| Summary: | ASTERISK-11701: [patch] Add Server: instead of User-Agent: header in Asterisk generated SIP responses | ||
| Reporter: | Raj Jain (rjain) | Labels: | |
| Date Opened: | 2008-03-22 19:36:09 | Date Closed: | 2008-03-25 13:07:22 |
| Priority: | Trivial | Regression? | No |
| Status: | Closed/Complete | Components: | Channels/chan_sip/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) chan_sip.c.diff | |
| Description: | Asterisk currently inserts User-Agent: header in the SIP responses it generates. A SIP UAS should insert Server: header instead. The Server: and User-Agent: are meant for human consumption and not automaton, thus this isn't really a software bug. But, it is inconsistent with other SIP implementations and a bit of annoyance when you're looking at SIP traces that include Asterisk SIP messaging. Below are sections of RFC 3261 that explain the roles of User-Agent: and Server: headers. 20.35 Server The Server header field contains information about the software used by the UAS to handle the request. Revealing the specific software version of the server might allow the server to become more vulnerable to attacks against software that is known to contain security holes. Implementers SHOULD make the Server header field a configurable option. Example: Server: HomeServer v2 20.41 User-Agent The User-Agent header field contains information about the UAC originating the request. The semantics of this header field are defined in [H14.43]. Revealing the specific software version of the user agent might allow the user agent to become more vulnerable to attacks against software that is known to contain security holes. Implementers SHOULD make the User-Agent header field a configurable option. Example: User-Agent: Softphone Beta1.5 ****** ADDITIONAL INFORMATION ****** Correct usage of Server: header in a SIP response message after appliying this patch: SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.15.100:7419;received=192.168.15.100 From: <sip:9001@192.168.15.101>;tag=7acfe13be2914fe29495ff9151a1ec06;epid=66ccc20c01 To: <sip:9001@192.168.15.101>;tag=as7adb408b Call-ID: 09c0e782ad51448d93d060b25c147bbe CSeq: 45 REGISTER Server: Asterisk PBX SVN-trunk-r110578M Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Supported: replaces, timer Expires: 120 Contact: <sip:192.168.15.100:7419>;expires=120 Date: Sat, 22 Mar 2008 13:35:11 GMT Content-Length: 0 | ||
| Comments: | By: Olle Johansson (oej) 2008-03-25 05:46:19 I've noticed this too, but had other more important issues to work with... :-) I can't see this as an important bug fix for 1.4, so let's merge it into trunk. By: Digium Subversion (svnbot) 2008-03-25 05:49:44 Repository: asterisk Revision: 110625 U trunk/channels/chan_sip.c ------------------------------------------------------------------------ r110625 | oej | 2008-03-25 05:49:42 -0500 (Tue, 25 Mar 2008) | 6 lines Use the "Server" header when responding to SIP requests. (closes issue ASTERISK-11701) Reported by: rjain Patches: chan_sip.c.diff uploaded by rjain (license 226) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=110625 By: Digium Subversion (svnbot) 2008-03-25 10:35:14 Repository: asterisk Revision: 110634 _U branches/1.6.0/ ------------------------------------------------------------------------ r110634 | file | 2008-03-25 10:35:13 -0500 (Tue, 25 Mar 2008) | 13 lines Blocked revisions 110625 via svnmerge ........ r110625 | oej | 2008-03-25 07:54:07 -0300 (Tue, 25 Mar 2008) | 6 lines Use the "Server" header when responding to SIP requests. (closes issue ASTERISK-11701) Reported by: rjain Patches: chan_sip.c.diff uploaded by rjain (license 226) ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=110634 By: Digium Subversion (svnbot) 2008-03-25 12:59:04 Repository: asterisk Revision: 110693 _U team/group/cdr_backend_ast_str/ U team/group/cdr_backend_ast_str/CHANGES U team/group/cdr_backend_ast_str/Makefile U team/group/cdr_backend_ast_str/channels/chan_iax2.c U team/group/cdr_backend_ast_str/channels/chan_sip.c U team/group/cdr_backend_ast_str/configs/extensions.conf.sample U team/group/cdr_backend_ast_str/configs/sip.conf.sample U team/group/cdr_backend_ast_str/configs/voicemail.conf.sample U team/group/cdr_backend_ast_str/include/asterisk/options.h U team/group/cdr_backend_ast_str/main/app.c U team/group/cdr_backend_ast_str/main/asterisk.c U team/group/cdr_backend_ast_str/main/channel.c ------------------------------------------------------------------------ r110693 | tilghman | 2008-03-25 12:58:50 -0500 (Tue, 25 Mar 2008) | 140 lines Merged revisions 110610,110615,110619,110621,110625,110629,110631,110636,110639,110689,110691 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r110610 | file | 2008-03-24 10:28:25 -0500 (Mon, 24 Mar 2008) | 6 lines Only print out the set_address_from_contact host verbose message if debugging is enabled on the dialog. (closes issue ASTERISK-11703) Reported by: rjain Patches: chan_sip.c.diff uploaded by rjain (license 226) ................ r110615 | russell | 2008-03-24 12:36:04 -0500 (Mon, 24 Mar 2008) | 10 lines Merged revisions 110614 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r110614 | russell | 2008-03-24 12:34:56 -0500 (Mon, 24 Mar 2008) | 2 lines Turn a NOTICE into a DEBUG message. ........ ................ r110619 | mmichelson | 2008-03-24 14:19:37 -0500 (Mon, 24 Mar 2008) | 23 lines Merged revisions 110618 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r110618 | mmichelson | 2008-03-24 14:17:41 -0500 (Mon, 24 Mar 2008) | 15 lines This is a revert for revision 108288. The reason is that that revision was not for an actual bug fix per se, and so it really should not have been in 1.4 in the first place. Plus, people who compile with DO_CRASH are more likely to encounter a crash due to this change. While I think the usage of DO_CRASH in ast_sched_del is a bit absurd, this sort of change is beyond the scope of 1.4 and should be done instead in a developer branch based on trunk so that all scheduler functions are fixed at once. I also am reverting the change to trunk and 1.6 since they also suffer from the DO_CRASH potential. (closes issue ASTERISK-11695) Reported by: qq12345 ........ ................ r110621 | mmichelson | 2008-03-24 15:14:07 -0500 (Mon, 24 Mar 2008) | 11 lines Remove the "Event: registration" header from Asterisk-generated SIP REGISTER requests. rjain points out that RFC 3265 specifies that the Event: header is not a valid header for REGISTER requests and that the "registration" value is not defined at IANA. (closes issue ASTERISK-11702) Reported by: rjain Patches: chan_sip.c.diff uploaded by rjain (license 226) ................ r110625 | oej | 2008-03-25 05:54:07 -0500 (Tue, 25 Mar 2008) | 6 lines Use the "Server" header when responding to SIP requests. (closes issue ASTERISK-11701) Reported by: rjain Patches: chan_sip.c.diff uploaded by rjain (license 226) ................ r110629 | file | 2008-03-25 09:39:45 -0500 (Tue, 25 Mar 2008) | 12 lines Merged revisions 110628 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r110628 | file | 2008-03-25 11:37:35 -0300 (Tue, 25 Mar 2008) | 4 lines Add an option (transmit_silence) which transmits silence during both Record() and DTMF generation. The reason this is an option is that in order to transmit silence we have to setup a translation path. This may not be needed/wanted in all cases. (closes issue ASTERISK-9755) Reported by: tracinet ........ ................ r110631 | file | 2008-03-25 10:18:41 -0500 (Tue, 25 Mar 2008) | 4 lines Add a special dialplan variable to chan_sip which will cause an audio file to be played upon completion of an attended transfer. (closes issue ASTERISK-8972) Reported by: sunder ................ r110636 | mmichelson | 2008-03-25 10:41:33 -0500 (Tue, 25 Mar 2008) | 15 lines Merged revisions 110635 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r110635 | mmichelson | 2008-03-25 10:40:33 -0500 (Tue, 25 Mar 2008) | 7 lines When reverting a commit, I accidentally left in this bit which was an experiment to see what would happen. It passed the compile test, and I didn't notice I had left this change in too. So this is a revert of a revert...sort of. ........ ................ r110639 | mmichelson | 2008-03-25 10:44:01 -0500 (Tue, 25 Mar 2008) | 3 lines Oops here too. I need to stop coding for a while... ................ r110689 | tilghman | 2008-03-25 12:40:28 -0500 (Tue, 25 Mar 2008) | 6 lines Update the sample configuration, to use Macro less (since it's now deprecated). (closes issue ASTERISK-11716) Reported by: pprindeville Patches: bugid-0012293.1.6.patch uploaded by pprindeville (license 347) ................ r110691 | tilghman | 2008-03-25 12:46:34 -0500 (Tue, 25 Mar 2008) | 6 lines Update sample configurations to make virtual hosting more obvious. (closes issue ASTERISK-11414) Reported by: pprindeville Patches: acme-virtualpbx.1.6.patch uploaded by pprindeville (license 347) ................ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=110693 By: Digium Subversion (svnbot) 2008-03-25 13:07:22 Repository: asterisk Revision: 110694 _U team/murf/bug11210/ U team/murf/bug11210/CHANGES U team/murf/bug11210/Makefile U team/murf/bug11210/channels/chan_iax2.c U team/murf/bug11210/channels/chan_sip.c U team/murf/bug11210/configs/extensions.conf.sample U team/murf/bug11210/configs/sip.conf.sample U team/murf/bug11210/configs/voicemail.conf.sample U team/murf/bug11210/include/asterisk/options.h U team/murf/bug11210/main/app.c U team/murf/bug11210/main/asterisk.c U team/murf/bug11210/main/channel.c ------------------------------------------------------------------------ r110694 | murf | 2008-03-25 13:07:18 -0500 (Tue, 25 Mar 2008) | 140 lines Merged revisions 110610,110615,110619,110621,110625,110629,110631,110636,110639,110689,110691 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r110610 | file | 2008-03-24 09:28:25 -0600 (Mon, 24 Mar 2008) | 6 lines Only print out the set_address_from_contact host verbose message if debugging is enabled on the dialog. (closes issue ASTERISK-11703) Reported by: rjain Patches: chan_sip.c.diff uploaded by rjain (license 226) ................ r110615 | russell | 2008-03-24 11:36:04 -0600 (Mon, 24 Mar 2008) | 10 lines Merged revisions 110614 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r110614 | russell | 2008-03-24 12:34:56 -0500 (Mon, 24 Mar 2008) | 2 lines Turn a NOTICE into a DEBUG message. ........ ................ r110619 | mmichelson | 2008-03-24 13:19:37 -0600 (Mon, 24 Mar 2008) | 23 lines Merged revisions 110618 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r110618 | mmichelson | 2008-03-24 14:17:41 -0500 (Mon, 24 Mar 2008) | 15 lines This is a revert for revision 108288. The reason is that that revision was not for an actual bug fix per se, and so it really should not have been in 1.4 in the first place. Plus, people who compile with DO_CRASH are more likely to encounter a crash due to this change. While I think the usage of DO_CRASH in ast_sched_del is a bit absurd, this sort of change is beyond the scope of 1.4 and should be done instead in a developer branch based on trunk so that all scheduler functions are fixed at once. I also am reverting the change to trunk and 1.6 since they also suffer from the DO_CRASH potential. (closes issue ASTERISK-11695) Reported by: qq12345 ........ ................ r110621 | mmichelson | 2008-03-24 14:14:07 -0600 (Mon, 24 Mar 2008) | 11 lines Remove the "Event: registration" header from Asterisk-generated SIP REGISTER requests. rjain points out that RFC 3265 specifies that the Event: header is not a valid header for REGISTER requests and that the "registration" value is not defined at IANA. (closes issue ASTERISK-11702) Reported by: rjain Patches: chan_sip.c.diff uploaded by rjain (license 226) ................ r110625 | oej | 2008-03-25 04:54:07 -0600 (Tue, 25 Mar 2008) | 6 lines Use the "Server" header when responding to SIP requests. (closes issue ASTERISK-11701) Reported by: rjain Patches: chan_sip.c.diff uploaded by rjain (license 226) ................ r110629 | file | 2008-03-25 08:39:45 -0600 (Tue, 25 Mar 2008) | 12 lines Merged revisions 110628 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r110628 | file | 2008-03-25 11:37:35 -0300 (Tue, 25 Mar 2008) | 4 lines Add an option (transmit_silence) which transmits silence during both Record() and DTMF generation. The reason this is an option is that in order to transmit silence we have to setup a translation path. This may not be needed/wanted in all cases. (closes issue ASTERISK-9755) Reported by: tracinet ........ ................ r110631 | file | 2008-03-25 09:18:41 -0600 (Tue, 25 Mar 2008) | 4 lines Add a special dialplan variable to chan_sip which will cause an audio file to be played upon completion of an attended transfer. (closes issue ASTERISK-8972) Reported by: sunder ................ r110636 | mmichelson | 2008-03-25 09:41:33 -0600 (Tue, 25 Mar 2008) | 15 lines Merged revisions 110635 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r110635 | mmichelson | 2008-03-25 10:40:33 -0500 (Tue, 25 Mar 2008) | 7 lines When reverting a commit, I accidentally left in this bit which was an experiment to see what would happen. It passed the compile test, and I didn't notice I had left this change in too. So this is a revert of a revert...sort of. ........ ................ r110639 | mmichelson | 2008-03-25 09:44:01 -0600 (Tue, 25 Mar 2008) | 3 lines Oops here too. I need to stop coding for a while... ................ r110689 | tilghman | 2008-03-25 11:40:28 -0600 (Tue, 25 Mar 2008) | 6 lines Update the sample configuration, to use Macro less (since it's now deprecated). (closes issue ASTERISK-11716) Reported by: pprindeville Patches: bugid-0012293.1.6.patch uploaded by pprindeville (license 347) ................ r110691 | tilghman | 2008-03-25 11:46:34 -0600 (Tue, 25 Mar 2008) | 6 lines Update sample configurations to make virtual hosting more obvious. (closes issue ASTERISK-11414) Reported by: pprindeville Patches: acme-virtualpbx.1.6.patch uploaded by pprindeville (license 347) ................ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=110694 | ||