[asterisk-bugs] [Asterisk 0014238]: 1.2.31 break authentication of IAX2 registration
Asterisk Bug Tracker
noreply at bugs.digium.com
Wed Jan 14 10:39:16 CST 2009
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=14238
======================================================================
Reported By: sabbathbh
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 14238
Category: Channels/chan_iax2
Reproducibility: always
Severity: major
Priority: normal
Status: new
Asterisk Version: 1.2.X
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!): 167272
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 2009-01-14 07:06 CST
Last Modified: 2009-01-14 10:39 CST
======================================================================
Summary: 1.2.31 break authentication of IAX2 registration
Description:
The Security fix for AST-2009-001 on Asterisk 1.2.31 break the
authentication of a peer that tries to register on Asterisk.
Jan 14 10:52:28 WARNING[18728]: chan_iax2.c:6106 registry_authrequest: No
such peer 'pftestedesenv'
pfdesenv*CLI> iax2 show peers
Name/Username Host Mask Port
Status
pftestedesenv/p (Unspecified) (D) 255.255.255.255 0 (T)
UNKNOWN
The same configuration on the previous versions (1.2.30.4 and before)
works fine.
======================================================================
----------------------------------------------------------------------
(0097733) sabbathbh (reporter) - 2009-01-14 10:39
http://bugs.digium.com/view.php?id=14238#c97733
----------------------------------------------------------------------
I think I found the cause and maybe the fix (and a workaround too).
Comparing the code of registry_authrequest() in chan_iax2.c from 1.2.31
with 1.4.22.1:
1.2.31:
if (p && ast_test_flag(p, IAX_TEMPONLY)) {
destroy_peer(p);
} else if (!delayreject) {
ast_log(LOG_WARNING, "No such peer '%s'\n", name);
return 0;
}
1.4.22.1:
if (!iaxs[callno])
goto return_unref;
if (!p && !delayreject) {
ast_log(LOG_WARNING, "No such peer '%s'\n", peer_name);
goto return_unref;
}
Seems there's a missing check for "p" in 1.2.31. Maybe it should be:
if (p && ast_test_flag(p, IAX_TEMPONLY)) {
destroy_peer(p);
} else if (!p && !delayreject) {
ast_log(LOG_WARNING, "No such peer '%s'\n", name);
return 0;
}
Tested this fix here and it worked fine.
The workaround:
Enable "delayreject=yes" on iax2.conf.
Tested the workaround too.
Issue History
Date Modified Username Field Change
======================================================================
2009-01-14 10:39 sabbathbh Note Added: 0097733
======================================================================
More information about the asterisk-bugs
mailing list