]> git.ipfire.org Git - thirdparty/asterisk.git/commitdiff
Merged revisions 81442 via svnmerge from
authorKevin P. Fleming <kpfleming@digium.com>
Tue, 4 Sep 2007 16:41:14 +0000 (16:41 +0000)
committerKevin P. Fleming <kpfleming@digium.com>
Tue, 4 Sep 2007 16:41:14 +0000 (16:41 +0000)
https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r81442 | kpfleming | 2007-09-04 11:40:39 -0500 (Tue, 04 Sep 2007) | 2 lines

there is no point in sending 401 Unauthorized to a UAS that sent us a properly-formatted Authentication header with the expected username and nonce but an incorrect response (which indicates the shared secret does not match)... instead, let's send 403 Forbidden so that the UAS doesn't retry with the same authentication credentials repeatedly

........

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@81443 65c4cc65-6c06-0410-ace0-fbb531ad65f3

channels/chan_sip.c

index 753f28352cfbc1ee2f8627908aed07b17c645c63..7c8dc000a4b6bb389bc7f1bb6117280b25a3eec6 100644 (file)
@@ -9108,11 +9108,11 @@ static enum check_auth_result check_auth(struct sip_pvt *p, struct sip_request *
        }
 
        /* Ok, we have a bad username/secret pair */
-       /* Challenge again, and again, and again */
-       transmit_response_with_auth(p, response, req, p->randdata, reliable, respheader, 0);
-       sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
+       /* Tell the UAS not to re-send this authentication data, because
+          it will continue to fail
+       */
 
-       return AUTH_CHALLENGE_SENT;
+       return AUTH_SECRET_FAILED;
 }
 
 /*! \brief Change onhold state of a peer using a pvt structure */