Hello,
I've got a bizarre problem caused by bad UA behaviour:
UA A ---> Kamailio (P) ---> UA B
1. UA A sends initial INVITE through P to B;
2. Kamailio (P) makes some modifications to the From header using uac_replace_from() and passes along to B.
3. B sends an in-dialog request (e.g. BYE or reinvite) to A through P; in doing so, it modifies the To (formerly From) value slightly, replacing the hostname portion in the To URI with a different value to the one that was received in the From header.
4. Kamailio relays this in-dialog request to A, but with an adulterated/clipped/truncated/grammatically invalid To header now.
5. A responds with 400 Bad Request due to invalid To header.
I would not dispute that UA B should not be modifying the remote URI in this manner. But since it does, it gives rise to two questions:
1. Why does Kamailio not simply discard the modified To header and restore the original value stored in the Record-Route rider parameter?
Is it because the Record-Route parameter does not contain the original header value, but rather some data complementary to the current header value?
Or is it because the UAC code takes a checksum of the original remote URI header value and stores it, and just checks it when restoring on principle? If so, what's the motive for that?
2. Wouldn't it be better behaviour to simply reject a request so malformed, rather than passing it on with a corrupt restored value? If Kamailio can detect that the header has been tampered with, why pass it on?
-- Alex