diff options
author | Patrick McHardy <kaber@trash.net> | 2008-03-25 20:18:40 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-03-25 20:18:40 -0700 |
commit | ac3677406d4e36e86b1eb5a453997a3b3e0c089a (patch) | |
tree | f67f28c542cf7adfde72af692892b2156f30e922 /net/ipv4 | |
parent | 3e9b4600b4e71beaa9d943251bfe9c25f6a97b8c (diff) | |
download | op-kernel-dev-ac3677406d4e36e86b1eb5a453997a3b3e0c089a.zip op-kernel-dev-ac3677406d4e36e86b1eb5a453997a3b3e0c089a.tar.gz |
[NETFILTER]: nf_conntrack_sip: kill request URI "header" definitions
The request URI is not a header and needs to be treated differently than
real SIP headers. Add a seperate function for parsing it and get rid of
the POS_REQ_URI/POS_REG_REQ_URI definitions.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/netfilter/nf_nat_sip.c | 46 |
1 files changed, 24 insertions, 22 deletions
diff --git a/net/ipv4/netfilter/nf_nat_sip.c b/net/ipv4/netfilter/nf_nat_sip.c index aa8a4f4..60151b5 100644 --- a/net/ipv4/netfilter/nf_nat_sip.c +++ b/net/ipv4/netfilter/nf_nat_sip.c @@ -78,20 +78,17 @@ static unsigned int mangle_packet(struct sk_buff *skb, return 1; } -static int map_sip_addr(struct sk_buff *skb, - const char **dptr, unsigned int *datalen, - enum sip_header_pos pos, struct addr_map *map) +static int map_addr(struct sk_buff *skb, + const char **dptr, unsigned int *datalen, + unsigned int matchoff, unsigned int matchlen, + struct addr_map *map) { enum ip_conntrack_info ctinfo; - struct nf_conn *ct = nf_ct_get(skb, &ctinfo); + struct nf_conn *ct __maybe_unused = nf_ct_get(skb, &ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); - unsigned int matchlen, matchoff, addrlen; + unsigned int addrlen; char *addr; - if (ct_sip_get_info(ct, *dptr, *datalen, &matchoff, &matchlen, - pos) <= 0) - return 1; - if ((matchlen == map->addr[dir].srciplen || matchlen == map->addr[dir].srclen) && strncmp(*dptr + matchoff, map->addr[dir].src, matchlen) == 0) { @@ -109,13 +106,27 @@ static int map_sip_addr(struct sk_buff *skb, addr, addrlen); } +static int map_sip_addr(struct sk_buff *skb, + const char **dptr, unsigned int *datalen, + enum sip_header_pos pos, struct addr_map *map) +{ + enum ip_conntrack_info ctinfo; + struct nf_conn *ct = nf_ct_get(skb, &ctinfo); + unsigned int matchlen, matchoff; + + if (ct_sip_get_info(ct, *dptr, *datalen, &matchoff, &matchlen, + pos) <= 0) + return 1; + return map_addr(skb, dptr, datalen, matchoff, matchlen, map); +} + static unsigned int ip_nat_sip(struct sk_buff *skb, const char **dptr, unsigned int *datalen) { enum ip_conntrack_info ctinfo; struct nf_conn *ct = nf_ct_get(skb, &ctinfo); - enum sip_header_pos pos; struct addr_map map; + unsigned int matchoff, matchlen; if (*datalen < strlen("SIP/2.0")) return NF_ACCEPT; @@ -124,18 +135,9 @@ static unsigned int ip_nat_sip(struct sk_buff *skb, /* Basic rules: requests and responses. */ if (strnicmp(*dptr, "SIP/2.0", strlen("SIP/2.0")) != 0) { - /* 10.2: Constructing the REGISTER Request: - * - * The "userinfo" and "@" components of the SIP URI MUST NOT - * be present. - */ - if (*datalen >= strlen("REGISTER") && - strnicmp(*dptr, "REGISTER", strlen("REGISTER")) == 0) - pos = POS_REG_REQ_URI; - else - pos = POS_REQ_URI; - - if (!map_sip_addr(skb, dptr, datalen, pos, &map)) + if (ct_sip_parse_request(ct, *dptr, *datalen, + &matchoff, &matchlen) > 0 && + !map_addr(skb, dptr, datalen, matchoff, matchlen, &map)) return NF_DROP; } |