[prev in list] [next in list] [prev in thread] [next in thread]
List: asterisk-dev
Subject: Re: [asterisk-dev] [Code Review] SIP registration auth loop caused
From: "David Vossel" <dvossel () digium ! com>
Date: 2009-06-24 16:35:32
Message-ID: 20090624163532.23180.67603 () hotblack ! digium ! internal
[Download RAW message or body]
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/289/
-----------------------------------------------------------
(Updated 2009-06-24 11:35:32.748465)
Review request for Asterisk Developers.
Changes
-------
This update addresses Tilghman's comments. Now it is possible to have a nonce sent \
twice, but only the first response is accepted. If a secibd response comes in, a 401 \
message is sent back with a new challenge. This should eliminate any replay attacks.
Summary
-------
If an endpoint sends two registration requests in a very short period of time with \
the same nonce, both receive 401 responses from Asterisk, each with a different nonce \
(the second 401 containing the current nonce and the first one being stale). If the \
endpoint responds to the first 401, it does not match the current nonce so Asterisk \
sends a third 401 with a newly generated nonce (which updates the current nonce)... \
Now if the endpoint responds to the second 401, it does not match the current nonce \
either and Asterisk sends a fourth 401 with a newly generated nonce... This loop goes \
on and on. For a more detailed explanation see (issue #15102).
There appears to be a simple fix for this. If the nonce from the request does not \
match our nonce, but is a good response to a previous nonce, instead of sending a 401 \
with a newly generated nonce, use the current one instead. This breaks the loop as \
the nonce is not updated until a response is received.
Thanks to Jamuel for reporting the bug associated with this,(issue #15102), and \
suppling the patch.
This addresses bug 15102.
https://issues.asterisk.org/view.php?id=15102
Diffs (updated)
-----
/branches/1.4/channels/chan_sip.c 202924
Diff: http://reviewboard.digium.com/r/289/diff
Testing
-------
Jamuel's test results "Tested and works on Asterisk 1.4.24.1 with Polycom Soundpoint \
IP 501, 450, 650, and 6000."
Thanks,
David
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic