[Asterisk-code-review] chan sip: Peers with distinct source ports don't match, rega... (asterisk[13])

Jenkins2 asteriskteam at digium.com
Wed Mar 21 09:33:27 CDT 2018 

Jenkins2 has submitted this change and it was merged. ( https://gerrit.asterisk.org/7430 )

Change subject: chan_sip: Peers with distinct source ports don't match, regardless of transport.
......................................................................

chan_sip: Peers with distinct source ports don't match, regardless of transport.

Previously, peers connected via TCP (or TLS) were matched by ignoring their
source port. One cannot say anything when protocol:IP:port match, yes (see
<http://stackoverflow.com/q/3329641>). However, when the ports do not match, the
peers do not match as well.

This change allows two peers connected to an Asterisk server via TCP (or TLS)
behind a NAT (= same source IP address) to be differentiated via their port as
well.

ASTERISK-27457
Reported by: Stephane Chazelas

Change-Id: Id190428bf1d931f2dbfd4b293f53ff8f20d98efa
---
M channels/chan_sip.c
1 file changed, 3 insertions(+), 4 deletions(-)

Approvals:
  Kevin Harwell: Looks good to me, but someone else must approve
  Joshua Colp: Looks good to me, but someone else must approve
  George Joseph: Looks good to me, approved
  Jenkins2: Approved for Submit



diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 559e5c0..dacc717 100644
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -34129,10 +34129,9 @@
 	}
 
 	/* We matched the IP, check to see if we need to match by port as well. */
-	if ((peer->transports & peer2->transports) & (AST_TRANSPORT_TLS | AST_TRANSPORT_TCP)) {
-		/* peer matching on port is not possible with TCP/TLS */
-		return CMP_MATCH | CMP_STOP;
-	} else if (ast_test_flag(&peer2->flags[0], SIP_INSECURE_PORT)) {
+	if (((peer->transports & peer2->transports) &
+		(AST_TRANSPORT_UDP | AST_TRANSPORT_WS | AST_TRANSPORT_WSS)) &&
+		ast_test_flag(&peer2->flags[0], SIP_INSECURE_PORT)) {
 		/* We are allowing match without port for peers configured that
 		 * way in this pass through the peers. */
 		return ast_test_flag(&peer->flags[0], SIP_INSECURE_PORT) ?

-- 
To view, visit https://gerrit.asterisk.org/7430
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-MessageType: merged
Gerrit-Change-Id: Id190428bf1d931f2dbfd4b293f53ff8f20d98efa
Gerrit-Change-Number: 7430
Gerrit-PatchSet: 1
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Jenkins2
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-Reviewer: Matthew Fredrickson <creslin at digium.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20180321/178b8107/attachment.html>

More information about the asterisk-code-review mailing list