kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-12 15:45:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

security_agreement.c: Always add the Require and Proxy-Require headers

Browse Source 
The `Require: mediasec` and `Proxy-Require: mediasec` headers need
to be sent whenever we send `Security-Client` or `Security-Verify`
headers but the logic to do that was only in add_security_headers()
in res_pjsip_outbound_register.  So while we were sending them on
REGISTER requests, we weren't sending them on INVITE requests.

This commit moves the logic to send the two headers out of
res_pjsip_outbound_register:add_security_headers() and into
security_agreement:ast_sip_add_security_headers().  This way
they're always sent when we send `Security-Client` or
`Security-Verify`.

Resolves: #789
(cherry picked from commit 210fe614b2)
This commit is contained in:
George Joseph
2024-07-03 14:50:47 -06:00
committed by Asterisk Development Team
parent 21aa3d557f
commit 4d5b30ca1c
2 changed files with 9 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
res/res_pjsip/security_agreements.c
View File

@@ -290,6 +290,8 @@ int ast_sip_add_security_headers(struct ast_sip_security_mechanism_vector *secur
int mech_cnt;
int i;
int add_qvalue = 1;
static const pj_str_t proxy_require = { "Proxy-Require", 13 };
static const pj_str_t require = { "Require", 7 };
if (!security_mechanisms || !tdata) {
return EINVAL;
@@ -314,6 +316,13 @@ int ast_sip_add_security_headers(struct ast_sip_security_mechanism_vector *secur
ast_sip_add_header(tdata, header_name, buf);
ast_free(buf);
}
if (pjsip_msg_find_hdr_by_name(tdata->msg, &require, NULL) == NULL) {
ast_sip_add_header(tdata, "Require", "mediasec");
}
if (pjsip_msg_find_hdr_by_name(tdata->msg, &proxy_require, NULL) == NULL) {
ast_sip_add_header(tdata, "Proxy-Require", "mediasec");
}
return 0;
}