netfilter: nf_ct_sip: correct allowed characters in Call-ID SIP header
Current parsing methods for SIP header Call-ID do not check correctly all characters allowed by RFC 3261. In particular "," character is allowed instead of "'" character. As a result Call-ID headers like the following are discarded by IPVS SIP persistence engine. Call-ID: -.!%*_+`'~()<>:\"/[]?{} Above example is composed using all non-alphanumeric characters listed in RFC 3261 for Call-ID header syntax. Proposed fix is in nf_conntrack_sip module; function iswordc() checks this range: (c >= '(' && c <= '/') which includes these characters: ()*+,-./ They are all allowed except ",". Instead "'" is not included in the list. Below is an extract of relevant SIP ABNF syntax. Call-ID = ( "Call-ID" / "i" ) HCOLON callid callid = word [ "@" word ] HCOLON = *( SP / HTAB ) ":" SWS SWS = [LWS] ; sep whitespace LWS = [*WSP CRLF] 1*WSP ; linear whitespace WSP = SP / HTAB word = 1*(alphanum / "-" / "." / "!" / "%" / "*" / "_" / "+" / "`" / "'" / "~" / "(" / ")" / "<" / ">" / ":" / "\" / DQUOTE / "/" / "[" / "]" / "?" / "{" / "}" ) Signed-off-by: Marco Angaroni <marcoangaroni@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
68cb9fe47e
commit
f0608ceaa7
@ -83,9 +83,10 @@ static int digits_len(const struct nf_conn *ct, const char *dptr,
|
||||
static int iswordc(const char c)
|
||||
{
|
||||
if (isalnum(c) || c == '!' || c == '"' || c == '%' ||
|
||||
(c >= '(' && c <= '/') || c == ':' || c == '<' || c == '>' ||
|
||||
(c >= '(' && c <= '+') || c == ':' || c == '<' || c == '>' ||
|
||||
c == '?' || (c >= '[' && c <= ']') || c == '_' || c == '`' ||
|
||||
c == '{' || c == '}' || c == '~')
|
||||
c == '{' || c == '}' || c == '~' || (c >= '-' && c <= '/') ||
|
||||
c == '\'')
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user