'auth=' did not parse md5 secret correctly (closes issue #15949) Reported by: ebroad Patches: authparsefix.patch uploaded by ebroad (license 878) 15949_trunk.diff uploaded by dvossel (license 671) Tested by: ebroad ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.6.1@223134 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 6aab11a4b4..46843885ee 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -21964,7 +21964,6 @@ static struct sip_auth *add_realm_authentication(struct sip_auth *authlist, cons { char authcopy[256]; char *username=NULL, *realm=NULL, *secret=NULL, *md5secret=NULL; - char *stringp; struct sip_auth *a, *b, *auth; if (ast_strlen_zero(configuration)) @@ -21973,25 +21972,24 @@ static struct sip_auth *add_realm_authentication(struct sip_auth *authlist, cons ast_debug(1, "Auth config :: %s\n", configuration); ast_copy_string(authcopy, configuration, sizeof(authcopy)); - stringp = authcopy; + username = authcopy; - username = stringp; - realm = strrchr(stringp, '@'); + /* split user[:secret] and relm */ + realm = strrchr(username, '@'); if (realm) *realm++ = '\0'; if (ast_strlen_zero(username) || ast_strlen_zero(realm)) { ast_log(LOG_WARNING, "Format for authentication entry is user[:secret]@realm at line %d\n", lineno); return authlist; } - stringp = username; - username = strsep(&stringp, ":"); - if (username) { - secret = strsep(&stringp, ":"); - if (!secret) { - stringp = username; - md5secret = strsep(&stringp, "#"); - } + + /* parse username at ':' for secret, or '#" for md5secret */ + if ((secret = strchr(username, ':'))) { + *secret++ = '\0'; + } else if ((md5secret = strchr(username, '#'))) { + *md5secret++ = '\0'; } + if (!(auth = ast_calloc(1, sizeof(*auth)))) return authlist;