From dee777620494671d45569382bc689561940c20cc Mon Sep 17 00:00:00 2001
From: Rikyz <xxxxxx@xxxxxx>
Date: Fri, 4 Mar 2022 23:15:57 +0100
Subject: [PATCH] ims_ipsec_pcscf: fix sha1 algorithm and tcp connections for
 SIP Replies over TCP

---
 src/modules/ims_ipsec_pcscf/cmd.c   | 16 +++++++---------
 src/modules/ims_ipsec_pcscf/ipsec.c |  2 +-
 2 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/src/modules/ims_ipsec_pcscf/cmd.c b/src/modules/ims_ipsec_pcscf/cmd.c
index 82099367ba0..f8672a592ab 100644
--- a/src/modules/ims_ipsec_pcscf/cmd.c
+++ b/src/modules/ims_ipsec_pcscf/cmd.c
@@ -846,17 +846,15 @@ int ipsec_forward(struct sip_msg* m, udomain_t* d, int _cflags)
         // for Reply get the dest proto from the received request
         dst_proto = req->rcv.proto;
 
+        // for Reply and TCP sends from P-CSCF server port, for Reply and UDP sends from P-CSCF client port
+        src_port = dst_proto == PROTO_TCP ? s->port_ps : s->port_pc;
+
+        // for Reply and TCP sends to UE client port, for Reply and UDP sends to UE server port
+        dst_port = dst_proto == PROTO_TCP ? s->port_uc : s->port_us;
+
         // Check send socket
         struct socket_info * client_sock = grep_sock_info(via_host.af == AF_INET ? &ipsec_listen_addr : &ipsec_listen_addr6, src_port, dst_proto);
-        if(client_sock) {
-            // for Reply and TCP sends from P-CSCF server port, for Reply and UDP sends from P-CSCF client port
-            src_port = dst_proto == PROTO_TCP ? s->port_ps : s->port_pc;
-
-            // for Reply and TCP sends to UE client port, for Reply and UDP sends to UE server port
-            dst_port = dst_proto == PROTO_TCP ? s->port_uc : s->port_us;
-        }
-        else
-        {
+        if(!client_sock) {
             src_port = s->port_pc;
             dst_port = s->port_us;
         }
diff --git a/src/modules/ims_ipsec_pcscf/ipsec.c b/src/modules/ims_ipsec_pcscf/ipsec.c
index e874abaa34f..16dda61b8cd 100644
--- a/src/modules/ims_ipsec_pcscf/ipsec.c
+++ b/src/modules/ims_ipsec_pcscf/ipsec.c
@@ -184,7 +184,7 @@ int add_sa(struct mnl_socket* nl_sock, const struct ip_addr *src_addr_param, con
     if(strncasecmp(r_alg.s, "hmac-md5-96", r_alg.len) == 0) {
         strcpy(l_auth_algo->alg_name,"md5");
     }
-    else if(strncasecmp(r_alg.s, "hmac-sha1-96", r_alg.len) == 0) {
+    else if(strncasecmp(r_alg.s, "hmac-sha-1-96", r_alg.len) == 0) {
         strcpy(l_auth_algo->alg_name,"sha1");
     } else {
         // set default algorithm to sha1