<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/1899/">https://reviewboard.asterisk.org/r/1899/</a>
</td>
</tr>
</table>
<br />
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/media/rb/images/review_request_box_top_bg.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers, Mark Michelson and Matt Jordan.</div>
<div>By jrose.</div>
<p style="color: grey;"><i>Updated May 18, 2012, 9:36 a.m.</i></p>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Changes</h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">add issue</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Prior to this patch, when comparing the host address to the allowable set of host addresses, the address of a peer would be compared to its own allowable address. What we wanted with this was for the host to use the opposed peer's address for checking whether or not directmedia should be allowed. This patch does that by getting the bridged channel's pvt and using that pvt's directmediaha to compare against to compare with.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">I had some test code in here while I was testing to make sure all of this made sense... it would basically print the acls being used for comparisons along with the ip addresses being compared.
2 phones with ip addresses 10.24.22.201 and 10.24.22.193 (shortened to 201 and 193).
Prior to the patch:
[201]
directmediadeny = 0.0.0.0
directmediapermit = 10.24.22.193
When 193 called 201, directmedia would be prevented because the ip address of 201 didn't match the directmediapermit address. When 201 called 193, directmedia would work as no directmedia ha would actually be touched.
After the patch, 193 to 201 results in a connection because two comparisons occured, the first was 201 against 193's directmediaha (which was empty so that check passed). The second was 193 against 201's directmediaha (which permits 193, so it passed direct media connected).
In a second scenario, the following was applied:
[201]
directmediapermit = 0.0.0.0
directmediadeny = 10.24.22.193
and another phone with a different IP address was added.
With the patch, calling 201 from 193 resulted in no directmedia connection when 193 compared against 201's directmediaha and was rejected. The new phone passed the check since it used a different IP address. Calls from 201 to 193 similarly didn't do a directmedia connection because of the same filter on 201 rejecting 193.
Unfortunately, video, text, and udptl couldn't really be checked, but the concepts are the same so it should probably be ok.</pre>
</td>
</tr>
</table>
<div style="margin-top: 1.5em;">
<b style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Bugs: </b>
<a href="https://issues.asterisk.org/jira/browse/AST-876">AST-876</a>
</div>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/branches/1.8/channels/chan_sip.c <span style="color: grey">(364839)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/1899/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>