[Freeswitch-svn] [commit] r8387 - freeswitch/trunk/src/mod/endpoints/mod_sofia

[Freeswitch SVN]

Author: anthm
Date: Tue May 13 16:58:38 2008
New Revision: 8387

Modified:
   freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c

Log:
when you have both auth-calls and inbound-acl at the same time passing acl lets you in with no challenge and failing gives you auth challenge

Modified: freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c
==============================================================================
--- freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c	(original)
+++ freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c	Tue May 13 16:58:38 2008
@@ -2655,11 +2655,24 @@
 
 	if (profile->acl_count) {
 		uint32_t x = 0;
+		int ok = 1;
+		char *last_acl = NULL;
+
 		for (x = 0 ; x < profile->acl_count; x++) {
-			if (!switch_check_network_list_ip(network_ip, profile->acl[x])) {
-				switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_WARNING, "IP %s Rejected by acl %s\n", network_ip,  profile->acl[x]);
+			last_acl = profile->acl[x];
+			if (!(ok = switch_check_network_list_ip(network_ip, last_acl))) {
+				break;
+			}
+		}
+
+		if (!ok) {
+			if (!(profile->pflags & PFLAG_AUTH_CALLS)) {
+				switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_WARNING, "IP %s Rejected by acl %s\n", network_ip, switch_str_nil(last_acl));
 				nua_respond(nh, SIP_403_FORBIDDEN, TAG_END());
 				return;
+			} else {
+				switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "IP %s Rejected by acl %s. Falling back to Digest auth.\n", 
+								  network_ip, switch_str_nil(last_acl));
 			}
 		}
 	}