[asterisk-bugs] [Asterisk 0015201]: IAX2 immediately retries after a failed registration, causing a flood of failed registrations

Asterisk Bug Tracker noreply at bugs.digium.com
Wed May 27 08:49:12 CDT 2009 

A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=15201 
====================================================================== 
Reported By:                gmza
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   15201
Category:                   Channels/chan_iax2
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     new
Asterisk Version:           1.4.25 
Regression:                 No 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
====================================================================== 
Date Submitted:             2009-05-26 17:15 CDT
Last Modified:              2009-05-27 08:49 CDT
====================================================================== 
Summary:                    IAX2 immediately retries after a failed
registration, causing a flood of failed registrations
Description: 
When one asterisk box (host1) has a line such as:

register => 12345:abc at host2

and no such user exists in host2's iax.conf file, host1 will flood host2
with failed registration attempts using as much bandwidth as it can
consume.


====================================================================== 

---------------------------------------------------------------------- 
 (0105518) aragon (reporter) - 2009-05-27 08:49
 https://issues.asterisk.org/view.php?id=15201#c105518 
---------------------------------------------------------------------- 
Fixed in SVN

Repository: asterisk
Revision: 194873

U branches/1.4/channels/chan_iax2.c

------------------------------------------------------------------------
r194873 | dvossel | 2009-05-15 17:43:22 -0500 (Fri, 15 May 2009) | 17
lines

IAX2 REGAUTH loop

IAX was not sending REGREJ to terminate invalid registrations. Instead it
sent another REGAUTH if the authentication challenge failed. This caused a
loop of REGREQ and REGAUTH frames.

(Related to Security fix AST-2009-001)

(closes issue 0014867)
Reported by: aragon
Tested by: dvossel

(closes issue 0014717)
Reported by: mobeck
Patches:
      regauth_loop_update_patch.diff uploaded by dvossel (license 671)
Tested by: dvossel


------------------------------------------------------------------------

http://svn.digium.com/view/asterisk?view=rev&revision=194873 [^] 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-05-27 08:49 aragon         Note Added: 0105518                          
======================================================================

More information about the asterisk-bugs mailing list