From: Joshua Colp Date: Mon, 8 Jul 2013 21:26:37 +0000 (+0000) Subject: Treat the authentication object as invalid if digest configuration is chosen and... X-Git-Tag: 13.0.0-beta1~1525 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0f7d4d308e383d9f52e4db66ae619413bda344da;p=thirdparty%2Fasterisk.git Treat the authentication object as invalid if digest configuration is chosen and the digest is not of the correct length. (closes issue ASTERISK-22003) Reported by: Rusty Newton git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393857 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/res/res_sip/config_auth.c b/res/res_sip/config_auth.c index bffb96c394..5f9e8d0b78 100644 --- a/res/res_sip/config_auth.c +++ b/res/res_sip/config_auth.c @@ -85,6 +85,11 @@ static int auth_apply(const struct ast_sorcery *sorcery, void *obj) ast_log(LOG_ERROR, "'md5' authentication specified but no md5_cred" "specified for auth '%s'\n", ast_sorcery_object_get_id(auth)); res = -1; + } else if (strlen(auth->md5_creds) != PJSIP_MD5STRLEN) { + ast_log(LOG_ERROR, "'md5' authentication requires digest of '%d', but" + "digest is of '%d' for auth '%s'\n", PJSIP_MD5STRLEN, (int)strlen(auth->md5_creds), + ast_sorcery_object_get_id(auth)); + res = -1; } break; case AST_SIP_AUTH_TYPE_ARTIFICIAL: