From 1824c2f6308dd8ef6b4077b0e58de666d56f927e Mon Sep 17 00:00:00 2001
From: "Kevin P. Fleming" <kpfleming@digium.com>
Date: Mon, 29 Aug 2005 22:39:39 +0000
Subject: [PATCH] encode/decode URIs in 'pedantic' mode (issue #3923)

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6441 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 channels/chan_sip.c      |  87 +++++++++------
 include/asterisk/utils.h |  28 ++++-
 utils.c                  | 226 +++++++++++++++++++++++++--------------
 3 files changed, 224 insertions(+), 117 deletions(-)

diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 3170111401..c86b0bded1 100755
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -1407,23 +1407,6 @@ static int send_request(struct sip_pvt *p, struct sip_request *req, int reliable
 	return res;
 }
 
-/*--- url_decode: Decode SIP URL (overwrite the string)  ---*/
-static void url_decode(char *s) 
-{
-	char *o;
-	unsigned int tmp;
-
-	for (o = s; *s; s++, o++) {
-		if (*s == '%' && strlen(s) > 2 && sscanf(s + 1, "%2x", &tmp) == 1) {
-			/* have '%', two chars and correct parsing */
-			*o = tmp;
-			s += 2;	/* Will be incremented once more when we break out */
-		} else /* all other cases, just copy */
-			*o = *s;
-	}
-	*o = '\0';
-}
-
 /*--- get_in_brackets: Pick out text in brackets from character string ---*/
 /* returns pointer to terminated stripped string. modifies input string. */
 static char *get_in_brackets(char *tmp)
@@ -4348,15 +4331,16 @@ static void build_contact(struct sip_pvt *p)
 		snprintf(p->our_contact, sizeof(p->our_contact), "<sip:%s%s%s>", p->exten, ast_strlen_zero(p->exten) ? "" : "@", ast_inet_ntoa(iabuf, sizeof(iabuf), p->ourip));
 }
 
-/*--- initreqprep: Initiate SIP request to peer/user ---*/
+/*--- initreqprep: Initiate new SIP request to peer/user ---*/
 static void initreqprep(struct sip_request *req, struct sip_pvt *p, int sipmethod, char *vxml_url)
 {
-	char invite[256]="";
+	char invite[256] = "";
 	char from[256];
 	char to[256];
-	char tmp[80];
+	char tmp[BUFSIZ/2];
+	char tmp2[BUFSIZ/2];
 	char iabuf[INET_ADDRSTRLEN];
-	char *l = default_callerid, *n=NULL;
+	char *l = default_callerid, *n = NULL;
 	int x;
 	char urioptions[256]="";
 
@@ -4372,7 +4356,7 @@ static void initreqprep(struct sip_request *req, struct sip_pvt *p, int sipmetho
         	if (p->username && p->username[0] == '+')
 			x=1;
 
-		for (; x<strlen(p->username); x++) {
+		for (; x < strlen(p->username); x++) {
 			if (!strchr(AST_DIGIT_ANYNUM, p->username[x])) {
                 		onlydigits = 0;
 				break;
@@ -4412,8 +4396,15 @@ static void initreqprep(struct sip_request *req, struct sip_pvt *p, int sipmetho
 	else /* Save for any further attempts */
 		ast_copy_string(p->fromname, n, sizeof(p->fromname));
 
+	if (pedanticsipchecking) {
+		ast_uri_encode(n, tmp, sizeof(tmp), 0);
+		n = tmp;
+		ast_uri_encode(l, tmp2, sizeof(tmp2), 0);
+		l = tmp2;
+	}
+
 	if ((ourport != 5060) && ast_strlen_zero(p->fromdomain))	/* Needs to be 5060 */
-		snprintf(from, sizeof(from), "\"%s\" <sip:%s@%s:%d>;tag=as%08x", n, l, ast_strlen_zero(p->fromdomain) ? ast_inet_ntoa(iabuf, sizeof(iabuf), p->ourip) : p->fromdomain, ourport, p->tag);
+		snprintf(from, sizeof(from), "\"%s\" <sip:%s@%s:%d>;tag=as%08x", tmp, l, ast_strlen_zero(p->fromdomain) ? ast_inet_ntoa(iabuf, sizeof(iabuf), p->ourip) : p->fromdomain, ourport, p->tag);
 	else
 		snprintf(from, sizeof(from), "\"%s\" <sip:%s@%s>;tag=as%08x", n, l, ast_strlen_zero(p->fromdomain) ? ast_inet_ntoa(iabuf, sizeof(iabuf), p->ourip) : p->fromdomain, p->tag);
 
@@ -4423,10 +4414,15 @@ static void initreqprep(struct sip_request *req, struct sip_pvt *p, int sipmetho
 		ast_copy_string(invite, p->fullcontact, sizeof(invite));
 	/* Otherwise, use the username while waiting for registration */
 	} else if (!ast_strlen_zero(p->username)) {
+		n = p->username;
+		if (pedanticsipchecking) {
+			ast_uri_encode(n, tmp, sizeof(tmp), 0);
+			n = tmp;
+		}
 		if (ntohs(p->sa.sin_port) != 5060) {		/* Needs to be 5060 */
-			snprintf(invite, sizeof(invite), "sip:%s@%s:%d%s",p->username, p->tohost, ntohs(p->sa.sin_port), urioptions);
+			snprintf(invite, sizeof(invite), "sip:%s@%s:%d%s", n, p->tohost, ntohs(p->sa.sin_port), urioptions);
 		} else {
-			snprintf(invite, sizeof(invite), "sip:%s@%s%s",p->username, p->tohost, urioptions);
+			snprintf(invite, sizeof(invite), "sip:%s@%s%s", n, p->tohost, urioptions);
 		}
 	} else if (ntohs(p->sa.sin_port) != 5060) {		/* Needs to be 5060 */
 		snprintf(invite, sizeof(invite), "sip:%s:%d%s", p->tohost, ntohs(p->sa.sin_port), urioptions);
@@ -4434,9 +4430,9 @@ static void initreqprep(struct sip_request *req, struct sip_pvt *p, int sipmetho
 		snprintf(invite, sizeof(invite), "sip:%s%s", p->tohost, urioptions);
 	}
 	ast_copy_string(p->uri, invite, sizeof(p->uri));
+
 	/* If there is a VXML URL append it to the SIP URL */
-	if (vxml_url)
-	{
+	if (vxml_url) {
 		snprintf(to, sizeof(to), "<%s>;%s", invite, vxml_url);
 	} else {
 		snprintf(to, sizeof(to), "<%s>", invite);
@@ -5756,7 +5752,7 @@ static int cb_extensionstate(char *context, char* exten, enum ast_extension_stat
 /*--- register_verify: Verify registration of user */
 static int register_verify(struct sip_pvt *p, struct sockaddr_in *sin, struct sip_request *req, char *uri, int ignore)
 {
-	int res = -1;
+	int res = -3;
 	struct sip_peer *peer;
 	char tmp[256] = "";
 	char iabuf[INET_ADDRSTRLEN];
@@ -5770,6 +5766,9 @@ static int register_verify(struct sip_pvt *p, struct sockaddr_in *sin, struct si
 	*t = '\0';
 	
 	ast_copy_string(tmp, get_header(req, "To"), sizeof(tmp));
+	if (pedanticsipchecking)
+		ast_uri_decode(tmp);
+
 	c = get_in_brackets(tmp);
 	/* Ditch ;user=phone */
 	name = strchr(c, ';');
@@ -5838,7 +5837,7 @@ static int register_verify(struct sip_pvt *p, struct sockaddr_in *sin, struct si
 		switch (res) {
 		case -1:
 			/* Wrong password in authentication. Go away, don't try again until you fixed it */
-			transmit_response(p, "403 Forbidden", &p->initreq);
+			transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
 			break;
 		case -2:
 			/* Username and digest username does not match. 
@@ -5847,6 +5846,15 @@ static int register_verify(struct sip_pvt *p, struct sockaddr_in *sin, struct si
 			   proper authentication by digest auth name */
 			transmit_response(p, "403 Authentication user name does not match account name", &p->initreq);
 			break;
+		case -3:
+			/* URI not found */
+			transmit_response(p, "404 Not found", &p->initreq);
+			break;
+		}
+		if (option_debug > 1) {
+			ast_log(LOG_DEBUG, "SIP REGISTER attempt failed for %s : %s\n",
+				peer->name,
+				(res == -1) ? "Bad password" : ((res == -2 ) ? "Bad digest user" : "Peer not found"));
 		}
 	}
 	if (peer)
@@ -5894,10 +5902,16 @@ static int get_destination(struct sip_pvt *p, struct sip_request *oreq)
 		req = &p->initreq;
 	if (req->rlPart2)
 		ast_copy_string(tmp, req->rlPart2, sizeof(tmp));
-	c = get_in_brackets(tmp);
 	
 	ast_copy_string(tmpf, get_header(req, "From"), sizeof(tmpf));
+
+	if (pedanticsipchecking) {
+		ast_uri_decode(tmp);
+		ast_uri_decode(tmpf);
+	}
+
 	fr = get_in_brackets(tmpf);
+	c = get_in_brackets(tmp);
 	
 	if (strncmp(c, "sip:", 4)) {
 		ast_log(LOG_WARNING, "Huh?  Not a SIP header (%s)?\n", c);
@@ -5930,7 +5944,7 @@ static int get_destination(struct sip_pvt *p, struct sip_request *oreq)
 			ast_copy_string(p->fromdomain, fr, sizeof(p->fromdomain));
 	}
 	if (pedanticsipchecking)
-		url_decode(c);
+		ast_uri_decode(c);
 	if (sip_debug_test_pvt(p))
 		ast_verbose("Looking for %s in %s\n", c, p->context);
 	if (ast_exists_extension(NULL, p->context, c, 1, fr) ||
@@ -6004,6 +6018,9 @@ static int get_refer_info(struct sip_pvt *sip_pvt, struct sip_request *outgoing_
 		ast_log(LOG_WARNING, "No Referrred-By Header That's not illegal\n");
 		return -1;
 	} else {
+		if (pedanticsipchecking) {
+			ast_uri_decode(h_referred_by);
+		}
 		referred_by = get_in_brackets(h_referred_by);
 	}
 	h_contact = get_header(req, "Contact");
@@ -6035,7 +6052,7 @@ static int get_refer_info(struct sip_pvt *sip_pvt, struct sip_request *outgoing_
 			   replaces_header = ast_strdupa(replace_callid); 
 			   -anthm
 			*/
-			url_decode(replace_callid);
+			ast_uri_decode(replace_callid);
 			if ((ptr = strchr(replace_callid, '%'))) 
 				*ptr = '\0';
 			if ((ptr = strchr(replace_callid, ';'))) 
@@ -6291,7 +6308,11 @@ static int check_user_full(struct sip_pvt *p, struct sip_request *req, int sipme
 		t++;
 	*t = '\0';
 	of = get_header(req, "From");
+	if (pedanticsipchecking)
+		ast_uri_decode(of);
+
 	ast_copy_string(from, of, sizeof(from));
+	
 	memset(calleridname,0,sizeof(calleridname));
 	get_calleridname(from, calleridname, sizeof(calleridname));
 
@@ -9832,7 +9853,7 @@ static int handle_request_register(struct sip_pvt *p, struct sip_request *req, i
 
 	/* Use this as the basis */
 	if (debug)
-		ast_verbose("Using latest request as basis request\n");
+		ast_verbose("Using latest REGISTER request as basis request\n");
 	copy_request(&p->initreq, req);
 	check_via(p, req);
 	if ((res = register_verify(p, sin, req, e, ignore)) < 0) 
diff --git a/include/asterisk/utils.h b/include/asterisk/utils.h
index 1d398fa104..83d9e2185f 100755
--- a/include/asterisk/utils.h
+++ b/include/asterisk/utils.h
@@ -128,11 +128,37 @@ struct ast_hostent {
 };
 
 extern struct hostent *ast_gethostbyname(const char *host, struct ast_hostent *hp);
-/* ast_md5_hash: Produces MD5 hash based on input string */
+
+/* ast_md5_hash 
+	\brief Produces MD5 hash based on input string */
 extern void ast_md5_hash(char *output, char *input);
+
 extern int ast_base64encode(char *dst, unsigned char *src, int srclen, int max);
 extern int ast_base64decode(unsigned char *dst, char *src, int max);
 
+/*! ast_uri_encode
+	\brief Turn text string to URI-encoded %XX version 
+ 	At this point, we're converting from ISO-8859-x (8-bit), not UTF8
+	as in the SIP protocol spec 
+	If doreserved == 1 we will convert reserved characters also.
+	RFC 2396, section 2.4
+	outbuf needs to have more memory allocated than the instring
+	to have room for the expansion. Every char that is converted
+	is replaced by three ASCII characters.
+	\param string	String to be converted
+	\param outbuf	Resulting encoded string
+	\param buflen	Size of output buffer
+	\param doreserved	Convert reserved characters
+*/
+
+char *ast_uri_encode(char *string, char *outbuf, int buflen, int doreserved);
+
+/*!	\brief Decode URI, URN, URL (overwrite string)
+	\param s	String to be decoded 
+ */
+void ast_uri_decode(char *s);
+	
+
 extern int test_for_thread_safety(void);
 
 extern const char *ast_inet_ntoa(char *buf, int bufsiz, struct in_addr ia);
diff --git a/utils.c b/utils.c
index 8accaa75a0..f45226f4ce 100755
--- a/utils.c
+++ b/utils.c
@@ -382,7 +382,66 @@ static void base64_init(void)
 #endif
 }
 
-/* Recursive thread safe replacement of inet_ntoa */
+/*--- ast_uri_encode: Turn text string to URI-encoded %XX version ---*/
+/* 	At this point, we're converting from ISO-8859-x (8-bit), not UTF8
+	as in the SIP protocol spec 
+	If doreserved == 1 we will convert reserved characters also.
+	RFC 2396, section 2.4
+	outbuf needs to have more memory allocated than the instring
+	to have room for the expansion. Every char that is converted
+	is replaced by three ASCII characters.
+
+	Note: The doreserved option is needed for replaces header in
+	SIP transfers.
+*/
+char *ast_uri_encode(char *string, char *outbuf, int buflen, int doreserved) 
+{
+	char *reserved = ";/?:@&=+$, ";	/* Reserved chars */
+
+ 	char *ptr  = string;	/* Start with the string */
+	char *out = NULL;
+	char *buf = NULL;
+
+	strncpy(outbuf, string, buflen);
+
+	/* If there's no characters to convert, just go through and don't do anything */
+	while (*ptr) {
+		if (((unsigned char) *ptr) > 127 || (doreserved && strchr(reserved, *ptr)) ) {
+			/* Oops, we need to start working here */
+			if (!buf) {
+				buf = outbuf;
+				out = buf + (ptr - string) ;	/* Set output ptr */
+			}
+			out += sprintf(out, "%%%02x", (unsigned char) *ptr);
+		} else if (buf) {
+			*out = *ptr;	/* Continue copying the string */
+			out++;
+		} 
+		ptr++;
+	}
+	if (buf)
+		*out = '\0';
+	return outbuf;
+}
+
+/*--- ast_uri_decode: Decode SIP URI, URN, URL (overwrite the string)  ---*/
+void ast_uri_decode(char *s) 
+{
+	char *o;
+	unsigned int tmp;
+
+	for (o = s; *s; s++, o++) {
+		if (*s == '%' && strlen(s) > 2 && sscanf(s + 1, "%2x", &tmp) == 1) {
+			/* have '%', two chars and correct parsing */
+			*o = tmp;
+			s += 2;	/* Will be incremented once more when we break out */
+		} else /* all other cases, just copy */
+			*o = *s;
+	}
+	*o = '\0';
+}
+
+/*--- ast_inet_ntoa: Recursive thread safe replacement of inet_ntoa */
 const char *ast_inet_ntoa(char *buf, int bufsiz, struct in_addr ia)
 {
 	return inet_ntop(AF_INET, &ia, buf, bufsiz);
@@ -397,6 +456,7 @@ int ast_utils_init(void)
 #ifndef __linux__
 #undef pthread_create /* For ast_pthread_create function only */
 #endif /* ! LINUX */
+
 int ast_pthread_create_stack(pthread_t *thread, pthread_attr_t *attr, void *(*start_routine)(void *), void *data, size_t stacksize)
 {
 	pthread_attr_t lattr;
@@ -634,9 +694,9 @@ int vasprintf(char **strp, const char *fmt, va_list ap)
 
 #ifndef HAVE_STRTOQ
 #define LONG_MIN        (-9223372036854775807L-1L)
-                                        /* min value of a "long int" */
+	                                 /* min value of a "long int" */
 #define LONG_MAX        9223372036854775807L
-                                        /* max value of a "long int" */
+	                                 /* max value of a "long int" */
 
 /*
  * Convert a string to a quad integer.
@@ -646,85 +706,85 @@ int vasprintf(char **strp, const char *fmt, va_list ap)
  */
 uint64_t strtoq(const char *nptr, char **endptr, int base)
 {
-        const char *s;
-        uint64_t acc;
-        unsigned char c;
-        uint64_t qbase, cutoff;
-        int neg, any, cutlim;
-
-        /*
-         * Skip white space and pick up leading +/- sign if any.
-         * If base is 0, allow 0x for hex and 0 for octal, else
-         * assume decimal; if base is already 16, allow 0x.
-         */
-        s = nptr;
-        do {
-                c = *s++;
-        } while (isspace(c));
-        if (c == '-') {
-                neg = 1;
-                c = *s++;
-        } else {
-                neg = 0;
-                if (c == '+')
-                        c = *s++;
-        }
-        if ((base == 0 || base == 16) &&
-            c == '\0' && (*s == 'x' || *s == 'X')) {
-                c = s[1];
-                s += 2;
-                base = 16;
-        }
-        if (base == 0)
-                base = c == '\0' ? 8 : 10;
-
-        /*
-         * Compute the cutoff value between legal numbers and illegal
-         * numbers.  That is the largest legal value, divided by the
-         * base.  An input number that is greater than this value, if
-         * followed by a legal input character, is too big.  One that
-         * is equal to this value may be valid or not; the limit
-         * between valid and invalid numbers is then based on the last
-         * digit.  For instance, if the range for quads is
-         * [-9223372036854775808..9223372036854775807] and the input base
-         * is 10, cutoff will be set to 922337203685477580 and cutlim to
-         * either 7 (neg==0) or 8 (neg==1), meaning that if we have
-         * accumulated a value > 922337203685477580, or equal but the
-         * next digit is > 7 (or 8), the number is too big, and we will
-         * return a range error.
-         *
-         * Set any if any `digits' consumed; make it negative to indicate
-         * overflow.
-         */
-        qbase = (unsigned)base;
-        cutoff = neg ? (uint64_t)-(LONG_MIN + LONG_MAX) + LONG_MAX : LONG_MAX;
-        cutlim = cutoff % qbase;
-        cutoff /= qbase;
-        for (acc = 0, any = 0;; c = *s++) {
-                if (!isascii(c))
-                        break;
-                if (isdigit(c))
-                        c -= '\0';
-                else if (isalpha(c))
-                        c -= isupper(c) ? 'A' - 10 : 'a' - 10;
-                else
-                        break;
-                if (c >= base)
-                        break;
-                if (any < 0 || acc > cutoff || (acc == cutoff && c > cutlim))
-                        any = -1;
-                else {
-                        any = 1;
-                        acc *= qbase;
-                        acc += c;
-                }
-        }
-        if (any < 0) {
-                acc = neg ? LONG_MIN : LONG_MAX;
-        } else if (neg)
-                acc = -acc;
-        if (endptr != 0)
-                *((const char **)endptr) = any ? s - 1 : nptr;
-        return (acc);
+	 const char *s;
+	 uint64_t acc;
+	 unsigned char c;
+	 uint64_t qbase, cutoff;
+	 int neg, any, cutlim;
+
+	 /*
+	  * Skip white space and pick up leading +/- sign if any.
+	  * If base is 0, allow 0x for hex and 0 for octal, else
+	  * assume decimal; if base is already 16, allow 0x.
+	  */
+	 s = nptr;
+	 do {
+	         c = *s++;
+	 } while (isspace(c));
+	 if (c == '-') {
+	         neg = 1;
+	         c = *s++;
+	 } else {
+	         neg = 0;
+	         if (c == '+')
+	                 c = *s++;
+	 }
+	 if ((base == 0 || base == 16) &&
+	     c == '\0' && (*s == 'x' || *s == 'X')) {
+	         c = s[1];
+	         s += 2;
+	         base = 16;
+	 }
+	 if (base == 0)
+	         base = c == '\0' ? 8 : 10;
+
+	 /*
+	  * Compute the cutoff value between legal numbers and illegal
+	  * numbers.  That is the largest legal value, divided by the
+	  * base.  An input number that is greater than this value, if
+	  * followed by a legal input character, is too big.  One that
+	  * is equal to this value may be valid or not; the limit
+	  * between valid and invalid numbers is then based on the last
+	  * digit.  For instance, if the range for quads is
+	  * [-9223372036854775808..9223372036854775807] and the input base
+	  * is 10, cutoff will be set to 922337203685477580 and cutlim to
+	  * either 7 (neg==0) or 8 (neg==1), meaning that if we have
+	  * accumulated a value > 922337203685477580, or equal but the
+	  * next digit is > 7 (or 8), the number is too big, and we will
+	  * return a range error.
+	  *
+	  * Set any if any `digits' consumed; make it negative to indicate
+	  * overflow.
+	  */
+	 qbase = (unsigned)base;
+	 cutoff = neg ? (uint64_t)-(LONG_MIN + LONG_MAX) + LONG_MAX : LONG_MAX;
+	 cutlim = cutoff % qbase;
+	 cutoff /= qbase;
+	 for (acc = 0, any = 0;; c = *s++) {
+	         if (!isascii(c))
+	                 break;
+	         if (isdigit(c))
+	                 c -= '\0';
+	         else if (isalpha(c))
+	                 c -= isupper(c) ? 'A' - 10 : 'a' - 10;
+	         else
+	                 break;
+	         if (c >= base)
+	                 break;
+	         if (any < 0 || acc > cutoff || (acc == cutoff && c > cutlim))
+	                 any = -1;
+	         else {
+	                 any = 1;
+	                 acc *= qbase;
+	                 acc += c;
+	         }
+	 }
+	 if (any < 0) {
+	         acc = neg ? LONG_MIN : LONG_MAX;
+	 } else if (neg)
+	         acc = -acc;
+	 if (endptr != 0)
+	         *((const char **)endptr) = any ? s - 1 : nptr;
+	 return acc;
 }
 #endif
-- 
GitLab