<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#ffffff">
On 01/13/2011 02:51 AM, dotnetdub wrote:
<blockquote
cite="mid:AANLkTikLcNEOd6JLRuady8vY6J6rOwFsB3MkuYxe_kxT@mail.gmail.com"
type="cite"><br>
<br>
<div class="gmail_quote">On 29 November 2010 09:33, marius zbihlei <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:marius.zbihlei@1and1.ro">marius.zbihlei@1and1.ro</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On
11/26/2010 12:38 AM, dotne
<div class="im"><br>
<blockquote class="gmail_quote"
style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
Hi Marius,<br>
<br>
Will apply tomorrow and recompile.. I don't have a dump of the attack
traffic but I'm sure it won't take long . . .<br>
<br>
Thanks for your assistance.<br>
<br>
Regards<br>
Brian<br>
<br>
</blockquote>
</div>
Hello,<br>
<br>
Please check commit 29990057d8b17cf0ded395438465c6cb2c38207f on the 3.0
branch.(patch cherry-picked to 3.1 and master branch)<br>
<font color="#888888"><br>
Marius<br>
<br>
</font></blockquote>
</div>
<br>
<div><br>
</div>
<div>Hello,</div>
<div><br>
</div>
<div>Did this fix make it to the main 3.1 - I did install 3.1 last
week and just checked the source..</div>
<div><br>
</div>
<div>
<div>int th_skip_msg(sip_msg_t *msg)</div>
<div>{</div>
<div> if (!get_cseq(msg)) {</div>
<div> LM_WARN("Invalid/Unparsed CSeq in message.
Skipping.");</div>
<div> return 1;</div>
<div> }</div>
<div><br>
</div>
<div>
if((get_cseq(msg)->method_id)&(METHOD_REGISTER|METHOD_PUBLISH))</div>
<div> return 1;</div>
<div><br>
</div>
<div> return 0;</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Regards,</div>
<div>Brian</div>
</blockquote>
Hello Brian, <br>
<br>
<pre>Module: sip-router
Branch: 3.1
Commit: a72e59d23d4b104af6d7f30d1dc02a5fe175f3af
</pre>
Also master and 3.0 are checked. the patch is this simple check for
messages that don't have a correct CSeq header.<br>
<br>
Marius<br>
</body>
</html>