[asterisk-commits] tilghman: branch 1.4 r170588 - in /branches/1.4: ./ channels/chan_iax2.c

[SVN commits to the Asterisk project]

Author: tilghman
Date: Fri Jan 23 13:20:44 2009
New Revision: 170588

URL: http://svn.digium.com/svn-view/asterisk?view=rev&rev=170588
Log:
Additions to AST-2009-001

Modified:
    branches/1.4/   (props changed)
    branches/1.4/channels/chan_iax2.c

Propchange: branches/1.4/
------------------------------------------------------------------------------
Binary property 'branch-1.2-merged' - no diff available.

Modified: branches/1.4/channels/chan_iax2.c
URL: http://svn.digium.com/svn-view/asterisk/branches/1.4/channels/chan_iax2.c?view=diff&rev=170588&r1=170587&r2=170588
==============================================================================
--- branches/1.4/channels/chan_iax2.c (original)
+++ branches/1.4/channels/chan_iax2.c Fri Jan 23 13:20:44 2009
@@ -5607,6 +5607,9 @@
 	p = find_peer(peer, 1);
 	ast_mutex_lock(&iaxsl[callno]);
 	if (!p || !iaxs[callno]) {
+		if (iaxs[callno]) {
+			ast_string_field_set(iaxs[callno], secret, "badsecret");
+		}
 		if (authdebug && !p)
 			ast_log(LOG_NOTICE, "No registration for peer '%s' (from %s)\n", peer, ast_inet_ntoa(sin->sin_addr));
 		goto return_unref;
@@ -5686,21 +5689,24 @@
 			goto return_unref;
 		} else
 			ast_set_flag(&iaxs[callno]->state, IAX_STATE_AUTHENTICATED);
-	} else if (!ast_strlen_zero(md5secret) || !ast_strlen_zero(secret)) {
-		if (authdebug)
-			ast_log(LOG_NOTICE, "Inappropriate authentication received\n");
+	} else if (!ast_strlen_zero(iaxs[callno]->secret) || !ast_strlen_zero(iaxs[callno]->inkeys)) {
+		if (authdebug &&
+			((!ast_strlen_zero(iaxs[callno]->secret) && (p->authmethods & IAX_AUTH_MD5) && !ast_strlen_zero(iaxs[callno]->challenge)) ||
+			 (!ast_strlen_zero(iaxs[callno]->inkeys) && (p->authmethods & IAX_AUTH_RSA) && !ast_strlen_zero(iaxs[callno]->challenge)))) {
+			ast_log(LOG_NOTICE, "Inappropriate authentication received for '%s'\n", p->name);
+		} /* ELSE this is the first time through and no challenge exists, so it's not quite yet a failure. */
 		goto return_unref;
 	}
+	ast_device_state_changed("IAX2/%s", p->name); /* Activate notification */
+
+return_unref:
 	ast_string_field_set(iaxs[callno], peer, peer);
 	/* Choose lowest expiry number */
 	if (expire && (expire < iaxs[callno]->expiry)) 
 		iaxs[callno]->expiry = expire;
 
-	ast_device_state_changed("IAX2/%s", p->name); /* Activate notification */
-
 	res = 0;
 
-return_unref:
 	if (p)
 		peer_unref(p);
 
@@ -6376,7 +6382,6 @@
 	struct iax2_peer *p;
 	char challenge[10];
 	const char *peer_name;
-	int res = -1;
 	int sentauthmethod;
 
 	peer_name = ast_strdupa(iaxs[callno]->peer);
@@ -6390,11 +6395,7 @@
 	ast_mutex_lock(&iaxsl[callno]);
 	if (!iaxs[callno])
 		goto return_unref;
-	if (!p && !delayreject) {
-		ast_log(LOG_WARNING, "No such peer '%s'\n", peer_name);
-		goto return_unref;
-	}
-	
+
 	memset(&ied, 0, sizeof(ied));
 	/* The selection of which delayed reject is sent may leak information,
 	 * if it sets a static response.  For example, if a host is known to only
@@ -6412,12 +6413,12 @@
 	}
 	iax_ie_append_str(&ied, IAX_IE_USERNAME, peer_name);
 
-	res = 0;
-
 return_unref:
-	peer_unref(p);
-
-	return res ? res : send_command(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_REGAUTH, 0, ied.buf, ied.pos, -1);;
+	if (p) {
+		peer_unref(p);
+	}
+
+	return iaxs[callno] ? send_command(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_REGAUTH, 0, ied.buf, ied.pos, -1) : -1;
 }
 
 static int registry_rerequest(struct iax_ies *ies, int callno, struct sockaddr_in *sin)