[OpenSIPS-Devel] [OpenSIPS/opensips] bc996b: Revert "Accept TCP aliases by default"

[Liviu Chircu]

  Branch: refs/heads/2.2
  Home:   https://github.com/OpenSIPS/opensips
  Commit: bc996b4d60be5361274f7b598a0804c162d7611b
      https://github.com/OpenSIPS/opensips/commit/bc996b4d60be5361274f7b598a0804c162d7611b
  Author: Liviu Chircu <liviu at opensips.org>
  Date:   2016-05-24 (Tue, 24 May 2016)

  Changed paths:
    M net/net_tcp.c
    M receive.c

  Log Message:
  -----------
  Revert "Accept TCP aliases by default"

This reverts commit d62bc967b0d6784d2baced88b895da57f3f4ab9a.

Firstly, TCP connection reusage (RFC 5923) should only be employed between
TLS endpoints - only TLS allows the endpoints to authenticate each other
during connection setup, preventing unauthorized connection hijacking.

Secondly, aside from any security considerations, RFC 5923 must
not be employed fanatically (Proxy-Proxy, Edge-UA, UA-Proxy) on any TCP
connection (especially disregarding the ";alias" Via parameter!), but
rather only between adjacent SIP entities who can both initiate a
connection towards each other, and also support the RFC. In the real
world, we're basically only talking about the Proxy-Proxy usage case, as
any SIP UA scenario will most likely involve some form of NAT and a
Proxy that cannot open connections backwards, towards the UA. In these
cases, TCP connection reusage is _completely_ out of the question, as a
single UA might end up receiving all calls of all users behind their
public IP.

Thanks to Jonas Borjesson for reporting the problem in the first place.

(cherry picked from commit 715339fdd25bc74797e6f978d164eb0c4d5669ce)