Merge "res_pjsip_authenticator_digest: Don't use source port in nonce verification"

author: zuul <zuul@gerrit.asterisk.org> 2016-05-09 22:56:53 -0500
committer: Gerrit Code Review <gerrit2@gerrit.digium.api> 2016-05-09 22:56:53 -0500
commit: f60b1f35a02f07cc1e2f152d593dbc880942c287 (patch)
tree: b5651cfaabc5e064db83f39a729b66d782e69767 /res
parent: 2da358a3cbb7cb1c7a5bfd5c227a657c4a2b45d2 (diff)
parent: 1e876d691588a9196ad987b0f81192c12d3a0c81 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/res/res_pjsip_authenticator_digest.c b/res/res_pjsip_authenticator_digest.c
index a512b45b1..4bc35c5ff 100644
--- a/res/res_pjsip_authenticator_digest.c
+++ b/res/res_pjsip_authenticator_digest.c
@@ -206,9 +206,12 @@ static int build_nonce(struct ast_str **nonce, const char *timestamp, const pjsi
 	RAII_VAR(char *, eid, ao2_global_obj_ref(entity_id), ao2_cleanup);
 	char hash[33];
 
+	/*
+	 * Note you may be tempted to think why not include the port. The reason
+	 * is that when using TCP the port can potentially differ from before.
+	 */
 	ast_str_append(&str, 0, "%s", timestamp);
 	ast_str_append(&str, 0, ":%s", rdata->pkt_info.src_name);
-	ast_str_append(&str, 0, ":%d", rdata->pkt_info.src_port);
 	ast_str_append(&str, 0, ":%s", eid);
 	ast_str_append(&str, 0, ":%s", realm);
 	ast_md5_hash(hash, ast_str_buffer(str));
author	zuul <zuul@gerrit.asterisk.org>	2016-05-09 22:56:53 -0500
committer	Gerrit Code Review <gerrit2@gerrit.digium.api>	2016-05-09 22:56:53 -0500
commit	f60b1f35a02f07cc1e2f152d593dbc880942c287 (patch)
tree	b5651cfaabc5e064db83f39a729b66d782e69767 /res
parent	2da358a3cbb7cb1c7a5bfd5c227a657c4a2b45d2 (diff)
parent	1e876d691588a9196ad987b0f81192c12d3a0c81 (diff)