[asterisk-dev] Require header
Mark Michelson
mmichelson at digium.com
Tue Nov 20 10:33:12 CST 2012
On 11/02/2012 10:34 AM, Mark Michelson wrote:
> On 11/01/2012 01:22 PM, Olle E. Johansson wrote:
>>
>> Let's implement a flag where the admin can select to be backwards
>> compatible with previous Asterisk versions. You've convinced me that
>> we need it. Enable it by default in old releases, disable it in trunk.
>>
>> If old Asterisk communicates with other implementations, the SIP
>> session timer implemenetation has been so bad and has broken down
>> calls, so in all my installations we've been forced to turn it off. I
>> don't know if anyone with two asterisks really use this, since we do
>> have the RTP checks as well and have no silence suppression.
>>
>> I do really want this to be correct so I can interoperate correctly
>> with other implementations and turn it on again. Since most of the
>> code is written, it can't be a huge task to enable it.
>>
>> /O
>>
> I'm not sure I see the benefit of having this flag. Let's examine
> session timers from both sides, the UAS and the UAC.
>
> On the UAS side, Asterisk clearly has been doing things incorrectly by
> not sending "Require: timer" in its 200 OK responses. This absolutely
> has to be fixed and there should not be any sort of flag to dictate
> whether we send it. Not sending "Require: timer" can clearly be seen
> to have caused interop problems with implementations that expect such
> a header to be present. We absolutely will send this header henceforth.
>
> On the UAC side, things are a bit different. This is where I think you
> intend for this flag to be used. If the flag is set one way (we'll
> call this "true"), then we only inspect a Session-Expires header in a
> 200 OK if there is also an accompanying "Require: timer" header
> present. If the flag is set the other way (we'll call this "false"),
> then we will be lenient and respect the Session-Expires header in a
> 200 OK even if there is no accompanying "Require: timer" header. You
> propose that the flag should be "false" by default in current versions
> of Asterisk and "true" in trunk.
>
> First off, have I understood what your proposed flag is correctly, or
> have I misunderstood?
>
> If I have the intended behavior correct, then I don't foresee any
> situation where having the flag set "true" will actually benefit
> anyone. If anything, it would hinder interoperability not only with
> earlier versions of Asterisk, but with any other UAS's implementation
> of session timers that may have been done incorrectly. Asterisk
> typically follows the road of accepting less-than-standard information
> if it means interoperating better, and this seems like a case where
> we'd be better off being lenient in all cases. I'd be perfectly
> willing to put the flag in if you can give me an example where
> Asterisk, as the UAC, would interoperate better by ignoring the
> Session-Expires header in an incoming 200 OK if no "Require: timer"
> header is present.
>
> Mark Michelson
>
Hi Olle,
I haven't heard back in a couple of weeks on this matter, and in that
period, I've gotten "Ship its" on my code reviews.
I'm going to commit the changes I already have. If you're able to
provide a scenario where, as the UAC, the fact we do not inspect the
Require header for a "timer" value in a 200 OK response can cause
issues, please let me know and I will revert or add what is necessary to
make it right.
Mark Michelson
More information about the asterisk-dev
mailing list