[asterisk-bugs] [Asterisk 0014013]: 4XX Responses to a BYE request
Asterisk Bug Tracker
noreply at bugs.digium.com
Wed Dec 3 10:13:28 CST 2008
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=14013
======================================================================
Reported By: manwe
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 14013
Category: Channels/chan_sip/General
Reproducibility: sometimes
Severity: minor
Priority: normal
Status: new
Asterisk Version: 1.4.23-rc2
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 2008-12-03 01:05 CST
Last Modified: 2008-12-03 10:13 CST
======================================================================
Summary: 4XX Responses to a BYE request
Description:
In the Changelog of asterisk 1.4.23RC2 it can be read:
+ /* RFC 3261 Section 15 specifies that if we receive a 408 or 481
+ * in response to a BYE, then we should end the current dialog
+ * and session. There is no mention in the spec of other 4XX responses,
+ * but it is known that at least one phone manufacturer potentially
+ * will send a 404 in response to a BYE, so we'll be liberal in what
+ * we accept and end the dialog and session if we receive any 4XX
+ * response to a BYE.
+ */
And the code:
+ if (resp >= 400 && resp < 500 && sipmethod == SIP_BYE) {
+ ast_set_flag(&p->flags[0], SIP_NEEDDESTROY);
+ return;
+ }
What about if Asterisk calls through a proxy? It's really possible (and
common) that a proxy requires authentication for BYE, so it replies with
407
and the UAC (Asterisk) should re-generate the BYE with credentials.
Note that RFC 3261 states that requiring authentication for a BYE is a
good
way to avoid calls ending by an attacker (spoofed BYE).
It is also common to receive 483 (too many hops).
I think that having only ip-phones in mind is not a good approach. Not
every 4XX response should end the dialog.
======================================================================
----------------------------------------------------------------------
(0095723) oej (manager) - 2008-12-03 10:13
http://bugs.digium.com/view.php?id=14013#c95723
----------------------------------------------------------------------
In fact, when we send BYE, the response is irrelevant, really, unless it's
an auth request. Regardless of the response, the call is dead. I don't know
what started this thread.
Asterisk only sends BYE if dialplan action, the other call leg or
something else issued a hangup. There's no way we can keep the call. So
it's safe to say that any response to a bye other than auth, can be treated
the same way. With auth, we have to find a way to keep the SIP dialog alive
for a short time, but the bridge will propably already be down regardless.
Issue History
Date Modified Username Field Change
======================================================================
2008-12-03 10:13 oej Note Added: 0095723
======================================================================
More information about the asterisk-bugs
mailing list