Browse code

b/f: send autheticated BYE with To-tag

closes https://bugtracker.iptel.org/view.php?id=44
Summary: authenticated BYE does not work (to-tag missing)
Description:
When authentication is requested by a proxy for a BYE request sent by SEMS,
the second BYE request (with authentication info) does not contain a
to-tag. This causes the proxy to reject the request with a 481 reply.

Thanks to <samusenko at msm dot ru> for reporting this bug.

Stefan Sayer authored on 16/09/2010 13:31:59
Showing 2 changed files
... ...
@@ -7,6 +7,7 @@
7 7
 #define SIP_METH_INVITE         "INVITE"
8 8
 #define SIP_METH_PRACK          "PRACK"
9 9
 #define SIP_METH_UPDATE         "UPDATE"
10
+#define SIP_METH_BYE            "BYE"
10 11
 
11 12
 #define SIP_HDR_FROM            "From"
12 13
 #define SIP_HDR_TO              "To"
... ...
@@ -25,6 +26,11 @@
25 26
 #define SIP_HDR_MIN_SE          "Min-SE"
26 27
 #define SIP_HDR_RSEQ            "RSeq"
27 28
 #define SIP_HDR_RACK            "RAck"
29
+#define SIP_HDR_AUTHORIZATION   "Authorization"
30
+#define SIP_HDR_PROXY_AUTHORIZATION "Proxy-Authorization"
31
+#define SIP_HDR_PROXY_AUTHENTICATE "Proxy-Authenticate"
32
+#define SIP_HDR_WWW_AUTHENTICATE "WWW-Authenticate"
33
+
28 34
 #define SIP_HDR_COL(_hdr)       _hdr ":"
29 35
 #define SIP_HDR_COLSP(_hdr)     SIP_HDR_COL(_hdr) " "
30 36
 
... ...
@@ -29,6 +29,7 @@
29 29
 #include "UACAuth.h"
30 30
 #include "AmSipMsg.h"
31 31
 #include "AmUtils.h"
32
+#include "AmSipHeaders.h"
32 33
 
33 34
 #include <map>
34 35
 
... ...
@@ -139,14 +140,14 @@ bool UACAuth::onSipReply(const AmSipReply& reply, int old_dlg_status)
139 140
 	// 				credential->user.c_str(),
140 141
 	// 				credential->pwd.c_str());
141 142
 	if (((reply.code == 401) && 
142
-	     getHeader(ri->second.hdrs, "Authorization", true).length()) ||
143
+	     getHeader(ri->second.hdrs, SIP_HDR_AUTHORIZATION, true).length()) ||
143 144
 	    ((reply.code == 407) && 
144
-	     getHeader(ri->second.hdrs, "Proxy-Authorization", true).length())) {
145
+	     getHeader(ri->second.hdrs, SIP_HDR_PROXY_AUTHORIZATION, true).length())) {
145 146
 	  DBG("Authorization failed!\n");
146 147
 	} else {
147 148
 	  string auth_hdr = (reply.code==407) ? 
148
-      getHeader(reply.hdrs, "Proxy-Authenticate", true) : 
149
-	    getHeader(reply.hdrs, "WWW-Authenticate", true);
149
+      getHeader(reply.hdrs, SIP_HDR_PROXY_AUTHENTICATE, true) : 
150
+	    getHeader(reply.hdrs, SIP_HDR_WWW_AUTHENTICATE, true);
150 151
 	  string result; 
151 152
 			
152 153
 	  string auth_uri; 
... ...
@@ -161,7 +162,8 @@ bool UACAuth::onSipReply(const AmSipReply& reply, int old_dlg_status)
161 162
 	    //	 		    stripHeader(ri->second.hdrs, "Proxy-Authorization"));
162 163
 	    hdrs += result;
163 164
 
164
-	    if (dlg->getStatus() < AmSipDialog::Connected) {
165
+	    if (dlg->getStatus() < AmSipDialog::Connected && 
166
+		ri->second.method != SIP_METH_BYE) {
165 167
 	      // reset remote tag so remote party 
166 168
 	      // thinks its new dlg
167 169
 	      dlg->remote_tag = "";
... ...
@@ -298,8 +300,8 @@ bool UACAuth::do_auth(const unsigned int code, const string& auth_hdr,
298 300
   DBG("calculated response = %s\n", response);
299 301
 
300 302
   // compile auth response
301
-  result = ((code==401) ? "Authorization: Digest username=\"" : 
302
-	    "Proxy-Authorization: Digest username=\"")
303
+  result = ((code==401) ? SIP_HDR_COLSP(SIP_HDR_AUTHORIZATION) "Digest username=\"" : 
304
+	    SIP_HDR_COLSP(SIP_HDR_PROXY_AUTHORIZATION) "Digest username=\"")
303 305
     + credential->user + "\", realm=\"" + challenge.realm + "\", nonce=\""+challenge.nonce + 
304 306
     "\", uri=\""+uri+"\", ";
305 307
   if (challenge.opaque.length())