[Serdev] [Tracker] Updated: (SER-211) STUN problems reported by Alfred E. Heggestad

Jan Janak (JIRA) tracker at iptel.org
Thu Jan 18 12:05:38 UTC 2007 

     [ http://tracker.iptel.org/browse/SER-211?page=all ]

Jan Janak updated SER-211:
--------------------------

    Fix Version/s: Ottendorf
         Assignee: Vladimir Marek

> STUN problems reported by Alfred E. Heggestad
> ---------------------------------------------
>
>                 Key: SER-211
>                 URL: http://tracker.iptel.org/browse/SER-211
>             Project: SER
>          Issue Type: Bug
>          Components: Unspecified
>    Affects Versions: Ottendorf
>            Reporter: Vladimir Marek
>         Assigned To: Vladimir Marek
>            Priority: Minor
>             Fix For: Ottendorf
>
>         Attachments: ser-stun.patch
>
>
> Bellow there is a original message from Alfred:
> Hi
> I have done some more testing of the embedded STUN server in SER 0.10 (from CVS).
> Here are some of my comments:
> * Calculation of the length field for 400 Bad Request ERROR responses is wrong.
> * The calculation of mandatory attributes is wrong, the STUN Server should accept
>   any optional attributes >= 0x8000 (see attached patch).
> * The variable req->old checks if the STUN request is a RFC3489 or 3489bis request
>   (based on MAGIC_COOKIE) - but it seems that the meaning is reversed ?
> * The calculation of XOR_MAPPED_ADDRESS seems be wrong. Check the host order vs.
>   network order of MAGIC_COOKIE, port number and IPv4 address. (see attached patch)
>   Calculation of IPv6 address must also be checked
> * The error code reason phrases defined in ser_stun.h should be changed to the
>   text in the brackets of rfc3489bis section 11.6 - e.g. instead of
>     300 The client should contact an alternate server for this request.
>   you should use:
>     300 Try Alternate
> Please see the attached patch for some fixes ..
> /alfred

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tracker.iptel.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the Serdev mailing list