[asterisk-dev] Asterisk 1.8.0-beta1 is Now Available! - crashes for me
Mark Michelson
mmichelson at digium.com
Mon Jul 26 09:50:55 CDT 2010
On 07/26/2010 09:26 AM, Mark Michelson wrote:
> The error messages are a result of having the "dynamic_exclude_static"
> option enabled in sip.conf. The idea behind the option is to create a
> "contactdeny" ACL for the current peer's IP address so that if another
> endpoint tries to send a REGISTER to Asterisk with that same IP address
> in its contact header, Asterisk will deny the registration attempt.
>
> I took a look at the code in 1.6.2, and I'm convinced this option is not
> working as intended, at least not in most cases. The problem is that on
> an initial load of chan_sip, the current peer's IP address has not been
> set (it's all 0s) when the host is parsed. The result is that a
> contactdeny of 0.0.0.0/32 is likely getting created most of the time. On
> reloads, the problem may be worse because if you are changing the host
> line for a peer, then the code may end up creating an ACL based on the
> peer's old IP address instead of its new one.
>
> In 1.8.0-beta1, The section is different since we are using the new
> netsock2 API that allows for IPv6 addresses to be used. We attempt to
> get a string representation of the peer's IP address, which like in
> 1.6.2 is all 0s at the time the host line is parsed. The result is the
> literal string "(null)." We then try to pass this off to the ACL code,
> which of course says that it is a badly-formatted IP address. The result
> is the trio of messages starting with the getaddrinfo error, leading to
> the "Invalid IP address" warning, and leading then to the "Bad ACL
> entry" error. So it seems like the increased number of error messages in
> 1.8.0-beta1 has actually exposed a bug that exists in earlier Asterisks
> as well.
>
> The proper fix in both 1.6.2 and 1.8 is to wait and add the contactdeny
> ACL after the peer's IP address is known to be set to a valid value.
> This may be as easy as moving a block of code lower down in the
> build_peer() function than it currently is.
>
I went ahead and opened issue 17717
(https://issues.asterisk.org/view.php?id=17717)
<https://issues.asterisk.org/view.php?id=17717>
It contains the above text as a description. You can keep up with
further developments on the issue.
Mark Michelson
More information about the asterisk-dev
mailing list