Clear out received tag in 407/401's (bug #3885)

git-svn-id: http://svn.digium.com/svn/asterisk/branches/v1-0@5404 f38db490-d61c-443f-a65b-d21fe96a405b

2 files changed, 4 insertions, 0 deletions

diff --git a/CHANGES b/CHANGES
index 38fbdf358..7f1f9725b 100755
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,8 @@
     -- We no longer send a "to" tag on "100 Trying" messages, as it is inappropriate
        to do so.
     -- We now respond correctly to an invite for T.38 with a "488 Not acceptable here"
+    -- We now discard saved tags on 401/407 responses in case the provider we're talking
+       to tries to pull a dirty trick on us and change it.
  -- chan_mgcp
     -- Fixed setting of accountcode
     -- Fixed where *67 to block callerid only worked for first call
diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 37fe16e37..f24d29c4b 100755
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -6821,6 +6821,7 @@ static void handle_response(struct sip_pvt *p, int resp, char *rest, struct sip_
 				/* First we ACK */
 				transmit_request(p, "ACK", seqno, 0, 0);
 				/* Then we AUTH */
+				p->theirtag[0]='\0';    /* forget their old tag, so we don't match tags when getting response */
 				if ((p->authtries > 1) || do_proxy_auth(p, req, "WWW-Authenticate", "Authorization", "INVITE", 1)) {
 					ast_log(LOG_NOTICE, "Failed to authenticate on INVITE to '%s'\n", get_header(&p->initreq, "From"));
 					p->needdestroy = 1;
@@ -6855,6 +6856,7 @@ static void handle_response(struct sip_pvt *p, int resp, char *rest, struct sip_
 				/* Then we AUTH */
 				/* But only if the packet wasn't marked as ignore in handle_request */
 				if(!ignore){
+					p->theirtag[0]='\0';    /* forget their old tag, so we don't match tags when getting response */
 					if ((p->authtries > 1) || do_proxy_auth(p, req, "Proxy-Authenticate", "Proxy-Authorization", "INVITE", 1)) {
 						ast_log(LOG_NOTICE, "Failed to authenticate on INVITE to '%s'\n", get_header(&p->initreq, "From"));
 						p->needdestroy = 1;