kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2026-01-10 11:36:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "AST-2018-008: Fix enumeration of endpoints from ACL rejected addresses."

Browse Source
This commit is contained in:
Kevin Harwell
2018-06-11 14:34:36 -05:00
committed by Gerrit Code Review
parent b649682caa 81ac32a85f
commit 7d01ac13a1
1 changed files with 30 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
res/res_pjsip/pjsip_distributor.c
View File

@@ -676,6 +676,26 @@ static void check_endpoint(pjsip_rx_data *rdata, struct unidentified_request *un
ao2_unlock(unid);
}
static int apply_endpoint_acl(pjsip_rx_data *rdata, struct ast_sip_endpoint *endpoint);
static int apply_endpoint_contact_acl(pjsip_rx_data *rdata, struct ast_sip_endpoint *endpoint);
static void apply_acls(pjsip_rx_data *rdata)
{
struct ast_sip_endpoint *endpoint;
/* Is the endpoint allowed with the source or contact address? */
endpoint = rdata->endpt_info.mod_data[endpoint_mod.id];
if (endpoint != artificial_endpoint
&& (apply_endpoint_acl(rdata, endpoint)
|| apply_endpoint_contact_acl(rdata, endpoint))) {
ast_debug(1, "Endpoint '%s' not allowed by ACL\n",
ast_sorcery_object_get_id(endpoint));
/* Replace the rdata endpoint with the artificial endpoint. */
ao2_replace(rdata->endpt_info.mod_data[endpoint_mod.id], artificial_endpoint);
}
}
static pj_bool_t endpoint_lookup(pjsip_rx_data *rdata)
{
struct ast_sip_endpoint *endpoint;
@@ -695,6 +715,7 @@ static pj_bool_t endpoint_lookup(pjsip_rx_data *rdata)
ao2_unlink(unidentified_requests, unid);
ao2_ref(unid, -1);
}
apply_acls(rdata);
return PJ_FALSE;
}
@@ -759,6 +780,8 @@ static pj_bool_t endpoint_lookup(pjsip_rx_data *rdata)
ast_sip_report_invalid_endpoint(name, rdata);
}
}
apply_acls(rdata);
return PJ_FALSE;
}
@@ -842,16 +865,11 @@ static pj_bool_t authenticate(pjsip_rx_data *rdata)
ast_assert(endpoint != NULL);
if (endpoint!=artificial_endpoint) {
if (apply_endpoint_acl(rdata, endpoint) || apply_endpoint_contact_acl(rdata, endpoint)) {
if (!is_ack) {
pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 403, NULL, NULL, NULL);
}
return PJ_TRUE;
}
if (is_ack) {
return PJ_FALSE;
}
if (!is_ack && ast_sip_requires_authentication(endpoint, rdata)) {
if (ast_sip_requires_authentication(endpoint, rdata)) {
pjsip_tx_data *tdata;
struct unidentified_request *unid;
@@ -888,6 +906,10 @@ static pj_bool_t authenticate(pjsip_rx_data *rdata)
return PJ_TRUE;
}
pjsip_tx_data_dec_ref(tdata);
} else if (endpoint == artificial_endpoint) {
/* Uh. Oh. The artificial endpoint couldn't challenge so block the request. */
pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 500, NULL, NULL, NULL);
return PJ_TRUE;
}
return PJ_FALSE;