self-review

Author: alexlivekit

pkg/sip/inbound.go

@@ -138,21 +138,22 @@ func (s *Server) getCallInfo(id string) *inboundCallInfo {
 	return c
 }
 
-func (s *Server) getInvite(sipCallID string) *inProgressInvite {
+func (s *Server) getInvite(sipCallID, toTag, fromTag string) *inProgressInvite {
+	key := fmt.Sprintf("%s:%s:%s", sipCallID, toTag, fromTag)
 	s.imu.Lock()
 	defer s.imu.Unlock()
-	is, ok := s.inProgressInvites[sipCallID]
+	is, ok := s.inProgressInvites[key]
 	if ok {
 		return is
 	}
 	is = &inProgressInvite{sipCallID: sipCallID}
-	s.inProgressInvites[sipCallID] = is
+	s.inProgressInvites[key] = is
 
 	go func() {
 		time.Sleep(inviteCredentialValidity)
 		s.imu.Lock()
 		defer s.imu.Unlock()
-		delete(s.inProgressInvites, sipCallID)
+		delete(s.inProgressInvites, key)
 	}()
 	return is
 }
@@ -322,7 +323,7 @@ func (s *Server) processInvite(req *sip.Request, tx sip.ServerTransaction) (retE
 	)
 
 	var call *inboundCall
-	cc := s.newInbound(log, "unassigned", s.ContactURI(legTr), req, tx, func(headers map[string]string) map[string]string {
+	cc := s.newInbound(log, s.ContactURI(legTr), req, tx, func(headers map[string]string) map[string]string {
 		c := call
 		if c == nil || len(c.attrsToHdr) == 0 {
 			return headers
@@ -346,21 +347,22 @@ func (s *Server) processInvite(req *sip.Request, tx sip.ServerTransaction) (retE
 	}
 
 	// Establish ID
-	if _, ok := req.To().Params.Get("tag"); !ok {
+	fromTag, _ := req.From().Params.Get("tag") // always exists, via ValidateInvite() check
+	toTag, ok := req.To().Params.Get("tag")    // To() always exists, via ValidateInvite() check
+	if !ok {
 		// No to-tag on the invite means we need to generate one per RFC 3261 section 12.
-		if !inviteHasAuth(req) {
-			// No auth = a 407 response and another INVITE+auth.
-			// Generate a new to-tag early, to make sure both INVITES have the same ID.
-			uuid, _ := uuid.NewV4() // Same as NewResponseFromRequest in sipgo
-			req.To().Params.Add("tag", uuid.String())
-		}
+		// Generate a new to-tag early, to make sure both INVITES have the same ID.
+		uuid, _ := uuid.NewV4() // Same as NewResponseFromRequest in sipgo
+		toTag = uuid.String()
+		req.To().Params.Add("tag", toTag)
 	}
-	inviteProgress := s.getInvite(req.CallID().Value())
+	inviteProgress := s.getInvite(sipCallID, toTag, fromTag)
 	callID := inviteProgress.lkCallID
 	if callID == "" {
 		callID = lksip.NewCallID()
 		inviteProgress.lkCallID = callID
 	}
+	cc.id = LocalTag(callID)
 
 	log = log.WithValues("callID", callID)
 	cc.log = log
@@ -1390,11 +1392,11 @@ func (c *inboundCall) transferCall(ctx context.Context, transferTo string, heade
 
 }
 
-func (s *Server) newInbound(log logger.Logger, id LocalTag, contact URI, invite *sip.Request, inviteTx sip.ServerTransaction, getHeaders setHeadersFunc) *sipInbound {
+func (s *Server) newInbound(log logger.Logger, contact URI, invite *sip.Request, inviteTx sip.ServerTransaction, getHeaders setHeadersFunc) *sipInbound {
 	c := &sipInbound{
 		log:      log,
 		s:        s,
-		id:       id,
+		id:       "unassigned",
 		invite:   invite,
 		inviteTx: inviteTx,
 		legTr:    legTransportFromReq(invite),

pkg/sip/service_test.go

@@ -792,6 +792,7 @@ func TestSameCallIDForAuthFlow(t *testing.T) {
 		username = "testuser"
 		password = "testpass"
 		callID   = "same-call-id@test.com"
+		fromTag  = "fixed-from-tag-12345"
 	)
 
 	var capturedCallIDs []string
@@ -860,13 +861,20 @@ func TestSameCallIDForAuthFlow(t *testing.T) {
 	offerData, err := offer.SDP.Marshal()
 	require.NoError(t, err)
 
+	inviteFromHeader := sip.FromHeader{
+		DisplayName: fromUser,
+		Address:     sip.Uri{User: fromUser, Host: sipServerAddress},
+		Params:      sip.NewParams().Add("tag", fromTag), // Key bit here
+	}
+
 	// Create first INVITE request (without auth)
 	inviteRecipient := sip.Uri{User: toUser, Host: sipServerAddress}
 	inviteRequest1 := sip.NewRequest(sip.INVITE, inviteRecipient)
 	inviteRequest1.SetDestination(sipServerAddress)
 	inviteRequest1.SetBody(offerData)
 	inviteRequest1.AppendHeader(sip.NewHeader("Content-Type", "application/sdp"))
 	inviteRequest1.AppendHeader(sip.NewHeader("Call-ID", callID))
+	inviteRequest1.AppendHeader(&inviteFromHeader)
 
 	tx1, err := sipClient.TransactionRequest(inviteRequest1)
 	require.NoError(t, err)
@@ -878,6 +886,12 @@ func TestSameCallIDForAuthFlow(t *testing.T) {
 	res1 = getResponseOrFail(t, tx1)
 	require.Equal(t, sip.StatusCode(407), res1.StatusCode, "First request should receive 407 Unauthorized")
 
+	// Get the To tag from the 407 response
+	toHeader := res1.To()
+	require.NotNil(t, toHeader, "407 response should have To header")
+	_, ok := toHeader.Params.Get("tag")
+	require.True(t, ok, "407 response To header should have tag parameter")
+
 	// Get the challenge from first response
 	authHeader1 := res1.GetHeader("Proxy-Authenticate")
 	require.NotNil(t, authHeader1, "First response should have Proxy-Authenticate header")
@@ -896,13 +910,15 @@ func TestSameCallIDForAuthFlow(t *testing.T) {
 	})
 	require.NoError(t, err, "Should be able to compute digest response")
 
-	// Create second INVITE request (with auth) using the SAME Call-ID
+	// Create second INVITE request (with auth) using the SAME Call-ID, From tag, and To tag
 	inviteRequest2 := sip.NewRequest(sip.INVITE, inviteRecipient)
 	inviteRequest2.SetDestination(sipServerAddress)
 	inviteRequest2.SetBody(offerData)
 	inviteRequest2.AppendHeader(sip.NewHeader("Content-Type", "application/sdp"))
 	inviteRequest2.AppendHeader(sip.NewHeader("Call-ID", callID))
 	inviteRequest2.AppendHeader(sip.NewHeader("Proxy-Authorization", cred.String()))
+	inviteRequest2.AppendHeader(&inviteFromHeader)
+	inviteRequest2.AppendHeader(toHeader)
 
 	tx2, err := sipClient.TransactionRequest(inviteRequest2)
 	require.NoError(t, err)