[Serdev] [Tracker] Created: (SER-211) STUN problems reported by Alfred E. Heggestad

[Vladimir Marek (JIRA)]

STUN problems reported by Alfred E. Heggestad
---------------------------------------------

                 Key: SER-211
                 URL: http://tracker.iptel.org/browse/SER-211
             Project: SER
          Issue Type: Bug
          Components: Unspecified
    Affects Versions: Ottendorf
            Reporter: Vladimir Marek
            Priority: Minor
         Attachments: ser-stun.patch

Bellow there is a original message from Alfred:

Hi

I have done some more testing of the embedded STUN server in SER 0.10 (from CVS).
Here are some of my comments:


* Calculation of the length field for 400 Bad Request ERROR responses is wrong.

* The calculation of mandatory attributes is wrong, the STUN Server should accept
  any optional attributes >= 0x8000 (see attached patch).

* The variable req->old checks if the STUN request is a RFC3489 or 3489bis request
  (based on MAGIC_COOKIE) - but it seems that the meaning is reversed ?

* The calculation of XOR_MAPPED_ADDRESS seems be wrong. Check the host order vs.
  network order of MAGIC_COOKIE, port number and IPv4 address. (see attached patch)
  Calculation of IPv6 address must also be checked

* The error code reason phrases defined in ser_stun.h should be changed to the
  text in the brackets of rfc3489bis section 11.6 - e.g. instead of

    300 The client should contact an alternate server for this request.

  you should use:

    300 Try Alternate


Please see the attached patch for some fixes ..


/alfred

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tracker.iptel.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira