Skip to content

Commit

Permalink
Only validate public address when IP address is supplied on TCP/TLS (…
Browse files Browse the repository at this point in the history
…#3599)

* Only validate public address when IP address is supplied on TCP/TLS

* Add doc

Change-Id: I9fd565eb33f09462bc5f6e57cdaf06afc9d67f9b
  • Loading branch information
trengginas authored and aberaud committed Feb 18, 2024
1 parent 7fa6e90 commit e12ea3b
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 13 deletions.
4 changes: 4 additions & 0 deletions pjsip/include/pjsip/sip_transport_tcp.h
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ typedef struct pjsip_tcp_transport_cfg
/**
* Optional published address, which is the address to be
* advertised as the address of this SIP transport.
* It can be set using IP address or hostname.
* By default the bound address will be used as the published address.
*/
pjsip_host_port addr_name;
Expand Down Expand Up @@ -181,6 +182,7 @@ PJ_DECL(pj_status_t) pjsip_tcp_transport_start(pjsip_endpoint *endpt,
* selected by the operating system.
* @param a_name Optional published address, which is the address to be
* advertised as the address of this SIP transport.
* It can be set using IP address or hostname.
* If this argument is NULL, then the bound address
* will be used as the published address.
* @param async_cnt Number of simultaneous asynchronous accept()
Expand Down Expand Up @@ -248,6 +250,7 @@ PJ_DECL(pj_sock_t) pjsip_tcp_transport_get_socket(pjsip_transport *transport);
* selected by the operating system.
*
* @param a_name The published address for the listener.
* It can be set using IP address or hostname.
* If this argument is NULL, then the bound address will
* be used as the published address.
*
Expand All @@ -272,6 +275,7 @@ PJ_DECL(pj_status_t) pjsip_tcp_transport_lis_start(pjsip_tpfactory *factory,
* selected by the operating system.
*
* @param a_name The published address for the listener.
* It can be set using IP address or hostname.
* If this argument is NULL, then the bound address will
* be used as the published address.
*
Expand Down
4 changes: 4 additions & 0 deletions pjsip/include/pjsip/sip_transport_tls.h
Original file line number Diff line number Diff line change
Expand Up @@ -491,6 +491,7 @@ PJ_DECL(void) pjsip_tls_setting_wipe_keys(pjsip_tls_setting *opt);
* selected by the operating system.
* @param a_name Optional published address, which is the address to be
* advertised as the address of this SIP transport.
* It can be set using IP address or hostname.
* If this argument is NULL, then the bound address
* will be used as the published address.
* @param async_cnt Number of simultaneous asynchronous accept()
Expand Down Expand Up @@ -529,6 +530,7 @@ PJ_DECL(pj_status_t) pjsip_tls_transport_start(pjsip_endpoint *endpt,
* selected by the operating system.
* @param a_name Optional published address, which is the address to be
* advertised as the address of this SIP transport.
* It can be set using IP address or hostname.
* If this argument is NULL, then the bound address
* will be used as the published address.
* @param async_cnt Number of simultaneous asynchronous accept()
Expand Down Expand Up @@ -565,6 +567,7 @@ PJ_DECL(pj_status_t) pjsip_tls_transport_start2(pjsip_endpoint *endpt,
* selected by the operating system.
*
* @param a_name The published address for the listener.
* It can be set using IP address or hostname.
* If this argument is NULL, then the bound address will
* be used as the published address.
*
Expand All @@ -590,6 +593,7 @@ PJ_DECL(pj_status_t) pjsip_tls_transport_lis_start(pjsip_tpfactory *factory,
* selected by the operating system.
*
* @param a_name The published address for the listener.
* It can be set using IP address or hostname.
* If this argument is NULL, then the bound address will
* be used as the published address.
*
Expand Down
20 changes: 13 additions & 7 deletions pjsip/src/pjsip/sip_transport_tcp.c
Original file line number Diff line number Diff line change
Expand Up @@ -274,14 +274,20 @@ static pj_status_t update_factory_addr(struct tcp_listener *listener,
pj_sockaddr tmp;
int af = pjsip_transport_type_get_af(listener->factory.type);

/* Verify that address given in a_name (if any) is valid */
status = pj_sockaddr_init(af, &tmp, &addr_name->host,
(pj_uint16_t)addr_name->port);
if (status != PJ_SUCCESS || !pj_sockaddr_has_addr(&tmp) ||
(af == pj_AF_INET() && tmp.ipv4.sin_addr.s_addr == PJ_INADDR_NONE))
tmp.addr.sa_family = (pj_uint16_t)af;

/* Validate IP address only */
if (pj_inet_pton(af, &addr_name->host, pj_sockaddr_get_addr(&tmp)) == PJ_SUCCESS)
{
/* Invalid address */
return PJ_EINVAL;
/* Verify that address given in a_name (if any) is valid */
status = pj_sockaddr_init(af, &tmp, &addr_name->host,
(pj_uint16_t)addr_name->port);
if (status != PJ_SUCCESS || !pj_sockaddr_has_addr(&tmp) ||
(af == pj_AF_INET() && tmp.ipv4.sin_addr.s_addr == PJ_INADDR_NONE))
{
/* Invalid address */
return PJ_EINVAL;
}
}

/* Copy the address */
Expand Down
19 changes: 13 additions & 6 deletions pjsip/src/pjsip/sip_transport_tls.c
Original file line number Diff line number Diff line change
Expand Up @@ -375,13 +375,20 @@ static pj_status_t update_factory_addr(struct tls_listener *listener,
pj_sockaddr tmp;
int af = pjsip_transport_type_get_af(listener->factory.type);

status = pj_sockaddr_init(af, &tmp, &addr_name->host,
(pj_uint16_t)addr_name->port);
if (status != PJ_SUCCESS || !pj_sockaddr_has_addr(&tmp) ||
(af == pj_AF_INET() && tmp.ipv4.sin_addr.s_addr == PJ_INADDR_NONE))
tmp.addr.sa_family = af;

/* Validate IP address only */
if (pj_inet_pton(af, &addr_name->host, pj_sockaddr_get_addr(&tmp)) == PJ_SUCCESS)
{
/* Invalid address */
return PJ_EINVAL;
/* Verify that address given in a_name (if any) is valid */
status = pj_sockaddr_init(af, &tmp, &addr_name->host,
(pj_uint16_t)addr_name->port);
if (status != PJ_SUCCESS || !pj_sockaddr_has_addr(&tmp) ||
(af == pj_AF_INET() && tmp.ipv4.sin_addr.s_addr == PJ_INADDR_NONE))
{
/* Invalid address */
return PJ_EINVAL;
}
}

/* Copy the address */
Expand Down

0 comments on commit e12ea3b

Please sign in to comment.