git:master:f66a071d: auth: use time_t instead of casting to int in nonce check - sr-dev

14 Feb 2023

Module: kamailio
Branch: master
Commit: f66a071d18820fc71e421d1a73ebd959c4423655
URL: https://github.com/kamailio/kamailio/commit/f66a071d18820fc71e421d1a73ebd959...
Author: Daniel-Constantin Mierla miconda@gmail.com
Committer: Daniel-Constantin Mierla miconda@gmail.com
Date: 2023-02-14T13:48:59+01:00
auth: use time_t instead of casting to int in nonce check
- use unsigned int instead of int for building the nonce
---
Modified: src/modules/auth/challenge.c
Modified: src/modules/auth/nonce.c
Modified: src/modules/auth/nonce.h
---
Diff:  https://github.com/kamailio/kamailio/commit/f66a071d18820fc71e421d1a73ebd959...
Patch: https://github.com/kamailio/kamailio/commit/f66a071d18820fc71e421d1a73ebd959...
---

diff --git a/src/modules/auth/challenge.c b/src/modules/auth/challenge.c
index c5a769ed21..6f5084a9ae 100644
--- a/src/modules/auth/challenge.c
+++ b/src/modules/auth/challenge.c
@@ -21,6 +21,8 @@
  *
  */
+#include <stdint.h>
+
 #include "../../core/data_lump.h"
 #include "../../core/mem/mem.h"
 #include "../../core/parser/digest/digest.h"
@@ -94,14 +96,14 @@ void strip_realm(str* _realm)
  */
 int calc_new_nonce(char* nonce, int *nonce_len, int cfg, struct sip_msg* msg)
 {
-	int t;
+	unsigned int t;
 #if defined USE_NC || defined USE_OT_NONCE
    unsigned int n_id;
    unsigned char pool;
    unsigned char pool_flags;
 #endif
-	t=time(0);
+	t=(unsigned int)(uint64_t)time(0);
 #if defined USE_NC || defined USE_OT_NONCE
    if (nc_enabled || otn_enabled){
    	pool=nid_get_pool();
diff --git a/src/modules/auth/nonce.c b/src/modules/auth/nonce.c
index 3e28df9be4..bd6bc2b755 100644
--- a/src/modules/auth/nonce.c
+++ b/src/modules/auth/nonce.c
@@ -203,7 +203,8 @@ inline static int calc_bin_nonce_md5(union bin_nonce* b_nonce, int cfg,
  *                message will be included in the generated nonce.
  * @return 0 on success and -1 on error
  */
-int calc_nonce(char* nonce, int *nonce_len, int cfg, int since, int expires,
+int calc_nonce(char* nonce, int *nonce_len, int cfg, unsigned int since,
+		unsigned int expires,
 #if defined USE_NC || defined USE_OT_NONCE
    	unsigned int n_id, unsigned char pf,
 #endif /* USE_NC || USE_OT_NONCE */
@@ -310,7 +311,8 @@ int check_nonce(auth_body_t* auth, str* secret1, str* secret2,
    	struct sip_msg* msg, int update_nonce)
 {
    str * nonce;
-	int since, b_nonce2_len, b_nonce_len, cfg;
+	time_t since;
+	int b_nonce2_len, b_nonce_len, cfg;
    union bin_nonce b_nonce;
    union bin_nonce b_nonce2;
    time_t t;
diff --git a/src/modules/auth/nonce.h b/src/modules/auth/nonce.h
index 2d04051380..cf8713ea93 100644
--- a/src/modules/auth/nonce.h
+++ b/src/modules/auth/nonce.h
@@ -208,7 +208,8 @@ int get_auth_checks(struct sip_msg* msg);
 /*
  * Calculate nonce value
  */
-int calc_nonce(char* nonce, int* nonce_len, int cfg, int since, int expires,
+int calc_nonce(char* nonce, int* nonce_len, int cfg, unsigned int since,
+		unsigned int expires,
 #if defined USE_NC || defined USE_OT_NONCE
    			unsigned int n_id, unsigned char pf,
 #endif /* USE_NC || USE_OT_NONCE */

    