git:master:20d0a188: tls: if port is 0 in tls client profile cfg definition, ignore matching port
Module: kamailio Branch: master Commit: 20d0a188701127dae34dd40d7f14be0037d0b888 URL: https://github.com/kamailio/kamailio/commit/20d0a188701127dae34dd40d7f14be00...
Author: Daniel-Constantin Mierla miconda@gmail.com Committer: Daniel-Constantin Mierla miconda@gmail.com Date: 2015-02-24T12:29:51+01:00
tls: if port is 0 in tls client profile cfg definition, ignore matching port
- tcp port can be randomly allocated by OS, making hard to guess it in advance
---
Modified: modules/tls/tls_domain.c Modified: modules/tls/tls_server.c
---
Diff: https://github.com/kamailio/kamailio/commit/20d0a188701127dae34dd40d7f14be00... Patch: https://github.com/kamailio/kamailio/commit/20d0a188701127dae34dd40d7f14be00...
---
diff --git a/modules/tls/tls_domain.c b/modules/tls/tls_domain.c index e31a4fe..0d95a62 100644 --- a/modules/tls/tls_domain.c +++ b/modules/tls/tls_domain.c @@ -1308,7 +1308,7 @@ tls_domain_t* tls_lookup_cfg(tls_domains_cfg_t* cfg, int type, p->server_name.len, ZSW(p->server_name.s), sname->len, ZSW(sname->s)); } - if ((p->port == port) && ip_addr_cmp(&p->ip, ip)) { + if ((p->port==0 || p->port == port) && ip_addr_cmp(&p->ip, ip)) { if(sname && sname->len>0) { if(p->server_name.len==sname->len && strncasecmp(p->server_name.s, sname->s, sname->len)==0) { diff --git a/modules/tls/tls_server.c b/modules/tls/tls_server.c index 28cf1a3..26872c9 100644 --- a/modules/tls/tls_server.c +++ b/modules/tls/tls_server.c @@ -196,16 +196,8 @@ static int tls_complete_init(struct tcp_connection* c) } else { state=S_TLS_CONNECTING; sname = tls_get_connect_server_name(); - if(&c->rcv.bind_address!=NULL) { - /* if there is a bind_address, use it, because the src port - * for connection can be randomly assigned by OS */ - dom = tls_lookup_cfg(cfg, TLS_DOMAIN_CLI, - &c->rcv.bind_address->address, - c->rcv.bind_address->port_no, sname); - } else { - dom = tls_lookup_cfg(cfg, TLS_DOMAIN_CLI, + dom = tls_lookup_cfg(cfg, TLS_DOMAIN_CLI, &c->rcv.dst_ip, c->rcv.dst_port, sname); - } } if (unlikely(c->state<0)) { BUG("Invalid connection (state %d)\n", c->state);
-
Daniel-Constantin Mierla