Opened 6 years ago

Closed 6 years ago

#1770 closed defect (fixed)

Issue with "other params" quotes when proxying WWW-authenticate header

Reported by: riza Owned by: bennylp
Priority: normal Milestone: release-2.3
Component: pjsip Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description

The issues occurs when:

  • Proxying a message that contains a WWW-Authenticate header.
  • The WWW-Authenticate header contains a digest challenge.
  • The challenge includes parameters that fall into PJSIP’s definition of "other_params", and these are quoted.


In this case, when the header is proxied, the quoted "other params" will be
unquoted.

This is happening because parse_digest_challenge unquotes all the parameters
it finds before storing them on the pjsip_digest_challenge. However
print_digest_challenge does not re-quote them (if the "other_params" are
required to be quoted, they must be stored as quoted values in the
pjsip_digest_challenge before calling print_digest_challenge).

The fix is for parse_digest_challenge to not unquote "other_params". This
seems better than the alternative of having print_digest_challenge add the
quotes, as the latter approach does not allow the application to use
"other_params" but avoid having them quoted.

Thanks to Alex Hockey for the patch.

Change History (2)

comment:1 Changed 6 years ago by riza

In 4859:

Re #1770: Fixed issue with "other params" quotes when proxying WWW-authenticate header.

comment:2 Changed 6 years ago by riza

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.