dect
/
asterisk
Archived
13
0
Fork 0
Code Releases Activity

Always authenticate when insecure is not "very" even on matching IP 

git-svn-id: http://svn.digium.com/svn/asterisk/trunk@3055 f38db490-d61c-443f-a65b-d21fe96a405b
This commit is contained in:
markster 2004-05-24 14:44:47 +00:00
parent a263f6c929
commit f9685844f3
1 changed files with 24 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
channels/chan_sip.c
View File

@ -4792,25 +4792,30 @@ static int check_user(struct sip_pvt *p, struct sip_request *req, char *cmd, cha
if (!user) {
/* If we didn't find a user match, check for peers */
ast_mutex_lock(&peerl.lock);
/* which should be used? non-mysql code uses "p->recv", but
* mysql code used "sin"
*/
/* Look for peer based on the IP address we received data from */
/* If peer is registred from this IP address or have this as a default
IP address, this call is from the peer
*/
peer = find_peer(NULL, &p->recv);
/* peer = find_peer(NULL, sin); */
ast_mutex_unlock(&peerl.lock);
if (peer) {
if (sip_debug_test_addr(sin))
ast_verbose("Found peer '%s'\n", peer->name);
/* Take the peer */
p->nat = peer->nat;
if (p->rtp) {
ast_log(LOG_DEBUG, "Setting NAT on RTP to %d\n", p->nat);
ast_rtp_setnat(p->rtp, p->nat);
}
if (p->vrtp) {
ast_log(LOG_DEBUG, "Setting NAT on VRTP to %d\n", p->nat);
ast_rtp_setnat(p->vrtp, p->nat);
}
if (sip_debug_test_addr(sin))
ast_verbose("Found peer '%s'\n", peer->name);
/* Take the peer */
p->nat = peer->nat;
if (p->rtp) {
ast_log(LOG_DEBUG, "Setting NAT on RTP to %d\n", p->nat);
ast_rtp_setnat(p->rtp, p->nat);
}
if (p->vrtp) {
ast_log(LOG_DEBUG, "Setting NAT on VRTP to %d\n", p->nat);
ast_rtp_setnat(p->vrtp, p->nat);
}
if (peer->insecure > 1) {
/* Pretend there is no required authentication if insecure is "very" */
strcpy(p->peersecret, "");
strcpy(p->peermd5secret, "");
}
if (!(res = check_auth(p, req, p->randdata, sizeof(p->randdata), peer->name, peer->secret, peer->md5secret, cmd, uri, reliable, ignore))) {
p->canreinvite = peer->canreinvite;
strncpy(p->peername, peer->name, sizeof(p->peername) - 1);
strncpy(p->authname, peer->name, sizeof(p->authname) - 1);
@ -4822,11 +4827,6 @@ static int check_user(struct sip_pvt *p, struct sip_request *req, char *cmd, cha
strncpy(p->context, peer->context, sizeof(p->context) - 1);
strncpy(p->peersecret, peer->secret, sizeof(p->peersecret) - 1);
strncpy(p->peermd5secret, peer->md5secret, sizeof(p->peermd5secret) - 1);
if (peer->insecure > 1) {
/* Pretend there is no required authentication if insecure is "very" */
strcpy(p->peersecret, "");
strcpy(p->peermd5secret, "");
}
p->callgroup = peer->callgroup;
p->pickupgroup = peer->pickupgroup;
p->capability = peer->capability;
@ -4838,6 +4838,7 @@ static int check_user(struct sip_pvt *p, struct sip_request *req, char *cmd, cha
else
p->noncodeccapability &= ~AST_RTP_DTMF;
}
}
if (peer->temponly) {
if (peer->ha) {
ast_free_ha(peer->ha);
@ -4847,6 +4848,7 @@ static int check_user(struct sip_pvt *p, struct sip_request *req, char *cmd, cha
} else
if (sip_debug_test_addr(sin))
ast_verbose("Found no matching peer or user for '%s:%d'\n", inet_ntoa(p->recv.sin_addr), ntohs(p->recv.sin_port));
ast_mutex_unlock(&peerl.lock);
}
return res;