[sr-dev] git:master:79bb2b1c: ims_ipsec_pcscf: fix sha1 algorithm and tcp connections for SIP Replies over TCP

[Daniel-Constantin Mierla]

Module: kamailio
Branch: master
Commit: 79bb2b1c4e5a446a333d837d4ccb1038303340e5
URL: https://github.com/kamailio/kamailio/commit/79bb2b1c4e5a446a333d837d4ccb1038303340e5

Author: Rikyz <xxxxxx at xxxxxx>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2022-03-11T10:27:26+01:00

ims_ipsec_pcscf: fix sha1 algorithm and tcp connections for SIP Replies over TCP

---

Modified: src/modules/ims_ipsec_pcscf/cmd.c
Modified: src/modules/ims_ipsec_pcscf/ipsec.c

---

Diff:  https://github.com/kamailio/kamailio/commit/79bb2b1c4e5a446a333d837d4ccb1038303340e5.diff
Patch: https://github.com/kamailio/kamailio/commit/79bb2b1c4e5a446a333d837d4ccb1038303340e5.patch

---

diff --git a/src/modules/ims_ipsec_pcscf/cmd.c b/src/modules/ims_ipsec_pcscf/cmd.c
index 82099367ba..f8672a592a 100644
--- a/src/modules/ims_ipsec_pcscf/cmd.c
+++ b/src/modules/ims_ipsec_pcscf/cmd.c
@@ -846,17 +846,15 @@ int ipsec_forward(struct sip_msg* m, udomain_t* d, int _cflags)
         // for Reply get the dest proto from the received request
         dst_proto = req->rcv.proto;
 
+        // for Reply and TCP sends from P-CSCF server port, for Reply and UDP sends from P-CSCF client port
+        src_port = dst_proto == PROTO_TCP ? s->port_ps : s->port_pc;
+
+        // for Reply and TCP sends to UE client port, for Reply and UDP sends to UE server port
+        dst_port = dst_proto == PROTO_TCP ? s->port_uc : s->port_us;
+
         // Check send socket
         struct socket_info * client_sock = grep_sock_info(via_host.af == AF_INET ? &ipsec_listen_addr : &ipsec_listen_addr6, src_port, dst_proto);
-        if(client_sock) {
-            // for Reply and TCP sends from P-CSCF server port, for Reply and UDP sends from P-CSCF client port
-            src_port = dst_proto == PROTO_TCP ? s->port_ps : s->port_pc;
-
-            // for Reply and TCP sends to UE client port, for Reply and UDP sends to UE server port
-            dst_port = dst_proto == PROTO_TCP ? s->port_uc : s->port_us;
-        }
-        else
-        {
+        if(!client_sock) {
             src_port = s->port_pc;
             dst_port = s->port_us;
         }
diff --git a/src/modules/ims_ipsec_pcscf/ipsec.c b/src/modules/ims_ipsec_pcscf/ipsec.c
index e874abaa34..16dda61b8c 100644
--- a/src/modules/ims_ipsec_pcscf/ipsec.c
+++ b/src/modules/ims_ipsec_pcscf/ipsec.c
@@ -184,7 +184,7 @@ int add_sa(struct mnl_socket* nl_sock, const struct ip_addr *src_addr_param, con
     if(strncasecmp(r_alg.s, "hmac-md5-96", r_alg.len) == 0) {
         strcpy(l_auth_algo->alg_name,"md5");
     }
-    else if(strncasecmp(r_alg.s, "hmac-sha1-96", r_alg.len) == 0) {
+    else if(strncasecmp(r_alg.s, "hmac-sha-1-96", r_alg.len) == 0) {
         strcpy(l_auth_algo->alg_name,"sha1");
     } else {
         // set default algorithm to sha1