### Summary Fix crash on unregister all sip request. - added parsing Expires header if it's present in sip request.
### Root Cause After receiving and processing the SIP REGISTER request, it's possible to call a `use_outbound_register` function as example in `add_path()` method of _path_ module, but don't use `$expires(min)` in the configuration before that. If the sip REGISTER request has a Contact header of the form `*` then the request must also contain the header Expires(rfc3261 10.2.2). The sip parser don't parse Expires header. And at this time kamailio crashes. ### Reproduction Sent a request to deregister all SIP packets. <details open> <summary>Kamailio configuration</summary> ``` #!KAMAILIO server_id = 210 # - flags # FLT_ - per transaction (message) flags # FLB_ - per branch flags #!define FLT_ACC 1 #!define FLT_ACCMISSED 2 #!define FLT_ACCFAILED 3 #!define FLT_NATS 5 #!define FLT_FLAG_FLOW 16 #!define FLB_NATB 6 #!define FLB_NATSIPPING 7 #!define DLG_FLAG 12 #!define REG_FLAG_NAT 1 #!define REG_FLAG_SIPPING 2 #!define REG_FLAG_OB 3 #own IPs listen=udp:127.0.0.1:5060 advertise 127.0.0.1:5060 auto_aliases=no children=1 debug=3 log_stderror=yes log_facility=LOG_LOCAL0 log_name="kamailio" async_workers=2 fork=no server_header="Server: VER" server_signature = yes user_agent_header="User-Agent: VER" mpath="/usr/lib64/kamailio/modules:/usr/lib/x86_64-linux-gnu/kamailio/modules" # debug mem loadmodule "kex.so" loadmodule "pv.so" loadmodule "maxfwd.so" loadmodule "textops.so" loadmodule "siputils.so" #!define FR_TIMER_REMOTE 3000 loadmodule "tm.so" modparam("tm","fr_timer",FR_TIMER_REMOTE) modparam("tm", "auto_inv_100_reason", "Trying") modparam("tm", "contacts_avp", "tm_contacts") modparam("tm", "contact_flows_avp", "tm_contact_flows") loadmodule "sl.so" loadmodule "acc.so" loadmodule "xlog.so" modparam("xlog", "buf_size",4096) modparam("xlog", "prefix", "") loadmodule "outbound.so" loadmodule "uac.so" loadmodule "uac_redirect.so" loadmodule "path.so" modparam("path", "enable_r2", 1) loadmodule "usrloc.so" modparam("usrloc", "nat_bflag", REG_FLAG_SIPPING) #0 - This disables database completely modparam("usrloc", "db_mode", 0) modparam("tm|usrloc", "xavp_contact", "ulattrs") modparam("usrloc", "timer_interval", 5) modparam("usrloc", "handle_lost_tcp", 1) loadmodule "rr.so" modparam("rr", "enable_full_lr",0) modparam("rr", "append_fromtag",1) modparam("rr", "enable_double_rr",2) loadmodule "registrar.so" modparam("registrar", "case_sensitive", 1) modparam("registrar", "min_expires", 120) modparam("registrar", "max_expires", 1800) modparam("registrar", "default_expires", 300) modparam("registrar", "max_contacts", 10) modparam("registrar", "xavp_cfg", "reg") modparam("registrar", "received_avp", "$avp(RECEIVED)") #!define AUTH_OK 1 loadmodule "nathelper.so" modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "sipping_bflag", REG_FLAG_SIPPING) modparam("nathelper", "sipping_from", "sip:[email protected]") modparam("nathelper", "received_avp", "$avp(RECEIVED)") loadmodule "avpops.so" #!define DEFAULT_EXPIRE 3600 # all xlog messages follow the same format for simpler elasticsearch ingestion # <routing block>[<call-id> SI=<source ip> AR=<auth realm> AU=<auth username>]: <everything else> # Routing configuration route { xlog("L_INFO", "MAIN[$ci SI=$si AR=$ar AU=$au]: $pr $si:$sp M=$rm received\n"); # Initial sanity check to ensure the message isn't too big if(msg:len > 8192) { xlog("L_ERR", "MAIN[$ci SI=$si AR=$ar AU=$au]: Message too big - M=$rm RURI=$ru F=$fu T=$tu\n"); t_reply("513", "Message Too Big"); exit; } # Ensure we aren't in a tight loop for some reason # this number could probably be lower. if (af==INET6) { pv_printf("$avp(Ri)","[$Ri]"); } else { pv_printf("$avp(Ri)","$Ri"); } if(is_method("REGISTER")) { //t_check_trans(); if(t_lookup_request()) { t_retransmit_reply(); exit; } route(REG_AUTH); exit; } route(NATMANAGE); } route[NATMANAGE] { #xlog("L_DBG", "NATMANAGE[$ci SI=$si AR=$ar AU=$au]: S=$rs D=$rr F=$fu T=$tu IP=$si:$sp\n"); if (is_request()) { if(has_totag()) { if(check_route_param("nat=yes")) { setbflag(FLB_NATB); } } } if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return; if (is_request()) { if (!has_totag()) { add_rr_param(";nat=yes"); } } if (is_reply()) { if(isbflagset(FLB_NATB)) { fix_nated_contact(); } } return; } route[REG_AUTH] { #xlog("L_INFO", "REG_AUTH[$ci SI=$si AR=$ar AU=$au]: $pr $si:$sp called\n"); #el_log("req",""); if(!add_path()) { send_reply("500", "Internal Server Error"); exit; } send_reply("200", "OK"); exit; } event_route[core:pre-routing] { xlog("L_INFO", "rcv on $rcv(af)/$rcv(proto): ($rcv(len)) [$rcv(buf)] from [$rcv(srcip):$rcv(srcport)] to [$rcv(rcvip):$rcv(rcvport)]\n"); } ``` </details> <details open> <summary>SIPp UAC scenario</summary> ``` <?xml version="1.0" encoding="ISO-8859-1" ?> <!DOCTYPE scenario SYSTEM "unreg.sipp"> <scenario name="UAC - unregister all"> <send retrans="500"> <![CDATA[ REGISTER sip:127.0.0.1 SIP/2.0 Via: SIP/2.0/[transport] [local_ip]:[local_port];branch=[branch] From: sipp <sip:sipp@[local_ip]:[local_port]>;tag=[pid]SIPpTag[call_number] To: test <sip:127.0.0.1> Call-ID: [call_id] CSeq: 1 REGISTER Contact: * Expires: 0 Max-Forwards: 70 ]]> </send> <recv response="200"/> </scenario> ``` </details> You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/4594 -- Commit Summary -- * outbound module: parsing Expires header -- File Changes -- M src/modules/outbound/outbound_mod.c (7) -- Patch Links -- https://github.com/kamailio/kamailio/pull/4594.patch https://github.com/kamailio/kamailio/pull/4594.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/4594 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/[email protected]>
_______________________________________________ Kamailio - Development Mailing List -- [email protected] To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender!
