Merged revisions 129803 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r129803 | tilghman | 2008-07-10 16:57:05 -0500 (Thu, 10 Jul 2008) | 8 lines Correctly deal with duplicate NEW frames (due to retransmission). Also, fixup the destination call number matching to be more strict and reliable. (closes issue #12963) Reported by: jpgrayson Patches: chan_iax2_dup_new_fix3.patch uploaded by jpgrayson (license 492) Tested by: jpgrayson, Corydon76 ........ git-svn-id: http://svn.digium.com/svn/asterisk/trunk@129804 f38db490-d61c-443f-a65b-d21fe96a405b
2008-07-10 22:06:07 +00:00 · 2008-07-10 22:06:07 +00:00 · e9fe1993bd
parent f44182fcf4
commit e9fe1993bd
1 changed files with 45 additions and 45 deletions
--- a/channels/chan_iax2.c
+++ b/channels/chan_iax2.c
@ -1496,13 +1496,13 @@ static struct iax_frame *iaxfrdup2(struct iax_frame *fr)
 #define NEW_ALLOW 	1
 #define NEW_FORCE 	2

-static int match(struct sockaddr_in *sin, unsigned short callno, unsigned short dcallno, const struct chan_iax2_pvt *cur, int check_dcallno)
+static int match(struct sockaddr_in *sin, unsigned short callno, unsigned short dcallno, const struct chan_iax2_pvt *cur)
 {
 	if ((cur->addr.sin_addr.s_addr == sin->sin_addr.s_addr) &&
 		(cur->addr.sin_port == sin->sin_port)) {
 		/* This is the main host */
 		if ( (cur->peercallno == 0 || cur->peercallno == callno) &&
-			 (check_dcallno ? dcallno == cur->callno : 1) ) {
+				(dcallno == 0 || cur->callno == dcallno) ) {
 			/* That's us.  Be sure we keep track of the peer call number */
 			return 1;
 		}
@ -1620,7 +1620,7 @@ static void remove_by_peercallno(struct chan_iax2_pvt *pvt)
 /*
 * \note Calling this function while holding another pvt lock can cause a deadlock.
 */
-static int __find_callno(unsigned short callno, unsigned short dcallno, struct sockaddr_in *sin, int new, int sockfd, int return_locked, int check_dcallno)
+static int __find_callno(unsigned short callno, unsigned short dcallno, struct sockaddr_in *sin, int new, int sockfd, int return_locked)
 {
 	int res = 0;
 	int x;
@ -1633,8 +1633,6 @@ static int __find_callno(unsigned short callno, unsigned short dcallno, struct s
 			struct chan_iax2_pvt tmp_pvt = {
 				.callno = dcallno,
 				.peercallno = callno,
-				/* hack!! */
-				.frames_received = check_dcallno,
 			};

 			memcpy(&tmp_pvt.addr, sin, sizeof(tmp_pvt.addr));
@ -1652,7 +1650,7 @@ static int __find_callno(unsigned short callno, unsigned short dcallno, struct s

 		/* This will occur on the first response to a message that we initiated,
 		 * such as a PING. */
-		if (callno && dcallno && iaxs[dcallno] && !iaxs[dcallno]->peercallno && match(sin, callno, dcallno, iaxs[dcallno], check_dcallno)) {
+		if (callno && dcallno && iaxs[dcallno] && !iaxs[dcallno]->peercallno && match(sin, callno, dcallno, iaxs[dcallno])) {
 			iaxs[dcallno]->peercallno = callno;
 			res = dcallno;
 			store_by_peercallno(iaxs[dcallno]);
@ -1675,7 +1673,7 @@ static int __find_callno(unsigned short callno, unsigned short dcallno, struct s
 			ast_mutex_lock(&iaxsl[x]);
 			if (iaxs[x]) {
 				/* Look for an exact match */
-				if (match(sin, callno, dcallno, iaxs[x], check_dcallno)) {
+				if (match(sin, callno, dcallno, iaxs[x])) {
 					res = x;
 				}
 			}
@ -1686,7 +1684,7 @@ static int __find_callno(unsigned short callno, unsigned short dcallno, struct s
 			ast_mutex_lock(&iaxsl[x]);
 			if (iaxs[x]) {
 				/* Look for an exact match */
-				if (match(sin, callno, dcallno, iaxs[x], check_dcallno)) {
+				if (match(sin, callno, dcallno, iaxs[x])) {
 					res = x;
 				}
 			}
@ -1770,14 +1768,14 @@ static int __find_callno(unsigned short callno, unsigned short dcallno, struct s
 	return res;
 }

-static int find_callno(unsigned short callno, unsigned short dcallno, struct sockaddr_in *sin, int new, int sockfd, int full_frame) {
+static int find_callno(unsigned short callno, unsigned short dcallno, struct sockaddr_in *sin, int new, int sockfd) {

-	return __find_callno(callno, dcallno, sin, new, sockfd, 0, full_frame);
+	return __find_callno(callno, dcallno, sin, new, sockfd, 0);
 }

-static int find_callno_locked(unsigned short callno, unsigned short dcallno, struct sockaddr_in *sin, int new, int sockfd, int full_frame) {
+static int find_callno_locked(unsigned short callno, unsigned short dcallno, struct sockaddr_in *sin, int new, int sockfd) {

-	return __find_callno(callno, dcallno, sin, new, sockfd, 1, full_frame);
+	return __find_callno(callno, dcallno, sin, new, sockfd, 1);
 }

 /*!
@ -7825,7 +7823,7 @@ static int socket_process_meta(int packet_len, struct ast_iax2_meta_hdr *meta, s
 		/* Stop if we don't have enough data */
 		if (len > packet_len)
 			break;
-		fr->callno = find_callno_locked(callno & ~IAX_FLAG_FULL, 0, sin, NEW_PREVENT, sockfd, 0);
+		fr->callno = find_callno_locked(callno & ~IAX_FLAG_FULL, 0, sin, NEW_PREVENT, sockfd);
 		if (!fr->callno)
 			continue;

@ -8008,7 +8006,7 @@ static int socket_process(struct iax2_thread *thread)
 		}

 		/* This is a video frame, get call number */
-		fr->callno = find_callno(ntohs(vh->callno) & ~0x8000, dcallno, &sin, new, fd, 0);
+		fr->callno = find_callno(ntohs(vh->callno) & ~0x8000, dcallno, &sin, new, fd);
 		minivid = 1;
 	} else if ((meta->zeros == 0) && !(ntohs(meta->metacmd) & 0x8000))
 		return socket_process_meta(res, meta, &sin, fd, fr);
@ -8023,8 +8021,6 @@ static int socket_process(struct iax2_thread *thread)
 			return 1;
 		}

-		/* Get the destination call number */
-		dcallno = ntohs(fh->dcallno) & ~IAX_FLAG_RETRANS;
 		/* Retrieve the type and subclass */
 		f.frametype = fh->type;
 		if (f.frametype == AST_FRAME_VIDEO) {
@ -8032,6 +8028,31 @@ static int socket_process(struct iax2_thread *thread)
 		} else {
 			f.subclass = uncompress_subclass(fh->csub);
 		}
+
+		/*
+		 * We enforce accurate destination call numbers for all full frames except
+		 * NEW, LAGRQ, and PING commands. For these, we leave dcallno set to 0 to
+		 * avoid having find_callno() use it when matching against existing calls.
+		 *
+		 * For NEW commands, the destination call is always ignored. See section
+		 * 6.2.2 of the iax2 RFC.
+		 * 
+		 * For LAGRQ and PING commands, this is because older versions of Asterisk
+		 * schedule these commands to get sent very quickly, and they will sometimes
+		 * be sent before they receive the first frame from the other side.  When
+		 * that happens, it doesn't contain the destination call number.  However,
+		 * not checking it for these frames is safe.
+		 *
+		 * Discussed in the following thread:
+		 * http://lists.digium.com/pipermail/asterisk-dev/2008-May/033217.html 
+		 */
+		if (f.frametype != AST_FRAME_IAX ||
+				(f.subclass != IAX_COMMAND_NEW &&
+				 f.subclass != IAX_COMMAND_PING &&
+				 f.subclass != IAX_COMMAND_LAGRQ)) {
+			/* Get the destination call number */
+			dcallno = ntohs(fh->dcallno) & ~IAX_FLAG_RETRANS;
+		}
 		if ((f.frametype == AST_FRAME_IAX) && ((f.subclass == IAX_COMMAND_NEW) || (f.subclass == IAX_COMMAND_REGREQ) ||
 						       (f.subclass == IAX_COMMAND_POKE) || (f.subclass == IAX_COMMAND_FWDOWNL) ||
 						       (f.subclass == IAX_COMMAND_REGREL)))
@ -8043,25 +8064,7 @@ static int socket_process(struct iax2_thread *thread)
 	}

 	if (!fr->callno) {
-		int check_dcallno = 0;
-
-		/*
-		 * We enforce accurate destination call numbers for all full frames except
-		 * LAGRQ and PING commands.  This is because older versions of Asterisk
-		 * schedule these commands to get sent very quickly, and they will sometimes
-		 * be sent before they receive the first frame from the other side.  When
-		 * that happens, it doesn't contain the destination call number.  However,
-		 * not checking it for these frames is safe.
-		 * 
-		 * Discussed in the following thread:
-		 *    http://lists.digium.com/pipermail/asterisk-dev/2008-May/033217.html 
-		 */
-
-		if (ntohs(mh->callno) & IAX_FLAG_FULL) {
-			check_dcallno = f.frametype == AST_FRAME_IAX ? (f.subclass != IAX_COMMAND_PING && f.subclass != IAX_COMMAND_LAGRQ) : 1;
-		}
-
-		fr->callno = find_callno(ntohs(mh->callno) & ~IAX_FLAG_FULL, dcallno, &sin, new, fd, check_dcallno);
+		fr->callno = find_callno(ntohs(mh->callno) & ~IAX_FLAG_FULL, dcallno, &sin, new, fd);
 	}

 	if (fr->callno > 0)
@ -8148,6 +8151,7 @@ static int socket_process(struct iax2_thread *thread)
 			if (
 			 ((f.subclass != IAX_COMMAND_ACK) &&
 			  (f.subclass != IAX_COMMAND_INVAL) &&
+			  (f.subclass != IAX_COMMAND_NEW) &&        /* for duplicate/retrans NEW frames */
 			  (f.subclass != IAX_COMMAND_TXCNT) &&
 			  (f.subclass != IAX_COMMAND_TXREADY) &&		/* for attended transfer */
 			  (f.subclass != IAX_COMMAND_TXREL) &&		/* for attended transfer */
@ -9721,7 +9725,7 @@ static int iax2_do_register(struct iax2_registry *reg)

 	if (!reg->callno) {
 		ast_debug(3, "Allocate call number\n");
-		reg->callno = find_callno_locked(0, 0, &reg->addr, NEW_FORCE, defaultsockfd, 0);
+		reg->callno = find_callno_locked(0, 0, &reg->addr, NEW_FORCE, defaultsockfd);
 		if (reg->callno < 1) {
 			ast_log(LOG_WARNING, "Unable to create call for registration\n");
 			return -1;
@ -9772,7 +9776,7 @@ static int iax2_provision(struct sockaddr_in *end, int sockfd, char *dest, const
 	memset(&ied, 0, sizeof(ied));
 	iax_ie_append_raw(&ied, IAX_IE_PROVISIONING, provdata.buf, provdata.pos);

-	callno = find_callno_locked(0, 0, &sin, NEW_FORCE, cai.sockfd, 0);
+	callno = find_callno_locked(0, 0, &sin, NEW_FORCE, cai.sockfd);
 	if (!callno)
 		return -1;

@ -9933,7 +9937,7 @@ static int iax2_poke_peer(struct iax2_peer *peer, int heldcall)
 	}
 	if (heldcall)
 		ast_mutex_unlock(&iaxsl[heldcall]);
-	callno = peer->callno = find_callno(0, 0, &peer->addr, NEW_FORCE, peer->sockfd, 0);
+	callno = peer->callno = find_callno(0, 0, &peer->addr, NEW_FORCE, peer->sockfd);
 	if (heldcall)
 		ast_mutex_lock(&iaxsl[heldcall]);
 	if (peer->callno < 1) {
@ -10016,7 +10020,7 @@ static struct ast_channel *iax2_request(const char *type, int format, void *data
 	if (pds.port)
 		sin.sin_port = htons(atoi(pds.port));

-	callno = find_callno_locked(0, 0, &sin, NEW_FORCE, cai.sockfd, 0);
+	callno = find_callno_locked(0, 0, &sin, NEW_FORCE, cai.sockfd);
 	if (callno < 1) {
 		ast_log(LOG_WARNING, "Unable to create call\n");
 		*cause = AST_CAUSE_CONGESTION;
@ -11380,7 +11384,7 @@ static int cache_get_callno_locked(const char *data)
 	ast_debug(1, "peer: %s, username: %s, password: %s, context: %s\n",
 		pds.peer, pds.username, pds.password, pds.context);

-	callno = find_callno_locked(0, 0, &sin, NEW_FORCE, cai.sockfd, 0);
+	callno = find_callno_locked(0, 0, &sin, NEW_FORCE, cai.sockfd);
 	if (callno < 1) {
 		ast_log(LOG_WARNING, "Unable to create call\n");
 		return -1;
@ -12104,11 +12108,7 @@ static int pvt_cmp_cb(void *obj, void *arg, int flags)
 {
 	struct chan_iax2_pvt *pvt = obj, *pvt2 = arg;

-	/* The frames_received field is used to hold whether we're matching
-	 * against a full frame or not ... */
-
-	return match(&pvt2->addr, pvt2->peercallno, pvt2->callno, pvt, 
-		pvt2->frames_received) ? CMP_MATCH : 0;
+	return match(&pvt2->addr, pvt2->peercallno, pvt2->callno, pvt) ? CMP_MATCH : 0;
 }

 /*! \brief Load IAX2 module, load configuraiton ---*/