Asterisk
/
asterisk
mirror of https://github.com/asterisk/asterisk
1
0
Fork 0
Code Issues Releases Wiki Activity

Merged following patch with a lot of changes for 1.4

Browse Source 
------

Merged revisions 64514 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/branches/1.2

........
r64514 | oej | 2007-05-16 10:25:56 +0200 (Wed, 16 May 2007) | 6 lines

Issue #9726 - rlister - Better logging for ACL denials

While at it, also added better logging and handling of peers that are not supposed to register.

My patch, stole the issue report from Russell. My apologies, Russell :-)

........


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@64516 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1.4
Olle Johansson 18 years ago
parent d17174cfc1
commit 56af259505
1 changed files with 22 additions and 23 deletions
Show Stats Download Patch File Download Diff File

45
channels/chan_sip.c
Unescape View File

@ -341,6 +341,8 @@ enum check_auth_result {
AUTH_NOT_FOUND = -3,
AUTH_FAKE_AUTH = -4,
AUTH_UNKNOWN_DOMAIN = -5,
AUTH_PEER_NOT_DYNAMIC = -6,
AUTH_ACL_FAILED = -7,
};
/*! \brief States for outbound registrations (with register= lines in sip.conf */
@ -8343,6 +8345,7 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
if (peer)
ASTOBJ_UNREF(peer, sip_destroy_peer);
peer = NULL;
res = AUTH_ACL_FAILED;
}
if (peer) {
/* Set Frame packetization */
@ -8352,6 +8355,7 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
}
if (!ast_test_flag(&peer->flags[1], SIP_PAGE2_DYNAMIC)) {
ast_log(LOG_ERROR, "Peer '%s' is trying to register, but not configured as host=dynamic\n", peer->name);
res = AUTH_PEER_NOT_DYNAMIC;
} else {
ast_copy_flags(&p->flags[0], &peer->flags[0], SIP_NAT);
transmit_response(p, "100 Trying", req);
@ -8429,35 +8433,21 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
transmit_response(p, "403 Authentication user name does not match account name", &p->initreq);
break;
case AUTH_NOT_FOUND:
case AUTH_PEER_NOT_DYNAMIC:
case AUTH_ACL_FAILED:
if (global_alwaysauthreject) {
transmit_fake_auth_response(p, &p->initreq, 1);
} else {
/* URI not found */
transmit_response(p, "404 Not found", &p->initreq);
if (res == AUTH_UNKNOWN_DOMAIN || res == AUTH_PEER_NOT_DYNAMIC)
transmit_response(p, "403 Forbidden", &p->initreq);
else
transmit_response(p, "404 Not found", &p->initreq);
}
break;
default:
break;
}
if (option_debug > 1) {
const char *reason = "";
switch (res) {
case AUTH_SECRET_FAILED:
reason = "Bad password";
break;
case AUTH_USERNAME_MISMATCH:
reason = "Bad digest user";
break;
case AUTH_NOT_FOUND:
reason = "Peer not found";
break;
default:
break;
}
ast_log(LOG_DEBUG, "SIP REGISTER attempt failed for %s : %s\n",
peer->name, reason);
}
}
if (peer)
ASTOBJ_UNREF(peer, sip_destroy_peer);
@ -14630,7 +14620,7 @@ static int handle_request_register(struct sip_pvt *p, struct sip_request *req, s
copy_request(&p->initreq, req);
check_via(p, req);
if ((res = register_verify(p, sin, req, e)) < 0) {
const char *reason = "";
const char *reason;
switch (res) {
case AUTH_SECRET_FAILED:
@ -14645,19 +14635,28 @@ static int handle_request_register(struct sip_pvt *p, struct sip_request *req, s
case AUTH_UNKNOWN_DOMAIN:
reason = "Not a local domain";
break;
case AUTH_PEER_NOT_DYNAMIC:
reason = "Peer is not supposed to register";
break;
case AUTH_ACL_FAILED:
reason = "Device does not match ACL";
break;
default:
reason = "Unknown failure";
break;
}
ast_log(LOG_NOTICE, "Registration from '%s' failed for '%s' - %s\n",
get_header(req, "To"), ast_inet_ntoa(sin->sin_addr),
reason);
}
append_history(p, "RegRequest", "Failed : Account %s : %s", get_header(req, "To"), reason);
} else
append_history(p, "RegRequest", "Succeeded : Account %s", get_header(req, "To"));
if (res < 1) {
/* Destroy the session, but keep us around for just a bit in case they don't
get our 200 OK */
sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
}
append_history(p, "RegRequest", "%s : Account %s", res ? "Failed": "Succeeded", get_header(req, "To"));
return res;
}

Write Preview
Loading…
Cancel
Save