Merged revisions 170588 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.4

........
  r170588 | tilghman | 2009-01-23 13:20:44 -0600 (Fri, 23 Jan 2009) | 2 lines

  Additions to AST-2009-001
........

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@170608 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c
index c1e3b0f5f3edd735e0b5e0f456912f825a44ecf5..36a513f7177a3b89b86446324c5e29bd443bb8a1 100644 (file)
--- a/channels/chan_iax2.c
+++ b/channels/chan_iax2.c
@@ -6504,6 +6504,10 @@ static int register_verify(int callno, struct sockaddr_in *sin, struct iax_ies *
        p = find_peer(peer, 1);
        ast_mutex_lock(&iaxsl[callno]);
        if (!p || !iaxs[callno]) {
+               if (iaxs[callno]) {
+                       /* Anything, as long as it's non-blank */
+                       ast_string_field_set(iaxs[callno], secret, "badsecret");
+               }
                if (authdebug && !p)
                        ast_log(LOG_NOTICE, "No registration for peer '%s' (from %s)\n", peer, ast_inet_ntoa(sin->sin_addr));
                goto return_unref;
@@ -6583,21 +6587,24 @@ static int register_verify(int callno, struct sockaddr_in *sin, struct iax_ies *
                        goto return_unref;
                } else
                        ast_set_flag(&iaxs[callno]->state, IAX_STATE_AUTHENTICATED);
-       } else if (!ast_strlen_zero(md5secret) || !ast_strlen_zero(secret)) {
-               if (authdebug)
-                       ast_log(LOG_NOTICE, "Inappropriate authentication received\n");
+       } else if (!ast_strlen_zero(p->secret) || !ast_strlen_zero(p->inkeys)) {
+               if (authdebug &&
+                               ((!ast_strlen_zero(p->secret) && (p->authmethods & IAX_AUTH_MD5) && !ast_strlen_zero(iaxs[callno]->challenge)) ||
+                                (!ast_strlen_zero(p->inkeys) && (p->authmethods & IAX_AUTH_RSA) && !ast_strlen_zero(iaxs[callno]->challenge)))) {
+                       ast_log(LOG_NOTICE, "Inappropriate authentication received for '%s'\n", p->name);
+               }
                goto return_unref;
        }
+       ast_devstate_changed(AST_DEVICE_UNKNOWN, "IAX2/%s", p->name); /* Activate notification */
+
+return_unref:
        ast_string_field_set(iaxs[callno], peer, peer);
        /* Choose lowest expiry number */
        if (expire && (expire < iaxs[callno]->expiry)) 
                iaxs[callno]->expiry = expire;
 
-       ast_devstate_changed(AST_DEVICE_UNKNOWN, "IAX2/%s", p->name); /* Activate notification */
-
        res = 0;
 
-return_unref:
        if (p)
                peer_unref(p);
 
@@ -7333,7 +7340,6 @@ static int registry_authrequest(int callno)
        struct iax2_peer *p;
        char challenge[10];
        const char *peer_name;
-       int res = -1;
        int sentauthmethod;
 
        peer_name = ast_strdupa(iaxs[callno]->peer);
@@ -7347,11 +7353,7 @@ static int registry_authrequest(int callno)
        ast_mutex_lock(&iaxsl[callno]);
        if (!iaxs[callno])
                goto return_unref;
-       if (!p && !delayreject) {
-               ast_log(LOG_WARNING, "No such peer '%s'\n", peer_name);
-               goto return_unref;
-       }
-       
+
        memset(&ied, 0, sizeof(ied));
        /* The selection of which delayed reject is sent may leak information,
         * if it sets a static response.  For example, if a host is known to only
@@ -7369,12 +7371,12 @@ static int registry_authrequest(int callno)
        }
        iax_ie_append_str(&ied, IAX_IE_USERNAME, peer_name);
 
-       res = 0;
-
 return_unref:
-       peer_unref(p);
+       if (p) {
+               peer_unref(p);
+       }
 
-       return res ? res : send_command(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_REGAUTH, 0, ied.buf, ied.pos, -1);;
+       return iaxs[callno] ? send_command(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_REGAUTH, 0, ied.buf, ied.pos, -1) : -1;
 }
 
 static int registry_rerequest(struct iax_ies *ies, int callno, struct sockaddr_in *sin)