Summary: | ASTERISK-21295: Sip registration fails, wrong parsing when secret has parentheses symbol | ||||||
Reporter: | Alisher (licedey) | Labels: | chan-sip-register-parsing | ||||
Date Opened: | 2013-03-17 19:13:55 | Date Closed: | |||||
Priority: | Major | Regression? | |||||
Status: | Open/New | Components: | Channels/chan_sip/General | ||||
Versions: | 11.2.1 13.18.4 | Frequency of Occurrence | Constant | ||||
Related Issues: |
| ||||||
Environment: | CentOS 6.4 32 bit | Attachments: | ( 0) cli_log.txt ( 1) sip.conf | ||||
Description: | The registration fails when secret has parentheses () or bracket [] symbols for instance
secret=2134(asffd or secret=2134[asffd. There could be more, but so far I can confirm issue with parentheses and brackets. When we try to register the following: register=username:"sec?(Ret":authuser@domain:port/extension Asterisk will parse secret as sec?(Ret:authuser. As a result it parses wrong password and leaves authuser blank. This works fine with Asterisk 1.4 version. | ||||||
Comments: | By: Alisher (licedey) 2013-03-17 19:15:46.881-0500 CLI Log By: Alisher (licedey) 2013-03-17 19:17:26.586-0500 SIP configuration file By: Michael L. Young (elguero) 2013-03-18 13:29:51.674-0500 Here is some info I looked up. Putting it here for reference. We will have to look into the parentheses, "(". It is recommended not to use brackets, "[". If it is used, it must be escaped. http://tools.ietf.org/html/rfc3261 RFC3261 25.1 {quote} password = *( unreserved / escaped / "&" / "=" / "+" / "$" / "," ) {quote} http://www.ietf.org/rfc/rfc2396.txt RFC2396 {quote} 2.3. Unreserved Characters Data characters that are allowed in a URI but do not have a reserved purpose are called unreserved. These include upper and lower case letters, decimal digits, and a limited set of punctuation marks and symbols. unreserved = alphanum | mark mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")" Unreserved characters can be escaped without changing the semantics of the URI, but this should not be done unless the URI is being used in a context that does not allow the unescaped character to appear. {quote} RFC2396 2.4.3. Excluded US-ASCII Characters {quote} Other characters are excluded because gateways and other transport agents are known to sometimes modify such characters, or they are used as delimiters. unwise = "\{" | "\}" | "|" | "\" | "^" | "[" | "]" | "`" Data corresponding to excluded characters must be escaped in order to be properly represented within a URI. {quote} By: Rusty Newton (rnewton) 2013-03-21 18:24:43.710-0500 Ack'ing. Asterisk documentation (sip.conf at least and probably somewhere else) should also indicate what characters can and can't be used. |