diff options
author | zuul <zuul@gerrit.asterisk.org> | 2016-05-09 22:34:39 -0500 |
---|---|---|
committer | Gerrit Code Review <gerrit2@gerrit.digium.api> | 2016-05-09 22:34:39 -0500 |
commit | 577d65b70114d13868b817c7470b840aca1a4a97 (patch) | |
tree | c28f43dc1ff7f1f90724a269ad2bf39eb93a2f21 | |
parent | 7561ffa64a771817f23f2fb734b857e8a1c785ec (diff) | |
parent | 4d063814ba50438b70cd37a5ddf0a234d1892724 (diff) |
Merge "res_pjsip_authenticator_digest: Don't use source port in nonce verification" into 13
-rw-r--r-- | res/res_pjsip_authenticator_digest.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/res/res_pjsip_authenticator_digest.c b/res/res_pjsip_authenticator_digest.c index d56bdd650..59e9738fd 100644 --- a/res/res_pjsip_authenticator_digest.c +++ b/res/res_pjsip_authenticator_digest.c @@ -206,9 +206,12 @@ static int build_nonce(struct ast_str **nonce, const char *timestamp, const pjsi RAII_VAR(char *, eid, ao2_global_obj_ref(entity_id), ao2_cleanup); char hash[33]; + /* + * Note you may be tempted to think why not include the port. The reason + * is that when using TCP the port can potentially differ from before. + */ ast_str_append(&str, 0, "%s", timestamp); ast_str_append(&str, 0, ":%s", rdata->pkt_info.src_name); - ast_str_append(&str, 0, ":%d", rdata->pkt_info.src_port); ast_str_append(&str, 0, ":%s", eid); ast_str_append(&str, 0, ":%s", realm); ast_md5_hash(hash, ast_str_buffer(str)); |