From: Russell Bryant <russell@russellbryant.com>
Date: Mon, 13 Aug 2007 20:18:30 +0000 (+0000)
Subject: Release the pvt lock before calling find_peer in register_verify to avoid a
X-Git-Tag: 1.4.12.1~252
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=68faf6381192cb0dd43840042a8933b42cc3fc9a;p=thirdparty%2Fasterisk.git

Release the pvt lock before calling find_peer in register_verify to avoid a
deadlock.  Also, remove some unnecessary locking in auth_fail that was only done
recursively.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@79276 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---

diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c
index 0080384beb..1ad1dc9a91 100644
--- a/channels/chan_iax2.c
+++ b/channels/chan_iax2.c
@@ -5063,10 +5063,11 @@ static int register_verify(int callno, struct sockaddr_in *sin, struct iax_ies *
 	}
 
 	/* SLD: first call to lookup peer during registration */
+	ast_mutex_unlock(&iaxsl[callno]);
 	p = find_peer(peer, 1);
-
-	if (!p) {
-		if (authdebug)
+	ast_mutex_lock(&iaxsl[callno]);
+	if (!p || !iaxs[callno]) {
+		if (authdebug && !p)
 			ast_log(LOG_NOTICE, "No registration for peer '%s' (from %s)\n", peer, ast_inet_ntoa(sin->sin_addr));
 		return -1;
 	}
@@ -5173,8 +5174,8 @@ static int register_verify(int callno, struct sockaddr_in *sin, struct iax_ies *
 
 	if (ast_test_flag(p, IAX_TEMPONLY))
 		destroy_peer(p);
+
 	return 0;
-	
 }
 
 static int authenticate(const char *challenge, const char *secret, const char *keyn, int authmethods, struct iax_ie_data *ied, struct sockaddr_in *sin, aes_encrypt_ctx *ecx, aes_decrypt_ctx *dcx)
@@ -5909,7 +5910,6 @@ static int auth_fail(int callno, int failcode)
 {
 	/* Schedule sending the authentication failure in one second, to prevent
 	   guessing */
-	ast_mutex_lock(&iaxsl[callno]);
 	if (iaxs[callno]) {
 		iaxs[callno]->authfail = failcode;
 		if (delayreject) {
@@ -5919,7 +5919,6 @@ static int auth_fail(int callno, int failcode)
 		} else
 			auth_reject((void *)(long)callno);
 	}
-	ast_mutex_unlock(&iaxsl[callno]);
 	return 0;
 }
 
@@ -7618,10 +7617,18 @@ retryowner2:
 				if (delayreject)
 					send_command_immediate(iaxs[fr->callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr->ts, NULL, 0,fr->iseqno);
 				if (register_verify(fr->callno, &sin, &ies)) {
+					if (!iaxs[fr->callno]) {
+						ast_mutex_unlock(&iaxsl[fr->callno]);
+						return 1;
+					}
 					/* Send delayed failure */
 					auth_fail(fr->callno, IAX_COMMAND_REGREJ);
 					break;
 				}
+				if (!iaxs[fr->callno]) {
+					ast_mutex_unlock(&iaxsl[fr->callno]);
+					return 1;
+				}
 				if ((ast_strlen_zero(iaxs[fr->callno]->secret) && ast_strlen_zero(iaxs[fr->callno]->inkeys)) || 
 						ast_test_flag(&iaxs[fr->callno]->state, IAX_STATE_AUTHENTICATED | IAX_STATE_UNCHANGED)) {
 					if (f.subclass == IAX_COMMAND_REGREL)