首页 发现 帮助
登录
Kamailio
/
kamailio
镜像自地址 https://github.com/kamailio/kamailio.git
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

modules_k/permissions: allow_trusted() doesn't work for HTTP requests

- This is because HTTP requests don't have From: headers.
- Fixed by only checking From-URIs for SIP requests.
Peter Dunkley 13 年之前
父节点
c3caaa4c12
当前提交
462a7b4c00
共有 2 个文件被更改,包括 21 次插入16 次删除
合并视图 显示文件统计
  1. 11 8
      modules_k/permissions/hash.c
  2. 10 8
      modules_k/permissions/trusted.c

+ 11 - 8
modules_k/permissions/hash.c
查看文件 

@@ -218,21 +218,24 @@ int match_hash_table(struct trusted_list** table, struct sip_msg* msg,
 
 	src_ip.s = src_ip_c_str;
 
 	src_ip.s = src_ip_c_str;
 
 	src_ip.len = strlen(src_ip.s);
 
 	src_ip.len = strlen(src_ip.s);
 
 
 
-	if (parse_from_header(msg) < 0) return -1;
 
-	uri = get_from(msg)->uri;
 
-	if (uri.len > MAX_URI_SIZE) {
 
-		LM_ERR("from URI too large\n");
 
-		return -1;
 
+	if (IS_SIP(msg))
 
+	{
 
+		if (parse_from_header(msg) < 0) return -1;
 
+		uri = get_from(msg)->uri;
 
+		if (uri.len > MAX_URI_SIZE) {
 
+			LM_ERR("from URI too large\n");
 
+			return -1;
 
+		}
 
+		memcpy(uri_string, uri.s, uri.len);
 
+		uri_string[uri.len] = (char)0;
 
 	}
 
 	}
 
-	memcpy(uri_string, uri.s, uri.len);
 
-	uri_string[uri.len] = (char)0;
 
 
 
 	for (np = table[perm_hash(src_ip)]; np != NULL; np = np->next) {
 
 	for (np = table[perm_hash(src_ip)]; np != NULL; np = np->next) {
 
 	    if ((np->src_ip.len == src_ip.len) && 
 	    if ((np->src_ip.len == src_ip.len) && 
 		(strncmp(np->src_ip.s, src_ip.s, src_ip.len) == 0) &&
 
 		(strncmp(np->src_ip.s, src_ip.s, src_ip.len) == 0) &&
 
 		((np->proto == PROTO_NONE) || (proto == PROTO_NONE) ||
 
 		((np->proto == PROTO_NONE) || (proto == PROTO_NONE) ||
 
 		 (np->proto == proto))) {
 
 		 (np->proto == proto))) {
 
-		if (np->pattern) {
 
+		if (np->pattern && IS_SIP(msg)) {
 
 		    if (regcomp(&preg, np->pattern, REG_NOSUB)) {
 
 		    if (regcomp(&preg, np->pattern, REG_NOSUB)) {
 
 			LM_ERR("invalid regular expression\n");
 
 			LM_ERR("invalid regular expression\n");
 
 			continue;
 
 			continue;

+ 10 - 8
modules_k/permissions/trusted.c
查看文件 

@@ -344,14 +344,16 @@ static int match_res(struct sip_msg* msg, int proto, db1_res_t* _r)
 
 	int_str tag_avp, avp_val;
 
 	int_str tag_avp, avp_val;
 
 	int count = 0;
 
 	int count = 0;
 
 
 
-	if (parse_from_header(msg) < 0) return -1;
 
-	uri = get_from(msg)->uri;
 
-	if (uri.len > MAX_URI_SIZE) {
 
-		LM_ERR("message has From URI too large\n");
 
-		return -1;
 
+	if (IS_SIP(msg)) {
 
+		if (parse_from_header(msg) < 0) return -1;
 
+		uri = get_from(msg)->uri;
 
+		if (uri.len > MAX_URI_SIZE) {
 
+			LM_ERR("message has From URI too large\n");
 
+			return -1;
 
+		}
 
+		memcpy(uri_string, uri.s, uri.len);
 
+		uri_string[uri.len] = (char)0;
 
 	}
 
 	}
 
-	memcpy(uri_string, uri.s, uri.len);
 
-	uri_string[uri.len] = (char)0;
 
 	get_tag_avp(&tag_avp, &tag_avp_type);
 
 	get_tag_avp(&tag_avp, &tag_avp_type);
 
 
 
 	row = RES_ROWS(_r);
 
 	row = RES_ROWS(_r);
 
@@ -366,7 +368,7 @@ static int match_res(struct sip_msg* msg, int proto, db1_res_t* _r)
 
 		    (VAL_NULL(val + 2) ||
 
 		    (VAL_NULL(val + 2) ||
 
 		      ((VAL_TYPE(val + 2) == DB1_STRING) && !VAL_NULL(val + 2))))
 
 		      ((VAL_TYPE(val + 2) == DB1_STRING) && !VAL_NULL(val + 2))))
 
 		{
 
 		{
 
-			if (!VAL_NULL(val + 1)) {
 
+			if (!VAL_NULL(val + 1) && IS_SIP(msg)) {
 
 				if (regcomp(&preg, (char *)VAL_STRING(val + 1), REG_NOSUB)) {
 
 				if (regcomp(&preg, (char *)VAL_STRING(val + 1), REG_NOSUB)) {
 
 					LM_ERR("invalid regular expression\n");
 
 					LM_ERR("invalid regular expression\n");
 
 					continue;
 
 					continue;