diff options
author | Joshua Colp <jcolp@digium.com> | 2015-05-05 10:13:23 -0500 |
---|---|---|
committer | Gerrit Code Review <gerrit2@gerrit.digium.api> | 2015-05-05 10:13:23 -0500 |
commit | f45833c9ade260f8cf866e65cd29eb146bdd559e (patch) | |
tree | e254e4b48ceeabe4d8ad87393e203e74fa700454 /channels/chan_sip.c | |
parent | 4f4aaa0c30d04f7dc6d0939dbfef1d320b3302d2 (diff) | |
parent | 11ffcf662f6b19eb0e9d5f8914d379ebef0177c4 (diff) |
Merge "Restrict functionality when ACLs are misconfigured."
Diffstat (limited to 'channels/chan_sip.c')
-rw-r--r-- | channels/chan_sip.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 468bfbecb..528e208d9 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -30608,7 +30608,9 @@ static struct sip_peer *build_peer(const char *name, struct ast_variable *v, str ast_append_acl(v->name, v->value, &peer->acl, &ha_error, &acl_change_subscription_needed); } if (ha_error) { - ast_log(LOG_ERROR, "Bad ACL entry in configuration line %d : %s\n", v->lineno, v->value); + ast_log(LOG_ERROR, "Bad ACL entry in configuration line %d : %s. Deleting peer\n", v->lineno, v->value); + sip_unref_peer(peer, "Removing peer due to bad ACL configuration"); + return NULL; } } else if (!strcasecmp(v->name, "contactpermit") || !strcasecmp(v->name, "contactdeny") || !strcasecmp(v->name, "contactacl")) { int ha_error = 0; @@ -30616,13 +30618,17 @@ static struct sip_peer *build_peer(const char *name, struct ast_variable *v, str ast_append_acl(v->name + 7, v->value, &peer->contactacl, &ha_error, &acl_change_subscription_needed); } if (ha_error) { - ast_log(LOG_ERROR, "Bad ACL entry in configuration line %d : %s\n", v->lineno, v->value); + ast_log(LOG_ERROR, "Bad ACL entry in configuration line %d : %s. Deleting peer\n", v->lineno, v->value); + sip_unref_peer(peer, "Removing peer due to bad contact ACL configuration"); + return NULL; } } else if (!strcasecmp(v->name, "directmediapermit") || !strcasecmp(v->name, "directmediadeny") || !strcasecmp(v->name, "directmediaacl")) { int ha_error = 0; ast_append_acl(v->name + 11, v->value, &peer->directmediaacl, &ha_error, &acl_change_subscription_needed); if (ha_error) { - ast_log(LOG_ERROR, "Bad directmedia ACL entry in configuration line %d : %s\n", v->lineno, v->value); + ast_log(LOG_ERROR, "Bad directmedia ACL entry in configuration line %d : %s. Deleting peer\n", v->lineno, v->value); + sip_unref_peer(peer, "Removing peer due to bad direct media ACL configuration"); + return NULL; } } else if (!strcasecmp(v->name, "port")) { peer->portinuri = 1; @@ -31566,7 +31572,8 @@ static int reload_config(enum channelreloadreason reason) int ha_error = 0; ast_append_acl(v->name + 7, v->value, &sip_cfg.contact_acl, &ha_error, &acl_change_subscription_needed); if (ha_error) { - ast_log(LOG_ERROR, "Bad ACL entry in configuration line %d : %s\n", v->lineno, v->value); + ast_log(LOG_ERROR, "Bad ACL entry in configuration line %d : %s. Failing to load chan_sip.so\n", v->lineno, v->value); + return -1; } } else if (!strcasecmp(v->name, "rtautoclear")) { int i = atoi(v->value); |