struct MD5Context md5;
unsigned char digest[16];
char *tmppw, *stringp;
-
+
tmppw = ast_strdupa(iaxs[callno]->secret);
stringp = tmppw;
while ((tmppw = strsep(&stringp, ";"))) {
if ((p->authmethods & IAX_AUTH_RSA) && !ast_strlen_zero(rsasecret) && !ast_strlen_zero(p->inkeys)) {
struct ast_key *key;
char *keyn;
- char tmpkey[256];
+ char *tmpkey;
char *stringp=NULL;
- ast_copy_string(tmpkey, p->inkeys, sizeof(tmpkey));
- stringp=tmpkey;
+ if (!(tmpkey = ast_strdup(p->inkeys))) {
+ ast_log(LOG_ERROR, "Unable to create a temporary string for parsing stored 'inkeys'\n");
+ return res;
+ }
+ stringp = tmpkey;
keyn = strsep(&stringp, ":");
while(keyn) {
key = ast_key_get(keyn, AST_KEY_PUBLIC);
ast_log(LOG_WARNING, "requested inkey '%s' for RSA authentication does not exist\n", keyn);
keyn = strsep(&stringp, ":");
}
+ ast_free(tmpkey);
} else if (p->authmethods & IAX_AUTH_MD5) {
struct MD5Context md5;
unsigned char digest[16];
char *tmppw, *stringp;
-
+
tmppw = ast_strdupa(p->secret);
stringp = tmppw;
while((tmppw = strsep(&stringp, ";"))) {
/* Check secret against what we have on file */
if (!ast_strlen_zero(rsasecret) && (p->authmethods & IAX_AUTH_RSA) && !ast_strlen_zero(iaxs[callno]->challenge)) {
if (!ast_strlen_zero(p->inkeys)) {
- char tmpkeys[256];
+ char *tmpkey;
char *stringp=NULL;
- ast_copy_string(tmpkeys, p->inkeys, sizeof(tmpkeys));
- stringp=tmpkeys;
+ if (!(tmpkey = ast_strdup(p->inkeys))) {
+ ast_log(LOG_ERROR, "Unable to create a temporary string for parsing stored 'inkeys'\n");
+ goto return_unref;
+ }
+ stringp = tmpkey;
keyn = strsep(&stringp, ":");
while(keyn) {
key = ast_key_get(keyn, AST_KEY_PUBLIC);
ast_log(LOG_WARNING, "requested inkey '%s' does not exist\n", keyn);
keyn = strsep(&stringp, ":");
}
+ ast_free(tmpkey);
if (!keyn) {
if (authdebug)
ast_log(LOG_NOTICE, "Host %s failed RSA authentication with inkeys '%s'\n", peer, p->inkeys);
struct ast_data *data_user, *data_authmethods, *data_enum_node;
struct iax2_user *user;
struct ao2_iterator i;
- char auth[90];
+ struct ast_str *auth;
char *pstr = "";
+ if (!(auth = ast_str_create(90))) {
+ ast_log(LOG_ERROR, "Unable to create temporary string for storing 'secret'\n");
+ return 0;
+ }
+
i = ao2_iterator_init(users, 0);
for (; (user = ao2_iterator_next(&i)); user_unref(user)) {
data_user = ast_data_add_node(data_root, "user");
iax2_data_add_codecs(data_user, "codecs", user->capability);
if (!ast_strlen_zero(user->secret)) {
- ast_copy_string(auth, user->secret, sizeof(auth));
+ ast_str_set(&auth, 0, "%s", user->secret);
} else if (!ast_strlen_zero(user->inkeys)) {
- snprintf(auth, sizeof(auth), "Key: %s", user->inkeys);
+ ast_str_set(&auth, 0, "Key: %s", user->inkeys);
} else {
- ast_copy_string(auth, "no secret", sizeof(auth));
+ ast_str_set(&auth, 0, "no secret");
}
- ast_data_add_password(data_user, "secret", auth);
+ ast_data_add_password(data_user, "secret", ast_str_buffer(auth));
ast_data_add_str(data_user, "context", user->contexts ? user->contexts->context : DEFAULT_CONTEXT);
}
ao2_iterator_destroy(&i);
+ ast_free(auth);
return 0;
}