[asterisk-bugs] [JIRA] (ASTERISK-30276) res_pjsip: Mediasec requires different headers on 401 response

Joshua C. Colp (JIRA) noreply at issues.asterisk.org
Tue Oct 25 06:48:09 CDT 2022


     [ https://issues.asterisk.org/jira/browse/ASTERISK-30276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua C. Colp updated ASTERISK-30276:
--------------------------------------

    Status: Open  (was: Triage)

> res_pjsip: Mediasec requires different headers on 401 response
> --------------------------------------------------------------
>
>                 Key: ASTERISK-30276
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-30276
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip, Resources/res_pjsip_outbound_registration
>    Affects Versions: 20.0.0, 18.15.0, 16.29.0
>            Reporter: Maximilian Fridrich
>
> The Deutsche Telekom requires certain headers in SIP requests which are based on [draft-dawes-sipcore-mediasec-parameter|https://datatracker.ietf.org/doc/html/draft-dawes-dispatch-mediasec-parameter-07]. This draft requires different headers in requests sent after a 401 as compared to 494. Specifically, in requests sent after a 401 response, the Security-Client header must still be present (see [section 6.1 in the draft|https://datatracker.ietf.org/doc/html/draft-dawes-dispatch-mediasec-parameter-07#section-6.1]) while in requests after a 494 it should not be present.
> The original mediasec implementation didn't consider that.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list