kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-05 20:20:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

res_pjsip_endpoint_identifier_ip.c: Add port matching support

Browse Source 
Adds source port matching support when IP matching is used:

  [example]
  type = identify
  match = 1.2.3.4:5060/32, 1.2.3.4:6000/32, asterisk.org:4444

If the IP matches but the source port does not, we reject and search for
alternatives. SRV lookups are still performed if enabled (srv_lookups = yes),
unless the configured FQDN includes a port number in which case just a host
lookup is performed.

ASTERISK-28639 #close
Reported by: Mitch Claborn

Change-Id: I256d5bd5d478b95f526e2f80ace31b690eebba92
This commit is contained in:
Sean Bright
2019-12-24 10:16:23 -05:00
parent 7c227aa130
commit f8b0c2c933
5 changed files with 120 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
include/asterisk/acl.h
View File

@@ -134,6 +134,29 @@ void ast_copy_ha(const struct ast_ha *from, struct ast_ha *to);
*/
struct ast_ha *ast_append_ha(const char *sense, const char *stuff, struct ast_ha *path, int *error);
/*!
* \brief Add a new rule with optional port to a list of HAs
* \since 13.31.0, 16.8.0, 17.2.0
*
* \details
* This adds the new host access rule to the end of the list
* whose head is specified by the path parameter. Rules are
* evaluated in a way such that if multiple rules apply to
* a single IP address/subnet mask, then the rule latest
* in the list will be used.
*
* \param sense Either "permit" or "deny" (Actually any 'p' word will result
* in permission, and any other word will result in denial)
* \param stuff The IP address and subnet mask, separated with a '/'. The subnet
* mask can either be in dotted-decimal format or in CIDR notation (i.e. 0-32). A
* port can be provided by placing it after the IP address, separated with a ':'.
* \param path The head of the HA list to which we wish to append our new rule. If
* NULL is passed, then the new rule will become the head of the list
* \param[out] error The integer error points to will be set non-zero if an error occurs
* \return The head of the HA list
*/
struct ast_ha *ast_append_ha_with_port(const char *sense, const char *stuff, struct ast_ha *path, int *error);
/*!
* \brief Convert HAs to a comma separated string value
* \param ha the starting ha head