<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">open i a jira so it can get tracked. also check jira to see if its already been reported/fixed<br><br><div id="AppleMailSignature">Sent from my iPhone</div><div><br>On Aug 7, 2018, at 00:28, Royce Mitchell III <<a href="mailto:royce3@gmail.com">royce3@gmail.com</a>> wrote:<br><br></div><blockquote type="cite"><div><div dir="ltr"><div class="gmail_default">

<div class="gmail_default" style="font-family:"courier new",monospace">I would be happy to open a ticket for this, but given that I'm a newb when it comes to the source, I'd like some confirmation of what I've found before I do.</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">According to RFC3261 8.1.1.5 "The sequence number value MUST be expressible as a 32-bit unsigned integer and MUST be less than 2**31"</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">I also checked RFC2543 just for fun and similar wording is there.</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">A client just informed me that he is seeing errors in the field where FreeSWITCH is generating CSeq headers with a negative sequence number and those requests are getting rejected by other endpoints.</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">

<div class="gmail_default" style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">=====================</div></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">In digging through the code, I found MASTER/src/mod/endpoints/mod_<wbr>sofia/sofia_presence.c line 2134 defines a function sofia_presence_get_cseq() which appears to be responsible for creating the sequence value that ends up in the CSeq headers.</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">A cursory glance at this logic leads me to believe that it is definitely capable of creating a sequence number with bit 31 set, which would be in violation of the RFC.</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">I believe a simple fix with little side-effect would be to add the following line right before last_cseq is set ( line 2149 in MASTER ):</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><font face="courier new, monospace"> <span style="white-space:pre-wrap">           </span>}</font></div><div class="gmail_default" style="font-family:"courier new",monospace"><font face="courier new, monospace"> <span style="white-space:pre-wrap"> </span>}</font></div><div class="gmail_default" style="font-family:"courier new",monospace"><span style="font-family:"courier new",monospace">+</span><span style="font-family:"courier new",monospace;white-space:pre-wrap">   </span><span style="font-family:"courier new",monospace">callsequence &= 0x7FFFFFFF; // RFC3261 8.1.1.5 prohibits bit 31 to be set</span><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><div class="gmail_default" style="font-family:arial,sans-serif;font-size:small;text-decoration-style:initial;text-decoration-color:initial"><font face="courier new, monospace"> <span style="white-space:pre-wrap"> </span>profile->last_cseq = callsequence;</font></div><br></div><div class="gmail_default" style="font-family:"courier new",monospace">=====================</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">Another small thing is that FreeSWITCH is generating a negative value in certain scenarios when outputting a CSeq header. This means that the sequence value is improperly being interpreted as a signed integer. This shouldn't matter because the high order bit isn't supposed to be set, but regardless the code is still technically wrong.</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">In MASTER/libs/sofia-sip/<wbr>libsofia-sip-ua/sip/sip_basic.<wbr>c I found a definition of sip_cseq_e() which correctly interprets the value as unsigned.</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">There are a few logging examples that are wrong that I found using a simple grep, although these line #'s are probably off because it's from an old checkout. The "CSeq %d" in each of the following probably needs to be a "CSeq %u"<br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default"><div class="gmail_default" style="font-family:"courier new",monospace">nta\sl_utils_log.c:76       "%s%s "URL_FORMAT_STRING" (CSeq %d %s)\n",</div><div class="gmail_default" style="font-family:"courier new",monospace">nta\sl_utils_log.c:100      "%s%03u %s (CSeq %d %s)\n",</div><div class="gmail_default" style="font-family:"courier new",monospace">nta\sl_utils_print.c:69     "%s%s "URL_FORMAT_STRING" (CSeq %d %s)\n",</div><div class="gmail_default" style="font-family:"courier new",monospace">nta\sl_utils_print.c:86     "%s%03u %s (CSeq %d %s)\n",</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">However in MASTER/src/mod/endpoints/mod_sofia/sofia.c I found the following:</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">line 381:</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">-switch_snprintf(sip_cseq, sizeof(sip_cseq), "%d", sip->sip_cseq->cs_seq);<br></div><div class="gmail_default"><span style="font-family:"courier new",monospace">+switch_snprintf(sip_cseq, sizeof(sip_cseq), "%u", sip->sip_cseq->cs_seq);</span><br></div><div class="gmail_default"><font face="courier new, monospace"><br class="gmail-Apple-interchange-newline"></font></div><div class="gmail_default" style="font-family:"courier new",monospace">line 1707:</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default"><font face="courier new, monospace">-switch_snprintf(sip_cseq, sizeof(sip_cseq), "%d", sip->sip_cseq->cs_seq);</font><br></div><div class="gmail_default"><span style="font-family:"courier new",monospace">+switch_snprintf(sip_cseq, sizeof(sip_cseq), "%u", sip->sip_cseq->cs_seq);</span><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div></div><div class="gmail_default" style="font-family:"courier new",monospace">=====================<br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">Something like the following might also be a consideration, but probably only in 1.8:</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">In MASTER/libs/sofia-sip/<wbr>libsofia-sip-ua/sip/sip_basic.<wbr>c line 1288 add something like the following:</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">if ( seq & 0x80000000 )</div><div class="gmail_default" style="font-family:"courier new",monospace">{</div><div class="gmail_default" style="font-family:"courier new",monospace">    SU_DEBUG_1(("%s: CSeq header creation failed - sequence value %u violates RFC3261/<a href="http://8.1.1.5" target="_blank">8.1.1.5</a>", __func__, seq ));</div><div class="gmail_default" style="font-family:"courier new",monospace">    return NULL;</div><div class="gmail_default" style="font-family:"courier new",monospace">}</div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace"><br></div><div class="gmail_default" style="font-family:"courier new",monospace">P.S. I'd really like to see at least the first 2 changes proposed above ( callsequence masking and format string fixes ) back-ported to 1.6.</div><div style="font-family:"courier new",monospace"><div class="gmail-m_3082767323673517340gmail_signature"><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><span style="font-family:arial;font-size:small"><br></span></div><br class="gmail-m_3082767323673517340gmail-Apple-interchange-newline">

</div></div><br clear="all"></div><div><div class="gmail-m_3082767323673517340gmail_signature"><div><span style="font-family:arial;font-size:small"><br></span></div><div><span style="font-family:arial;font-size:small"><br></span></div><span style="font-family:arial;font-size:small">Royce Mitchell, </span>IT Consultant<div style="font-family:arial;font-size:small">ITAS Solutions</div><div style="font-family:arial;font-size:small"><a href="mailto:royce3@itas-solutions.com" target="_blank">royce3@itas-solutions.com</a></div></div></div>
</div>
</div></blockquote><blockquote type="cite"><div><span>_________________________________________________________________________</span><br><span>Professional FreeSWITCH Services</span><br><span><a href="mailto:sales@freeswitch.com">sales@freeswitch.com</a></span><br><span><a href="https://freeswitch.com">https://freeswitch.com</a></span><br><span></span><br><span>Official FreeSWITCH Sites</span><br><span><a href="https://freeswitch.com/oss">https://freeswitch.com/oss</a></span><br><span><a href="https://freeswitch.org/confluence">https://freeswitch.org/confluence</a></span><br><span><a href="https://cluecon.com">https://cluecon.com</a></span><br><span></span><br><span>FreeSWITCH-dev mailing list</span><br><span><a href="mailto:FreeSWITCH-dev@lists.freeswitch.org">FreeSWITCH-dev@lists.freeswitch.org</a></span><br><span><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev">http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev</a></span><br><span>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-dev">http://lists.freeswitch.org/mailman/options/freeswitch-dev</a></span><br><span><a href="https://freeswitch.com">https://freeswitch.com</a></span></div></blockquote></body></html>