diff options
| author | Mark Michelson <mmichelson@digium.com> | 2015-04-27 16:13:22 -0500 |
|---|---|---|
| committer | Mark Michelson <mmichelson@digium.com> | 2015-04-29 12:04:06 -0500 |
| commit | 4f1db2070da56f0357c10fad729dd5e90644a042 (patch) | |
| tree | 4cbe5efe05fea294b8f19f7c7d45f909a7e11770 /res/res_pjsip_outbound_authenticator_digest.c | |
| parent | ed5715eb3994d08fdf81001dabdb39b171a308ac (diff) | |
res_pjsip_outbound_registration: Don't fail on delayed processing.
Odd behaviors have been observed during outbound registrations. The most
common problem witnessed has been one where a request with
authentication credentials cannot be created after receiving a 401
response. Other behaviors include apparently processing an incorrect SIP
response.
Inspecting the code led to an apparent issue with regards to how we
handle transactions in outbound registration code. When a response to a
REGISTER arrives, we save a pointer to the transaction and then push a
task onto the registration serializer. Between the time that we save the
pointer and push the task, it's possible for the transaction to be
destroyed due to a timeout. It's also possible for the address to be
reused by the transaction layer for a new transaction.
To allow for authentication of a REGISTER request to be authenticated
after the transaction has timed out, we now hold a reference to the
original REGISTER request instead of the transaction. The function for
creating a request with authentication has been altered to take the
original request instead of the transaction where the original request
was sent.
ASTERISK-25020
Reported by Mark Michelson
Change-Id: I756c19ab05ada5d0503175db9676acf87c686d0a
Diffstat (limited to 'res/res_pjsip_outbound_authenticator_digest.c')
| -rw-r--r-- | res/res_pjsip_outbound_authenticator_digest.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/res/res_pjsip_outbound_authenticator_digest.c b/res/res_pjsip_outbound_authenticator_digest.c index 35e59f21a..de77616fd 100644 --- a/res/res_pjsip_outbound_authenticator_digest.c +++ b/res/res_pjsip_outbound_authenticator_digest.c @@ -102,13 +102,13 @@ cleanup: } static int digest_create_request_with_auth(const struct ast_sip_auth_vector *auths, pjsip_rx_data *challenge, - pjsip_transaction *tsx, pjsip_tx_data **new_request) + pjsip_tx_data *old_request, pjsip_tx_data **new_request) { pjsip_auth_clt_sess auth_sess; pjsip_cseq_hdr *cseq; if (pjsip_auth_clt_init(&auth_sess, ast_sip_get_pjsip_endpoint(), - tsx->pool, 0) != PJ_SUCCESS) { + old_request->pool, 0) != PJ_SUCCESS) { ast_log(LOG_WARNING, "Failed to initialize client authentication session\n"); return -1; } @@ -119,7 +119,7 @@ static int digest_create_request_with_auth(const struct ast_sip_auth_vector *aut } switch (pjsip_auth_clt_reinit_req(&auth_sess, challenge, - tsx->last_tx, new_request)) { + old_request, new_request)) { case PJ_SUCCESS: /* PJSIP creates a new transaction for new_request (meaning it creates a new * branch). However, it recycles the Call-ID, from-tag, and CSeq from the |