- deal with wildcard Contact header for unREGISTER

- enhanced security tests to survive the PROTOS test
2004-03-22 20:26:05 +00:00
parent ff23e0862d
commit 62b4f95e8d
5 changed files with 42 additions and 9 deletions
--- a/1
+++ b/1
@@ -1,6 +1,7 @@
 0.5.5
 =====
  22-Mar-2004:  - deal with wildcard Contact header for unREGISTER
+                - enhanced security tests to survive the PROTOS test
  21-Mar-2004:  - added ./autogen.sh
                - security_check_sip: check existence of mandatory headers
  19-Mar-2004:  - proxy_rewrite_invitation_body: check success of
--- a/src/proxy.c
+++ b/src/proxy.c
@@ -750,7 +750,6 @@ int proxy_response (osip_message_t *response, struct sockaddr_in *from) {
      /* rewrite Contact header to represent the masqued address */
      sip_rewrite_contact(response, DIR_OUTGOING);

-      #define satoi atoi  /* used in MSG_TEST_CODE macro ... */
      /* If an 200 OK or 183 Trying answer to an INVITE request,
       * rewrite body */
      if ((MSG_IS_RESPONSE_FOR(response,"INVITE")) &&
--- a/src/security.c
+++ b/src/security.c
@@ -39,19 +39,38 @@ static char const ident[]="$Id: " __FILE__ ": " PACKAGE "-" VERSION "-"

 /*
 * do security and integrity checks on the received packet
- * (raw buffer)
+ * (raw buffer, \0 terminated)
 *
 * RETURNS
 *	STS_SUCCESS if ok 
 * 	STS_FAILURE if the packed did not pass the checks
 */
-int security_check_raw(char *sip_buffer, int size){
+int security_check_raw(char *sip_buffer, int size) {
+   char *p1=NULL, *p2=NULL;

+   DEBUGC(DBCLASS_BABBLE,"security_check_raw: size=%i", size);
   /*
    * empiric: size must be >= 16 bytes
    *   2 byte <CR><LF> packets have been seen in the wild
    */
-   if (size<16) return STS_FAILURE;
+   if (size<SEC_MINLEN) return STS_FAILURE;
+
+   /*
+    * make sure no line (up to the next CRLF) is longer than allowed
+    * empiric: a line should not be longer than 256 characters
+    * (libosip may die with "virtual memory exhausted" otherwise)
+    * Ref: protos test suite c07-sip-r2.jar, test case 203
+    */
+   for (p1=sip_buffer; (p1+SEC_MAXLINELEN) < (sip_buffer+size); p1=p2+1) {
+      p2=strchr(p1, 10);
+      if ((p2 == 0) ||                  /* no CRLF found */
+          (p2-p1) > SEC_MAXLINELEN) {   /* longer than allowed */
+         DEBUGC(DBCLASS_SIP,"security_check_raw: line too long or no "
+                            "CRLF found");
+         return STS_FAILURE;
+      }
+   }
+      

   /* TODO: still way to go here ... */
   return STS_SUCCESS;
@@ -222,11 +241,12 @@ RFC 3261            SIP: Session Initiation Protocol           June 2002

  /*
   * check for existing Contact: header
-   * according to RFC3261 not mandatory, but siproxd relies on it...
+   * according to RFC3261 not mandatory, but siproxd relies on it
+   * on REGISTER...
   */
-   if ((sip->contacts==NULL)||
+   if (MSG_IS_REGISTER(sip) && ((sip->contacts==NULL)||
       (sip->contacts->node==NULL)||(sip->contacts->node->element==NULL)||
-       ((osip_contact_t*)(sip->contacts->node->element))->url==NULL) {
+       ((osip_contact_t*)(sip->contacts->node->element))->url==NULL)) {
      ERROR("security check failed: NULL Contact Header");
      return STS_FAILURE;
   }
--- a/src/siproxd.c
+++ b/src/siproxd.c
@@ -320,8 +320,14 @@ int main (int argc, char *argv[])
       * (check for loop and return 482 if a loop is detected)
       */
      if (check_vialoop(my_msg) == STS_TRUE) {
-         DEBUGC(DBCLASS_SIP,"via loop detected, ignoring request");
-         sip_gen_response(my_msg, 482 /*Loop detected*/);
+         /* make sure we don't end up in endless loop when detecting
+          * an loop in an "loop detected" message - brrr */
+         if (MSG_IS_RESPONSE(my_msg) && MSG_TEST_CODE(my_msg, 482)) {
+            DEBUGC(DBCLASS_SIP,"loop in loop-response detected, ignoring");
+         } else {
+            DEBUGC(DBCLASS_SIP,"via loop detected, ignoring request");
+            sip_gen_response(my_msg, 482 /*Loop detected*/);
+         }
         goto end_loop; /* skip and free resources */
      }

--- a/src/siproxd.h
+++ b/src/siproxd.h
@@ -183,6 +183,11 @@ struct siproxd_config {
   #define GETHOSTBYNAME_BUFLEN 1024
 #endif

+/* constants for security testing */
+#define SEC_MINLEN	16	/* minimum received length */
+#define SEC_MAXLINELEN	256	/* maximum acceptable length of one line
+				   in the SIP telegram (security check) */
+
 /* symbols for access control */
 #define ACCESSCTL_SIP	1	/* for access control - SIP allowed	*/
 #define ACCESSCTL_REG	2	/* --"--              - registr. allowed */
@@ -198,3 +203,5 @@ struct siproxd_config {
 #define DIR_INCOMING	1
 #define DIR_OUTGOING	2

+/* various */
+#define satoi atoi  /* used in libosips MSG_TEST_CODE macro ... */