[asterisk-bugs] [JIRA] (ASTERISK-29264) Certain IAX2 authentication failures cause Asterisk to crash

N A (JIRA) noreply at issues.asterisk.org
Fri Jan 29 15:16:59 CST 2021 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-29264?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=253675#comment-253675 ] 

N A commented on ASTERISK-29264:
--------------------------------

Thank you, George. I will look into the CHANNEL encryption stuff more later - that's what I was doing essentially but I'll play around more later since that's off topic anyways.

More to the point, I upgraded from Asterisk 16 to 18 and that seemed to fix the weird issues I was having. I also deleted /usr/lib/asterisk during the upgrade but before doing so to clear out any old modules that weren't being used, so that may have helped as I did get a warning about this when going from 13 -> 16. So, I'm forgetting about the issues I had with 16 as I may not have been running a stable system. The 18 system is stable and works as expected.

With no auth= defined, every single outbound IAX call failed with:
[Jan 29 21:04:21] WARNING[597][C-00000011]: chan_iax2.c:5127 iax2_call: Call terminated. Encryption requested but no auth method provided

I tried with both auth=md5,plaintext in [general]. Regardless of order, I got a plaintext deprecated error, so I went with just auth=md5.
Now, encrypted calls succeed but I can no longer make unauthenticated calls to other switches. Some outbound calls have no secret provided in the dial string and the called switch does not support authentication, so these calls are not supposed to be encrypted. It seems like auth= in general is making encryption mandatory on all calls, which is breaking outbound calls that are not encrypted.

I tried auth=md5,none but that did not change.

On the calls that fail, I get this:

WARNING[804][C-0000002a]: chan_iax2.c:5132 iax2_call: Call terminated. Encryption requested but no secret provided

The other problem seems fully fixed in both Asterisk 16 and 18 so I think that is good to go, but I would not consider this 100% resolved yet if the fix unintentionally is preventing unencrypted calls from being made.

If this is a separate issue (which it doesn't seem to be, as this never happened before until now, with the auth=), I can file a new bug.

In any case, thank you very much for your help! I sincerely appreciate your time and all that you and the Asterisk devs put into this. I don't see a "Target Release" on this item, so how would I know which version will include the patch so I can upgrade ASAP when available?

Thanks again!

> Certain IAX2 authentication failures cause Asterisk to crash
> ------------------------------------------------------------
>
>                 Key: ASTERISK-29264
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-29264
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_iax2, Resources/res_crypto
>    Affects Versions: 16.16.0
>         Environment: Debian Linux 9 and 10, multiple Asterisk versions ranging from 13.23.1 to 13.38 to version 16. To my knowledge, all Asterisk versions with res_crypto are affected from the testing that has been done.
>            Reporter: N A
>            Assignee: Unassigned
>            Severity: Major
>              Labels: crash
>         Attachments: cli.txt, core-brief.txt, core-brief.txt, core-full.txt, core-full.txt, core-info.txt, core-info.txt, core-locks.txt, core-locks.txt, core-thread1.txt, core-thread1.txt
>
>
> Versions affected: All versions of Asterisk with res_crypto.so loaded: This bug affects all known Asterisk versions from the testing that has been done on multiple different Asterisk machines on multiple versions of Debian Linux. The dump attached is from a 13.23.1 testing system.
> This issue affects chan_iax2 and/or res_crypto. I initially thought it was the former, but it may be more of the latter.
> IAX2 supports no, plaintext, md5, and rsa authentication, the latter two of which allow for encryption. It has been identified that Asterisk contains a bug that results in a crash in the following circumstance: Switch B requires MD5 authentication (i.e. it requires a secret) for some IAX2 user. Switch A places a call to Switch B with all the correct information, except it omits to provide any kind of secret (that is, the Dial string is IAX2/user at host/extension as opposed to IAX2/user:secret at host/extension). In this case, Switch A's Asterisk will immediately crash. Once Asterisk is manually started again, Asterisk runs normally until the next crash.)
> This does not occur with plaintext authentication, it does not occur if an invalid IAX2 user is called, and it does not occur if the desired IAX2 user is called and a secret is provided that is not the right secret. It only occurs when the called IAX2 user requires an MD5 secret but NO secret at all is provided by the calling switch. RSA has not been tested at all.
> I suspect this issue is related to Switch A not knowing how to handle the failed authentication negotiation with Switch B. In most such scenarios, Switch A will say "I don't know how to authenticate to..." and then time out or end the call with CHANUNAVAIL, as expected. In this case, it says "I don't know how to authenticate to..." and then immediately crashes.
> If res_crypto is not loaded, Switch A cannot negotiate the authentication at all, so the call fails but the switch does not crash. Obviously, such a switch cannot make any encrypted IAX2 call.
> What should be happening here is that Asterisk should simply fail the call with a CHANUNAVAIL result as in all other circumstances where an IAX2 call fails (e.g. wrong user, wrong plaintext secret, etc.) Instead, Asterisk just crashes.
> Backtrace files from ast_coredumper attached.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list