[asterisk-commits] twilson: branch 10 r343221 - in /branches/10: ./ channels/ channels/sip/inclu...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Wed Nov 2 18:03:54 CDT 2011


Author: twilson
Date: Wed Nov  2 18:03:48 2011
New Revision: 343221

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=343221
Log:
Remove registertrying option in chan_sip

This option is not only useless, but has been broken since inception since
the flag was never copied from the peer where it is set to the pvt where
it was checked. RFC 3261 specificially states that you should not send a
provisional response to a non-INVITE request, and if we did fix the code
so that it worked, it would cause the same kind of user enumeration
vulnerability that we've discussed with the nat= setting. This patch
removes registertrying option and any code that would have sent a 100
response to a register.

Review: https://reviewboard.asterisk.org/r/1562/
........

Merged revisions 343220 from http://svn.asterisk.org/svn/asterisk/branches/1.8

Modified:
    branches/10/   (props changed)
    branches/10/channels/chan_sip.c
    branches/10/channels/sip/include/sip.h
    branches/10/contrib/realtime/mysql/sippeers.sql

Propchange: branches/10/
------------------------------------------------------------------------------
Binary property 'branch-1.8-merged' - no diff available.

Modified: branches/10/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/branches/10/channels/chan_sip.c?view=diff&rev=343221&r1=343220&r2=343221
==============================================================================
--- branches/10/channels/chan_sip.c (original)
+++ branches/10/channels/chan_sip.c Wed Nov  2 18:03:48 2011
@@ -14734,8 +14734,6 @@
 			res = AUTH_PEER_NOT_DYNAMIC;
 		} else {
 			ast_copy_flags(&p->flags[0], &peer->flags[0], SIP_NAT_FORCE_RPORT);
-			if (ast_test_flag(&p->flags[1], SIP_PAGE2_REGISTERTRYING))
-				transmit_response(p, "100 Trying", req);
 			if (!(res = check_auth(p, req, peer->name, peer->secret, peer->md5secret, SIP_REGISTER, uri2, XMIT_UNRELIABLE, req->ignore))) {
 				if (sip_cancel_destroy(p))
 					ast_log(LOG_WARNING, "Unable to cancel SIP destruction.  Expect bad things.\n");
@@ -14819,14 +14817,6 @@
 			}
 			ao2_unlock(peer);
 		}
-	}
-	if (!peer && sip_cfg.alwaysauthreject) {
-		/* If we found a peer, we transmit a 100 Trying.  Therefore, if we're
-		 * trying to avoid leaking information, we MUST also transmit the same
-		 * response when we DON'T find a peer. */
-		transmit_response(p, "100 Trying", req);
-		/* Insert a fake delay between the 100 and the subsequent failure. */
-		sched_yield();
 	}
 	if (!res) {
 		if (sendmwi) {
@@ -17563,7 +17553,6 @@
 		ast_cli(fd, ")\n");
 
 		ast_cli(fd, "  Auto-Framing :  %s \n", AST_CLI_YESNO(peer->autoframing));
-		ast_cli(fd, "  100 on REG   : %s\n", AST_CLI_YESNO(ast_test_flag(&peer->flags[1], SIP_PAGE2_REGISTERTRYING)));
 		ast_cli(fd, "  Status       : ");
 		peer_status(peer, status, sizeof(status));
 		ast_cli(fd, "%s\n", status);
@@ -27724,8 +27713,6 @@
 				}
 			} else if (!strcasecmp(v->name, "preferred_codec_only")) {
 				ast_set2_flag(&peer->flags[1], ast_true(v->value), SIP_PAGE2_PREFERRED_CODEC);
-			} else if (!strcasecmp(v->name, "registertrying")) {
-				ast_set2_flag(&peer->flags[1], ast_true(v->value), SIP_PAGE2_REGISTERTRYING);
 			} else if (!strcasecmp(v->name, "autoframing")) {
 				peer->autoframing = ast_true(v->value);
 			} else if (!strcasecmp(v->name, "rtptimeout")) {

Modified: branches/10/channels/sip/include/sip.h
URL: http://svnview.digium.com/svn/asterisk/branches/10/channels/sip/include/sip.h?view=diff&rev=343221&r1=343220&r2=343221
==============================================================================
--- branches/10/channels/sip/include/sip.h (original)
+++ branches/10/channels/sip/include/sip.h Wed Nov  2 18:03:48 2011
@@ -338,11 +338,10 @@
 #define SIP_PAGE2_FAX_DETECT_T38		(2 << 23)  /*!< DP: Fax Detection support - detect T.38 reinvite from peer */
 #define SIP_PAGE2_FAX_DETECT_BOTH		(3 << 23)  /*!< DP: Fax Detection support - detect both */
 
-#define SIP_PAGE2_REGISTERTRYING		(1 << 24)  /*!< DP: Send 100 Trying on REGISTER attempts */
-#define SIP_PAGE2_UDPTL_DESTINATION		(1 << 25)  /*!< DP: Use source IP of RTP as destination if NAT is enabled */
-#define SIP_PAGE2_VIDEOSUPPORT_ALWAYS		(1 << 26)  /*!< DP: Always set up video, even if endpoints don't support it */
-#define SIP_PAGE2_HAVEPEERCONTEXT	(1 << 27)	/*< Are we associated with a configured peer context? */
-#define SIP_PAGE2_USE_SRTP              (1 << 28)    /*!< DP: Whether we should offer (only)  SRTP */
+#define SIP_PAGE2_UDPTL_DESTINATION		(1 << 24)  /*!< DP: Use source IP of RTP as destination if NAT is enabled */
+#define SIP_PAGE2_VIDEOSUPPORT_ALWAYS		(1 << 25)  /*!< DP: Always set up video, even if endpoints don't support it */
+#define SIP_PAGE2_HAVEPEERCONTEXT	(1 << 26)	/*< Are we associated with a configured peer context? */
+#define SIP_PAGE2_USE_SRTP              (1 << 27)    /*!< DP: Whether we should offer (only)  SRTP */
 
 #define SIP_PAGE2_FLAGS_TO_COPY \
 	(SIP_PAGE2_ALLOWSUBSCRIBE | SIP_PAGE2_ALLOWOVERLAP | SIP_PAGE2_IGNORESDPVERSION | \

Modified: branches/10/contrib/realtime/mysql/sippeers.sql
URL: http://svnview.digium.com/svn/asterisk/branches/10/contrib/realtime/mysql/sippeers.sql?view=diff&rev=343221&r1=343220&r2=343221
==============================================================================
--- branches/10/contrib/realtime/mysql/sippeers.sql (original)
+++ branches/10/contrib/realtime/mysql/sippeers.sql Wed Nov  2 18:03:48 2011
@@ -62,7 +62,6 @@
       `sendrpid` enum('yes','no') DEFAULT NULL,
       `outboundproxy` varchar(40) DEFAULT NULL,
       `callbackextension` varchar(40) DEFAULT NULL,
-      `registertrying` enum('yes','no') DEFAULT NULL,
       `timert1` int(11) DEFAULT NULL,
       `timerb` int(11) DEFAULT NULL,
       `qualifyfreq` int(11) DEFAULT NULL,




More information about the asterisk-commits mailing list