Don't retransmit 401 on REGISTER requests when alwaysauthreject=yes

(closes issue #14284)
Reported by: klaus3000
Patches:
      patch_chan_sip_unreliable_1.4.23_14284.txt uploaded by klaus3000 (license 65)
Tested by: klaus3000

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@171264 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index c906b9a7f3fef4aead35b5360c8b78a34f608bbc..a88fc301e3154d1f941d1eef2b50d895ad823b97 100644 (file)
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -1264,7 +1264,7 @@ static int transmit_response_with_sdp(struct sip_pvt *p, const char *msg, const
 static int transmit_response_with_unsupported(struct sip_pvt *p, const char *msg, const struct sip_request *req, const char *unsupported);
 static int transmit_response_with_auth(struct sip_pvt *p, const char *msg, const struct sip_request *req, const char *rand, enum xmittype reliable, const char *header, int stale);
 static int transmit_response_with_allow(struct sip_pvt *p, const char *msg, const struct sip_request *req, enum xmittype reliable);
-static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, int reliable);
+static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, enum xmittype reliable);
 static int transmit_request(struct sip_pvt *p, int sipmethod, int inc, enum xmittype reliable, int newbranch);
 static int transmit_request_with_auth(struct sip_pvt *p, int sipmethod, int seqno, enum xmittype reliable, int newbranch);
 static int transmit_invite(struct sip_pvt *p, int sipmethod, int sdp, int init);
@@ -8774,7 +8774,7 @@ static int cb_extensionstate(char *context, char* exten, int state, void *data)
 /*! \brief Send a fake 401 Unauthorized response when the administrator
   wants to hide the names of local users/peers from fishers
  */
-static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, int reliable)
+static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, enum xmittype reliable)
 {
        ast_string_field_build(p, randdata, "%08lx", ast_random());     /* Create nonce for challenge */
        transmit_response_with_auth(p, "401 Unauthorized", req, p->randdata, reliable, "WWW-Authenticate", 0);
@@ -8931,7 +8931,7 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
                case AUTH_PEER_NOT_DYNAMIC:
                case AUTH_ACL_FAILED:
                        if (global_alwaysauthreject) {
-                               transmit_fake_auth_response(p, &p->initreq, 1);
+                               transmit_fake_auth_response(p, &p->initreq, XMIT_UNRELIABLE);
                        } else {
                                /* URI not found */
                                if (res == AUTH_PEER_NOT_DYNAMIC)
@@ -14421,7 +14421,7 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, int
                if (res < 0) { /* Something failed in authentication */
                        if (res == AUTH_FAKE_AUTH) {
                                ast_log(LOG_NOTICE, "Sending fake auth rejection for user %s\n", get_header(req, "From"));
-                               transmit_fake_auth_response(p, req, 1);
+                               transmit_fake_auth_response(p, req, XMIT_RELIABLE);
                        } else {
                                ast_log(LOG_NOTICE, "Failed to authenticate user %s\n", get_header(req, "From"));
                                transmit_response_reliable(p, "403 Forbidden", req);
@@ -15458,7 +15458,7 @@ static int handle_request_subscribe(struct sip_pvt *p, struct sip_request *req,
        if (res < 0) {
                if (res == AUTH_FAKE_AUTH) {
                        ast_log(LOG_NOTICE, "Sending fake auth rejection for user %s\n", get_header(req, "From"));
-                       transmit_fake_auth_response(p, req, 1);
+                       transmit_fake_auth_response(p, req, XMIT_UNRELIABLE);
                } else {
                        ast_log(LOG_NOTICE, "Failed to authenticate user %s for SUBSCRIBE\n", get_header(req, "From"));
                        transmit_response_reliable(p, "403 Forbidden", req);