[Asterisk-code-review] res pjsip outbound registration.c: Fix 423 response handling. (asterisk[13])
Mark Michelson
asteriskteam at digium.com
Fri Nov 20 13:03:18 CST 2015
Mark Michelson has submitted this change and it was merged.
Change subject: res_pjsip_outbound_registration.c: Fix 423 response handling.
......................................................................
res_pjsip_outbound_registration.c: Fix 423 response handling.
Receiving a 423 Interval Too Brief response after authentication for an
outbound registration attempt results in assuming that the registrar has
rejected the registration permanently. If there are no configured retries
for fatal responses then the outbound registration is stopped for that
endpoint.
For registrations, PJSIP/PJPROJECT intercepts the handling of 423
responses and does not include any authentication in the updated
registration request. When the updated request is challenged then the
Asterisk code assumes that we were challenged again because the peer
rejected the authentication we sent earlier.
* Made registration challenges keep track of the CSeq number to determine
if the received challenge response was for the request we thought we sent.
If the response's CSeq number differs from the CSeq number we last sent
with authentication then authenticate again because it is a challenge to a
different request.
Change-Id: I81b4bd36d1be095bab606e34b8b44e6302971b09
---
M res/res_pjsip_outbound_registration.c
1 file changed, 17 insertions(+), 3 deletions(-)
Approvals:
Mark Michelson: Looks good to me, approved
Anonymous Coward #1000019: Verified
Joshua Colp: Looks good to me, but someone else must approve
diff --git a/res/res_pjsip_outbound_registration.c b/res/res_pjsip_outbound_registration.c
index 04ff1df..84476db 100644
--- a/res/res_pjsip_outbound_registration.c
+++ b/res/res_pjsip_outbound_registration.c
@@ -335,6 +335,8 @@
unsigned int auth_rejection_permanent;
/*! \brief Determines whether SIP Path support should be advertised */
unsigned int support_path;
+ /*! CSeq number of last sent auth request. */
+ unsigned int auth_cseq;
/*! \brief Serializer for stuff and things */
struct ast_taskprocessor *serializer;
/*! \brief Configured authentication credentials */
@@ -758,15 +760,27 @@
ast_debug(1, "Processing REGISTER response %d from server '%s' for client '%s'\n",
response->code, server_uri, client_uri);
- if (!response->client_state->auth_attempted &&
- (response->code == 401 || response->code == 407)) {
+ if ((response->code == 401 || response->code == 407)
+ && (!response->client_state->auth_attempted
+ || response->rdata->msg_info.cseq->cseq != response->client_state->auth_cseq)) {
+ int res;
+ pjsip_cseq_hdr *cseq_hdr;
pjsip_tx_data *tdata;
+
if (!ast_sip_create_request_with_auth_from_old(&response->client_state->outbound_auths,
response->rdata, response->old_request, &tdata)) {
response->client_state->auth_attempted = 1;
ast_debug(1, "Sending authenticated REGISTER to server '%s' from client '%s'\n",
server_uri, client_uri);
- if (registration_client_send(response->client_state, tdata) == PJ_SUCCESS) {
+ pjsip_tx_data_add_ref(tdata);
+ res = registration_client_send(response->client_state, tdata);
+
+ /* Save the cseq that actually got sent. */
+ cseq_hdr = (pjsip_cseq_hdr *) pjsip_msg_find_hdr(tdata->msg, PJSIP_H_CSEQ,
+ NULL);
+ response->client_state->auth_cseq = cseq_hdr->cseq;
+ pjsip_tx_data_dec_ref(tdata);
+ if (res == PJ_SUCCESS) {
ao2_ref(response, -1);
return 0;
}
--
To view, visit https://gerrit.asterisk.org/1644
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I81b4bd36d1be095bab606e34b8b44e6302971b09
Gerrit-PatchSet: 2
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: Richard Mudgett <rmudgett at digium.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Mark Michelson <mmichelson at digium.com>
Gerrit-Reviewer: Matt Jordan <mjordan at digium.com>
More information about the asterisk-code-review
mailing list