Merged revisions 93667 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.2 ........ r93667 | tilghman | 2007-12-18 12:23:06 -0600 (Tue, 18 Dec 2007) | 2 lines Fixing AST-2007-027 (Closes issue #11119) ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@93668 65c4cc65-6c06-0410-ace0-fbb531ad65f3
18 years ago · be17d99712
parent 62fa8dfbfa
commit be17d99712
2 changed files with 93 additions and 9 deletions
--- a/channels/chan_iax2.c
+++ b/channels/chan_iax2.c
@ -2680,9 +2680,11 @@ static struct iax2_peer *realtime_peer(const char *peername, struct sockaddr_in
 	time_t regseconds = 0, nowtime;
 	int dynamic=0;
-	if (peername)
+	if (peername) {
-		var = ast_load_realtime("iaxpeers", "name", peername, NULL);
+		var = ast_load_realtime("iaxpeers", "name", peername, "host", "dynamic", NULL);
-	else {
+		if (!var && sin)
 			var = ast_load_realtime("iaxpeers", "name", peername, "host", ast_inet_ntoa(sin->sin_addr));
 	} else if (sin) {
 		char porta[25];
 		sprintf(porta, "%d", ntohs(sin->sin_port));
 		var = ast_load_realtime("iaxpeers", "ipaddr", ast_inet_ntoa(sin->sin_addr), "port", porta, NULL);
@ -2694,6 +2696,29 @@ static struct iax2_peer *realtime_peer(const char *peername, struct sockaddr_in
 			}
 		}
 	}
 	if (!var) { /* Last ditch effort */
 		var = ast_load_realtime("iaxpeers", "name", peername, NULL);
 		/*!\note
 		 * If this one loaded something, then we need to ensure that the host
 		 * field matched.  The only reason why we can't have this as a criteria
 		 * is because we only have the IP address and the host field might be
 		 * set as a name (and the reverse PTR might not match).
 		 */
 		if (var) {
 			for (tmp = var; tmp; tmp = tmp->next) {
 				if (!strcasecmp(tmp->name, "host")) {
 					struct in_addr sin2 = { 0, };
 					struct ast_dnsmgr_entry *dnsmgr = NULL;
 					if ((ast_dnsmgr_lookup(tmp->value, &sin2, &dnsmgr) < 0) || (memcmp(&sin2, &sin->sin_addr, sizeof(sin2)) != 0)) {
 						/* No match */
 						ast_variables_destroy(var);
 						var = NULL;
 					}
 					break;
 				}
 			}
 		}
 	}
 	if (!var)
 		return NULL;
@ -2769,13 +2794,45 @@ static struct iax2_peer *realtime_peer(const char *peername, struct sockaddr_in
 	return peer;
 }
-static struct iax2_user *realtime_user(const char *username)
+static struct iax2_user *realtime_user(const char *username, struct sockaddr_in *sin)
 {
 	struct ast_variable *var;
 	struct ast_variable *tmp;
 	struct iax2_user *user=NULL;
 	var = ast_load_realtime("iaxusers", "name", username, "host", "dynamic", NULL);
 	if (!var)
 		var = ast_load_realtime("iaxusers", "name", username, "host", ast_inet_ntoa(sin->sin_addr));
 	if (!var && sin) {
 		char porta[6];
 		snprintf(porta, sizeof(porta), "%d", ntohs(sin->sin_port));
 		var = ast_load_realtime("iaxusers", "name", username, "ipaddr", ast_inet_ntoa(sin->sin_addr), "port", porta, NULL);
 		if (!var)
 			var = ast_load_realtime("iaxusers", "ipaddr", ast_inet_ntoa(sin->sin_addr), "port", porta, NULL);
 	}
 	if (!var) { /* Last ditch effort */
 		var = ast_load_realtime("iaxusers", "name", username, NULL);
 		/*!\note
 		 * If this one loaded something, then we need to ensure that the host
 		 * field matched.  The only reason why we can't have this as a criteria
 		 * is because we only have the IP address and the host field might be
 		 * set as a name (and the reverse PTR might not match).
 		 */
 		if (var) {
 			for (tmp = var; tmp; tmp = tmp->next) {
 				if (!strcasecmp(tmp->name, "host")) {
 					struct in_addr sin2 = { 0, };
 					struct ast_dnsmgr_entry *dnsmgr = NULL;
 					if ((ast_dnsmgr_lookup(tmp->value, &sin2, &dnsmgr) < 0) || (memcmp(&sin2, &sin->sin_addr, sizeof(sin2)) != 0)) {
 						/* No match */
 						ast_variables_destroy(var);
 						var = NULL;
 					}
 					break;
 				}
 			}
 		}
 	}
 	if (!var)
 		return NULL;
@ -4970,7 +5027,7 @@ static int check_access(int callno, struct sockaddr_in *sin, struct iax_ies *ies
 	}
 	user = best;
 	if (!user && !ast_strlen_zero(iaxs[callno]->username)) {
-		user = realtime_user(iaxs[callno]->username);
+		user = realtime_user(iaxs[callno]->username, sin);
 		if (user && !ast_strlen_zero(iaxs[callno]->context) &&			/* No context specified */
 		    !apply_context(user->contexts, iaxs[callno]->context)) {		/* Context is permitted */
 			user = user_unref(user);
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@ -149,6 +149,7 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 #include "asterisk/compiler.h"
 #include "asterisk/threadstorage.h"
 #include "asterisk/translate.h"
 #include "asterisk/dnsmgr.h"
 #ifndef FALSE
 #define FALSE    0
@ -2497,9 +2498,35 @@ static struct sip_peer *realtime_peer(const char *newpeername, struct sockaddr_i
 	unsigned short portnum;
 	/* First check on peer name */
-	if (newpeername) 
+	if (newpeername) {
 		var = ast_load_realtime("sippeers", "name", newpeername, "host", "dynamic", NULL);
 		if (!var && sin) {
 			var = ast_load_realtime("sippeers", "name", newpeername, "host", ast_inet_ntoa(sin->sin_addr), NULL);
 			if (!var) {
 				var = ast_load_realtime("sippeers", "name", newpeername, NULL);
-	else if (sin) {	/* Then check on IP address */
+				/*!\note
 				 * If this one loaded something, then we need to ensure that the host
 				 * field matched.  The only reason why we can't have this as a criteria
 				 * is because we only have the IP address and the host field might be
 				 * set as a name (and the reverse PTR might not match).
 				 */
 				if (var) {
 					for (tmp = var; tmp; tmp = tmp->next) {
 						if (!strcasecmp(var->name, "host")) {
 							struct in_addr sin2 = { 0, };
 							struct ast_dnsmgr_entry *dnsmgr = NULL;
 							if ((ast_dnsmgr_lookup(tmp->value, &sin2, &dnsmgr) < 0) || (memcmp(&sin2, &sin->sin_addr, sizeof(sin2)) != 0)) {
 								/* No match */
 								ast_variables_destroy(var);
 								var = NULL;
 							}
 							break;
 						}
 					}
 				}
 			}
 		}
 	} else if (sin) {	/* Then check on IP address */
 		iabuf = ast_inet_ntoa(sin->sin_addr);
 		portnum = ntohs(sin->sin_port);
 		sprintf(portstring, "%d", portnum);