Opened 10 years ago

Last modified 5 years ago

#9675 new defect

SIMPLE: Request retried with credentials with same branch and cseq number, ie. same transaction

Reported by: mikma Owned by: seanegan
Milestone: Patches Needing Review Component: SIMPLE
Version: 2.5.5 Keywords:
Cc: dohmniq

Description

When 401 or 407 is received for a request and it's decided that the request should be retried with credentials, then the new request must be sent in a new transaction with a new branch id and cseq number.

Otherwise the SIP proxy or server which received the request may take it as a re-transmission of the initial request without credentials, and therefore re-transmits its 401/407 response.

Tested on 2.5.5, but inspecting current development version of simple.c tells me the bug still exists in process_input_message.

Both PUBLISH, and SUBSCRIBE requests publishing current status and subscribing to other users status are affected by this bug. But not REGISTER requests, which are handled differently.

Attachments (1)

simple-cseq-bump.patch (1.5 KB) - added by dohmniq 5 years ago.
patch to bump CSeq in SIMPLE for 401 responses

Download all attachments as: .zip

Change History (5)

comment:1 Changed 10 years ago by normanr

(This only happened to me when in UDP mode)

comment:2 Changed 8 years ago by Thub

I'm seeing that the CSeq isn't being incremented and branch remains the same for REGISTER requests in 2.7.9 using UDP. I can't really get any further to see if it's affecting other requests.

Changed 5 years ago by dohmniq

patch to bump CSeq in SIMPLE for 401 responses

comment:3 Changed 5 years ago by dohmniq

patch works for me using 2.10.9 on FreeBSD 10 connecting to Asterisk v11 server

comment:4 Changed 5 years ago by Robby

  • Milestone set to Patches Needing Review
Note: See TracTickets for help on using tickets.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!