Commit c71529e4 authored by Herbert Xu's avatar Herbert Xu Committed by David S. Miller

netfilter: nf_nat_sip: c= is optional for session

According to RFC2327, the connection information is optional
in the session description since it can be specified in the
media description instead.

My provider does exactly that and does not provide any connection
information in the session description.  As a result the new
kernel drops all invite responses.

This patch makes it optional as documented.
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent db1a75bd
...@@ -318,11 +318,11 @@ static int mangle_content_len(struct sk_buff *skb, ...@@ -318,11 +318,11 @@ static int mangle_content_len(struct sk_buff *skb,
buffer, buflen); buffer, buflen);
} }
static unsigned mangle_sdp_packet(struct sk_buff *skb, const char **dptr, static int mangle_sdp_packet(struct sk_buff *skb, const char **dptr,
unsigned int dataoff, unsigned int *datalen, unsigned int dataoff, unsigned int *datalen,
enum sdp_header_types type, enum sdp_header_types type,
enum sdp_header_types term, enum sdp_header_types term,
char *buffer, int buflen) char *buffer, int buflen)
{ {
enum ip_conntrack_info ctinfo; enum ip_conntrack_info ctinfo;
struct nf_conn *ct = nf_ct_get(skb, &ctinfo); struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
...@@ -330,9 +330,9 @@ static unsigned mangle_sdp_packet(struct sk_buff *skb, const char **dptr, ...@@ -330,9 +330,9 @@ static unsigned mangle_sdp_packet(struct sk_buff *skb, const char **dptr,
if (ct_sip_get_sdp_header(ct, *dptr, dataoff, *datalen, type, term, if (ct_sip_get_sdp_header(ct, *dptr, dataoff, *datalen, type, term,
&matchoff, &matchlen) <= 0) &matchoff, &matchlen) <= 0)
return 0; return -ENOENT;
return mangle_packet(skb, dptr, datalen, matchoff, matchlen, return mangle_packet(skb, dptr, datalen, matchoff, matchlen,
buffer, buflen); buffer, buflen) ? 0 : -EINVAL;
} }
static unsigned int ip_nat_sdp_addr(struct sk_buff *skb, const char **dptr, static unsigned int ip_nat_sdp_addr(struct sk_buff *skb, const char **dptr,
...@@ -346,8 +346,8 @@ static unsigned int ip_nat_sdp_addr(struct sk_buff *skb, const char **dptr, ...@@ -346,8 +346,8 @@ static unsigned int ip_nat_sdp_addr(struct sk_buff *skb, const char **dptr,
unsigned int buflen; unsigned int buflen;
buflen = sprintf(buffer, NIPQUAD_FMT, NIPQUAD(addr->ip)); buflen = sprintf(buffer, NIPQUAD_FMT, NIPQUAD(addr->ip));
if (!mangle_sdp_packet(skb, dptr, dataoff, datalen, type, term, if (mangle_sdp_packet(skb, dptr, dataoff, datalen, type, term,
buffer, buflen)) buffer, buflen))
return 0; return 0;
return mangle_content_len(skb, dptr, datalen); return mangle_content_len(skb, dptr, datalen);
...@@ -381,15 +381,27 @@ static unsigned int ip_nat_sdp_session(struct sk_buff *skb, const char **dptr, ...@@ -381,15 +381,27 @@ static unsigned int ip_nat_sdp_session(struct sk_buff *skb, const char **dptr,
/* Mangle session description owner and contact addresses */ /* Mangle session description owner and contact addresses */
buflen = sprintf(buffer, "%u.%u.%u.%u", NIPQUAD(addr->ip)); buflen = sprintf(buffer, "%u.%u.%u.%u", NIPQUAD(addr->ip));
if (!mangle_sdp_packet(skb, dptr, dataoff, datalen, if (mangle_sdp_packet(skb, dptr, dataoff, datalen,
SDP_HDR_OWNER_IP4, SDP_HDR_MEDIA, SDP_HDR_OWNER_IP4, SDP_HDR_MEDIA,
buffer, buflen)) buffer, buflen))
return 0; return 0;
if (!mangle_sdp_packet(skb, dptr, dataoff, datalen, switch (mangle_sdp_packet(skb, dptr, dataoff, datalen,
SDP_HDR_CONNECTION_IP4, SDP_HDR_MEDIA, SDP_HDR_CONNECTION_IP4, SDP_HDR_MEDIA,
buffer, buflen)) buffer, buflen)) {
case 0:
/*
* RFC 2327:
*
* Session description
*
* c=* (connection information - not required if included in all media)
*/
case -ENOENT:
break;
default:
return 0; return 0;
}
return mangle_content_len(skb, dptr, datalen); return mangle_content_len(skb, dptr, datalen);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment