Fix error with mixed address family ACLs.

Prior to this commit, the address family of the first item in an ACL
was used to compare all incoming traffic. This could lead to traffic
of other IP address families bypassing ACLs.

ASTERISK-24469 #close

Reported by Matt Jordan
Patches:
	ASTERISK-24469-11.diff uploaded by Matt Jordan (License #6283)

AST-2014-012

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@428402 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/main/acl.c b/main/acl.c
index bcb9770adb690f2aa6d6b1d83984daaba3f7efa6..55b6938c7ffeb68919c89c17ff974af981076e08 100644 (file)
--- a/main/acl.c
+++ b/main/acl.c
@@ -533,7 +533,7 @@ int ast_apply_ha(const struct ast_ha *ha, const struct ast_sockaddr *addr)
                ast_copy_string(iabuf2, ast_inet_ntoa(ha->netaddr), sizeof(iabuf2));
                ast_debug(1, "##### Testing %s with %s\n", iabuf, iabuf2);
 #endif
-               if (ast_sockaddr_is_ipv4(&ha->addr)) {
+               if (ast_sockaddr_is_ipv4(&current_ha->addr)) {
                        if (ast_sockaddr_is_ipv6(addr)) {
                                if (ast_sockaddr_is_ipv4_mapped(addr)) {
                                        /* IPv4 ACLs apply to IPv4-mapped addresses */