below is my fix to this what i consider (unless proven otherwise) a major bug. UAs that now fail with sr auth module, worked fine in k. if there is no misunderstanding and this is a real bug, can someone please check the fix and commit it asap. -- juha *** /usr/src/orig/sip-router/modules/auth/nonce.c 2011-03-13 00:22:46.000000000 +0200 --- nonce.c 2011-03-16 10:21:50.000000000 +0200 *************** *** 276,282 **** --- 276,299 ---- */ #define is_bin_nonce_stale(b_nonce, t) (get_bin_nonce_expire(b_nonce) < (t)) + static inline int l8hex2int(char* _s, unsigned int *_r) + { + unsigned int i, res = 0; + for(i = 0; i < 8; i++) { + res *= 16; + if ((_s[i] >= '0') && (_s[i] <= '9')) { + res += _s[i] - '0'; + } else if ((_s[i] >= 'a') && (_s[i] <= 'f')) { + res += _s[i] - 'a' + 10; + } else if ((_s[i] >= 'A') && (_s[i] <= 'F')) { + res += _s[i] - 'A' + 10; + } else return -1; + } + + *_r = res; + return 0; + } /** Check whether the nonce returned by UA is valid. *************** *** 404,415 **** /* if nounce-count checks enabled & auth. headers has nc */ if (nc_enabled && (pf & NF_VALID_NC_ID) && auth->digest.nc.s && auth->digest.nc.len){ ! if (str2int(&auth->digest.nc, &nc)!=0){ ! /* error, bad nc */ ! ERR("FIXME:check_nonce: bad nc value %.*s\n", ! auth->digest.nc.len, auth->digest.nc.s); ! return 5; /* invalid nc */ ! } switch(nc_check_val(n_id, pf & NF_POOL_NO_MASK, nc)){ case NC_OK: /* don't perform extra checks or one-time nonce checks --- 421,433 ---- /* if nounce-count checks enabled & auth. headers has nc */ if (nc_enabled && (pf & NF_VALID_NC_ID) && auth->digest.nc.s && auth->digest.nc.len){ ! if ((auth->digest.nc.len != 8) || ! l8hex2int(auth->digest.nc.s, &nc) != 0) { ! /* error, bad nc */ ! ERR("check_nonce: bad nc value %.*s\n", ! auth->digest.nc.len, auth->digest.nc.s); ! return 5; /* invalid nc */ ! } switch(nc_check_val(n_id, pf & NF_POOL_NO_MASK, nc)){ case NC_OK: /* don't perform extra checks or one-time nonce checks