[OpenSIPS-Devel] [OpenSIPS/opensips] 2aff7c: Digest auth: Fix MD5 regression on missing client ...
Liviu Chircu
noreply at github.com
Mon Apr 12 20:34:31 EST 2021
Branch: refs/heads/master
Home: https://github.com/OpenSIPS/opensips
Commit: 2aff7cf51f3268674e2c6a4b00cc1922063b0f14
https://github.com/OpenSIPS/opensips/commit/2aff7cf51f3268674e2c6a4b00cc1922063b0f14
Author: Liviu Chircu <liviu at opensips.org>
Date: 2021-04-12 (Mon, 12 Apr 2021)
Changed paths:
M lib/digest_auth/dauth_calc_md5.c
M lib/digest_auth/dauth_calc_sha256.c
M lib/digest_auth/dauth_calc_sha512t256.c
Log Message:
-----------
Digest auth: Fix MD5 regression on missing client "qop="
This fixes a bug with clients which may not include a "qop=" parameter
in their Authorization header. Since the ".response" API function is
invoked with some struct member address, the pointer check was always
TRUE, even for NULL or empty "qop" strings received from the client.
Issue discovered during OpenSIPIt'01 (https://opensipit.org/)
More information about the Devel
mailing list