diff options
| author | George Joseph <gjoseph@digium.com> | 2016-05-17 10:14:51 -0600 |
|---|---|---|
| committer | George Joseph <gjoseph@digium.com> | 2016-05-17 11:58:18 -0500 |
| commit | 77e8ec162b4625b144fae18203d2ac67a4f7a4eb (patch) | |
| tree | b8d205af5d0376ebc16f5e939df0054100937680 /channels | |
| parent | bcb133ce933c9ba8c36a8c20640f79f0d992ac12 (diff) | |
chan_sip: Prevent extra Session-Expires headers from being added
When chan_sip does a re-INVITE to refresh a session and authentication
is required, the INVITE with the Authorization header containes a
second Session-Expires header without the ";refersher=" parameter.
This is causing some proxies to return a 400. Also, when Asterisk is
the uas and the refresher, it is including the Session-Expires and
Min-SE headers in OPTIONS messages which is not allowed per RFC4028.
This patch (based on the reporter's) Checks to see if a Session-Expires
header is already in the message before adding another one. It also
checks that the method is INVITE or UPDATE.
ASTERISK-26030 #close
Change-Id: I58a7b07bab5a3177748d8a7034fb8ad8e11ce1d9
Diffstat (limited to 'channels')
| -rw-r--r-- | channels/chan_sip.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 7cc91486a..f64845472 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -14528,10 +14528,12 @@ static int transmit_invite(struct sip_pvt *p, int sipmethod, int sdp, int init, add_header(&req, "Require", "replaces"); } - /* Add Session-Timers related headers */ - if (st_get_mode(p, 0) == SESSION_TIMER_MODE_ORIGINATE + /* Add Session-Timers related headers if not already there */ + if (ast_strlen_zero(sip_get_header(&req, "Session-Expires")) && + (sipmethod == SIP_INVITE || sipmethod == SIP_UPDATE) && + (st_get_mode(p, 0) == SESSION_TIMER_MODE_ORIGINATE || (st_get_mode(p, 0) == SESSION_TIMER_MODE_ACCEPT - && st_get_se(p, FALSE) != DEFAULT_MIN_SE)) { + && st_get_se(p, FALSE) != DEFAULT_MIN_SE))) { char i2astr[10]; if (!p->stimer->st_interval) { |