[asterisk-dev] [Code Review] IAX REGAUTH loop
David Vossel
dvossel at digium.com
Tue May 5 13:52:19 CDT 2009
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/245/
-----------------------------------------------------------
Review request for Asterisk Developers and Tilghman Lesher.
Summary
-------
If an IAX2 device attempts to register with an invalid username, (one that does not exist in iax.conf), then Asterisk sends a REGAUTH containing a random MD5 or RSA challenge in response. If the device answers the fake challenge request then Asterisk sends another REGAUTH rather than terminating the registration. This starts a loop.
REGREQ -->
<-- REGAUTH (with challenge)
REGREQ (with challenge response) -->
<-- REGAUTH (with challenge)
REGREQ (with challenge response -->
...ect
A side affect of this is that it spams the cli with notices that no registration was found for the peer. [Apr 9 01:22:20] NOTICE[24066]: chan_iax2.c:5686 register_verify: No registration for peer 'friend' (from x.x.x.x)
Solution: If the username does not exist in iax.conf go ahead and send the random challenge. If the device using the nonexistent username responds to the challenge, send an AUTHREJ to terminate the registration.
This addresses bug 0014867.
http://bugs.digium.com/view.php?id=0014867
Diffs
-----
/branches/1.4/channels/chan_iax2.c 192213
Diff: http://reviewboard.digium.com/r/245/diff
Testing
-------
tested by removing friend from iax.conf. Attempted to register to removed friend. Got reject after attempting to authenticate as nonexistent peer.
Thanks,
David
More information about the asterisk-dev
mailing list