Merged revisions 227088 via svnmerge from
authorOlle Johansson <oej@edvina.net>
Tue, 3 Nov 2009 11:11:15 +0000 (11:11 +0000)
committerOlle Johansson <oej@edvina.net>
Tue, 3 Nov 2009 11:11:15 +0000 (11:11 +0000)
https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r227088 | oej | 2009-11-03 11:29:59 +0100 (Tis, 03 Nov 2009) | 7 lines

Use proper response code when violating Contact ACL's.

https://reviewboard.asterisk.org/r/415/

Thanks kpfleming for a quick review.
(EDVX-003)

........

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@227091 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Makefile
channels/chan_sip.c

index dceb860..784e9a7 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -306,7 +306,7 @@ MOD_SUBDIRS_MENUSELECT_TREE:=$(MOD_SUBDIRS:%=%-menuselect-tree)
 ifneq ($(findstring darwin,$(OSARCH)),)
   _ASTCFLAGS+=-D__Darwin__
   SOLINK=-bundle -Xlinker -macosx_version_min -Xlinker 10.4 -Xlinker -undefined -Xlinker dynamic_lookup -force_flat_namespace /usr/lib/bundle1.o
-  _ASTLDFLAGS+= /usr/lib/bundle1.o -L/usr/local/lib
+  _ASTLDFLAGS+=  -L/usr/local/lib
 else
 # These are used for all but Darwin
   SOLINK=-shared
index c1d5ade..092d82f 100644 (file)
@@ -696,6 +696,7 @@ enum xmittype {
 
 /*! \brief Results from the parse_register() function */
 enum parse_register_result {
+       PARSE_REGISTER_DENIED,
        PARSE_REGISTER_FAILED,
        PARSE_REGISTER_UPDATE,
        PARSE_REGISTER_QUERY,
@@ -12757,10 +12758,10 @@ static enum parse_register_result parse_register_contact(struct sip_pvt *pvt, st
        memcpy(&testsin.sin_addr, hp->h_addr, sizeof(testsin.sin_addr));
        if (ast_apply_ha(sip_cfg.contact_ha, &testsin) != AST_SENSE_ALLOW ||
                        ast_apply_ha(peer->contactha, &testsin) != AST_SENSE_ALLOW) {
-               ast_log(LOG_WARNING, "Host '%s' disallowed by rule\n", host);
+               ast_log(LOG_WARNING, "Host '%s' disallowed by contact ACL (violating IP %s)\n", host, ast_inet_ntoa(testsin.sin_addr));
                ast_string_field_set(peer, fullcontact, "");
                ast_string_field_set(pvt, our_contact, "");
-               return PARSE_REGISTER_FAILED;
+               return PARSE_REGISTER_DENIED;
        }
 
        /*! \todo This could come before the checking of DNS earlier on, to avoid
@@ -13436,6 +13437,12 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
                                        /* We have a successful registration attempt with proper authentication,
                                        now, update the peer */
                                        switch (parse_register_contact(p, peer, req)) {
+                                       case PARSE_REGISTER_DENIED:
+                                               ast_log(LOG_WARNING, "Registration denied because of contact ACL\n");
+                                               transmit_response_with_date(p, "603 Denied", req);
+                                               peer->lastmsgssent = -1;
+                                               res = 0;
+                                               break;
                                        case PARSE_REGISTER_FAILED:
                                                ast_log(LOG_WARNING, "Failed to parse contact info\n");
                                                transmit_response_with_date(p, "400 Bad Request", req);
@@ -13476,6 +13483,12 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
                        if (sip_cancel_destroy(p))
                                ast_log(LOG_WARNING, "Unable to cancel SIP destruction.  Expect bad things.\n");
                        switch (parse_register_contact(p, peer, req)) {
+                       case PARSE_REGISTER_DENIED:
+                               ast_log(LOG_WARNING, "Registration denied because of contact ACL\n");
+                               transmit_response_with_date(p, "403 Forbidden (ACL)", req);
+                               peer->lastmsgssent = -1;
+                               res = 0;
+                               break;
                        case PARSE_REGISTER_FAILED:
                                ast_log(LOG_WARNING, "Failed to parse contact info\n");
                                transmit_response_with_date(p, "400 Bad Request", req);