| commit | 786dd9c7f4dc0c05e177b11d6b68ba6b350c0fbb | |
| author | Stefan Becker <chemobejk@gmail.com> | |
| Thu, 4 Apr 2013 20:36:01 +0000 (4 23:36 +0300) | ||
| committer | Stefan Becker <chemobejk@gmail.com> | |
| Thu, 4 Apr 2013 20:36:01 +0000 (4 23:36 +0300) | ||
| tree | a45f1ba69b5b237d9c57292aee56b1c4f92a572f | treesnapshot (tar.gz zip) |
| parent | b2c995e4e2a8ff2e4b3d12348312cd73a75a1a81 | commitdiff |
Fix #190: SIP 407 response rejected with invalid message signature
NOTE: SIPE project on SourceForge got updated to the new project format and
therefore all bug & feature request numbers have changed.
The log for this issue shows a 407 response with the follwing headers:
Authentication-Info: NTLM rspauth="...
Proxy-Authenticate: Digest realm="...
The first is the one we need to verify the signature of the message.
The second one is needed to process the 407 response.
But sipmsg_breakdown_parse() incorrectly was looking for both lines with
"Proxy-Authenticate" having the higher priority. Therefore the wrong data
was fed to the signature calculation, causing the failure and subsequently
the connection drop.
Drop "Proxy-Authenticate" from the parser to fix this.
NOTE: SIPE project on SourceForge got updated to the new project format and
therefore all bug & feature request numbers have changed.
The log for this issue shows a 407 response with the follwing headers:
Authentication-Info: NTLM rspauth="...
Proxy-Authenticate: Digest realm="...
The first is the one we need to verify the signature of the message.
The second one is needed to process the 407 response.
But sipmsg_breakdown_parse() incorrectly was looking for both lines with
"Proxy-Authenticate" having the higher priority. Therefore the wrong data
was fed to the signature calculation, causing the failure and subsequently
the connection drop.
Drop "Proxy-Authenticate" from the parser to fix this.
| src/core/sipe-sign.c | diffblobblamehistory |