From: Luigi Rizzo Date: Sun, 22 Jul 2007 20:44:06 +0000 (+0000) Subject: add two comment blocks, one on reusing nonces, and one on the handling X-Git-Tag: 1.6.0-beta1~3^2~1968 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97512a856f722a9b148b4c2b66bb91a6928d9a34;p=thirdparty%2Fasterisk.git add two comment blocks, one on reusing nonces, and one on the handling of an 'authpeer' local variable. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@76390 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/channels/chan_sip.c b/channels/chan_sip.c index b10795cece..fd9e3bae70 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -8056,7 +8056,11 @@ static int transmit_register(struct sip_registry *r, int sipmethod, const char * else if (!ast_strlen_zero(r->nonce)) { char digest[1024]; - /* We have auth data to reuse, build a digest header! */ + /* We have auth data to reuse, build a digest header. + * Note, this is not always useful because some parties do not + * like nonces to be reused (for good reasons!) so they will + * challenge us anyways. + */ if (sipdebug) ast_debug(1, " >>> Re-using Auth data for %s@%s\n", r->username, r->hostname); ast_string_field_set(p, realm, r->realm); @@ -15377,7 +15381,7 @@ static int handle_request_subscribe(struct sip_pvt *p, struct sip_request *req, /* Handle authentication */ res = check_user_full(p, req, SIP_SUBSCRIBE, e, 0, sin, &authpeer); /* if an authentication response was sent, we are done here */ - if (res == AUTH_CHALLENGE_SENT) + if (res == AUTH_CHALLENGE_SENT) /* authpeer = NULL here */ return 0; if (res < 0) { if (res == AUTH_FAKE_AUTH) { @@ -15391,6 +15395,11 @@ static int handle_request_subscribe(struct sip_pvt *p, struct sip_request *req, return 0; } + /* At this point, authpeer cannot be NULL. Remember we hold a reference, + * so we must release it when done. + * XXX must remove all the checks for authpeer == NULL. + */ + /* Check if this user/peer is allowed to subscribe at all */ if (!ast_test_flag(&p->flags[1], SIP_PAGE2_ALLOWSUBSCRIBE)) { transmit_response(p, "403 Forbidden (policy)", req);