Merged revisions 171264 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r171264 | oej | 2009-01-26 13:51:53 +0100 (MÃ¥n, 26 Jan 2009) | 9 lines

Don't retransmit 401 on REGISTER requests when alwaysauthreject=yes

(closes issue #14284)
Reported by: klaus3000
Patches:
      patch_chan_sip_unreliable_1.4.23_14284.txt uploaded by klaus3000 (license 65)
Tested by: klaus3000

........

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@171326 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 59b5eb5..d547d04 100644 (file)
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -2223,7 +2223,7 @@ static int transmit_response_with_sdp(struct sip_pvt *p, const char *msg, const
 static int transmit_response_with_unsupported(struct sip_pvt *p, const char *msg, const struct sip_request *req, const char *unsupported);
 static int transmit_response_with_auth(struct sip_pvt *p, const char *msg, const struct sip_request *req, const char *rand, enum xmittype reliable, const char *header, int stale);
 static int transmit_response_with_allow(struct sip_pvt *p, const char *msg, const struct sip_request *req, enum xmittype reliable);
-static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, int reliable);
+static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, enum xmittype reliable);
 static int transmit_request(struct sip_pvt *p, int sipmethod, int inc, enum xmittype reliable, int newbranch);
 static int transmit_request_with_auth(struct sip_pvt *p, int sipmethod, int seqno, enum xmittype reliable, int newbranch);
 static int transmit_invite(struct sip_pvt *p, int sipmethod, int sdp, int init);
@@ -11728,7 +11728,7 @@ static int cb_extensionstate(char *context, char* exten, int state, void *data)
 /*! \brief Send a fake 401 Unauthorized response when the administrator
   wants to hide the names of local devices  from fishers
  */
-static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, int reliable)
+static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, enum xmittype reliable)
 {
        ast_string_field_build(p, randdata, "%08lx", ast_random());     /* Create nonce for challenge */
        transmit_response_with_auth(p, "401 Unauthorized", req, p->randdata, reliable, "WWW-Authenticate", 0);
@@ -11933,7 +11933,7 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
                case AUTH_PEER_NOT_DYNAMIC:
                case AUTH_ACL_FAILED:
                        if (sip_cfg.alwaysauthreject) {
-                               transmit_fake_auth_response(p, &p->initreq, 1);
+                               transmit_fake_auth_response(p, &p->initreq, XMIT_UNRELIABLE);
                        } else {
                                /* URI not found */
                                if (res == AUTH_PEER_NOT_DYNAMIC) {
@@ -18712,7 +18712,7 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, int
                if (res < 0) { /* Something failed in authentication */
                        if (res == AUTH_FAKE_AUTH) {
                                ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", get_header(req, "From"));
-                               transmit_fake_auth_response(p, req, 1);
+                               transmit_fake_auth_response(p, req, XMIT_RELIABLE);
                        } else {
                                ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", get_header(req, "From"));
                                transmit_response_reliable(p, "403 Forbidden", req);
@@ -19969,7 +19969,7 @@ static int handle_request_subscribe(struct sip_pvt *p, struct sip_request *req,
        if (res < 0) {
                if (res == AUTH_FAKE_AUTH) {
                        ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", get_header(req, "From"));
-                       transmit_fake_auth_response(p, req, 1);
+                       transmit_fake_auth_response(p, req, XMIT_UNRELIABLE);
                } else {
                        ast_log(LOG_NOTICE, "Failed to authenticate device %s for SUBSCRIBE\n", get_header(req, "From"));
                        transmit_response_reliable(p, "403 Forbidden", req);