chan_sip: Peers with distinct source ports don't match, regardless of transport.
Previously, peers connected via TCP (or TLS) were matched by ignoring their source port. One cannot say anything when protocol:IP:port match, yes (see <http://stackoverflow.com/q/3329641>). However, when the ports do not match, the peers do not match as well. This change allows two peers connected to an Asterisk server via TCP (or TLS) behind a NAT (= same source IP address) to be differentiated via their port as well. ASTERISK-27457 Reported by: Stephane Chazelas Change-Id: Id190428bf1d931f2dbfd4b293f53ff8f20d98efa
This commit is contained in:
parent
075faac2fd
commit
b2c4e8660a
|
@ -34392,10 +34392,9 @@ static int peer_ipcmp_cb_full(void *obj, void *arg, void *data, int flags)
|
|||
}
|
||||
|
||||
/* We matched the IP, check to see if we need to match by port as well. */
|
||||
if ((peer->transports & peer2->transports) & (AST_TRANSPORT_TLS | AST_TRANSPORT_TCP)) {
|
||||
/* peer matching on port is not possible with TCP/TLS */
|
||||
return CMP_MATCH | CMP_STOP;
|
||||
} else if (ast_test_flag(&peer2->flags[0], SIP_INSECURE_PORT)) {
|
||||
if (((peer->transports & peer2->transports) &
|
||||
(AST_TRANSPORT_UDP | AST_TRANSPORT_WS | AST_TRANSPORT_WSS)) &&
|
||||
ast_test_flag(&peer2->flags[0], SIP_INSECURE_PORT)) {
|
||||
/* We are allowing match without port for peers configured that
|
||||
* way in this pass through the peers. */
|
||||
return ast_test_flag(&peer->flags[0], SIP_INSECURE_PORT) ?
|
||||
|
|
Loading…
Reference in New Issue