This message was generated by the Security Alerts service ( Free Trial 14th of
August - 14th of September )
http://www.opensips.org/Resources/AlertsMain
*
SVN commit*:
http://opensips.svn.sourceforge.net/opensips/?rev=9166
*Severity*: High
*Version* : all
*Affected modules* : Core (TCP layer)
*Effect* : TCP connection behind NAT are dropped
*Affected scenarios*: Having registrations via TCP (or TLS) from behind NAT.
Due a broken update of the TCP connection
lifetime, TCP connections from NATed user are dropped by opensips before the
registration expire.
*Description:* Connections originated from behind NAT, during a REGISTER
event, will not be kept up by OpenSIPS
for the entire duration of the registration. Like if the REGISTER will have a
60 minutes lifetime, the TCP connection
(to reach back the UAC) will be terminated by OpenSIPS before those 60 minutes,
so the UAC will become unreachable
(it will not be able to receive new calls, as it is impossible to open a new
TCP connection behind the a NAT)
*Risks* : UAC behind NAT and using TCP will not be reachable during the entire
duration of the registration.
*Update* :
- if you have an SVN checkout, 1.7, 1.8 and trunk were fixed; so
update to a revision later than 9166 (trunk), 9168 (1.8 branch) or
9167 (1.7 branch)
- if you have OpenSIPS from sources see the attached patch;
- if using tarballs, they were already regenerated (and include the fix).
Available only for 1.8.
- If using the official Debian package (apt.opensips.org), they are also
re-generated including the fix (available for 1.8 and trunk).
--
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
Index: tcp_read.c
===================================================================
--- tcp_read.c (revision 9165)
+++ tcp_read.c (revision 9166)
@@ -847,18 +847,6 @@
-static unsigned int c_tcp_con_lifetime = 0;
-static int c_tcp_con_id = -1;
-
-
-void force_tcp_conn_lifetime(struct receive_info *rcv, unsigned int timeout)
-{
- c_tcp_con_lifetime = get_ticks() + timeout;
- c_tcp_con_id = rcv->proto_reserved1;
-}
-
-
-
/*! \brief releases expired connections and cleans up bad ones (state<0) */
static inline void tcp_receive_timeout(void)
{
@@ -880,9 +868,6 @@
}
if (con->timeout<=ticks){
/* expired, return to "tcp main" */
- if (c_tcp_con_id==con->id) {
- con->lifetime = c_tcp_con_lifetime;
- }
LM_DBG("%p expired (%d, %d) lt=%d\n",
con, con->timeout, ticks,con->lifetime);
/* fd will be closed in release_tcpconn */
Index: tcp_main.c
===================================================================
--- tcp_main.c (revision 9165)
+++ tcp_main.c (revision 9166)
@@ -1174,16 +1174,27 @@
+void force_tcp_conn_lifetime(struct receive_info *rcv, unsigned int timeout)
+{
+ struct tcp_connection* con;
+ unsigned int lifetime = get_ticks() + timeout;
+
+ con = tcpconn_id_hash[rcv->proto_reserved1];
+ con->lifetime = lifetime;
+}
+
+
+
static inline void set_tcp_timeout(struct tcp_connection *c)
{
unsigned int timeout = get_ticks() + tcp_con_lifetime;
if (c->lifetime) {
- if ( c->lifetime < timeout )
+ if ( c->lifetime < timeout ) {
c->timeout = timeout;
- else
+ c->lifetime = 0;
+ } else
c->timeout = c->lifetime;
- c->lifetime = 0;
} else {
c->timeout = timeout;
}
_______________________________________________
Alerts mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/alerts
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
