Summary: | ASTERISK-17632: Authentication during registration with provider fails when challenge URI contains domain different from request URI | ||
Reporter: | Mervyn Yeo (mervyn) | Labels: | |
Date Opened: | 2011-04-01 02:03:57 | Date Closed: | |
Priority: | Minor | Regression? | No |
Status: | Open/New | Components: | Channels/chan_sip/Registration |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ( 0) register_capture.txt | |
Description: | When trying to register with a provider, the provider issued a challenge with domain="my.domain.net" which is different from the request URI of "REGISTER sip:domain.com SIP/2.0". Instead of using the request URI in the calculation of the digest authentication response, Asterisk uses the value in the domain provided in the challenge and calculates an incorrect response. ****** ADDITIONAL INFORMATION ****** I'm not a C programmer but it seems that this is happening. Please forgive me if I'm wrong. chan_sip.c The domain provided in the challenge is stored. 18435 { "domain=", &p->domain }, When building the reply digest, the stored domain is placed into uri which is later used for calculating the response. 18510 if (!ast_strlen_zero(p->domain)) 18511 ast_copy_string(uri, p->domain, sizeof(uri)); According to RFC 3261 22.4 3 digest-uri-value = Request-URI Asterisk is using the value of the domain from the challenge instead of the request URI. | ||
Comments: |