1
2
3
4
5
6
7
8
9
10
11
12
13#include <linux/module.h>
14#include <linux/ctype.h>
15#include <linux/skbuff.h>
16#include <linux/inet.h>
17#include <linux/in.h>
18#include <linux/udp.h>
19#include <linux/tcp.h>
20#include <linux/netfilter.h>
21
22#include <net/netfilter/nf_conntrack.h>
23#include <net/netfilter/nf_conntrack_core.h>
24#include <net/netfilter/nf_conntrack_expect.h>
25#include <net/netfilter/nf_conntrack_helper.h>
26#include <net/netfilter/nf_conntrack_zones.h>
27#include <linux/netfilter/nf_conntrack_sip.h>
28
29MODULE_LICENSE("GPL");
30MODULE_AUTHOR("Christian Hentschel <chentschel@arnet.com.ar>");
31MODULE_DESCRIPTION("SIP connection tracking helper");
32MODULE_ALIAS("ip_conntrack_sip");
33MODULE_ALIAS_NFCT_HELPER("sip");
34
35#define MAX_PORTS 8
36static unsigned short ports[MAX_PORTS];
37static unsigned int ports_c;
38module_param_array(ports, ushort, &ports_c, 0400);
39MODULE_PARM_DESC(ports, "port numbers of SIP servers");
40
41static unsigned int sip_timeout __read_mostly = SIP_TIMEOUT;
42module_param(sip_timeout, uint, 0600);
43MODULE_PARM_DESC(sip_timeout, "timeout for the master SIP session");
44
45static int sip_direct_signalling __read_mostly = 1;
46module_param(sip_direct_signalling, int, 0600);
47MODULE_PARM_DESC(sip_direct_signalling, "expect incoming calls from registrar "
48 "only (default 1)");
49
50static int sip_direct_media __read_mostly = 1;
51module_param(sip_direct_media, int, 0600);
52MODULE_PARM_DESC(sip_direct_media, "Expect Media streams between signalling "
53 "endpoints only (default 1)");
54
55const struct nf_nat_sip_hooks *nf_nat_sip_hooks;
56EXPORT_SYMBOL_GPL(nf_nat_sip_hooks);
57
58static int string_len(const struct nf_conn *ct, const char *dptr,
59 const char *limit, int *shift)
60{
61 int len = 0;
62
63 while (dptr < limit && isalpha(*dptr)) {
64 dptr++;
65 len++;
66 }
67 return len;
68}
69
70static int digits_len(const struct nf_conn *ct, const char *dptr,
71 const char *limit, int *shift)
72{
73 int len = 0;
74 while (dptr < limit && isdigit(*dptr)) {
75 dptr++;
76 len++;
77 }
78 return len;
79}
80
81static int iswordc(const char c)
82{
83 if (isalnum(c) || c == '!' || c == '"' || c == '%' ||
84 (c >= '(' && c <= '/') || c == ':' || c == '<' || c == '>' ||
85 c == '?' || (c >= '[' && c <= ']') || c == '_' || c == '`' ||
86 c == '{' || c == '}' || c == '~')
87 return 1;
88 return 0;
89}
90
91static int word_len(const char *dptr, const char *limit)
92{
93 int len = 0;
94 while (dptr < limit && iswordc(*dptr)) {
95 dptr++;
96 len++;
97 }
98 return len;
99}
100
101static int callid_len(const struct nf_conn *ct, const char *dptr,
102 const char *limit, int *shift)
103{
104 int len, domain_len;
105
106 len = word_len(dptr, limit);
107 dptr += len;
108 if (!len || dptr == limit || *dptr != '@')
109 return len;
110 dptr++;
111 len++;
112
113 domain_len = word_len(dptr, limit);
114 if (!domain_len)
115 return 0;
116 return len + domain_len;
117}
118
119
120static int media_len(const struct nf_conn *ct, const char *dptr,
121 const char *limit, int *shift)
122{
123 int len = string_len(ct, dptr, limit, shift);
124
125 dptr += len;
126 if (dptr >= limit || *dptr != ' ')
127 return 0;
128 len++;
129 dptr++;
130
131 return len + digits_len(ct, dptr, limit, shift);
132}
133
134static int sip_parse_addr(const struct nf_conn *ct, const char *cp,
135 const char **endp, union nf_inet_addr *addr,
136 const char *limit, bool delim)
137{
138 const char *end;
139 int ret;
140
141 if (!ct)
142 return 0;
143
144 memset(addr, 0, sizeof(*addr));
145 switch (nf_ct_l3num(ct)) {
146 case AF_INET:
147 ret = in4_pton(cp, limit - cp, (u8 *)&addr->ip, -1, &end);
148 if (ret == 0)
149 return 0;
150 break;
151 case AF_INET6:
152 if (cp < limit && *cp == '[')
153 cp++;
154 else if (delim)
155 return 0;
156
157 ret = in6_pton(cp, limit - cp, (u8 *)&addr->ip6, -1, &end);
158 if (ret == 0)
159 return 0;
160
161 if (end < limit && *end == ']')
162 end++;
163 else if (delim)
164 return 0;
165 break;
166 default:
167 BUG();
168 }
169
170 if (endp)
171 *endp = end;
172 return 1;
173}
174
175
176static int epaddr_len(const struct nf_conn *ct, const char *dptr,
177 const char *limit, int *shift)
178{
179 union nf_inet_addr addr;
180 const char *aux = dptr;
181
182 if (!sip_parse_addr(ct, dptr, &dptr, &addr, limit, true)) {
183 pr_debug("ip: %s parse failed.!\n", dptr);
184 return 0;
185 }
186
187
188 if (*dptr == ':') {
189 dptr++;
190 dptr += digits_len(ct, dptr, limit, shift);
191 }
192 return dptr - aux;
193}
194
195
196static int skp_epaddr_len(const struct nf_conn *ct, const char *dptr,
197 const char *limit, int *shift)
198{
199 const char *start = dptr;
200 int s = *shift;
201
202
203
204
205 while (dptr < limit &&
206 *dptr != '@' && *dptr != '\r' && *dptr != '\n') {
207 (*shift)++;
208 dptr++;
209 }
210
211 if (dptr < limit && *dptr == '@') {
212 dptr++;
213 (*shift)++;
214 } else {
215 dptr = start;
216 *shift = s;
217 }
218
219 return epaddr_len(ct, dptr, limit, shift);
220}
221
222
223
224
225
226
227
228int ct_sip_parse_request(const struct nf_conn *ct,
229 const char *dptr, unsigned int datalen,
230 unsigned int *matchoff, unsigned int *matchlen,
231 union nf_inet_addr *addr, __be16 *port)
232{
233 const char *start = dptr, *limit = dptr + datalen, *end;
234 unsigned int mlen;
235 unsigned int p;
236 int shift = 0;
237
238
239 mlen = string_len(ct, dptr, limit, NULL);
240 if (!mlen)
241 return 0;
242 dptr += mlen;
243 if (++dptr >= limit)
244 return 0;
245
246
247 for (; dptr < limit - strlen("sip:"); dptr++) {
248 if (*dptr == '\r' || *dptr == '\n')
249 return -1;
250 if (strncasecmp(dptr, "sip:", strlen("sip:")) == 0) {
251 dptr += strlen("sip:");
252 break;
253 }
254 }
255 if (!skp_epaddr_len(ct, dptr, limit, &shift))
256 return 0;
257 dptr += shift;
258
259 if (!sip_parse_addr(ct, dptr, &end, addr, limit, true))
260 return -1;
261 if (end < limit && *end == ':') {
262 end++;
263 p = simple_strtoul(end, (char **)&end, 10);
264 if (p < 1024 || p > 65535)
265 return -1;
266 *port = htons(p);
267 } else
268 *port = htons(SIP_PORT);
269
270 if (end == dptr)
271 return 0;
272 *matchoff = dptr - start;
273 *matchlen = end - dptr;
274 return 1;
275}
276EXPORT_SYMBOL_GPL(ct_sip_parse_request);
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291static const struct sip_header ct_sip_hdrs[] = {
292 [SIP_HDR_CSEQ] = SIP_HDR("CSeq", NULL, NULL, digits_len),
293 [SIP_HDR_FROM] = SIP_HDR("From", "f", "sip:", skp_epaddr_len),
294 [SIP_HDR_TO] = SIP_HDR("To", "t", "sip:", skp_epaddr_len),
295 [SIP_HDR_CONTACT] = SIP_HDR("Contact", "m", "sip:", skp_epaddr_len),
296 [SIP_HDR_VIA_UDP] = SIP_HDR("Via", "v", "UDP ", epaddr_len),
297 [SIP_HDR_VIA_TCP] = SIP_HDR("Via", "v", "TCP ", epaddr_len),
298 [SIP_HDR_EXPIRES] = SIP_HDR("Expires", NULL, NULL, digits_len),
299 [SIP_HDR_CONTENT_LENGTH] = SIP_HDR("Content-Length", "l", NULL, digits_len),
300 [SIP_HDR_CALL_ID] = SIP_HDR("Call-Id", "i", NULL, callid_len),
301};
302
303static const char *sip_follow_continuation(const char *dptr, const char *limit)
304{
305
306 if (++dptr >= limit)
307 return NULL;
308
309
310 if (*(dptr - 1) == '\r' && *dptr == '\n') {
311 if (++dptr >= limit)
312 return NULL;
313 }
314
315
316 if (*dptr != ' ' && *dptr != '\t')
317 return NULL;
318
319
320 for (; dptr < limit; dptr++) {
321 if (*dptr != ' ' && *dptr != '\t')
322 break;
323 }
324 return dptr;
325}
326
327static const char *sip_skip_whitespace(const char *dptr, const char *limit)
328{
329 for (; dptr < limit; dptr++) {
330 if (*dptr == ' ')
331 continue;
332 if (*dptr != '\r' && *dptr != '\n')
333 break;
334 dptr = sip_follow_continuation(dptr, limit);
335 if (dptr == NULL)
336 return NULL;
337 }
338 return dptr;
339}
340
341
342static const char *ct_sip_header_search(const char *dptr, const char *limit,
343 const char *needle, unsigned int len)
344{
345 for (limit -= len; dptr < limit; dptr++) {
346 if (*dptr == '\r' || *dptr == '\n') {
347 dptr = sip_follow_continuation(dptr, limit);
348 if (dptr == NULL)
349 break;
350 continue;
351 }
352
353 if (strncasecmp(dptr, needle, len) == 0)
354 return dptr;
355 }
356 return NULL;
357}
358
359int ct_sip_get_header(const struct nf_conn *ct, const char *dptr,
360 unsigned int dataoff, unsigned int datalen,
361 enum sip_header_types type,
362 unsigned int *matchoff, unsigned int *matchlen)
363{
364 const struct sip_header *hdr = &ct_sip_hdrs[type];
365 const char *start = dptr, *limit = dptr + datalen;
366 int shift = 0;
367
368 for (dptr += dataoff; dptr < limit; dptr++) {
369
370 if (*dptr != '\r' && *dptr != '\n')
371 continue;
372 if (++dptr >= limit)
373 break;
374 if (*(dptr - 1) == '\r' && *dptr == '\n') {
375 if (++dptr >= limit)
376 break;
377 }
378
379
380 if (*dptr == ' ' || *dptr == '\t')
381 continue;
382
383
384
385 if (limit - dptr >= hdr->len &&
386 strncasecmp(dptr, hdr->name, hdr->len) == 0)
387 dptr += hdr->len;
388 else if (hdr->cname && limit - dptr >= hdr->clen + 1 &&
389 strncasecmp(dptr, hdr->cname, hdr->clen) == 0 &&
390 !isalpha(*(dptr + hdr->clen)))
391 dptr += hdr->clen;
392 else
393 continue;
394
395
396 dptr = sip_skip_whitespace(dptr, limit);
397 if (dptr == NULL)
398 break;
399 if (*dptr != ':' || ++dptr >= limit)
400 break;
401
402
403 dptr = sip_skip_whitespace(dptr, limit);
404 if (dptr == NULL)
405 break;
406
407 *matchoff = dptr - start;
408 if (hdr->search) {
409 dptr = ct_sip_header_search(dptr, limit, hdr->search,
410 hdr->slen);
411 if (!dptr)
412 return -1;
413 dptr += hdr->slen;
414 }
415
416 *matchlen = hdr->match_len(ct, dptr, limit, &shift);
417 if (!*matchlen)
418 return -1;
419 *matchoff = dptr - start + shift;
420 return 1;
421 }
422 return 0;
423}
424EXPORT_SYMBOL_GPL(ct_sip_get_header);
425
426
427static int ct_sip_next_header(const struct nf_conn *ct, const char *dptr,
428 unsigned int dataoff, unsigned int datalen,
429 enum sip_header_types type,
430 unsigned int *matchoff, unsigned int *matchlen)
431{
432 const struct sip_header *hdr = &ct_sip_hdrs[type];
433 const char *start = dptr, *limit = dptr + datalen;
434 int shift = 0;
435
436 dptr += dataoff;
437
438 dptr = ct_sip_header_search(dptr, limit, ",", strlen(","));
439 if (!dptr)
440 return 0;
441
442 dptr = ct_sip_header_search(dptr, limit, hdr->search, hdr->slen);
443 if (!dptr)
444 return 0;
445 dptr += hdr->slen;
446
447 *matchoff = dptr - start;
448 *matchlen = hdr->match_len(ct, dptr, limit, &shift);
449 if (!*matchlen)
450 return -1;
451 *matchoff += shift;
452 return 1;
453}
454
455
456
457static int ct_sip_walk_headers(const struct nf_conn *ct, const char *dptr,
458 unsigned int dataoff, unsigned int datalen,
459 enum sip_header_types type, int *in_header,
460 unsigned int *matchoff, unsigned int *matchlen)
461{
462 int ret;
463
464 if (in_header && *in_header) {
465 while (1) {
466 ret = ct_sip_next_header(ct, dptr, dataoff, datalen,
467 type, matchoff, matchlen);
468 if (ret > 0)
469 return ret;
470 if (ret == 0)
471 break;
472 dataoff += *matchoff;
473 }
474 *in_header = 0;
475 }
476
477 while (1) {
478 ret = ct_sip_get_header(ct, dptr, dataoff, datalen,
479 type, matchoff, matchlen);
480 if (ret > 0)
481 break;
482 if (ret == 0)
483 return ret;
484 dataoff += *matchoff;
485 }
486
487 if (in_header)
488 *in_header = 1;
489 return 1;
490}
491
492
493
494
495
496
497int ct_sip_parse_header_uri(const struct nf_conn *ct, const char *dptr,
498 unsigned int *dataoff, unsigned int datalen,
499 enum sip_header_types type, int *in_header,
500 unsigned int *matchoff, unsigned int *matchlen,
501 union nf_inet_addr *addr, __be16 *port)
502{
503 const char *c, *limit = dptr + datalen;
504 unsigned int p;
505 int ret;
506
507 ret = ct_sip_walk_headers(ct, dptr, dataoff ? *dataoff : 0, datalen,
508 type, in_header, matchoff, matchlen);
509 WARN_ON(ret < 0);
510 if (ret == 0)
511 return ret;
512
513 if (!sip_parse_addr(ct, dptr + *matchoff, &c, addr, limit, true))
514 return -1;
515 if (*c == ':') {
516 c++;
517 p = simple_strtoul(c, (char **)&c, 10);
518 if (p < 1024 || p > 65535)
519 return -1;
520 *port = htons(p);
521 } else
522 *port = htons(SIP_PORT);
523
524 if (dataoff)
525 *dataoff = c - dptr;
526 return 1;
527}
528EXPORT_SYMBOL_GPL(ct_sip_parse_header_uri);
529
530static int ct_sip_parse_param(const struct nf_conn *ct, const char *dptr,
531 unsigned int dataoff, unsigned int datalen,
532 const char *name,
533 unsigned int *matchoff, unsigned int *matchlen)
534{
535 const char *limit = dptr + datalen;
536 const char *start;
537 const char *end;
538
539 limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
540 if (!limit)
541 limit = dptr + datalen;
542
543 start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
544 if (!start)
545 return 0;
546 start += strlen(name);
547
548 end = ct_sip_header_search(start, limit, ";", strlen(";"));
549 if (!end)
550 end = limit;
551
552 *matchoff = start - dptr;
553 *matchlen = end - start;
554 return 1;
555}
556
557
558int ct_sip_parse_address_param(const struct nf_conn *ct, const char *dptr,
559 unsigned int dataoff, unsigned int datalen,
560 const char *name,
561 unsigned int *matchoff, unsigned int *matchlen,
562 union nf_inet_addr *addr, bool delim)
563{
564 const char *limit = dptr + datalen;
565 const char *start, *end;
566
567 limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
568 if (!limit)
569 limit = dptr + datalen;
570
571 start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
572 if (!start)
573 return 0;
574
575 start += strlen(name);
576 if (!sip_parse_addr(ct, start, &end, addr, limit, delim))
577 return 0;
578 *matchoff = start - dptr;
579 *matchlen = end - start;
580 return 1;
581}
582EXPORT_SYMBOL_GPL(ct_sip_parse_address_param);
583
584
585int ct_sip_parse_numerical_param(const struct nf_conn *ct, const char *dptr,
586 unsigned int dataoff, unsigned int datalen,
587 const char *name,
588 unsigned int *matchoff, unsigned int *matchlen,
589 unsigned int *val)
590{
591 const char *limit = dptr + datalen;
592 const char *start;
593 char *end;
594
595 limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
596 if (!limit)
597 limit = dptr + datalen;
598
599 start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
600 if (!start)
601 return 0;
602
603 start += strlen(name);
604 *val = simple_strtoul(start, &end, 0);
605 if (start == end)
606 return 0;
607 if (matchoff && matchlen) {
608 *matchoff = start - dptr;
609 *matchlen = end - start;
610 }
611 return 1;
612}
613EXPORT_SYMBOL_GPL(ct_sip_parse_numerical_param);
614
615static int ct_sip_parse_transport(struct nf_conn *ct, const char *dptr,
616 unsigned int dataoff, unsigned int datalen,
617 u8 *proto)
618{
619 unsigned int matchoff, matchlen;
620
621 if (ct_sip_parse_param(ct, dptr, dataoff, datalen, "transport=",
622 &matchoff, &matchlen)) {
623 if (!strncasecmp(dptr + matchoff, "TCP", strlen("TCP")))
624 *proto = IPPROTO_TCP;
625 else if (!strncasecmp(dptr + matchoff, "UDP", strlen("UDP")))
626 *proto = IPPROTO_UDP;
627 else
628 return 0;
629
630 if (*proto != nf_ct_protonum(ct))
631 return 0;
632 } else
633 *proto = nf_ct_protonum(ct);
634
635 return 1;
636}
637
638static int sdp_parse_addr(const struct nf_conn *ct, const char *cp,
639 const char **endp, union nf_inet_addr *addr,
640 const char *limit)
641{
642 const char *end;
643 int ret;
644
645 memset(addr, 0, sizeof(*addr));
646 switch (nf_ct_l3num(ct)) {
647 case AF_INET:
648 ret = in4_pton(cp, limit - cp, (u8 *)&addr->ip, -1, &end);
649 break;
650 case AF_INET6:
651 ret = in6_pton(cp, limit - cp, (u8 *)&addr->ip6, -1, &end);
652 break;
653 default:
654 BUG();
655 }
656
657 if (ret == 0)
658 return 0;
659 if (endp)
660 *endp = end;
661 return 1;
662}
663
664
665static int sdp_addr_len(const struct nf_conn *ct, const char *dptr,
666 const char *limit, int *shift)
667{
668 union nf_inet_addr addr;
669 const char *aux = dptr;
670
671 if (!sdp_parse_addr(ct, dptr, &dptr, &addr, limit)) {
672 pr_debug("ip: %s parse failed.!\n", dptr);
673 return 0;
674 }
675
676 return dptr - aux;
677}
678
679
680
681
682
683
684
685
686
687
688static const struct sip_header ct_sdp_hdrs_v4[] = {
689 [SDP_HDR_VERSION] = SDP_HDR("v=", NULL, digits_len),
690 [SDP_HDR_OWNER] = SDP_HDR("o=", "IN IP4 ", sdp_addr_len),
691 [SDP_HDR_CONNECTION] = SDP_HDR("c=", "IN IP4 ", sdp_addr_len),
692 [SDP_HDR_MEDIA] = SDP_HDR("m=", NULL, media_len),
693};
694
695static const struct sip_header ct_sdp_hdrs_v6[] = {
696 [SDP_HDR_VERSION] = SDP_HDR("v=", NULL, digits_len),
697 [SDP_HDR_OWNER] = SDP_HDR("o=", "IN IP6 ", sdp_addr_len),
698 [SDP_HDR_CONNECTION] = SDP_HDR("c=", "IN IP6 ", sdp_addr_len),
699 [SDP_HDR_MEDIA] = SDP_HDR("m=", NULL, media_len),
700};
701
702
703static const char *ct_sdp_header_search(const char *dptr, const char *limit,
704 const char *needle, unsigned int len)
705{
706 for (limit -= len; dptr < limit; dptr++) {
707 if (*dptr == '\r' || *dptr == '\n')
708 break;
709 if (strncmp(dptr, needle, len) == 0)
710 return dptr;
711 }
712 return NULL;
713}
714
715
716
717
718
719int ct_sip_get_sdp_header(const struct nf_conn *ct, const char *dptr,
720 unsigned int dataoff, unsigned int datalen,
721 enum sdp_header_types type,
722 enum sdp_header_types term,
723 unsigned int *matchoff, unsigned int *matchlen)
724{
725 const struct sip_header *hdrs, *hdr, *thdr;
726 const char *start = dptr, *limit = dptr + datalen;
727 int shift = 0;
728
729 hdrs = nf_ct_l3num(ct) == NFPROTO_IPV4 ? ct_sdp_hdrs_v4 : ct_sdp_hdrs_v6;
730 hdr = &hdrs[type];
731 thdr = &hdrs[term];
732
733 for (dptr += dataoff; dptr < limit; dptr++) {
734
735 if (*dptr != '\r' && *dptr != '\n')
736 continue;
737 if (++dptr >= limit)
738 break;
739 if (*(dptr - 1) == '\r' && *dptr == '\n') {
740 if (++dptr >= limit)
741 break;
742 }
743
744 if (term != SDP_HDR_UNSPEC &&
745 limit - dptr >= thdr->len &&
746 strncasecmp(dptr, thdr->name, thdr->len) == 0)
747 break;
748 else if (limit - dptr >= hdr->len &&
749 strncasecmp(dptr, hdr->name, hdr->len) == 0)
750 dptr += hdr->len;
751 else
752 continue;
753
754 *matchoff = dptr - start;
755 if (hdr->search) {
756 dptr = ct_sdp_header_search(dptr, limit, hdr->search,
757 hdr->slen);
758 if (!dptr)
759 return -1;
760 dptr += hdr->slen;
761 }
762
763 *matchlen = hdr->match_len(ct, dptr, limit, &shift);
764 if (!*matchlen)
765 return -1;
766 *matchoff = dptr - start + shift;
767 return 1;
768 }
769 return 0;
770}
771EXPORT_SYMBOL_GPL(ct_sip_get_sdp_header);
772
773static int ct_sip_parse_sdp_addr(const struct nf_conn *ct, const char *dptr,
774 unsigned int dataoff, unsigned int datalen,
775 enum sdp_header_types type,
776 enum sdp_header_types term,
777 unsigned int *matchoff, unsigned int *matchlen,
778 union nf_inet_addr *addr)
779{
780 int ret;
781
782 ret = ct_sip_get_sdp_header(ct, dptr, dataoff, datalen, type, term,
783 matchoff, matchlen);
784 if (ret <= 0)
785 return ret;
786
787 if (!sdp_parse_addr(ct, dptr + *matchoff, NULL, addr,
788 dptr + *matchoff + *matchlen))
789 return -1;
790 return 1;
791}
792
793static int refresh_signalling_expectation(struct nf_conn *ct,
794 union nf_inet_addr *addr,
795 u8 proto, __be16 port,
796 unsigned int expires)
797{
798 struct nf_conn_help *help = nfct_help(ct);
799 struct nf_conntrack_expect *exp;
800 struct hlist_node *next;
801 int found = 0;
802
803 spin_lock_bh(&nf_conntrack_expect_lock);
804 hlist_for_each_entry_safe(exp, next, &help->expectations, lnode) {
805 if (exp->class != SIP_EXPECT_SIGNALLING ||
806 !nf_inet_addr_cmp(&exp->tuple.dst.u3, addr) ||
807 exp->tuple.dst.protonum != proto ||
808 exp->tuple.dst.u.udp.port != port)
809 continue;
810 if (!del_timer(&exp->timeout))
811 continue;
812 exp->flags &= ~NF_CT_EXPECT_INACTIVE;
813 exp->timeout.expires = jiffies + expires * HZ;
814 add_timer(&exp->timeout);
815 found = 1;
816 break;
817 }
818 spin_unlock_bh(&nf_conntrack_expect_lock);
819 return found;
820}
821
822static void flush_expectations(struct nf_conn *ct, bool media)
823{
824 struct nf_conn_help *help = nfct_help(ct);
825 struct nf_conntrack_expect *exp;
826 struct hlist_node *next;
827
828 spin_lock_bh(&nf_conntrack_expect_lock);
829 hlist_for_each_entry_safe(exp, next, &help->expectations, lnode) {
830 if ((exp->class != SIP_EXPECT_SIGNALLING) ^ media)
831 continue;
832 if (!del_timer(&exp->timeout))
833 continue;
834 nf_ct_unlink_expect(exp);
835 nf_ct_expect_put(exp);
836 if (!media)
837 break;
838 }
839 spin_unlock_bh(&nf_conntrack_expect_lock);
840}
841
842static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff,
843 unsigned int dataoff,
844 const char **dptr, unsigned int *datalen,
845 union nf_inet_addr *daddr, __be16 port,
846 enum sip_expectation_classes class,
847 unsigned int mediaoff, unsigned int medialen)
848{
849 struct nf_conntrack_expect *exp, *rtp_exp, *rtcp_exp;
850 enum ip_conntrack_info ctinfo;
851 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
852 struct net *net = nf_ct_net(ct);
853 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
854 union nf_inet_addr *saddr;
855 struct nf_conntrack_tuple tuple;
856 int direct_rtp = 0, skip_expect = 0, ret = NF_DROP;
857 u_int16_t base_port;
858 __be16 rtp_port, rtcp_port;
859 const struct nf_nat_sip_hooks *hooks;
860
861 saddr = NULL;
862 if (sip_direct_media) {
863 if (!nf_inet_addr_cmp(daddr, &ct->tuplehash[dir].tuple.src.u3))
864 return NF_ACCEPT;
865 saddr = &ct->tuplehash[!dir].tuple.src.u3;
866 }
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881 memset(&tuple, 0, sizeof(tuple));
882 if (saddr)
883 tuple.src.u3 = *saddr;
884 tuple.src.l3num = nf_ct_l3num(ct);
885 tuple.dst.protonum = IPPROTO_UDP;
886 tuple.dst.u3 = *daddr;
887 tuple.dst.u.udp.port = port;
888
889 rcu_read_lock();
890 do {
891 exp = __nf_ct_expect_find(net, nf_ct_zone(ct), &tuple);
892
893 if (!exp || exp->master == ct ||
894 nfct_help(exp->master)->helper != nfct_help(ct)->helper ||
895 exp->class != class)
896 break;
897#ifdef CONFIG_NF_NAT_NEEDED
898 if (!direct_rtp &&
899 (!nf_inet_addr_cmp(&exp->saved_addr, &exp->tuple.dst.u3) ||
900 exp->saved_proto.udp.port != exp->tuple.dst.u.udp.port) &&
901 ct->status & IPS_NAT_MASK) {
902 *daddr = exp->saved_addr;
903 tuple.dst.u3 = exp->saved_addr;
904 tuple.dst.u.udp.port = exp->saved_proto.udp.port;
905 direct_rtp = 1;
906 } else
907#endif
908 skip_expect = 1;
909 } while (!skip_expect);
910
911 base_port = ntohs(tuple.dst.u.udp.port) & ~1;
912 rtp_port = htons(base_port);
913 rtcp_port = htons(base_port + 1);
914
915 if (direct_rtp) {
916 hooks = rcu_dereference(nf_nat_sip_hooks);
917 if (hooks &&
918 !hooks->sdp_port(skb, protoff, dataoff, dptr, datalen,
919 mediaoff, medialen, ntohs(rtp_port)))
920 goto err1;
921 }
922
923 if (skip_expect) {
924 rcu_read_unlock();
925 return NF_ACCEPT;
926 }
927
928 rtp_exp = nf_ct_expect_alloc(ct);
929 if (rtp_exp == NULL)
930 goto err1;
931 nf_ct_expect_init(rtp_exp, class, nf_ct_l3num(ct), saddr, daddr,
932 IPPROTO_UDP, NULL, &rtp_port);
933
934 rtcp_exp = nf_ct_expect_alloc(ct);
935 if (rtcp_exp == NULL)
936 goto err2;
937 nf_ct_expect_init(rtcp_exp, class, nf_ct_l3num(ct), saddr, daddr,
938 IPPROTO_UDP, NULL, &rtcp_port);
939
940 hooks = rcu_dereference(nf_nat_sip_hooks);
941 if (hooks && ct->status & IPS_NAT_MASK && !direct_rtp)
942 ret = hooks->sdp_media(skb, protoff, dataoff, dptr,
943 datalen, rtp_exp, rtcp_exp,
944 mediaoff, medialen, daddr);
945 else {
946 if (nf_ct_expect_related(rtp_exp) == 0) {
947 if (nf_ct_expect_related(rtcp_exp) != 0)
948 nf_ct_unexpect_related(rtp_exp);
949 else
950 ret = NF_ACCEPT;
951 }
952 }
953 nf_ct_expect_put(rtcp_exp);
954err2:
955 nf_ct_expect_put(rtp_exp);
956err1:
957 rcu_read_unlock();
958 return ret;
959}
960
961static const struct sdp_media_type sdp_media_types[] = {
962 SDP_MEDIA_TYPE("audio ", SIP_EXPECT_AUDIO),
963 SDP_MEDIA_TYPE("video ", SIP_EXPECT_VIDEO),
964 SDP_MEDIA_TYPE("image ", SIP_EXPECT_IMAGE),
965};
966
967static const struct sdp_media_type *sdp_media_type(const char *dptr,
968 unsigned int matchoff,
969 unsigned int matchlen)
970{
971 const struct sdp_media_type *t;
972 unsigned int i;
973
974 for (i = 0; i < ARRAY_SIZE(sdp_media_types); i++) {
975 t = &sdp_media_types[i];
976 if (matchlen < t->len ||
977 strncmp(dptr + matchoff, t->name, t->len))
978 continue;
979 return t;
980 }
981 return NULL;
982}
983
984static int process_sdp(struct sk_buff *skb, unsigned int protoff,
985 unsigned int dataoff,
986 const char **dptr, unsigned int *datalen,
987 unsigned int cseq)
988{
989 enum ip_conntrack_info ctinfo;
990 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
991 unsigned int matchoff, matchlen;
992 unsigned int mediaoff, medialen;
993 unsigned int sdpoff;
994 unsigned int caddr_len, maddr_len;
995 unsigned int i;
996 union nf_inet_addr caddr, maddr, rtp_addr;
997 const struct nf_nat_sip_hooks *hooks;
998 unsigned int port;
999 const struct sdp_media_type *t;
1000 int ret = NF_ACCEPT;
1001
1002 hooks = rcu_dereference(nf_nat_sip_hooks);
1003
1004
1005 if (ct_sip_get_sdp_header(ct, *dptr, 0, *datalen,
1006 SDP_HDR_VERSION, SDP_HDR_UNSPEC,
1007 &matchoff, &matchlen) <= 0)
1008 return NF_ACCEPT;
1009 sdpoff = matchoff;
1010
1011
1012
1013
1014 caddr_len = 0;
1015 if (ct_sip_parse_sdp_addr(ct, *dptr, sdpoff, *datalen,
1016 SDP_HDR_CONNECTION, SDP_HDR_MEDIA,
1017 &matchoff, &matchlen, &caddr) > 0)
1018 caddr_len = matchlen;
1019
1020 mediaoff = sdpoff;
1021 for (i = 0; i < ARRAY_SIZE(sdp_media_types); ) {
1022 if (ct_sip_get_sdp_header(ct, *dptr, mediaoff, *datalen,
1023 SDP_HDR_MEDIA, SDP_HDR_UNSPEC,
1024 &mediaoff, &medialen) <= 0)
1025 break;
1026
1027
1028
1029 t = sdp_media_type(*dptr, mediaoff, medialen);
1030 if (!t) {
1031 mediaoff += medialen;
1032 continue;
1033 }
1034 mediaoff += t->len;
1035 medialen -= t->len;
1036
1037 port = simple_strtoul(*dptr + mediaoff, NULL, 10);
1038 if (port == 0)
1039 continue;
1040 if (port < 1024 || port > 65535) {
1041 nf_ct_helper_log(skb, ct, "wrong port %u", port);
1042 return NF_DROP;
1043 }
1044
1045
1046 maddr_len = 0;
1047 if (ct_sip_parse_sdp_addr(ct, *dptr, mediaoff, *datalen,
1048 SDP_HDR_CONNECTION, SDP_HDR_MEDIA,
1049 &matchoff, &matchlen, &maddr) > 0) {
1050 maddr_len = matchlen;
1051 memcpy(&rtp_addr, &maddr, sizeof(rtp_addr));
1052 } else if (caddr_len)
1053 memcpy(&rtp_addr, &caddr, sizeof(rtp_addr));
1054 else {
1055 nf_ct_helper_log(skb, ct, "cannot parse SDP message");
1056 return NF_DROP;
1057 }
1058
1059 ret = set_expected_rtp_rtcp(skb, protoff, dataoff,
1060 dptr, datalen,
1061 &rtp_addr, htons(port), t->class,
1062 mediaoff, medialen);
1063 if (ret != NF_ACCEPT) {
1064 nf_ct_helper_log(skb, ct,
1065 "cannot add expectation for voice");
1066 return ret;
1067 }
1068
1069
1070 if (maddr_len && hooks && ct->status & IPS_NAT_MASK) {
1071 ret = hooks->sdp_addr(skb, protoff, dataoff,
1072 dptr, datalen, mediaoff,
1073 SDP_HDR_CONNECTION,
1074 SDP_HDR_MEDIA,
1075 &rtp_addr);
1076 if (ret != NF_ACCEPT) {
1077 nf_ct_helper_log(skb, ct, "cannot mangle SDP");
1078 return ret;
1079 }
1080 }
1081 i++;
1082 }
1083
1084
1085 hooks = rcu_dereference(nf_nat_sip_hooks);
1086 if (hooks && ct->status & IPS_NAT_MASK)
1087 ret = hooks->sdp_session(skb, protoff, dataoff,
1088 dptr, datalen, sdpoff,
1089 &rtp_addr);
1090
1091 return ret;
1092}
1093static int process_invite_response(struct sk_buff *skb, unsigned int protoff,
1094 unsigned int dataoff,
1095 const char **dptr, unsigned int *datalen,
1096 unsigned int cseq, unsigned int code)
1097{
1098 enum ip_conntrack_info ctinfo;
1099 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1100 struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
1101
1102 if ((code >= 100 && code <= 199) ||
1103 (code >= 200 && code <= 299))
1104 return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1105 else if (ct_sip_info->invite_cseq == cseq)
1106 flush_expectations(ct, true);
1107 return NF_ACCEPT;
1108}
1109
1110static int process_update_response(struct sk_buff *skb, unsigned int protoff,
1111 unsigned int dataoff,
1112 const char **dptr, unsigned int *datalen,
1113 unsigned int cseq, unsigned int code)
1114{
1115 enum ip_conntrack_info ctinfo;
1116 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1117 struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
1118
1119 if ((code >= 100 && code <= 199) ||
1120 (code >= 200 && code <= 299))
1121 return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1122 else if (ct_sip_info->invite_cseq == cseq)
1123 flush_expectations(ct, true);
1124 return NF_ACCEPT;
1125}
1126
1127static int process_prack_response(struct sk_buff *skb, unsigned int protoff,
1128 unsigned int dataoff,
1129 const char **dptr, unsigned int *datalen,
1130 unsigned int cseq, unsigned int code)
1131{
1132 enum ip_conntrack_info ctinfo;
1133 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1134 struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
1135
1136 if ((code >= 100 && code <= 199) ||
1137 (code >= 200 && code <= 299))
1138 return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1139 else if (ct_sip_info->invite_cseq == cseq)
1140 flush_expectations(ct, true);
1141 return NF_ACCEPT;
1142}
1143
1144static int process_invite_request(struct sk_buff *skb, unsigned int protoff,
1145 unsigned int dataoff,
1146 const char **dptr, unsigned int *datalen,
1147 unsigned int cseq)
1148{
1149 enum ip_conntrack_info ctinfo;
1150 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1151 struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
1152 unsigned int ret;
1153
1154 flush_expectations(ct, true);
1155 ret = process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1156 if (ret == NF_ACCEPT)
1157 ct_sip_info->invite_cseq = cseq;
1158 return ret;
1159}
1160
1161static int process_bye_request(struct sk_buff *skb, unsigned int protoff,
1162 unsigned int dataoff,
1163 const char **dptr, unsigned int *datalen,
1164 unsigned int cseq)
1165{
1166 enum ip_conntrack_info ctinfo;
1167 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1168
1169 flush_expectations(ct, true);
1170 return NF_ACCEPT;
1171}
1172
1173
1174
1175
1176
1177static int process_register_request(struct sk_buff *skb, unsigned int protoff,
1178 unsigned int dataoff,
1179 const char **dptr, unsigned int *datalen,
1180 unsigned int cseq)
1181{
1182 enum ip_conntrack_info ctinfo;
1183 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1184 struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
1185 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
1186 unsigned int matchoff, matchlen;
1187 struct nf_conntrack_expect *exp;
1188 union nf_inet_addr *saddr, daddr;
1189 const struct nf_nat_sip_hooks *hooks;
1190 __be16 port;
1191 u8 proto;
1192 unsigned int expires = 0;
1193 int ret;
1194
1195
1196 if (ct->status & IPS_EXPECTED)
1197 return NF_ACCEPT;
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207 if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_EXPIRES,
1208 &matchoff, &matchlen) > 0)
1209 expires = simple_strtoul(*dptr + matchoff, NULL, 10);
1210
1211 ret = ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen,
1212 SIP_HDR_CONTACT, NULL,
1213 &matchoff, &matchlen, &daddr, &port);
1214 if (ret < 0) {
1215 nf_ct_helper_log(skb, ct, "cannot parse contact");
1216 return NF_DROP;
1217 } else if (ret == 0)
1218 return NF_ACCEPT;
1219
1220
1221 if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3, &daddr))
1222 return NF_ACCEPT;
1223
1224 if (ct_sip_parse_transport(ct, *dptr, matchoff + matchlen, *datalen,
1225 &proto) == 0)
1226 return NF_ACCEPT;
1227
1228 if (ct_sip_parse_numerical_param(ct, *dptr,
1229 matchoff + matchlen, *datalen,
1230 "expires=", NULL, NULL, &expires) < 0) {
1231 nf_ct_helper_log(skb, ct, "cannot parse expires");
1232 return NF_DROP;
1233 }
1234
1235 if (expires == 0) {
1236 ret = NF_ACCEPT;
1237 goto store_cseq;
1238 }
1239
1240 exp = nf_ct_expect_alloc(ct);
1241 if (!exp) {
1242 nf_ct_helper_log(skb, ct, "cannot alloc expectation");
1243 return NF_DROP;
1244 }
1245
1246 saddr = NULL;
1247 if (sip_direct_signalling)
1248 saddr = &ct->tuplehash[!dir].tuple.src.u3;
1249
1250 nf_ct_expect_init(exp, SIP_EXPECT_SIGNALLING, nf_ct_l3num(ct),
1251 saddr, &daddr, proto, NULL, &port);
1252 exp->timeout.expires = sip_timeout * HZ;
1253 exp->helper = nfct_help(ct)->helper;
1254 exp->flags = NF_CT_EXPECT_PERMANENT | NF_CT_EXPECT_INACTIVE;
1255
1256 hooks = rcu_dereference(nf_nat_sip_hooks);
1257 if (hooks && ct->status & IPS_NAT_MASK)
1258 ret = hooks->expect(skb, protoff, dataoff, dptr, datalen,
1259 exp, matchoff, matchlen);
1260 else {
1261 if (nf_ct_expect_related(exp) != 0) {
1262 nf_ct_helper_log(skb, ct, "cannot add expectation");
1263 ret = NF_DROP;
1264 } else
1265 ret = NF_ACCEPT;
1266 }
1267 nf_ct_expect_put(exp);
1268
1269store_cseq:
1270 if (ret == NF_ACCEPT)
1271 ct_sip_info->register_cseq = cseq;
1272 return ret;
1273}
1274
1275static int process_register_response(struct sk_buff *skb, unsigned int protoff,
1276 unsigned int dataoff,
1277 const char **dptr, unsigned int *datalen,
1278 unsigned int cseq, unsigned int code)
1279{
1280 enum ip_conntrack_info ctinfo;
1281 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1282 struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
1283 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
1284 union nf_inet_addr addr;
1285 __be16 port;
1286 u8 proto;
1287 unsigned int matchoff, matchlen, coff = 0;
1288 unsigned int expires = 0;
1289 int in_contact = 0, ret;
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299 if (ct_sip_info->register_cseq != cseq)
1300 return NF_ACCEPT;
1301
1302 if (code >= 100 && code <= 199)
1303 return NF_ACCEPT;
1304 if (code < 200 || code > 299)
1305 goto flush;
1306
1307 if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_EXPIRES,
1308 &matchoff, &matchlen) > 0)
1309 expires = simple_strtoul(*dptr + matchoff, NULL, 10);
1310
1311 while (1) {
1312 unsigned int c_expires = expires;
1313
1314 ret = ct_sip_parse_header_uri(ct, *dptr, &coff, *datalen,
1315 SIP_HDR_CONTACT, &in_contact,
1316 &matchoff, &matchlen,
1317 &addr, &port);
1318 if (ret < 0) {
1319 nf_ct_helper_log(skb, ct, "cannot parse contact");
1320 return NF_DROP;
1321 } else if (ret == 0)
1322 break;
1323
1324
1325 if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.dst.u3, &addr))
1326 continue;
1327
1328 if (ct_sip_parse_transport(ct, *dptr, matchoff + matchlen,
1329 *datalen, &proto) == 0)
1330 continue;
1331
1332 ret = ct_sip_parse_numerical_param(ct, *dptr,
1333 matchoff + matchlen,
1334 *datalen, "expires=",
1335 NULL, NULL, &c_expires);
1336 if (ret < 0) {
1337 nf_ct_helper_log(skb, ct, "cannot parse expires");
1338 return NF_DROP;
1339 }
1340 if (c_expires == 0)
1341 break;
1342 if (refresh_signalling_expectation(ct, &addr, proto, port,
1343 c_expires))
1344 return NF_ACCEPT;
1345 }
1346
1347flush:
1348 flush_expectations(ct, false);
1349 return NF_ACCEPT;
1350}
1351
1352static const struct sip_handler sip_handlers[] = {
1353 SIP_HANDLER("INVITE", process_invite_request, process_invite_response),
1354 SIP_HANDLER("UPDATE", process_sdp, process_update_response),
1355 SIP_HANDLER("ACK", process_sdp, NULL),
1356 SIP_HANDLER("PRACK", process_sdp, process_prack_response),
1357 SIP_HANDLER("BYE", process_bye_request, NULL),
1358 SIP_HANDLER("REGISTER", process_register_request, process_register_response),
1359};
1360
1361static int process_sip_response(struct sk_buff *skb, unsigned int protoff,
1362 unsigned int dataoff,
1363 const char **dptr, unsigned int *datalen)
1364{
1365 enum ip_conntrack_info ctinfo;
1366 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1367 unsigned int matchoff, matchlen, matchend;
1368 unsigned int code, cseq, i;
1369
1370 if (*datalen < strlen("SIP/2.0 200"))
1371 return NF_ACCEPT;
1372 code = simple_strtoul(*dptr + strlen("SIP/2.0 "), NULL, 10);
1373 if (!code) {
1374 nf_ct_helper_log(skb, ct, "cannot get code");
1375 return NF_DROP;
1376 }
1377
1378 if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_CSEQ,
1379 &matchoff, &matchlen) <= 0) {
1380 nf_ct_helper_log(skb, ct, "cannot parse cseq");
1381 return NF_DROP;
1382 }
1383 cseq = simple_strtoul(*dptr + matchoff, NULL, 10);
1384 if (!cseq) {
1385 nf_ct_helper_log(skb, ct, "cannot get cseq");
1386 return NF_DROP;
1387 }
1388 matchend = matchoff + matchlen + 1;
1389
1390 for (i = 0; i < ARRAY_SIZE(sip_handlers); i++) {
1391 const struct sip_handler *handler;
1392
1393 handler = &sip_handlers[i];
1394 if (handler->response == NULL)
1395 continue;
1396 if (*datalen < matchend + handler->len ||
1397 strncasecmp(*dptr + matchend, handler->method, handler->len))
1398 continue;
1399 return handler->response(skb, protoff, dataoff, dptr, datalen,
1400 cseq, code);
1401 }
1402 return NF_ACCEPT;
1403}
1404
1405static int process_sip_request(struct sk_buff *skb, unsigned int protoff,
1406 unsigned int dataoff,
1407 const char **dptr, unsigned int *datalen)
1408{
1409 enum ip_conntrack_info ctinfo;
1410 struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1411 struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
1412 enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
1413 unsigned int matchoff, matchlen;
1414 unsigned int cseq, i;
1415 union nf_inet_addr addr;
1416 __be16 port;
1417
1418
1419
1420
1421
1422
1423
1424 if (ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen,
1425 SIP_HDR_VIA_UDP, NULL, &matchoff,
1426 &matchlen, &addr, &port) > 0 &&
1427 port != ct->tuplehash[dir].tuple.src.u.udp.port &&
1428 nf_inet_addr_cmp(&addr, &ct->tuplehash[dir].tuple.src.u3))
1429 ct_sip_info->forced_dport = port;
1430
1431 for (i = 0; i < ARRAY_SIZE(sip_handlers); i++) {
1432 const struct sip_handler *handler;
1433
1434 handler = &sip_handlers[i];
1435 if (handler->request == NULL)
1436 continue;
1437 if (*datalen < handler->len ||
1438 strncasecmp(*dptr, handler->method, handler->len))
1439 continue;
1440
1441 if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_CSEQ,
1442 &matchoff, &matchlen) <= 0) {
1443 nf_ct_helper_log(skb, ct, "cannot parse cseq");
1444 return NF_DROP;
1445 }
1446 cseq = simple_strtoul(*dptr + matchoff, NULL, 10);
1447 if (!cseq) {
1448 nf_ct_helper_log(skb, ct, "cannot get cseq");
1449 return NF_DROP;
1450 }
1451
1452 return handler->request(skb, protoff, dataoff, dptr, datalen,
1453 cseq);
1454 }
1455 return NF_ACCEPT;
1456}
1457
1458static int process_sip_msg(struct sk_buff *skb, struct nf_conn *ct,
1459 unsigned int protoff, unsigned int dataoff,
1460 const char **dptr, unsigned int *datalen)
1461{
1462 const struct nf_nat_sip_hooks *hooks;
1463 int ret;
1464
1465 if (strncasecmp(*dptr, "SIP/2.0 ", strlen("SIP/2.0 ")) != 0)
1466 ret = process_sip_request(skb, protoff, dataoff, dptr, datalen);
1467 else
1468 ret = process_sip_response(skb, protoff, dataoff, dptr, datalen);
1469
1470 if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) {
1471 hooks = rcu_dereference(nf_nat_sip_hooks);
1472 if (hooks && !hooks->msg(skb, protoff, dataoff,
1473 dptr, datalen)) {
1474 nf_ct_helper_log(skb, ct, "cannot NAT SIP message");
1475 ret = NF_DROP;
1476 }
1477 }
1478
1479 return ret;
1480}
1481
1482static int sip_help_tcp(struct sk_buff *skb, unsigned int protoff,
1483 struct nf_conn *ct, enum ip_conntrack_info ctinfo)
1484{
1485 struct tcphdr *th, _tcph;
1486 unsigned int dataoff, datalen;
1487 unsigned int matchoff, matchlen, clen;
1488 unsigned int msglen, origlen;
1489 const char *dptr, *end;
1490 s16 diff, tdiff = 0;
1491 int ret = NF_ACCEPT;
1492 bool term;
1493
1494 if (ctinfo != IP_CT_ESTABLISHED &&
1495 ctinfo != IP_CT_ESTABLISHED_REPLY)
1496 return NF_ACCEPT;
1497
1498
1499 th = skb_header_pointer(skb, protoff, sizeof(_tcph), &_tcph);
1500 if (th == NULL)
1501 return NF_ACCEPT;
1502 dataoff = protoff + th->doff * 4;
1503 if (dataoff >= skb->len)
1504 return NF_ACCEPT;
1505
1506 nf_ct_refresh(ct, skb, sip_timeout * HZ);
1507
1508 if (unlikely(skb_linearize(skb)))
1509 return NF_DROP;
1510
1511 dptr = skb->data + dataoff;
1512 datalen = skb->len - dataoff;
1513 if (datalen < strlen("SIP/2.0 200"))
1514 return NF_ACCEPT;
1515
1516 while (1) {
1517 if (ct_sip_get_header(ct, dptr, 0, datalen,
1518 SIP_HDR_CONTENT_LENGTH,
1519 &matchoff, &matchlen) <= 0)
1520 break;
1521
1522 clen = simple_strtoul(dptr + matchoff, (char **)&end, 10);
1523 if (dptr + matchoff == end)
1524 break;
1525
1526 term = false;
1527 for (; end + strlen("\r\n\r\n") <= dptr + datalen; end++) {
1528 if (end[0] == '\r' && end[1] == '\n' &&
1529 end[2] == '\r' && end[3] == '\n') {
1530 term = true;
1531 break;
1532 }
1533 }
1534 if (!term)
1535 break;
1536 end += strlen("\r\n\r\n") + clen;
1537
1538 msglen = origlen = end - dptr;
1539 if (msglen > datalen)
1540 return NF_ACCEPT;
1541
1542 ret = process_sip_msg(skb, ct, protoff, dataoff,
1543 &dptr, &msglen);
1544
1545 if (ret != NF_ACCEPT)
1546 break;
1547 diff = msglen - origlen;
1548 tdiff += diff;
1549
1550 dataoff += msglen;
1551 dptr += msglen;
1552 datalen = datalen + diff - msglen;
1553 }
1554
1555 if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) {
1556 const struct nf_nat_sip_hooks *hooks;
1557
1558 hooks = rcu_dereference(nf_nat_sip_hooks);
1559 if (hooks)
1560 hooks->seq_adjust(skb, protoff, tdiff);
1561 }
1562
1563 return ret;
1564}
1565
1566static int sip_help_udp(struct sk_buff *skb, unsigned int protoff,
1567 struct nf_conn *ct, enum ip_conntrack_info ctinfo)
1568{
1569 unsigned int dataoff, datalen;
1570 const char *dptr;
1571
1572
1573 dataoff = protoff + sizeof(struct udphdr);
1574 if (dataoff >= skb->len)
1575 return NF_ACCEPT;
1576
1577 nf_ct_refresh(ct, skb, sip_timeout * HZ);
1578
1579 if (unlikely(skb_linearize(skb)))
1580 return NF_DROP;
1581
1582 dptr = skb->data + dataoff;
1583 datalen = skb->len - dataoff;
1584 if (datalen < strlen("SIP/2.0 200"))
1585 return NF_ACCEPT;
1586
1587 return process_sip_msg(skb, ct, protoff, dataoff, &dptr, &datalen);
1588}
1589
1590static struct nf_conntrack_helper sip[MAX_PORTS][4] __read_mostly;
1591
1592static const struct nf_conntrack_expect_policy sip_exp_policy[SIP_EXPECT_MAX + 1] = {
1593 [SIP_EXPECT_SIGNALLING] = {
1594 .name = "signalling",
1595 .max_expected = 1,
1596 .timeout = 3 * 60,
1597 },
1598 [SIP_EXPECT_AUDIO] = {
1599 .name = "audio",
1600 .max_expected = 2 * IP_CT_DIR_MAX,
1601 .timeout = 3 * 60,
1602 },
1603 [SIP_EXPECT_VIDEO] = {
1604 .name = "video",
1605 .max_expected = 2 * IP_CT_DIR_MAX,
1606 .timeout = 3 * 60,
1607 },
1608 [SIP_EXPECT_IMAGE] = {
1609 .name = "image",
1610 .max_expected = IP_CT_DIR_MAX,
1611 .timeout = 3 * 60,
1612 },
1613};
1614
1615static void nf_conntrack_sip_fini(void)
1616{
1617 int i, j;
1618
1619 for (i = 0; i < ports_c; i++) {
1620 for (j = 0; j < ARRAY_SIZE(sip[i]); j++) {
1621 if (sip[i][j].me == NULL)
1622 continue;
1623 nf_conntrack_helper_unregister(&sip[i][j]);
1624 }
1625 }
1626}
1627
1628static int __init nf_conntrack_sip_init(void)
1629{
1630 int i, j, ret;
1631
1632 if (ports_c == 0)
1633 ports[ports_c++] = SIP_PORT;
1634
1635 for (i = 0; i < ports_c; i++) {
1636 memset(&sip[i], 0, sizeof(sip[i]));
1637
1638 sip[i][0].tuple.src.l3num = AF_INET;
1639 sip[i][0].tuple.dst.protonum = IPPROTO_UDP;
1640 sip[i][0].help = sip_help_udp;
1641 sip[i][1].tuple.src.l3num = AF_INET;
1642 sip[i][1].tuple.dst.protonum = IPPROTO_TCP;
1643 sip[i][1].help = sip_help_tcp;
1644
1645 sip[i][2].tuple.src.l3num = AF_INET6;
1646 sip[i][2].tuple.dst.protonum = IPPROTO_UDP;
1647 sip[i][2].help = sip_help_udp;
1648 sip[i][3].tuple.src.l3num = AF_INET6;
1649 sip[i][3].tuple.dst.protonum = IPPROTO_TCP;
1650 sip[i][3].help = sip_help_tcp;
1651
1652 for (j = 0; j < ARRAY_SIZE(sip[i]); j++) {
1653 sip[i][j].data_len = sizeof(struct nf_ct_sip_master);
1654 sip[i][j].tuple.src.u.udp.port = htons(ports[i]);
1655 sip[i][j].expect_policy = sip_exp_policy;
1656 sip[i][j].expect_class_max = SIP_EXPECT_MAX;
1657 sip[i][j].me = THIS_MODULE;
1658
1659 if (ports[i] == SIP_PORT)
1660 sprintf(sip[i][j].name, "sip");
1661 else
1662 sprintf(sip[i][j].name, "sip-%u", i);
1663
1664 pr_debug("port #%u: %u\n", i, ports[i]);
1665
1666 ret = nf_conntrack_helper_register(&sip[i][j]);
1667 if (ret) {
1668 printk(KERN_ERR "nf_ct_sip: failed to register"
1669 " helper for pf: %u port: %u\n",
1670 sip[i][j].tuple.src.l3num, ports[i]);
1671 nf_conntrack_sip_fini();
1672 return ret;
1673 }
1674 }
1675 }
1676 return 0;
1677}
1678
1679module_init(nf_conntrack_sip_init);
1680module_exit(nf_conntrack_sip_fini);
1681
