Message ID | 20160830165222.pAgDVdNXQ%marcoangaroni@gmail.com |
---|---|
State | Accepted |
Delegated to: | Pablo Neira |
Headers | show |
On Tue, Aug 30, 2016 at 06:52:22PM +0200, Marco Angaroni wrote: > Current parsing methods for SIP headers do not allow the presence of > tab characters between header name and header value. As a result Call-ID > SIP headers like the following are discarded by IPVS SIP persistence > engine: > > "Call-ID\t: mycallid@abcde" > "Call-ID:\tmycallid@abcde" > > In above examples Call-IDs are represented as strings in C language. > Obviously in real message we have byte "09" before/after colon (":"). > > Proposed fix is in nf_conntrack_sip module. > Function sip_skip_whitespace() should skip tabs in addition to spaces, > since in SIP grammar whitespace (WSP) corresponds to space or tab. > > Below is an extract of relevant SIP ABNF syntax. > > Call-ID = ( "Call-ID" / "i" ) HCOLON callid > callid = word [ "@" word ] > > HCOLON = *( SP / HTAB ) ":" SWS > SWS = [LWS] ; sep whitespace > LWS = [*WSP CRLF] 1*WSP ; linear whitespace > WSP = SP / HTAB > word = 1*(alphanum / "-" / "." / "!" / "%" / "*" / > "_" / "+" / "`" / "'" / "~" / > "(" / ")" / "<" / ">" / > ":" / "\" / DQUOTE / > "/" / "[" / "]" / "?" / > "{" / "}" ) Applied this one too. I got confused because patch 0/x is usually the cover letter, I suggest you don't use 0/x for patch series in the future. Thanks! -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
2016-09-07 13:56 GMT+02:00 Pablo Neira Ayuso <pablo@netfilter.org>: > Applied this one too. I got confused because patch 0/x is usually the > cover letter, I suggest you don't use 0/x for patch series in the future. Understood, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c index f72ba55..4acd60e 100644 --- a/net/netfilter/nf_conntrack_sip.c +++ b/net/netfilter/nf_conntrack_sip.c @@ -329,7 +329,7 @@ static const char *sip_follow_continuation(const char *dptr, const char *limit) static const char *sip_skip_whitespace(const char *dptr, const char *limit) { for (; dptr < limit; dptr++) { - if (*dptr == ' ') + if (*dptr == ' ' || *dptr == '\t') continue; if (*dptr != '\r' && *dptr != '\n') break;
Current parsing methods for SIP headers do not allow the presence of tab characters between header name and header value. As a result Call-ID SIP headers like the following are discarded by IPVS SIP persistence engine: "Call-ID\t: mycallid@abcde" "Call-ID:\tmycallid@abcde" In above examples Call-IDs are represented as strings in C language. Obviously in real message we have byte "09" before/after colon (":"). Proposed fix is in nf_conntrack_sip module. Function sip_skip_whitespace() should skip tabs in addition to spaces, since in SIP grammar whitespace (WSP) corresponds to space or tab. Below is an extract of relevant SIP ABNF syntax. Call-ID = ( "Call-ID" / "i" ) HCOLON callid callid = word [ "@" word ] HCOLON = *( SP / HTAB ) ":" SWS SWS = [LWS] ; sep whitespace LWS = [*WSP CRLF] 1*WSP ; linear whitespace WSP = SP / HTAB word = 1*(alphanum / "-" / "." / "!" / "%" / "*" / "_" / "+" / "`" / "'" / "~" / "(" / ")" / "<" / ">" / ":" / "\" / DQUOTE / "/" / "[" / "]" / "?" / "{" / "}" ) Signed-off-by: Marco Angaroni <marcoangaroni@gmail.com> --- net/netfilter/nf_conntrack_sip.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)