[SR-Users] major bug in auth module?
Juha Heinanen
jh at tutpro.com
Wed Mar 16 09:03:29 CET 2011
one sip ua sent this kind of authorization header:
Authorization: Digest
username="foo",realm="bar",uri="xxx",response="e439fa7438452da7d50690f2268be16f",nonce="4d8060d2000041b2430e64fe7ec681d8fb5709e9c72b8a01",qop=auth,cnonce="0004ccb0",nc=000060a2.
and sr auth module didn't like it but emitted error message
FIXME:check_nonce: bad nc value. i went and checked the code and found
this:
if (nc_enabled && (pf & NF_VALID_NC_ID) && auth->digest.nc.s &&
auth->digest.nc.len){
if (str2int(&auth->digest.nc, &nc)!=0){
/* error, bad nc */
ERR("FIXME:check_nonce: bad nc value %.*s\n",
auth->digest.nc.len, auth->digest.nc.s);
return 5; /* invalid nc */
}
i.e., looks like it is using str2int to convert to nc value to int. the
problem is that str2int only handles decimal strings, whereas nc value
is a hex string.
am i dreaming or what?
-- juha
More information about the sr-users
mailing list