From bbb3f94335aeea010c7357370ea8f42b587aa54c Mon Sep 17 00:00:00 2001
From: Reidar Cederqvist <reidar.cederqvist@gmail.com>
Date: Fri, 18 May 2018 16:51:32 +0200
Subject: [PATCH] voice-client: fix security issue refs #14962

---
 .../etc/asterisk_templates/sip_registration_voicesec.TEMPLATE | 2 +-
 voice-client/files/etc/init.d/voice_client                    | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/voice-client/files/etc/asterisk_templates/sip_registration_voicesec.TEMPLATE b/voice-client/files/etc/asterisk_templates/sip_registration_voicesec.TEMPLATE
index d64bb24f7..358c64578 100644
--- a/voice-client/files/etc/asterisk_templates/sip_registration_voicesec.TEMPLATE
+++ b/voice-client/files/etc/asterisk_templates/sip_registration_voicesec.TEMPLATE
@@ -1,2 +1,2 @@
-#exec echo "register => |TRANSPORT|://|USER|@|DOMAIN|:$(/usr/bin/voicesec -d /usr/lib/asterisk/voicesec_|PROVIDER|)|AUTHUSER|@|PROVIDER||PORT|/|CONTACT_USER|"
+#exec echo 'register => |TRANSPORT|://|USER|@|DOMAIN|:'$(/usr/bin/voicesec -d /usr/lib/asterisk/voicesec_|PROVIDER|)'|AUTHUSER|@|PROVIDER||PORT|/|CONTACT_USER|'
 
diff --git a/voice-client/files/etc/init.d/voice_client b/voice-client/files/etc/init.d/voice_client
index eb984b462..578e32eea 100755
--- a/voice-client/files/etc/init.d/voice_client
+++ b/voice-client/files/etc/init.d/voice_client
@@ -721,6 +721,10 @@ configure_sip_provider()
 	config_get transport $1 transport
 	config_get encryption $1 encryption
 
+	# This is a hack to fix security issue #14962
+	user=${user//"'"/}
+	authuser=${authuser//"'"/}
+
 	if [ -z "$transport" ] ; then 
 		transport="udp" 
 	fi