From f83b845f08c23ec4755d0bf857498b5bd5f67dff Mon Sep 17 00:00:00 2001
From: Olle Johansson <oej@edvina.net>
Date: Mon, 1 Jan 2007 19:20:46 +0000
Subject: [PATCH] - Implement error handling in ast_append_ha - Use this in
 chan_sip - Document ha functions in acl.c

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@49092 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 channels/chan_h323.c   |  2 +-
 channels/chan_iax2.c   |  4 ++--
 channels/chan_mgcp.c   |  2 +-
 channels/chan_sip.c    | 18 +++++++++++++++---
 channels/chan_skinny.c |  2 +-
 include/asterisk/acl.h | 15 +++++++++++++--
 main/acl.c             |  9 +++++++--
 7 files changed, 40 insertions(+), 12 deletions(-)

diff --git a/channels/chan_h323.c b/channels/chan_h323.c
index c1da95787f..096e8ddbc0 100644
--- a/channels/chan_h323.c
+++ b/channels/chan_h323.c
@@ -1425,7 +1425,7 @@ static struct oh323_user *build_user(char *name, struct ast_variable *v, struct
 			}
 		} else if (!strcasecmp(v->name, "permit") ||
 					!strcasecmp(v->name, "deny")) {
-			user->ha = ast_append_ha(v->name, v->value, user->ha);
+			user->ha = ast_append_ha(v->name, v->value, user->ha, NULL);
 		}
 	}
 	if (!user->options.dtmfmode)
diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c
index b4cc8ae80c..dc39f10e71 100644
--- a/channels/chan_iax2.c
+++ b/channels/chan_iax2.c
@@ -8450,7 +8450,7 @@ static struct iax2_peer *build_peer(const char *name, struct ast_variable *v, st
 				peer_set_srcaddr(peer, v->value);
 			} else if (!strcasecmp(v->name, "permit") ||
 					   !strcasecmp(v->name, "deny")) {
-				peer->ha = ast_append_ha(v->name, v->value, peer->ha);
+				peer->ha = ast_append_ha(v->name, v->value, peer->ha, NULL);
 			} else if (!strcasecmp(v->name, "mask")) {
 				maskfound++;
 				inet_aton(v->value, &peer->mask);
@@ -8610,7 +8610,7 @@ static struct iax2_user *build_user(const char *name, struct ast_variable *v, st
 				}
 			} else if (!strcasecmp(v->name, "permit") ||
 					   !strcasecmp(v->name, "deny")) {
-				user->ha = ast_append_ha(v->name, v->value, user->ha);
+				user->ha = ast_append_ha(v->name, v->value, user->ha, NULL);
 			} else if (!strcasecmp(v->name, "setvar")) {
 				varname = ast_strdupa(v->value);
 				if (varname && (varval = strchr(varname,'='))) {
diff --git a/channels/chan_mgcp.c b/channels/chan_mgcp.c
index 2e0833b5fb..bdb704754e 100644
--- a/channels/chan_mgcp.c
+++ b/channels/chan_mgcp.c
@@ -3638,7 +3638,7 @@ static struct mgcp_gateway *build_gateway(char *cat, struct ast_variable *v)
 				}
 			} else if (!strcasecmp(v->name, "permit") ||
 				!strcasecmp(v->name, "deny")) {
-				gw->ha = ast_append_ha(v->name, v->value, gw->ha);
+				gw->ha = ast_append_ha(v->name, v->value, gw->ha, NULL);
 			} else if (!strcasecmp(v->name, "port")) {
 				gw->addr.sin_port = htons(atoi(v->value));
 			} else if (!strcasecmp(v->name, "context")) {
diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index bc545e5030..a5cfbfd1d3 100644
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -15765,7 +15765,11 @@ static struct sip_user *build_user(const char *name, struct ast_variable *v, int
 			user->chanvars = add_var(v->value, user->chanvars);
 		} else if (!strcasecmp(v->name, "permit") ||
 				   !strcasecmp(v->name, "deny")) {
-			user->ha = ast_append_ha(v->name, v->value, user->ha);
+			int ha_error = 0;
+
+			user->ha = ast_append_ha(v->name, v->value, user->ha, &ha_error);
+			if (ha_error)
+				ast_log(LOG_ERROR, "Bad ACL entry in configuration line %d : %s\n", v->lineno, v->value);
 		} else if (!strcasecmp(v->name, "allowtransfer")) {
 			user->allowtransfer = ast_true(v->value) ? TRANSFER_OPENFORALL : TRANSFER_CLOSED;
 		} else if (!strcasecmp(v->name, "secret")) {
@@ -16023,7 +16027,11 @@ static struct sip_peer *build_peer(const char *name, struct ast_variable *v, str
 				return NULL;
 			}
 		} else if (!strcasecmp(v->name, "permit") || !strcasecmp(v->name, "deny")) {
-			peer->ha = ast_append_ha(v->name, v->value, peer->ha);
+			int ha_error = 0;
+
+			peer->ha = ast_append_ha(v->name, v->value, peer->ha, &ha_error);
+			if (ha_error)
+				ast_log(LOG_ERROR, "Bad ACL entry in configuration line %d : %s\n", v->lineno, v->value);
 		} else if (!strcasecmp(v->name, "port")) {
 			if (!realtime && ast_test_flag(&peer->flags[1], SIP_PAGE2_DYNAMIC))
 				peer->defaddr.sin_port = htons(atoi(v->value));
@@ -16405,10 +16413,14 @@ static int reload_config(enum channelreloadreason reason)
 			}
 		} else if (!strcasecmp(v->name, "localnet")) {
 			struct ast_ha *na;
-			if (!(na = ast_append_ha("d", v->value, localaddr)))
+			int ha_error;
+
+			if (!(na = ast_append_ha("d", v->value, localaddr, &ha_error)))
 				ast_log(LOG_WARNING, "Invalid localnet value: %s\n", v->value);
 			else
 				localaddr = na;
+			if (ha_error)
+				ast_log(LOG_ERROR, "Bad localnet configuration value line %d : %s\n", v->lineno, v->value);
 		} else if (!strcasecmp(v->name, "externip")) {
 			if (!(hp = ast_gethostbyname(v->value, &ahp))) 
 				ast_log(LOG_WARNING, "Invalid address for externip keyword: %s\n", v->value);
diff --git a/channels/chan_skinny.c b/channels/chan_skinny.c
index 75bf874c81..df0d1e4de8 100644
--- a/channels/chan_skinny.c
+++ b/channels/chan_skinny.c
@@ -2027,7 +2027,7 @@ static struct skinny_device *build_device(const char *cat, struct ast_variable *
 			} else if (!strcasecmp(v->name, "device")) {
 				ast_copy_string(d->id, v->value, sizeof(d->id));
 			} else if (!strcasecmp(v->name, "permit") || !strcasecmp(v->name, "deny")) {
-				d->ha = ast_append_ha(v->name, v->value, d->ha);
+				d->ha = ast_append_ha(v->name, v->value, d->ha, NULL);
 			} else if (!strcasecmp(v->name, "context")) {
 				ast_copy_string(context, v->value, sizeof(context));
 			} else if (!strcasecmp(v->name, "allow")) {
diff --git a/include/asterisk/acl.h b/include/asterisk/acl.h
index b3a0e7aee1..efc6049902 100644
--- a/include/asterisk/acl.h
+++ b/include/asterisk/acl.h
@@ -38,13 +38,24 @@ extern "C" {
 
 struct ast_ha;
 
+/*! \brief Free host access list */
 void ast_free_ha(struct ast_ha *ha);
-struct ast_ha *ast_append_ha(char *sense, char *stuff, struct ast_ha *path);
+
+/*! \brief Append ACL entry to host access list. */
+struct ast_ha *ast_append_ha(char *sense, char *stuff, struct ast_ha *path, int *error);
+
+/*! \brief Check IP address with host access list */
 int ast_apply_ha(struct ast_ha *ha, struct sockaddr_in *sin);
+
+/*! \brief Copy host access list */
+struct ast_ha *ast_duplicate_ha_list(struct ast_ha *original);
+
 int ast_get_ip(struct sockaddr_in *sin, const char *value);
+
 int ast_get_ip_or_srv(struct sockaddr_in *sin, const char *value, const char *service);
+
 int ast_ouraddrfor(struct in_addr *them, struct in_addr *us);
-struct ast_ha *ast_duplicate_ha_list(struct ast_ha *original);
+
 int ast_find_ourip(struct in_addr *ourip, struct sockaddr_in bindaddr);
 int ast_str2tos(const char *value, unsigned int *tos);
 const char *ast_tos2str(unsigned int tos);
diff --git a/main/acl.c b/main/acl.c
index 7e50d1f9d0..e2caa2eee9 100644
--- a/main/acl.c
+++ b/main/acl.c
@@ -137,7 +137,7 @@ struct ast_ha *ast_duplicate_ha_list(struct ast_ha *original)
 	return ret;    			/* Return start of list */
 }
 
-struct ast_ha *ast_append_ha(char *sense, char *stuff, struct ast_ha *path)
+struct ast_ha *ast_append_ha(char *sense, char *stuff, struct ast_ha *path, int *error)
 {
 	struct ast_ha *ha;
 	char *nm = "255.255.255.255";
@@ -172,11 +172,15 @@ struct ast_ha *ast_append_ha(char *sense, char *stuff, struct ast_ha *path)
 			}
 		} else if (!inet_aton(nm, &ha->netmask)) {
 			ast_log(LOG_WARNING, "%s is not a valid netmask\n", nm);
+			if (error)
+				*error = 1;
 			free(ha);
 			return ret;
 		}
 		if (!inet_aton(tmp, &ha->netaddr)) {
 			ast_log(LOG_WARNING, "%s is not a valid IP\n", tmp);
+			if (error)
+				*error = 1;
 			free(ha);
 			return ret;
 		}
@@ -193,7 +197,8 @@ struct ast_ha *ast_append_ha(char *sense, char *stuff, struct ast_ha *path)
 			ret = ha;
 		}
 	}
-	ast_log(LOG_DEBUG, "%s/%s appended to acl for peer\n", stuff, nm);
+	if (option_debug)
+		ast_log(LOG_DEBUG, "%s/%s appended to acl for peer\n", stuff, nm);
 	return ret;
 }
 
-- 
GitLab