search

hanenehrizi / sipdroid

Automatically exported from code.google.com/p/sipdroid
GNU General Public License v3.0
0 stars 0 forks source link

REGISTER re-uses Via branch tag; fails RFC3261 compliance #149

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 

What steps will reproduce the problem?
1. just a normal REGISTER to a SIP server

What is the expected output? What do you see instead?

RFC3261 says: "The branch parameter value MUST be unique across space and
time for all requests sent by the UA." This is not the case for SipDroid;
in a typical REGISTER-401-REGISTER-200 transaction the same Via header
(with the same branch tag) is used for both REGISTER requests.

What version of the product are you using? On what operating system?

Bug reproduced on Sipdroid version 1.1.0 and 1.1.1.

Which SIP server are you using? What happens with PBXes?

This behavior leads to a failure on Huawei SBCs. These devices take the RFC
literally and identify the transaction by evaluating Call-Id, From tags and
Via branch tags. Since all of these parameters are identical for the second
REGISTER, the SBC just re-issues the already sent 401 reponse (even though
the second REGISTER had proper credentials)

Please provide any additional information below.

I will attach a commented trace to illustrate the issue in signaling flow.

Original issue reported on code.google.com by roland...@googlemail.com on 30 Sep 2009 at 11:09

GoogleCodeExporter commented 9 years ago 
Signalling trace, comments starting with *****:

**** the first REGISTER

REGISTER sip:sip.qsc.de SIP/2.0
Via: SIP/2.0/UDP 127.0.0.1;rport;branch=z9hG4bK53429
Max-Forwards: 70
To: <sip:021317399404@sip.qsc.de>
From: <sip:021317399404@sip.qsc.de>;tag=z9hG4bK19280994
Call-ID: 577688919338@127.0.0.1
CSeq: 1 REGISTER
Contact: <sip:021317399404@127.0.0.1>
Expires: 3600
User-Agent: Sipdroid/1.1.1 beta
Content-Length: 0

**** answered with 401 by SBC because no credentials included (correct)

SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 127.0.0.1;branch=z9hG4bK53429;received=83.236.48.1;rport=54746
Call-ID: 577688919338@127.0.0.1
From: <sip:021317399404@sip.qsc.de>;tag=z9hG4bK19280994
To: <sip:021317399404@sip.qsc.de>;tag=ed542666
CSeq: 1 REGISTER
Server: QSC SIP Router
WWW-Authenticate: Digest
realm="qsc.de",nonce="4ac311b1c69d82dc6561810ba14fb7114f076d48",qop="auth"
Content-Length: 0

**** now the second REGISTER, this includes credentials for the given nonce
**** Note the "Via:" header, which is 100% the same as in the first REGISTER
**** request. This violates RFC3261, section 8117 [The Via Header].

REGISTER sip:sip.qsc.de SIP/2.0
Via: SIP/2.0/UDP 127.0.0.1;rport;branch=z9hG4bK53429
Max-Forwards: 70
To: <sip:021317399404@sip.qsc.de>
From: <sip:021317399404@sip.qsc.de>;tag=z9hG4bK19280994
Call-ID: 577688919338@127.0.0.1
CSeq: 2 REGISTER
Contact: <sip:021317399404@127.0.0.1>
Expires: 3600
User-Agent: Sipdroid/1.1.1 beta
Authorization: Digest username="021317399404", realm="qsc.de",
nonce="4ac311b1c69d82dc6561810ba14fb7114f076d48", uri="sip:sip.qsc.de", 
qop=auth,
nc=00000001, cnonce="fcf36f58851fa56f", 
response="3c02fe4a3220a81a016e5003ac0de3b2"
Content-Length: 0

**** The SBC replies 401 again. Note that the answer obviously refers to the
**** first (!) REGISTER (see CSeq header). That's because the SBC identifies
**** the second REGISTER as identical to the first one because of identical
**** VIA branch tags.

SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 127.0.0.1;branch=z9hG4bK53429;received=83.236.48.1;rport=54746
Call-ID: 577688919338@127.0.0.1
From: <sip:021317399404@sip.qsc.de>;tag=z9hG4bK19280994
To: <sip:021317399404@sip.qsc.de>;tag=ed542666
CSeq: 1 REGISTER
Server: QSC SIP Router
WWW-Authenticate: Digest
realm="qsc.de",nonce="4ac311b1c69d82dc6561810ba14fb7114f076d48",qop="auth"
Content-Length: 0

Original comment by roland...@googlemail.com on 30 Sep 2009 at 11:13

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago

Original comment by pmerl...@googlemail.com on 2 Oct 2009 at 8:42

GoogleCodeExporter commented 9 years ago 
would there be a patch to fix this call-id Issue of the 127.0.0.1 

thanks

Original comment by Ritzt...@gmail.com on 6 Oct 2009 at 11:08

GoogleCodeExporter commented 9 years ago 
same as Issue 21:  branch id is not unique for subsequent REGISTRATION 
transactions  

I have provided patch for this issue.

Original comment by yuxiao...@gmail.com on 12 Dec 2009 at 11:35

GoogleCodeExporter commented 9 years ago

Original comment by pmerl...@googlemail.com on 14 Dec 2009 at 8:54