Merge "res_pjsip_authenticator_digest: Don't use source port in nonce verification" into 13

author: zuul <zuul@gerrit.asterisk.org> 2016-05-09 22:34:39 -0500
committer: Gerrit Code Review <gerrit2@gerrit.digium.api> 2016-05-09 22:34:39 -0500
commit: 577d65b70114d13868b817c7470b840aca1a4a97 (patch)
tree: c28f43dc1ff7f1f90724a269ad2bf39eb93a2f21
parent: 7561ffa64a771817f23f2fb734b857e8a1c785ec (diff)
parent: 4d063814ba50438b70cd37a5ddf0a234d1892724 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/res/res_pjsip_authenticator_digest.c b/res/res_pjsip_authenticator_digest.c
index d56bdd650..59e9738fd 100644
--- a/res/res_pjsip_authenticator_digest.c
+++ b/res/res_pjsip_authenticator_digest.c
@@ -206,9 +206,12 @@ static int build_nonce(struct ast_str **nonce, const char *timestamp, const pjsi
 	RAII_VAR(char *, eid, ao2_global_obj_ref(entity_id), ao2_cleanup);
 	char hash[33];
 
+	/*
+	 * Note you may be tempted to think why not include the port. The reason
+	 * is that when using TCP the port can potentially differ from before.
+	 */
 	ast_str_append(&str, 0, "%s", timestamp);
 	ast_str_append(&str, 0, ":%s", rdata->pkt_info.src_name);
-	ast_str_append(&str, 0, ":%d", rdata->pkt_info.src_port);
 	ast_str_append(&str, 0, ":%s", eid);
 	ast_str_append(&str, 0, ":%s", realm);
 	ast_md5_hash(hash, ast_str_buffer(str));
author	zuul <zuul@gerrit.asterisk.org>	2016-05-09 22:34:39 -0500
committer	Gerrit Code Review <gerrit2@gerrit.digium.api>	2016-05-09 22:34:39 -0500
commit	577d65b70114d13868b817c7470b840aca1a4a97 (patch)
tree	c28f43dc1ff7f1f90724a269ad2bf39eb93a2f21
parent	7561ffa64a771817f23f2fb734b857e8a1c785ec (diff)
parent	4d063814ba50438b70cd37a5ddf0a234d1892724 (diff)