Re: [Callweaver-dev] Strange SUBSCRIBE behavior (snapshot from 0621)

Lee Essen Thu, 26 Jun 2008 03:35:45 -0700

I'm not sure my original message ever made it to the list (can't see  
it in the archives), but now I have confirmed the bug exists and have  
proposed a very simple fix.


Basically if a SUBSCRIBE with not authentication information is  
received, then callweaver properly sends a "401 Unauthorized" reponse,  
however because of the bug in chan_sip.c if then immediately sends a  
"403 Forbidden" which then completely confuses the follow-on  
transaction.

in the check_auth() function, after sending the "401" the return code  
isn't correctly set, and defaults to AUTH_FAILED, which subsequently  
causes the forbidden response.

This was taken from the 2008-06-21 snapshot.  I will also raise this  
as a bug.

Regards,

Lee.

--

diff -ua chan_sip.c chan_sip.c.fixed
--- chan_sip.c  2008-06-20 22:40:01.000000000 +0100
+++ chan_sip.c.fixed    2008-06-26 11:34:08.000000000 +0100
@@ -8458,6 +8458,7 @@
                transmit_response_with_auth(p, response, req, randdata, 
reliable,  
respheader, 0);
                /* Schedule auto destroy in 15 seconds */
                sip_scheddestroy(p, 15000);
+               res = AUTH_CHALLENGE_SENT;
        }
        else
        {


On 25 Jun 2008, at 08:35, [EMAIL PROTECTED] wrote:

> Hi,
>
> I'm working on porting CallWeaver over to the IP-04 and, so far, it's
> looking pretty good. I've just been looking at MWI and subscriptions  
> and
> I'm seeing strange behavior, I doubt this is an IP-04 specific thing  
> so I
> though I should describe it here and see if anyone else is seeing  
> it...
>
> I have a Siemens S685IP SIP phone and it's registering against  
> callweaver
> and then subscribing to the message-summary so it can handle MWI.  I  
> know
> this used to work properly a while ago (albeit on a different phone  
> and
> different version of CallWeaver!)
>
> Now I'm seeing the register, the auth-required, then the register with
> auth information and the OK response, so all ok so far.
>
> Then comes the SUBSCRIBE, we send a "401 Unauthorized" as expected. At
> this point something seems to go wrong, we also now send a "403  
> Forbidden"
> (reliably) so this repeats quite a few times.
>
> In the meantime the phone re-sends the SUBSCRIBE with the correct
> authentication, we find the peer and respond with a "200 OK",  
> however we
> are still reliably transmitting the "403 Forbidden" on the same  
> callid,
> and I think it's this that messes up the whole interaction.
>
> Looking at the chan_sip.c code it seems that if we sent an  
> auth_challenge
> then we shouldn't send the "Forbidden" (line 13875), however this  
> doesn't
> seem to be working properly?
>
> I will build callweaver on a x86 system and try to reproduce the  
> problem,
> but just wanted to flag the issue.
>
> Some SIP debug below (sorry, cut from a serial session so missing  
> some end
> of lines)...
>
> Regards,
>
> Lee.
>
>
> <-- SIP read from 192.168.99.178:5060:
> REGISTER sip:owlsbarn.co.uk SIP/2.0
> Via: SIP/2.0/UDP
> 192.168.99.178 
> :5060;branch=z9hG4bK35aa60622ff063cb8d4a9871823f133;rport
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=4228563960
> To: "1234" <sip:[EMAIL PROTECTED]>
> Call-ID: [EMAIL PROTECTED]
> CSeq: 3 REGISTER
> Contact: <sip:[EMAIL PROTECTED]:5060>
> Max-Forwards: 70
> User-Agent: S685IP020970000000
> Expires: 180
> Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, INFO, REFER, SUBSCRIBE,  
> NOTIFY
> Content-Length: 0
>
>
> --- (12 headers 0 lines) ---
> Using latest REGISTER request as basis request
> Sending to 192.168.99.178 : 5060 (NAT)
> Transmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 100 Trying
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bK35aa60622ff063cb8d4a9871823f133;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=4228563960
> To: "1234" <sip:[EMAIL PROTECTED]>
> Call-ID: [EMAIL PROTECTED]
> CSeq: 3 REGISTER
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> Contact: <sip:[EMAIL PROTECTED]>
> Content-Length: 0
>
>
> ---
> Transmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bK35aa60622ff063cb8d4a9871823f133;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=4228563960
> To: "1234" <sip:[EMAIL PROTECTED]>;tag=as43f704fd
> Call-ID: [EMAIL PROTECTED]
> CSeq: 3 REGISTER
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> WWW-Authenticate: Digest algorithm=MD5, realm="owlsbarn.co.uk",
> nonce="4734ed92"
> Content-Length: 0
>
>
> ---
> Scheduling destruction of call '[EMAIL PROTECTED]' in 15000 ms
> Dec 31 16:48:52 NOTICE[11273]: chan_sip.c:14098  
> handle_request_register:
> Registration from '"1234" <sip:[EMAIL PROTECTED]>' failn
> Scheduling destruction of call '[EMAIL PROTECTED]' in 15000 ms
>
> <-- SIP read from 192.168.99.178:5060:
> REGISTER sip:owlsbarn.co.uk SIP/2.0
> Via: SIP/2.0/UDP
> 192.168.99.178 
> :5060;branch=z9hG4bKd67ec8075d8e7964f878647c327fc380;rport
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=4228563960
> To: "1234" <sip:[EMAIL PROTECTED]>
> Call-ID: [EMAIL PROTECTED]
> CSeq: 4 REGISTER
> Contact: <sip:[EMAIL PROTECTED]:5060>
> Authorization: Digest username="1234", realm="owlsbarn.co.uk",
> algorithm=MD5, uri="sip:owlsbarn.co.uk", nonce="4734ed92", response"
> Max-Forwards: 70
> User-Agent: S685IP020970000000
> Expires: 180
> Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, INFO, REFER, SUBSCRIBE,  
> NOTIFY
> Content-Length: 0
>
>
> --- (13 headers 0 lines) ---
> Using latest REGISTER request as basis request
> Sending to 192.168.99.178 : 5060 (NAT)
> Transmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 100 Trying
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bKd67ec8075d8e7964f878647c327fc380;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=4228563960
> To: "1234" <sip:[EMAIL PROTECTED]>
> Call-ID: [EMAIL PROTECTED]
> CSeq: 4 REGISTER
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> Contact: <sip:[EMAIL PROTECTED]>
> Content-Length: 0
>
>
> ---
> Transmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 200 OK
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bKd67ec8075d8e7964f878647c327fc380;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=4228563960
> To: "1234" <sip:[EMAIL PROTECTED]>;tag=as43f704fd
> Call-ID: [EMAIL PROTECTED]
> CSeq: 4 REGISTER
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> Expires: 180
> Contact: <sip:[EMAIL PROTECTED]:5060>;expires=180
> Date: Mon, 01 Jan 2007 00:48:52 GMT
> Content-Length: 0
>
>
> ---
> Scheduling destruction of call '[EMAIL PROTECTED]' in 15000 ms
> MM-DEBUG3: sip_devicestate() [0]
>
> <-- SIP read from 192.168.99.178:5060:
> SUBSCRIBE sip:[EMAIL PROTECTED] SIP/2.0
> Via: SIP/2.0/UDP
> 192.168.99.178 
> :5060;branch=z9hG4bKed4410493028971ae057b507a6c19ff8;rport
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=3488040757
> To: "1234" <sip:[EMAIL PROTECTED]>
> Call-ID: [EMAIL PROTECTED]
> CSeq: 1337999192 SUBSCRIBE
> Contact: <sip:[EMAIL PROTECTED]:5060>
> Max-Forwards: 70
> User-Agent: S685IP020970000000
> Event: message-summary
> Expires: 3600
> Allow: NOTIFY
> Accept: application/simple-message-summary
> Content-Length: 0
>
>
> --- (14 headers 0 lines) ---
> Using latest SUBSCRIBE request as basis request
> Sending to 192.168.99.178 : 5060 (NAT)
> Found peer '1234'
> Transmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bKed4410493028971ae057b507a6c19ff8;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=3488040757
> To: "1234" <sip:[EMAIL PROTECTED]>;tag=as7a860239
> Call-ID: [EMAIL PROTECTED]
> CSeq: 1337999192 SUBSCRIBE
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> WWW-Authenticate: Digest algorithm=MD5, realm="owlsbarn.co.uk",
> nonce="7e76088b"
> Content-Length: 0
>
>
> ---
> Scheduling destruction of call '[EMAIL PROTECTED]' in 15000 ms
> Dec 31 16:49:00 NOTICE[11273]: chan_sip.c:13884  
> handle_request_subscribe:
> Failed to authenticate user "1234" <sip:[EMAIL PROTECTED]
> Reliably Transmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 403 Forbidden
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bKed4410493028971ae057b507a6c19ff8;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=3488040757
> To: "1234" <sip:[EMAIL PROTECTED]>;tag=as7a860239
> Call-ID: [EMAIL PROTECTED]
> CSeq: 1337999192 SUBSCRIBE
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> Content-Length: 0
>
>
> ---
>
> <-- SIP read from 192.168.99.178:5060:
> SUBSCRIBE sip:[EMAIL PROTECTED] SIP/2.0
> Via: SIP/2.0/UDP
> 192.168.99.178 
> :5060;branch=z9hG4bKd15b8a9d5e67330425ceedbce680f053;rport
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=3488040757
> To: "1234" <sip:[EMAIL PROTECTED]>
> Call-ID: [EMAIL PROTECTED]
> CSeq: 1337999193 SUBSCRIBE
> Contact: <sip:[EMAIL PROTECTED]:5060>
> Authorization: Digest username="1234", realm="owlsbarn.co.uk",
> algorithm=MD5, uri="sip:[EMAIL PROTECTED]", nonce="7e76088b", res"
> Max-Forwards: 70
> User-Agent: S685IP020970000000
> Event: message-summary
> Expires: 3600
> Allow: NOTIFY
> Accept: application/simple-message-summary
> Content-Length: 0
>
>
> --- (15 headers 0 lines) ---
> Found peer '1234'
> Looking for 1234 in default (domain owlsbarn.co.uk)
> Transmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 200 OK
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bKd15b8a9d5e67330425ceedbce680f053;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=3488040757
> To: "1234" <sip:[EMAIL PROTECTED]>;tag=as7a860239
> Call-ID: [EMAIL PROTECTED]
> CSeq: 1337999193 SUBSCRIBE
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> Expires: 0
> Content-Length: 0
>
>
> ---
> SIP TIMER: #16: Retransmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 403 Forbidden
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bKed4410493028971ae057b507a6c19ff8;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=3488040757
> To: "1234" <sip:[EMAIL PROTECTED]>;tag=as7a860239
> Call-ID: [EMAIL PROTECTED]
> CSeq: 1337999192 SUBSCRIBE
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> Content-Length: 0
>
>
> ---
> SIP TIMER: #16: Retransmitting (no NAT) to 192.168.99.178:5060:
> SIP/2.0 403 Forbidden
> Via: SIP/2.0/UDP
> 192.168.99.178 
> : 
> 5060 
> ;branch 
> =z9hG4bKed4410493028971ae057b507a6c19ff8;rport;received=192.168.99.178
> From: "1234" <sip:[EMAIL PROTECTED]>;tag=3488040757
> To: "1234" <sip:[EMAIL PROTECTED]>;tag=as7a860239
> Call-ID: [EMAIL PROTECTED]
> CSeq: 1337999192 SUBSCRIBE
> User-Agent: CallWeaver
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
> Max-Forwards: 70
> Content-Length: 0
>
>
>
>
>

_______________________________________________
Callweaver-dev mailing list
Callweaver-dev@callweaver.org
http://lists.callweaver.org/mailman/listinfo/callweaver-dev

Re: [Callweaver-dev] Strange SUBSCRIBE behavior (snapshot from 0621)

Reply via email to