diff options
| author | jpeeler <jpeeler@f38db490-d61c-443f-a65b-d21fe96a405b> | 2010-12-06 22:03:04 +0000 |
|---|---|---|
| committer | jpeeler <jpeeler@f38db490-d61c-443f-a65b-d21fe96a405b> | 2010-12-06 22:03:04 +0000 |
| commit | 1f9409dcdab35c50f8352b98f96fa5fc869f0663 (patch) | |
| tree | fbba8f650f54b296526c6376a76138f54d5bfd0a | |
| parent | e8c701f55edeedf2fc19b8e99347c61930c274a1 (diff) | |
Merged revisions 297603 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r297603 | jpeeler | 2010-12-06 15:57:15 -0600 (Mon, 06 Dec 2010) | 12 lines
Improve handling of REGISTER requests with multiple contact headers.
The changes here attempt to more strictly follow RFC 3261 section 10.3.
Basically the following will now cause a 400 Bad Response to be returned, if:
- multiple Contact headers are present with one set to expire all bindings ("*")
- wildcard parameter is specified for Contact without Expires header or Expires
header is not set to zero.
ABE-2442
ABE-2443
........
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.2@297605 f38db490-d61c-443f-a65b-d21fe96a405b
| -rw-r--r-- | channels/chan_sip.c | 37 |
1 files changed, 30 insertions, 7 deletions
diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 77f5f9017..b4068dd84 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -12405,9 +12405,12 @@ static enum parse_register_result parse_register_contact(struct sip_pvt *pvt, st struct hostent *hp; struct ast_hostent ahp; struct sockaddr_in oldsin, testsin; + char *firstcuri = NULL; + int start = 0; + int wildcard_found = 0; + int single_binding_found; - - ast_copy_string(contact, get_header(req, "Contact"), sizeof(contact)); + ast_copy_string(contact, __get_header(req, "Contact", &start), sizeof(contact)); if (ast_strlen_zero(expires)) { /* No expires header, try look in Contact: */ char *s = strcasestr(contact, ";expires="); @@ -12423,11 +12426,31 @@ static enum parse_register_result parse_register_contact(struct sip_pvt *pvt, st copy_socket_data(&pvt->socket, &req->socket); - /* Look for brackets */ - curi = contact; - if (strchr(contact, '<') == NULL) /* No <, check for ; and strip it */ - strsep(&curi, ";"); /* This is Header options, not URI options */ - curi = get_in_brackets(contact); + do { + /* Look for brackets */ + curi = contact; + if (strchr(contact, '<') == NULL) /* No <, check for ; and strip it */ + strsep(&curi, ";"); /* This is Header options, not URI options */ + curi = get_in_brackets(contact); + if (!firstcuri) { + firstcuri = ast_strdupa(curi); + } + + if (!strcasecmp(curi, "*")) { + wildcard_found = 1; + } else { + single_binding_found = 1; + } + + if (wildcard_found && (ast_strlen_zero(expires) || expire != 0 || single_binding_found)) { + /* Contact header parameter "*" detected, so punt if: Expires header is missing, + * Expires value is not zero, or another Contact header is present. */ + return PARSE_REGISTER_FAILED; + } + + ast_copy_string(contact, __get_header(req, "Contact", &start), sizeof(contact)); + } while (!ast_strlen_zero(contact)); + curi = firstcuri; /* if they did not specify Contact: or Expires:, they are querying what we currently have stored as their contact address, so return |