-
Walter Doekes authored
In 2dee95cc (ASTERISK-27024) and 776ffd77 (ASTERISK-26879) there was confusion about whether the transport_state->localnet ACL has ALLOW or DENY semantics. For the record: the localnet has DENY semantics, meaning that "not in the list" means ALLOW, and the local nets are in the list. Therefore, checks like this look wrong, but are right: /* See if where we are sending this request is local or not, and if not that we can get a Contact URI to modify */ if (ast_apply_ha(transport_state->localnet, &addr) != AST_SENSE_ALLOW) { ast_debug(5, "Request is being sent to local address, " "skipping NAT manipulation\n"); (In the list == localnet == DENY == skip NAT manipulation.) And conversely, other checks that looked right, were wrong. This change adds two macro's to reduce the confusion and uses those instead: ast_sip_transport_is_nonlocal(transport_state, addr) ast_sip_transport_is_local(transport_state, addr) ASTERISK-27248 #close Change-Id: Ie7767519eb5a822c4848e531a53c0fd054fae934
Walter Doekes authoredIn 2dee95cc (ASTERISK-27024) and 776ffd77 (ASTERISK-26879) there was confusion about whether the transport_state->localnet ACL has ALLOW or DENY semantics. For the record: the localnet has DENY semantics, meaning that "not in the list" means ALLOW, and the local nets are in the list. Therefore, checks like this look wrong, but are right: /* See if where we are sending this request is local or not, and if not that we can get a Contact URI to modify */ if (ast_apply_ha(transport_state->localnet, &addr) != AST_SENSE_ALLOW) { ast_debug(5, "Request is being sent to local address, " "skipping NAT manipulation\n"); (In the list == localnet == DENY == skip NAT manipulation.) And conversely, other checks that looked right, were wrong. This change adds two macro's to reduce the confusion and uses those instead: ast_sip_transport_is_nonlocal(transport_state, addr) ast_sip_transport_is_local(transport_state, addr) ASTERISK-27248 #close Change-Id: Ie7767519eb5a822c4848e531a53c0fd054fae934
acl.c 25.55 KiB