Browse code

updated udp_mtu handling code - fixes SER-433

- call apply lumps with the original send_info, so the lumps are generated the same way their length was calculated, so there is no buffer overflow.
- this has also the expected and wanted side-effect that the record route is done as the outgoing path would be UDP (do not insert double record-route header)

Michal Matyska authored on 19/01/2009 15:47:25
Showing 1 changed files
... ...
@@ -1498,7 +1498,7 @@ char * build_req_buf_from_sip_req( struct sip_msg* msg,
1498 1498
 	str branch;
1499 1499
 	unsigned int flags;
1500 1500
 	unsigned int udp_mtu;
1501
-	struct socket_info* ss;
1501
+	struct dest_info di;
1502 1502
 
1503 1503
 	via_insert_param=0;
1504 1504
 	uri_len=0;
... ...
@@ -1610,18 +1610,21 @@ char * build_req_buf_from_sip_req( struct sip_msg* msg,
1610 1610
 	LOG(L_ERR, "DEBUG: new_len(%d)=len(%d)+lumps_len\n", new_len, len);
1611 1611
 #endif
1612 1612
 	udp_mtu=cfg_get(core, core_cfg, udp_mtu);
1613
+	di.proto=PROTO_NONE;
1613 1614
 	if (unlikely((send_info->proto==PROTO_UDP) && udp_mtu && 
1614 1615
 					(flags & FL_MTU_FB_MASK) && (new_len>udp_mtu))){
1615
-		ss=0;
1616
+
1617
+		di=*send_info; /* copy whole struct - will be used in the Via builder */
1618
+		di.proto=PROTO_NONE; /* except the proto */
1616 1619
 #ifdef USE_TCP
1617 1620
 		if (!tcp_disable && (flags & FL_MTU_TCP_FB) &&
1618
-				(ss=get_send_socket(msg, &send_info->to, PROTO_TCP))){
1619
-			send_info->proto=PROTO_TCP;
1621
+				(di.send_sock=get_send_socket(msg, &send_info->to, PROTO_TCP))){
1622
+			di.proto=PROTO_TCP;
1620 1623
 		}
1621 1624
 	#ifdef USE_TLS
1622 1625
 		else if (!tls_disable && (flags & FL_MTU_TLS_FB) &&
1623
-				(ss=get_send_socket(msg, &send_info->to, PROTO_TLS))){
1624
-			send_info->proto=PROTO_TLS;
1626
+				(di.send_sock=get_send_socket(msg, &send_info->to, PROTO_TLS))){
1627
+			di.proto=PROTO_TLS;
1625 1628
 		}
1626 1629
 	#endif /* USE_TLS */
1627 1630
 #endif /* USE_TCP */
... ...
@@ -1630,16 +1633,15 @@ char * build_req_buf_from_sip_req( struct sip_msg* msg,
1630 1630
 		else
1631 1631
 	#endif /* USE_TCP */
1632 1632
 		 if (!sctp_disable && (flags & FL_MTU_SCTP_FB) &&
1633
-				(ss=get_send_socket(msg, &send_info->to, PROTO_SCTP))){
1634
-			send_info->proto=PROTO_SCTP;
1633
+				(di.send_sock=get_send_socket(msg, &send_info->to, PROTO_SCTP))){
1634
+			di.proto=PROTO_SCTP;
1635 1635
 		 }
1636 1636
 #endif /* USE_SCTP */
1637 1637
 		
1638
-		if (ss){
1639
-			send_info->send_sock=ss;
1638
+		if (di.proto!=PROTO_NONE){
1640 1639
 			new_len-=via_len;
1641 1640
 			pkg_free(line_buf);
1642
-			line_buf = create_via_hf( &via_len, msg, send_info, &branch);
1641
+			line_buf = create_via_hf( &via_len, msg, &di, &branch);
1643 1642
 			if (!line_buf){
1644 1643
 				LOG(L_ERR,"ERROR: build_req_buf_from_sip_req: "
1645 1644
 							"memory allocation failure!\n");
... ...
@@ -1688,6 +1690,12 @@ char * build_req_buf_from_sip_req( struct sip_msg* msg,
1688 1688
 	memcpy(new_buf+offset, buf+s_offset, len-s_offset);
1689 1689
 	new_buf[new_len]=0;
1690 1690
 
1691
+	/* update the send_info if udp_mtu affected */
1692
+	if (di.proto!=PROTO_NONE) { 
1693
+		send_info->proto=di.proto;
1694
+		send_info->send_sock=di.send_sock;
1695
+	}
1696
+
1691 1697
 #ifdef DBG_MSG_QA
1692 1698
 	if (new_buf[new_len-1]==0) {
1693 1699
 		LOG(L_ERR, "ERROR: build_req_buf_from_sip_req: 0 in the end\n");