[asterisk-bugs] [Asterisk 0014013]: 4XX Responses to a BYE request
Asterisk Bug Tracker
noreply at bugs.digium.com
Wed Dec 3 11:11:24 CST 2008
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=14013
======================================================================
Reported By: manwe
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 14013
Category: Channels/chan_sip/General
Reproducibility: sometimes
Severity: minor
Priority: normal
Status: new
Asterisk Version: 1.4.23-rc2
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 2008-12-03 01:05 CST
Last Modified: 2008-12-03 11:11 CST
======================================================================
Summary: 4XX Responses to a BYE request
Description:
In the Changelog of asterisk 1.4.23RC2 it can be read:
+ /* RFC 3261 Section 15 specifies that if we receive a 408 or 481
+ * in response to a BYE, then we should end the current dialog
+ * and session. There is no mention in the spec of other 4XX responses,
+ * but it is known that at least one phone manufacturer potentially
+ * will send a 404 in response to a BYE, so we'll be liberal in what
+ * we accept and end the dialog and session if we receive any 4XX
+ * response to a BYE.
+ */
And the code:
+ if (resp >= 400 && resp < 500 && sipmethod == SIP_BYE) {
+ ast_set_flag(&p->flags[0], SIP_NEEDDESTROY);
+ return;
+ }
What about if Asterisk calls through a proxy? It's really possible (and
common) that a proxy requires authentication for BYE, so it replies with
407
and the UAC (Asterisk) should re-generate the BYE with credentials.
Note that RFC 3261 states that requiring authentication for a BYE is a
good
way to avoid calls ending by an attacker (spoofed BYE).
It is also common to receive 483 (too many hops).
I think that having only ip-phones in mind is not a good approach. Not
every 4XX response should end the dialog.
======================================================================
----------------------------------------------------------------------
(0095732) ibc (reporter) - 2008-12-03 11:11
http://bugs.digium.com/view.php?id=14013#c95732
----------------------------------------------------------------------
Yes, the only important point here is the ability of Asterisk to send a BYE
with credentials if the proxy/endpoint replies 401/407. This could be
important in the proxy side (correct accounting) so Asterisk should honor
the 401/407.
In case the second BYE (with credentials) also fails (again 401/407 or
other 4XX) then Asterisk should, as you say, end this leg (first leg was
already terminated before).
Issue History
Date Modified Username Field Change
======================================================================
2008-12-03 11:11 ibc Note Added: 0095732
======================================================================
More information about the asterisk-bugs
mailing list