Treat the authentication object as invalid if digest configuration is chosen and...
authorJoshua Colp <jcolp@digium.com>
Mon, 8 Jul 2013 21:26:37 +0000 (21:26 +0000)
committerJoshua Colp <jcolp@digium.com>
Mon, 8 Jul 2013 21:26:37 +0000 (21:26 +0000)
(closes issue ASTERISK-22003)
Reported by: Rusty Newton

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393857 65c4cc65-6c06-0410-ace0-fbb531ad65f3

res/res_sip/config_auth.c

index bffb96c..5f9e8d0 100644 (file)
@@ -85,6 +85,11 @@ static int auth_apply(const struct ast_sorcery *sorcery, void *obj)
                        ast_log(LOG_ERROR, "'md5' authentication specified but no md5_cred"
                                        "specified for auth '%s'\n", ast_sorcery_object_get_id(auth));
                        res = -1;
+               } else if (strlen(auth->md5_creds) != PJSIP_MD5STRLEN) {
+                       ast_log(LOG_ERROR, "'md5' authentication requires digest of '%d', but"
+                               "digest is of '%d' for auth '%s'\n", PJSIP_MD5STRLEN, (int)strlen(auth->md5_creds),
+                               ast_sorcery_object_get_id(auth));
+                       res = -1;
                }
                break;
        case AST_SIP_AUTH_TYPE_ARTIFICIAL: