res_pjsip_outbound_authenticator: Increase CSeq on authed requests.

The way PJSIP generates an authenticated request is to use a previous
request as a template. This means that the authenticated request will
have the same Call-ID, From header (including tag), and CSeq as the
original request. PJSIP generates a new branch on the Via header to
indicate that this is a new transaction, though.

There are some SIP implementations, though, that do not notice the
change in the branch and therefore will match the authed request to the
original request's transaction. Since the CSeq is the same, the server
will repeat the response it sent to the original request.

This patch aids interoperability by increasing the CSeq of the authed
request by one.

ASTERISK-24845 #close
Reported by: Carl Fortin
Tested by: Carl Fortin

Change-Id: I39c4ca52e688a9f83bcc1878371334becdc5be01

diff --git a/res/res_pjsip_outbound_authenticator_digest.c b/res/res_pjsip_outbound_authenticator_digest.c
index 64238a868f6243e922ebd7fe415c5a0fba330aad..35e59f21ad00e1b5c307dab5b53dffa7460f00da 100644 (file)
--- a/res/res_pjsip_outbound_authenticator_digest.c
+++ b/res/res_pjsip_outbound_authenticator_digest.c
@@ -105,6 +105,7 @@ static int digest_create_request_with_auth(const struct ast_sip_auth_vector *aut
                pjsip_transaction *tsx, pjsip_tx_data **new_request)
 {
        pjsip_auth_clt_sess auth_sess;
+       pjsip_cseq_hdr *cseq;
 
        if (pjsip_auth_clt_init(&auth_sess, ast_sip_get_pjsip_endpoint(),
                                tsx->pool, 0) != PJ_SUCCESS) {
@@ -120,6 +121,15 @@ static int digest_create_request_with_auth(const struct ast_sip_auth_vector *aut
        switch (pjsip_auth_clt_reinit_req(&auth_sess, challenge,
                                tsx->last_tx, new_request)) {
        case PJ_SUCCESS:
+               /* PJSIP creates a new transaction for new_request (meaning it creates a new
+                * branch). However, it recycles the Call-ID, from-tag, and CSeq from the
+                * original request. Some SIP implementations will not process the new request
+                * since the CSeq is the same as the original request. Incrementing it here
+                * fixes the interop issue
+                */
+               cseq = pjsip_msg_find_hdr((*new_request)->msg, PJSIP_H_CSEQ, NULL);
+               ast_assert(cseq != NULL);
+               ++cseq->cseq;
                return 0;
        case PJSIP_ENOCREDENTIAL:
                ast_log(LOG_WARNING, "Unable to create request with auth."