diff options
author | Alexander Traud <pabstraud@compuserve.com> | 2017-12-04 12:27:02 +0100 |
---|---|---|
committer | Alexander Traud <pabstraud@compuserve.com> | 2017-12-04 12:54:05 +0100 |
commit | b2c4e8660a9c89d07041271371151779b7ec75f6 (patch) | |
tree | 6a3cfdf7f363a5a382e8ff351500956eca622937 | |
parent | 075faac2fd74a79b4f418d1d02a864383b076d05 (diff) |
chan_sip: Peers with distinct source ports don't match, regardless of transport.
Previously, peers connected via TCP (or TLS) were matched by ignoring their
source port. One cannot say anything when protocol:IP:port match, yes (see
<http://stackoverflow.com/q/3329641>). However, when the ports do not match, the
peers do not match as well.
This change allows two peers connected to an Asterisk server via TCP (or TLS)
behind a NAT (= same source IP address) to be differentiated via their port as
well.
ASTERISK-27457
Reported by: Stephane Chazelas
Change-Id: Id190428bf1d931f2dbfd4b293f53ff8f20d98efa
-rw-r--r-- | channels/chan_sip.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/channels/chan_sip.c b/channels/chan_sip.c index a829e2039..72436dfa1 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -34392,10 +34392,9 @@ static int peer_ipcmp_cb_full(void *obj, void *arg, void *data, int flags) } /* We matched the IP, check to see if we need to match by port as well. */ - if ((peer->transports & peer2->transports) & (AST_TRANSPORT_TLS | AST_TRANSPORT_TCP)) { - /* peer matching on port is not possible with TCP/TLS */ - return CMP_MATCH | CMP_STOP; - } else if (ast_test_flag(&peer2->flags[0], SIP_INSECURE_PORT)) { + if (((peer->transports & peer2->transports) & + (AST_TRANSPORT_UDP | AST_TRANSPORT_WS | AST_TRANSPORT_WSS)) && + ast_test_flag(&peer2->flags[0], SIP_INSECURE_PORT)) { /* We are allowing match without port for peers configured that * way in this pass through the peers. */ return ast_test_flag(&peer->flags[0], SIP_INSECURE_PORT) ? |