Opened 10 years ago
Last modified 5 years ago
#9675 new defect
SIMPLE: Request retried with credentials with same branch and cseq number, ie. same transaction
| Reported by: | mikma | Owned by: | seanegan |
|---|---|---|---|
| Milestone: | Patches Needing Review | Component: | SIMPLE |
| Version: | 2.5.5 | Keywords: | |
| Cc: | dohmniq |
Description
When 401 or 407 is received for a request and it's decided that the request should be retried with credentials, then the new request must be sent in a new transaction with a new branch id and cseq number.
Otherwise the SIP proxy or server which received the request may take it as a re-transmission of the initial request without credentials, and therefore re-transmits its 401/407 response.
Tested on 2.5.5, but inspecting current development version of simple.c tells me the bug still exists in process_input_message.
Both PUBLISH, and SUBSCRIBE requests publishing current status and subscribing to other users status are affected by this bug. But not REGISTER requests, which are handled differently.
Attachments (1)
Change History (5)
comment:1 Changed 10 years ago by normanr
comment:2 Changed 8 years ago by Thub
I'm seeing that the CSeq isn't being incremented and branch remains the same for REGISTER requests in 2.7.9 using UDP. I can't really get any further to see if it's affecting other requests.
comment:3 Changed 5 years ago by dohmniq
patch works for me using 2.10.9 on FreeBSD 10 connecting to Asterisk v11 server
comment:4 Changed 5 years ago by Robby
- Milestone set to Patches Needing Review
(This only happened to me when in UDP mode)