[auth] Proper auth username check

As when populating the credentials from script the username var contains only a username part, check only against "user" part of the auth username extracted from the SIP request (as the auth username may contain a domain part also). Fixes #2356 (cherry picked from commit 2d02dc8)
OpenSIPS · Jan 14, 2021 · 71b0aa5 · 71b0aa5
1 parent 0701082
commit 71b0aa5
Showing 1 changed file with 7 additions and 4 deletions.
diff --git a/modules/auth/auth_mod.c b/modules/auth/auth_mod.c
@@ -384,11 +384,14 @@ static inline int auth_get_ha1(struct sip_msg *msg, struct username* _username,
 			pv_value_destroy(&sval);
 			return -1;
 		}
-		if(sval.rs.len!= _username->whole.len
-				|| strncasecmp(sval.rs.s, _username->whole.s, sval.rs.len))
+		/* The PV will carry only a username, so we have to compare it
+		 * only against the "user" part of the _username struct.
+		 */
+		if(sval.rs.len!= _username->user.len
+				|| strncasecmp(sval.rs.s, _username->user.s, sval.rs.len))
 		{
-			LM_DBG("username mismatch [%.*s] [%.*s]\n",
-				_username->whole.len, _username->whole.s, sval.rs.len, sval.rs.s);
+			LM_DBG("username mismatch msg=[%.*s] var=[%.*s]\n",
+				_username->user.len,_username->user.s,sval.rs.len,sval.rs.s);
 			pv_value_destroy(&sval);
 			return 1;
 		}