diff options
author | oej <oej@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-11-03 13:51:17 +0000 |
---|---|---|
committer | oej <oej@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-11-03 13:51:17 +0000 |
commit | b766a5b50c209414be7c126fc55641bc55cabdcd (patch) | |
tree | 1f9c77482b85cd5af8882ca3eab73e955632b153 | |
parent | 1ab059f5f3eccc68f020ae06681ecf09406be10a (diff) |
Merged revisions 227091 via svnmerge from
https://origsvn.digium.com/svn/asterisk/trunk
................
r227091 | oej | 2009-11-03 12:11:15 +0100 (Tis, 03 Nov 2009) | 15 lines
Merged revisions 227088 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r227088 | oej | 2009-11-03 11:29:59 +0100 (Tis, 03 Nov 2009) | 7 lines
Use proper response code when violating Contact ACL's.
https://reviewboard.asterisk.org/r/415/
Thanks kpfleming for a quick review.
(EDVX-003)
........
................
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.2@227156 f38db490-d61c-443f-a65b-d21fe96a405b
-rw-r--r-- | Makefile | 2 | ||||
-rw-r--r-- | channels/chan_sip.c | 17 |
2 files changed, 16 insertions, 3 deletions
@@ -305,7 +305,7 @@ MOD_SUBDIRS_MENUSELECT_TREE:=$(MOD_SUBDIRS:%=%-menuselect-tree) ifneq ($(findstring darwin,$(OSARCH)),) _ASTCFLAGS+=-D__Darwin__ - SOLINK=-dynamic -bundle -Xlinker -macosx_version_min -Xlinker 10.4 -Xlinker -undefined -Xlinker dynamic_lookup -force_flat_namespace + SOLINK=-dynamic -bundle -Xlinker -macosx_version_min -Xlinker 10.4 -Xlinker -undefined -Xlinker dynamic_lookup -force_flat_namespace /usr/lib/bundle1.o else # These are used for all but Darwin SOLINK=-shared diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 55f76e91a..7b22b33d9 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -631,6 +631,7 @@ enum xmittype { /*! \brief Results from the parse_register() function */ enum parse_register_result { + PARSE_REGISTER_DENIED, PARSE_REGISTER_FAILED, PARSE_REGISTER_UPDATE, PARSE_REGISTER_QUERY, @@ -12154,10 +12155,10 @@ static enum parse_register_result parse_register_contact(struct sip_pvt *pvt, st memcpy(&testsin.sin_addr, hp->h_addr, sizeof(testsin.sin_addr)); if (ast_apply_ha(global_contact_ha, &testsin) != AST_SENSE_ALLOW || ast_apply_ha(peer->contactha, &testsin) != AST_SENSE_ALLOW) { - ast_log(LOG_WARNING, "Host '%s' disallowed by rule\n", host); + ast_log(LOG_WARNING, "Host '%s' disallowed by contact ACL (violating IP %s)\n", host, ast_inet_ntoa(testsin.sin_addr)); ast_string_field_set(peer, fullcontact, ""); ast_string_field_set(pvt, our_contact, ""); - return PARSE_REGISTER_FAILED; + return PARSE_REGISTER_DENIED; } /*! \todo This could come before the checking of DNS earlier on, to avoid @@ -12837,6 +12838,12 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr /* We have a successful registration attempt with proper authentication, now, update the peer */ switch (parse_register_contact(p, peer, req)) { + case PARSE_REGISTER_DENIED: + ast_log(LOG_WARNING, "Registration denied because of contact ACL\n"); + transmit_response_with_date(p, "603 Denied", req); + peer->lastmsgssent = -1; + res = 0; + break; case PARSE_REGISTER_FAILED: ast_log(LOG_WARNING, "Failed to parse contact info\n"); transmit_response_with_date(p, "400 Bad Request", req); @@ -12876,6 +12883,12 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr if (sip_cancel_destroy(p)) ast_log(LOG_WARNING, "Unable to cancel SIP destruction. Expect bad things.\n"); switch (parse_register_contact(p, peer, req)) { + case PARSE_REGISTER_DENIED: + ast_log(LOG_WARNING, "Registration denied because of contact ACL\n"); + transmit_response_with_date(p, "403 Forbidden (ACL)", req); + peer->lastmsgssent = -1; + res = 0; + break; case PARSE_REGISTER_FAILED: ast_log(LOG_WARNING, "Failed to parse contact info\n"); transmit_response_with_date(p, "400 Bad Request", req); |