net/netfilter/nf_conntrack_sip.c

d2912cb1SThomas Gleixner// SPDX-License-Identifier: GPL-2.0-only
9fafcd7bSPatrick McHardy/* SIP extension for IP connection tracking.
9fafcd7bSPatrick McHardy *
9fafcd7bSPatrick McHardy * (C) 2005 by Christian Hentschel <chentschel@arnet.com.ar>
9fafcd7bSPatrick McHardy * based on RR's ip_conntrack_ftp.c and other modules.
f49e1aa1SPatrick McHardy * (C) 2007 United Security Providers
f49e1aa1SPatrick McHardy * (C) 2007, 2008 Patrick McHardy <kaber@trash.net>
9fafcd7bSPatrick McHardy */
9fafcd7bSPatrick McHardy
ad6d9503SPablo Neira Ayuso#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
ad6d9503SPablo Neira Ayuso
9fafcd7bSPatrick McHardy#include <linux/module.h>
9fafcd7bSPatrick McHardy#include <linux/ctype.h>
9fafcd7bSPatrick McHardy#include <linux/skbuff.h>
9fafcd7bSPatrick McHardy#include <linux/inet.h>
9fafcd7bSPatrick McHardy#include <linux/in.h>
9fafcd7bSPatrick McHardy#include <linux/udp.h>
f5b321bdSPatrick McHardy#include <linux/tcp.h>
1863f096SYasuyuki Kozakai#include <linux/netfilter.h>
29b0b5d5SAlin Nastac#include <linux/netfilter_ipv4.h>
29b0b5d5SAlin Nastac#include <linux/netfilter_ipv6.h>
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy#include <net/netfilter/nf_conntrack.h>
9467ee38SPatrick McHardy#include <net/netfilter/nf_conntrack_core.h>
9fafcd7bSPatrick McHardy#include <net/netfilter/nf_conntrack_expect.h>
9fafcd7bSPatrick McHardy#include <net/netfilter/nf_conntrack_helper.h>
5d0aa2ccSPatrick McHardy#include <net/netfilter/nf_conntrack_zones.h>
9fafcd7bSPatrick McHardy#include <linux/netfilter/nf_conntrack_sip.h>
9fafcd7bSPatrick McHardy
08010a21SFlavio Leitner#define HELPER_NAME "sip"
08010a21SFlavio Leitner
9fafcd7bSPatrick McHardyMODULE_LICENSE("GPL");
9fafcd7bSPatrick McHardyMODULE_AUTHOR("Christian Hentschel <chentschel@arnet.com.ar>");
9fafcd7bSPatrick McHardyMODULE_DESCRIPTION("SIP connection tracking helper");
9fafcd7bSPatrick McHardyMODULE_ALIAS("ip_conntrack_sip");
08010a21SFlavio LeitnerMODULE_ALIAS_NFCT_HELPER(HELPER_NAME);
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy#define MAX_PORTS	8
9fafcd7bSPatrick McHardystatic unsigned short ports[MAX_PORTS];
2f0d2f10SStephen Hemmingerstatic unsigned int ports_c;
9fafcd7bSPatrick McHardymodule_param_array(ports, ushort, &ports_c, 0400);
9fafcd7bSPatrick McHardyMODULE_PARM_DESC(ports, "port numbers of SIP servers");
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardystatic unsigned int sip_timeout __read_mostly = SIP_TIMEOUT;
9fafcd7bSPatrick McHardymodule_param(sip_timeout, uint, 0600);
9fafcd7bSPatrick McHardyMODULE_PARM_DESC(sip_timeout, "timeout for the master SIP session");
9fafcd7bSPatrick McHardy
0f32a40fSPatrick McHardystatic int sip_direct_signalling __read_mostly = 1;
0f32a40fSPatrick McHardymodule_param(sip_direct_signalling, int, 0600);
0f32a40fSPatrick McHardyMODULE_PARM_DESC(sip_direct_signalling, "expect incoming calls from registrar "
0f32a40fSPatrick McHardy					"only (default 1)");
0f32a40fSPatrick McHardy
d901a936SPatrick McHardystatic int sip_direct_media __read_mostly = 1;
d901a936SPatrick McHardymodule_param(sip_direct_media, int, 0600);
d901a936SPatrick McHardyMODULE_PARM_DESC(sip_direct_media, "Expect Media streams between signalling "
d901a936SPatrick McHardy				   "endpoints only (default 1)");
d901a936SPatrick McHardy
a3419ce3SAlin Nastacstatic int sip_external_media __read_mostly = 0;
a3419ce3SAlin Nastacmodule_param(sip_external_media, int, 0600);
a3419ce3SAlin NastacMODULE_PARM_DESC(sip_external_media, "Expect Media streams between external "
a3419ce3SAlin Nastac				     "endpoints (default 0)");
a3419ce3SAlin Nastac
6976890eSFlorian Westphalconst struct nf_nat_sip_hooks __rcu *nf_nat_sip_hooks;
180cf72fSholger@eitzenberger.orgEXPORT_SYMBOL_GPL(nf_nat_sip_hooks);
9fafcd7bSPatrick McHardy
ac367740SPatrick McHardystatic int string_len(const struct nf_conn *ct, const char *dptr,
ac367740SPatrick McHardy		      const char *limit, int *shift)
ac367740SPatrick McHardy{
ac367740SPatrick McHardy	int len = 0;
ac367740SPatrick McHardy
ac367740SPatrick McHardy	while (dptr < limit && isalpha(*dptr)) {
ac367740SPatrick McHardy		dptr++;
ac367740SPatrick McHardy		len++;
ac367740SPatrick McHardy	}
ac367740SPatrick McHardy	return len;
ac367740SPatrick McHardy}
ac367740SPatrick McHardy
13f7d63cSJan Engelhardtstatic int digits_len(const struct nf_conn *ct, const char *dptr,
9fafcd7bSPatrick McHardy		      const char *limit, int *shift)
9fafcd7bSPatrick McHardy{
9fafcd7bSPatrick McHardy	int len = 0;
b1ec488bSPatrick McHardy	while (dptr < limit && isdigit(*dptr)) {
9fafcd7bSPatrick McHardy		dptr++;
9fafcd7bSPatrick McHardy		len++;
9fafcd7bSPatrick McHardy	}
9fafcd7bSPatrick McHardy	return len;
9fafcd7bSPatrick McHardy}
9fafcd7bSPatrick McHardy
001985b2SSimon Hormanstatic int iswordc(const char c)
001985b2SSimon Horman{
001985b2SSimon Horman	if (isalnum(c) || c == '!' || c == '"' || c == '%' ||
f0608ceaSMarco Angaroni	    (c >= '(' && c <= '+') || c == ':' || c == '<' || c == '>' ||
001985b2SSimon Horman	    c == '?' || (c >= '[' && c <= ']') || c == '_' || c == '`' ||
f0608ceaSMarco Angaroni	    c == '{' || c == '}' || c == '~' || (c >= '-' && c <= '/') ||
f0608ceaSMarco Angaroni	    c == '\'')
001985b2SSimon Horman		return 1;
001985b2SSimon Horman	return 0;
001985b2SSimon Horman}
001985b2SSimon Horman
001985b2SSimon Hormanstatic int word_len(const char *dptr, const char *limit)
001985b2SSimon Horman{
001985b2SSimon Horman	int len = 0;
001985b2SSimon Horman	while (dptr < limit && iswordc(*dptr)) {
001985b2SSimon Horman		dptr++;
001985b2SSimon Horman		len++;
001985b2SSimon Horman	}
001985b2SSimon Horman	return len;
001985b2SSimon Horman}
001985b2SSimon Horman
001985b2SSimon Hormanstatic int callid_len(const struct nf_conn *ct, const char *dptr,
001985b2SSimon Horman		      const char *limit, int *shift)
001985b2SSimon Horman{
001985b2SSimon Horman	int len, domain_len;
001985b2SSimon Horman
001985b2SSimon Horman	len = word_len(dptr, limit);
001985b2SSimon Horman	dptr += len;
001985b2SSimon Horman	if (!len || dptr == limit || *dptr != '@')
001985b2SSimon Horman		return len;
001985b2SSimon Horman	dptr++;
001985b2SSimon Horman	len++;
001985b2SSimon Horman
001985b2SSimon Horman	domain_len = word_len(dptr, limit);
001985b2SSimon Horman	if (!domain_len)
001985b2SSimon Horman		return 0;
001985b2SSimon Horman	return len + domain_len;
001985b2SSimon Horman}
001985b2SSimon Horman
0d0ab037SPatrick McHardy/* get media type + port length */
0d0ab037SPatrick McHardystatic int media_len(const struct nf_conn *ct, const char *dptr,
0d0ab037SPatrick McHardy		     const char *limit, int *shift)
0d0ab037SPatrick McHardy{
0d0ab037SPatrick McHardy	int len = string_len(ct, dptr, limit, shift);
0d0ab037SPatrick McHardy
0d0ab037SPatrick McHardy	dptr += len;
0d0ab037SPatrick McHardy	if (dptr >= limit || *dptr != ' ')
0d0ab037SPatrick McHardy		return 0;
0d0ab037SPatrick McHardy	len++;
0d0ab037SPatrick McHardy	dptr++;
0d0ab037SPatrick McHardy
0d0ab037SPatrick McHardy	return len + digits_len(ct, dptr, limit, shift);
0d0ab037SPatrick McHardy}
0d0ab037SPatrick McHardy
02b69cbdSPatrick McHardystatic int sip_parse_addr(const struct nf_conn *ct, const char *cp,
13f7d63cSJan Engelhardt			  const char **endp, union nf_inet_addr *addr,
02b69cbdSPatrick McHardy			  const char *limit, bool delim)
9fafcd7bSPatrick McHardy{
9fafcd7bSPatrick McHardy	const char *end;
02b69cbdSPatrick McHardy	int ret;
9fafcd7bSPatrick McHardy
5adbb9fbSSimon Horman	if (!ct)
5adbb9fbSSimon Horman		return 0;
5adbb9fbSSimon Horman
fa913ddfSPatrick McHardy	memset(addr, 0, sizeof(*addr));
5e8fbe2aSPatrick McHardy	switch (nf_ct_l3num(ct)) {
9fafcd7bSPatrick McHardy	case AF_INET:
9fafcd7bSPatrick McHardy		ret = in4_pton(cp, limit - cp, (u8 *)&addr->ip, -1, &end);
02b69cbdSPatrick McHardy		if (ret == 0)
02b69cbdSPatrick McHardy			return 0;
9fafcd7bSPatrick McHardy		break;
9fafcd7bSPatrick McHardy	case AF_INET6:
02b69cbdSPatrick McHardy		if (cp < limit && *cp == '[')
02b69cbdSPatrick McHardy			cp++;
02b69cbdSPatrick McHardy		else if (delim)
02b69cbdSPatrick McHardy			return 0;
02b69cbdSPatrick McHardy
9fafcd7bSPatrick McHardy		ret = in6_pton(cp, limit - cp, (u8 *)&addr->ip6, -1, &end);
02b69cbdSPatrick McHardy		if (ret == 0)
02b69cbdSPatrick McHardy			return 0;
02b69cbdSPatrick McHardy
02b69cbdSPatrick McHardy		if (end < limit && *end == ']')
02b69cbdSPatrick McHardy			end++;
02b69cbdSPatrick McHardy		else if (delim)
02b69cbdSPatrick McHardy			return 0;
9fafcd7bSPatrick McHardy		break;
9fafcd7bSPatrick McHardy	default:
9fafcd7bSPatrick McHardy		BUG();
9fafcd7bSPatrick McHardy	}
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy	if (endp)
9fafcd7bSPatrick McHardy		*endp = end;
9fafcd7bSPatrick McHardy	return 1;
9fafcd7bSPatrick McHardy}
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy/* skip ip address. returns its length. */
13f7d63cSJan Engelhardtstatic int epaddr_len(const struct nf_conn *ct, const char *dptr,
9fafcd7bSPatrick McHardy		      const char *limit, int *shift)
9fafcd7bSPatrick McHardy{
643a2c15SJan Engelhardt	union nf_inet_addr addr;
9fafcd7bSPatrick McHardy	const char *aux = dptr;
9fafcd7bSPatrick McHardy
02b69cbdSPatrick McHardy	if (!sip_parse_addr(ct, dptr, &dptr, &addr, limit, true)) {
0d53778eSPatrick McHardy		pr_debug("ip: %s parse failed.!\n", dptr);
9fafcd7bSPatrick McHardy		return 0;
9fafcd7bSPatrick McHardy	}
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy	/* Port number */
9fafcd7bSPatrick McHardy	if (*dptr == ':') {
9fafcd7bSPatrick McHardy		dptr++;
9fafcd7bSPatrick McHardy		dptr += digits_len(ct, dptr, limit, shift);
9fafcd7bSPatrick McHardy	}
9fafcd7bSPatrick McHardy	return dptr - aux;
9fafcd7bSPatrick McHardy}
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy/* get address length, skiping user info. */
13f7d63cSJan Engelhardtstatic int skp_epaddr_len(const struct nf_conn *ct, const char *dptr,
9fafcd7bSPatrick McHardy			  const char *limit, int *shift)
9fafcd7bSPatrick McHardy{
aa584edaSPatrick McHardy	const char *start = dptr;
9fafcd7bSPatrick McHardy	int s = *shift;
9fafcd7bSPatrick McHardy
7da5bfbbSLars Immisch	/* Search for @, but stop at the end of the line.
7da5bfbbSLars Immisch	 * We are inside a sip: URI, so we don't need to worry about
7da5bfbbSLars Immisch	 * continuation lines. */
b1ec488bSPatrick McHardy	while (dptr < limit &&
7da5bfbbSLars Immisch	       *dptr != '@' && *dptr != '\r' && *dptr != '\n') {
9fafcd7bSPatrick McHardy		(*shift)++;
7da5bfbbSLars Immisch		dptr++;
7da5bfbbSLars Immisch	}
9fafcd7bSPatrick McHardy
b1ec488bSPatrick McHardy	if (dptr < limit && *dptr == '@') {
9fafcd7bSPatrick McHardy		dptr++;
9fafcd7bSPatrick McHardy		(*shift)++;
aa584edaSPatrick McHardy	} else {
aa584edaSPatrick McHardy		dptr = start;
9fafcd7bSPatrick McHardy		*shift = s;
aa584edaSPatrick McHardy	}
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy	return epaddr_len(ct, dptr, limit, shift);
9fafcd7bSPatrick McHardy}
9fafcd7bSPatrick McHardy
ac367740SPatrick McHardy/* Parse a SIP request line of the form:
ac367740SPatrick McHardy *
ac367740SPatrick McHardy * Request-Line = Method SP Request-URI SP SIP-Version CRLF
ac367740SPatrick McHardy *
ac367740SPatrick McHardy * and return the offset and length of the address contained in the Request-URI.
ac367740SPatrick McHardy */
ac367740SPatrick McHardyint ct_sip_parse_request(const struct nf_conn *ct,
ac367740SPatrick McHardy			 const char *dptr, unsigned int datalen,
624f8b7bSPatrick McHardy			 unsigned int *matchoff, unsigned int *matchlen,
624f8b7bSPatrick McHardy			 union nf_inet_addr *addr, __be16 *port)
ac367740SPatrick McHardy{
624f8b7bSPatrick McHardy	const char *start = dptr, *limit = dptr + datalen, *end;
ac367740SPatrick McHardy	unsigned int mlen;
624f8b7bSPatrick McHardy	unsigned int p;
ac367740SPatrick McHardy	int shift = 0;
ac367740SPatrick McHardy
ac367740SPatrick McHardy	/* Skip method and following whitespace */
ac367740SPatrick McHardy	mlen = string_len(ct, dptr, limit, NULL);
ac367740SPatrick McHardy	if (!mlen)
ac367740SPatrick McHardy		return 0;
ac367740SPatrick McHardy	dptr += mlen;
ac367740SPatrick McHardy	if (++dptr >= limit)
ac367740SPatrick McHardy		return 0;
ac367740SPatrick McHardy
ac367740SPatrick McHardy	/* Find SIP URI */
54101f4fSPatrick McHardy	for (; dptr < limit - strlen("sip:"); dptr++) {
ac367740SPatrick McHardy		if (*dptr == '\r' || *dptr == '\n')
ac367740SPatrick McHardy			return -1;
18082746SRasmus Villemoes		if (strncasecmp(dptr, "sip:", strlen("sip:")) == 0) {
54101f4fSPatrick McHardy			dptr += strlen("sip:");
ac367740SPatrick McHardy			break;
ac367740SPatrick McHardy		}
54101f4fSPatrick McHardy	}
624f8b7bSPatrick McHardy	if (!skp_epaddr_len(ct, dptr, limit, &shift))
ac367740SPatrick McHardy		return 0;
624f8b7bSPatrick McHardy	dptr += shift;
624f8b7bSPatrick McHardy
02b69cbdSPatrick McHardy	if (!sip_parse_addr(ct, dptr, &end, addr, limit, true))
624f8b7bSPatrick McHardy		return -1;
624f8b7bSPatrick McHardy	if (end < limit && *end == ':') {
624f8b7bSPatrick McHardy		end++;
624f8b7bSPatrick McHardy		p = simple_strtoul(end, (char **)&end, 10);
624f8b7bSPatrick McHardy		if (p < 1024 || p > 65535)
624f8b7bSPatrick McHardy			return -1;
624f8b7bSPatrick McHardy		*port = htons(p);
624f8b7bSPatrick McHardy	} else
624f8b7bSPatrick McHardy		*port = htons(SIP_PORT);
624f8b7bSPatrick McHardy
624f8b7bSPatrick McHardy	if (end == dptr)
624f8b7bSPatrick McHardy		return 0;
624f8b7bSPatrick McHardy	*matchoff = dptr - start;
624f8b7bSPatrick McHardy	*matchlen = end - dptr;
ac367740SPatrick McHardy	return 1;
ac367740SPatrick McHardy}
ac367740SPatrick McHardyEXPORT_SYMBOL_GPL(ct_sip_parse_request);
ac367740SPatrick McHardy
ea45f12aSPatrick McHardy/* SIP header parsing: SIP headers are located at the beginning of a line, but
ea45f12aSPatrick McHardy * may span several lines, in which case the continuation lines begin with a
ea45f12aSPatrick McHardy * whitespace character. RFC 2543 allows lines to be terminated with CR, LF or
ea45f12aSPatrick McHardy * CRLF, RFC 3261 allows only CRLF, we support both.
ea45f12aSPatrick McHardy *
ea45f12aSPatrick McHardy * Headers are followed by (optionally) whitespace, a colon, again (optionally)
ea45f12aSPatrick McHardy * whitespace and the values. Whitespace in this context means any amount of
ea45f12aSPatrick McHardy * tabs, spaces and continuation lines, which are treated as a single whitespace
ea45f12aSPatrick McHardy * character.
05e3ced2SPatrick McHardy *
3ad2f3fbSDaniel Mack * Some headers may appear multiple times. A comma separated list of values is
05e3ced2SPatrick McHardy * equivalent to multiple headers.
ea45f12aSPatrick McHardy */
ea45f12aSPatrick McHardystatic const struct sip_header ct_sip_hdrs[] = {
30f33e6dSPatrick McHardy	[SIP_HDR_CSEQ]			= SIP_HDR("CSeq", NULL, NULL, digits_len),
ea45f12aSPatrick McHardy	[SIP_HDR_FROM]			= SIP_HDR("From", "f", "sip:", skp_epaddr_len),
ea45f12aSPatrick McHardy	[SIP_HDR_TO]			= SIP_HDR("To", "t", "sip:", skp_epaddr_len),
ea45f12aSPatrick McHardy	[SIP_HDR_CONTACT]		= SIP_HDR("Contact", "m", "sip:", skp_epaddr_len),
f5b321bdSPatrick McHardy	[SIP_HDR_VIA_UDP]		= SIP_HDR("Via", "v", "UDP ", epaddr_len),
f5b321bdSPatrick McHardy	[SIP_HDR_VIA_TCP]		= SIP_HDR("Via", "v", "TCP ", epaddr_len),
0f32a40fSPatrick McHardy	[SIP_HDR_EXPIRES]		= SIP_HDR("Expires", NULL, NULL, digits_len),
ea45f12aSPatrick McHardy	[SIP_HDR_CONTENT_LENGTH]	= SIP_HDR("Content-Length", "l", NULL, digits_len),
001985b2SSimon Horman	[SIP_HDR_CALL_ID]		= SIP_HDR("Call-Id", "i", NULL, callid_len),
ea45f12aSPatrick McHardy};
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardystatic const char *sip_follow_continuation(const char *dptr, const char *limit)
9fafcd7bSPatrick McHardy{
ea45f12aSPatrick McHardy	/* Walk past newline */
ea45f12aSPatrick McHardy	if (++dptr >= limit)
ea45f12aSPatrick McHardy		return NULL;
9fafcd7bSPatrick McHardy
ea45f12aSPatrick McHardy	/* Skip '\n' in CR LF */
ea45f12aSPatrick McHardy	if (*(dptr - 1) == '\r' && *dptr == '\n') {
ea45f12aSPatrick McHardy		if (++dptr >= limit)
ea45f12aSPatrick McHardy			return NULL;
ea45f12aSPatrick McHardy	}
9fafcd7bSPatrick McHardy
ea45f12aSPatrick McHardy	/* Continuation line? */
ea45f12aSPatrick McHardy	if (*dptr != ' ' && *dptr != '\t')
ea45f12aSPatrick McHardy		return NULL;
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy	/* skip leading whitespace */
ea45f12aSPatrick McHardy	for (; dptr < limit; dptr++) {
ea45f12aSPatrick McHardy		if (*dptr != ' ' && *dptr != '\t')
ea45f12aSPatrick McHardy			break;
ea45f12aSPatrick McHardy	}
ea45f12aSPatrick McHardy	return dptr;
ea45f12aSPatrick McHardy}
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardystatic const char *sip_skip_whitespace(const char *dptr, const char *limit)
ea45f12aSPatrick McHardy{
ea45f12aSPatrick McHardy	for (; dptr < limit; dptr++) {
1bcabc81SMarco Angaroni		if (*dptr == ' ' || *dptr == '\t')
ea45f12aSPatrick McHardy			continue;
ea45f12aSPatrick McHardy		if (*dptr != '\r' && *dptr != '\n')
ea45f12aSPatrick McHardy			break;
ea45f12aSPatrick McHardy		dptr = sip_follow_continuation(dptr, limit);
68cb9fe4SMarco Angaroni		break;
ea45f12aSPatrick McHardy	}
ea45f12aSPatrick McHardy	return dptr;
ea45f12aSPatrick McHardy}
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy/* Search within a SIP header value, dealing with continuation lines */
ea45f12aSPatrick McHardystatic const char *ct_sip_header_search(const char *dptr, const char *limit,
ea45f12aSPatrick McHardy					const char *needle, unsigned int len)
ea45f12aSPatrick McHardy{
ea45f12aSPatrick McHardy	for (limit -= len; dptr < limit; dptr++) {
ea45f12aSPatrick McHardy		if (*dptr == '\r' || *dptr == '\n') {
ea45f12aSPatrick McHardy			dptr = sip_follow_continuation(dptr, limit);
ea45f12aSPatrick McHardy			if (dptr == NULL)
ea45f12aSPatrick McHardy				break;
9fafcd7bSPatrick McHardy			continue;
9fafcd7bSPatrick McHardy		}
9fafcd7bSPatrick McHardy
18082746SRasmus Villemoes		if (strncasecmp(dptr, needle, len) == 0)
ea45f12aSPatrick McHardy			return dptr;
ea45f12aSPatrick McHardy	}
ea45f12aSPatrick McHardy	return NULL;
ea45f12aSPatrick McHardy}
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardyint ct_sip_get_header(const struct nf_conn *ct, const char *dptr,
ea45f12aSPatrick McHardy		      unsigned int dataoff, unsigned int datalen,
ea45f12aSPatrick McHardy		      enum sip_header_types type,
ea45f12aSPatrick McHardy		      unsigned int *matchoff, unsigned int *matchlen)
ea45f12aSPatrick McHardy{
ea45f12aSPatrick McHardy	const struct sip_header *hdr = &ct_sip_hdrs[type];
ea45f12aSPatrick McHardy	const char *start = dptr, *limit = dptr + datalen;
ea45f12aSPatrick McHardy	int shift = 0;
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy	for (dptr += dataoff; dptr < limit; dptr++) {
ea45f12aSPatrick McHardy		/* Find beginning of line */
ea45f12aSPatrick McHardy		if (*dptr != '\r' && *dptr != '\n')
ea45f12aSPatrick McHardy			continue;
ea45f12aSPatrick McHardy		if (++dptr >= limit)
ea45f12aSPatrick McHardy			break;
ea45f12aSPatrick McHardy		if (*(dptr - 1) == '\r' && *dptr == '\n') {
ea45f12aSPatrick McHardy			if (++dptr >= limit)
ea45f12aSPatrick McHardy				break;
ea45f12aSPatrick McHardy		}
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy		/* Skip continuation lines */
ea45f12aSPatrick McHardy		if (*dptr == ' ' || *dptr == '\t')
ea45f12aSPatrick McHardy			continue;
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy		/* Find header. Compact headers must be followed by a
ea45f12aSPatrick McHardy		 * non-alphabetic character to avoid mismatches. */
ea45f12aSPatrick McHardy		if (limit - dptr >= hdr->len &&
18082746SRasmus Villemoes		    strncasecmp(dptr, hdr->name, hdr->len) == 0)
ea45f12aSPatrick McHardy			dptr += hdr->len;
ea45f12aSPatrick McHardy		else if (hdr->cname && limit - dptr >= hdr->clen + 1 &&
18082746SRasmus Villemoes			 strncasecmp(dptr, hdr->cname, hdr->clen) == 0 &&
135d0189SPatrick McHardy			 !isalpha(*(dptr + hdr->clen)))
ea45f12aSPatrick McHardy			dptr += hdr->clen;
ea45f12aSPatrick McHardy		else
ea45f12aSPatrick McHardy			continue;
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy		/* Find and skip colon */
ea45f12aSPatrick McHardy		dptr = sip_skip_whitespace(dptr, limit);
ea45f12aSPatrick McHardy		if (dptr == NULL)
ea45f12aSPatrick McHardy			break;
ea45f12aSPatrick McHardy		if (*dptr != ':' || ++dptr >= limit)
ea45f12aSPatrick McHardy			break;
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy		/* Skip whitespace after colon */
ea45f12aSPatrick McHardy		dptr = sip_skip_whitespace(dptr, limit);
ea45f12aSPatrick McHardy		if (dptr == NULL)
ea45f12aSPatrick McHardy			break;
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy		*matchoff = dptr - start;
ea45f12aSPatrick McHardy		if (hdr->search) {
ea45f12aSPatrick McHardy			dptr = ct_sip_header_search(dptr, limit, hdr->search,
ea45f12aSPatrick McHardy						    hdr->slen);
ea45f12aSPatrick McHardy			if (!dptr)
ea45f12aSPatrick McHardy				return -1;
ea45f12aSPatrick McHardy			dptr += hdr->slen;
ea45f12aSPatrick McHardy		}
ea45f12aSPatrick McHardy
ea45f12aSPatrick McHardy		*matchlen = hdr->match_len(ct, dptr, limit, &shift);
9fafcd7bSPatrick McHardy		if (!*matchlen)
9fafcd7bSPatrick McHardy			return -1;
ea45f12aSPatrick McHardy		*matchoff = dptr - start + shift;
9fafcd7bSPatrick McHardy		return 1;
9fafcd7bSPatrick McHardy	}
9fafcd7bSPatrick McHardy	return 0;
9fafcd7bSPatrick McHardy}
ea45f12aSPatrick McHardyEXPORT_SYMBOL_GPL(ct_sip_get_header);
9fafcd7bSPatrick McHardy
3ad2f3fbSDaniel Mack/* Get next header field in a list of comma separated values */
05e3ced2SPatrick McHardystatic int ct_sip_next_header(const struct nf_conn *ct, const char *dptr,
05e3ced2SPatrick McHardy			      unsigned int dataoff, unsigned int datalen,
05e3ced2SPatrick McHardy			      enum sip_header_types type,
05e3ced2SPatrick McHardy			      unsigned int *matchoff, unsigned int *matchlen)
05e3ced2SPatrick McHardy{
05e3ced2SPatrick McHardy	const struct sip_header *hdr = &ct_sip_hdrs[type];
05e3ced2SPatrick McHardy	const char *start = dptr, *limit = dptr + datalen;
05e3ced2SPatrick McHardy	int shift = 0;
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	dptr += dataoff;
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	dptr = ct_sip_header_search(dptr, limit, ",", strlen(","));
05e3ced2SPatrick McHardy	if (!dptr)
05e3ced2SPatrick McHardy		return 0;
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	dptr = ct_sip_header_search(dptr, limit, hdr->search, hdr->slen);
05e3ced2SPatrick McHardy	if (!dptr)
05e3ced2SPatrick McHardy		return 0;
05e3ced2SPatrick McHardy	dptr += hdr->slen;
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	*matchoff = dptr - start;
05e3ced2SPatrick McHardy	*matchlen = hdr->match_len(ct, dptr, limit, &shift);
05e3ced2SPatrick McHardy	if (!*matchlen)
05e3ced2SPatrick McHardy		return -1;
05e3ced2SPatrick McHardy	*matchoff += shift;
05e3ced2SPatrick McHardy	return 1;
05e3ced2SPatrick McHardy}
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy/* Walk through headers until a parsable one is found or no header of the
05e3ced2SPatrick McHardy * given type is left. */
05e3ced2SPatrick McHardystatic int ct_sip_walk_headers(const struct nf_conn *ct, const char *dptr,
05e3ced2SPatrick McHardy			       unsigned int dataoff, unsigned int datalen,
05e3ced2SPatrick McHardy			       enum sip_header_types type, int *in_header,
05e3ced2SPatrick McHardy			       unsigned int *matchoff, unsigned int *matchlen)
05e3ced2SPatrick McHardy{
05e3ced2SPatrick McHardy	int ret;
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	if (in_header && *in_header) {
05e3ced2SPatrick McHardy		while (1) {
05e3ced2SPatrick McHardy			ret = ct_sip_next_header(ct, dptr, dataoff, datalen,
05e3ced2SPatrick McHardy						 type, matchoff, matchlen);
05e3ced2SPatrick McHardy			if (ret > 0)
05e3ced2SPatrick McHardy				return ret;
05e3ced2SPatrick McHardy			if (ret == 0)
05e3ced2SPatrick McHardy				break;
39aebedeSIgor Ryzhov			dataoff = *matchoff;
05e3ced2SPatrick McHardy		}
05e3ced2SPatrick McHardy		*in_header = 0;
05e3ced2SPatrick McHardy	}
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	while (1) {
05e3ced2SPatrick McHardy		ret = ct_sip_get_header(ct, dptr, dataoff, datalen,
05e3ced2SPatrick McHardy					type, matchoff, matchlen);
05e3ced2SPatrick McHardy		if (ret > 0)
05e3ced2SPatrick McHardy			break;
05e3ced2SPatrick McHardy		if (ret == 0)
05e3ced2SPatrick McHardy			return ret;
39aebedeSIgor Ryzhov		dataoff = *matchoff;
05e3ced2SPatrick McHardy	}
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	if (in_header)
05e3ced2SPatrick McHardy		*in_header = 1;
05e3ced2SPatrick McHardy	return 1;
05e3ced2SPatrick McHardy}
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy/* Locate a SIP header, parse the URI and return the offset and length of
05e3ced2SPatrick McHardy * the address as well as the address and port themselves. A stream of
05e3ced2SPatrick McHardy * headers can be parsed by handing in a non-NULL datalen and in_header
05e3ced2SPatrick McHardy * pointer.
05e3ced2SPatrick McHardy */
05e3ced2SPatrick McHardyint ct_sip_parse_header_uri(const struct nf_conn *ct, const char *dptr,
05e3ced2SPatrick McHardy			    unsigned int *dataoff, unsigned int datalen,
05e3ced2SPatrick McHardy			    enum sip_header_types type, int *in_header,
05e3ced2SPatrick McHardy			    unsigned int *matchoff, unsigned int *matchlen,
05e3ced2SPatrick McHardy			    union nf_inet_addr *addr, __be16 *port)
05e3ced2SPatrick McHardy{
05e3ced2SPatrick McHardy	const char *c, *limit = dptr + datalen;
05e3ced2SPatrick McHardy	unsigned int p;
05e3ced2SPatrick McHardy	int ret;
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	ret = ct_sip_walk_headers(ct, dptr, dataoff ? *dataoff : 0, datalen,
05e3ced2SPatrick McHardy				  type, in_header, matchoff, matchlen);
05e3ced2SPatrick McHardy	WARN_ON(ret < 0);
05e3ced2SPatrick McHardy	if (ret == 0)
05e3ced2SPatrick McHardy		return ret;
05e3ced2SPatrick McHardy
02b69cbdSPatrick McHardy	if (!sip_parse_addr(ct, dptr + *matchoff, &c, addr, limit, true))
05e3ced2SPatrick McHardy		return -1;
05e3ced2SPatrick McHardy	if (*c == ':') {
05e3ced2SPatrick McHardy		c++;
05e3ced2SPatrick McHardy		p = simple_strtoul(c, (char **)&c, 10);
05e3ced2SPatrick McHardy		if (p < 1024 || p > 65535)
05e3ced2SPatrick McHardy			return -1;
05e3ced2SPatrick McHardy		*port = htons(p);
05e3ced2SPatrick McHardy	} else
05e3ced2SPatrick McHardy		*port = htons(SIP_PORT);
05e3ced2SPatrick McHardy
05e3ced2SPatrick McHardy	if (dataoff)
05e3ced2SPatrick McHardy		*dataoff = c - dptr;
05e3ced2SPatrick McHardy	return 1;
05e3ced2SPatrick McHardy}
05e3ced2SPatrick McHardyEXPORT_SYMBOL_GPL(ct_sip_parse_header_uri);
05e3ced2SPatrick McHardy
f5b321bdSPatrick McHardystatic int ct_sip_parse_param(const struct nf_conn *ct, const char *dptr,
f5b321bdSPatrick McHardy			      unsigned int dataoff, unsigned int datalen,
f5b321bdSPatrick McHardy			      const char *name,
f5b321bdSPatrick McHardy			      unsigned int *matchoff, unsigned int *matchlen)
f5b321bdSPatrick McHardy{
f5b321bdSPatrick McHardy	const char *limit = dptr + datalen;
f5b321bdSPatrick McHardy	const char *start;
f5b321bdSPatrick McHardy	const char *end;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
f5b321bdSPatrick McHardy	if (!limit)
f5b321bdSPatrick McHardy		limit = dptr + datalen;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
f5b321bdSPatrick McHardy	if (!start)
f5b321bdSPatrick McHardy		return 0;
f5b321bdSPatrick McHardy	start += strlen(name);
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	end = ct_sip_header_search(start, limit, ";", strlen(";"));
f5b321bdSPatrick McHardy	if (!end)
f5b321bdSPatrick McHardy		end = limit;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	*matchoff = start - dptr;
f5b321bdSPatrick McHardy	*matchlen = end - start;
f5b321bdSPatrick McHardy	return 1;
f5b321bdSPatrick McHardy}
f5b321bdSPatrick McHardy
2bbb2116SPatrick McHardy/* Parse address from header parameter and return address, offset and length */
2bbb2116SPatrick McHardyint ct_sip_parse_address_param(const struct nf_conn *ct, const char *dptr,
2bbb2116SPatrick McHardy			       unsigned int dataoff, unsigned int datalen,
2bbb2116SPatrick McHardy			       const char *name,
2bbb2116SPatrick McHardy			       unsigned int *matchoff, unsigned int *matchlen,
02b69cbdSPatrick McHardy			       union nf_inet_addr *addr, bool delim)
2bbb2116SPatrick McHardy{
2bbb2116SPatrick McHardy	const char *limit = dptr + datalen;
2bbb2116SPatrick McHardy	const char *start, *end;
2bbb2116SPatrick McHardy
2bbb2116SPatrick McHardy	limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
2bbb2116SPatrick McHardy	if (!limit)
2bbb2116SPatrick McHardy		limit = dptr + datalen;
2bbb2116SPatrick McHardy
2bbb2116SPatrick McHardy	start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
2bbb2116SPatrick McHardy	if (!start)
2bbb2116SPatrick McHardy		return 0;
2bbb2116SPatrick McHardy
2bbb2116SPatrick McHardy	start += strlen(name);
02b69cbdSPatrick McHardy	if (!sip_parse_addr(ct, start, &end, addr, limit, delim))
2bbb2116SPatrick McHardy		return 0;
2bbb2116SPatrick McHardy	*matchoff = start - dptr;
2bbb2116SPatrick McHardy	*matchlen = end - start;
2bbb2116SPatrick McHardy	return 1;
2bbb2116SPatrick McHardy}
2bbb2116SPatrick McHardyEXPORT_SYMBOL_GPL(ct_sip_parse_address_param);
2bbb2116SPatrick McHardy
2bbb2116SPatrick McHardy/* Parse numerical header parameter and return value, offset and length */
2bbb2116SPatrick McHardyint ct_sip_parse_numerical_param(const struct nf_conn *ct, const char *dptr,
2bbb2116SPatrick McHardy				 unsigned int dataoff, unsigned int datalen,
2bbb2116SPatrick McHardy				 const char *name,
2bbb2116SPatrick McHardy				 unsigned int *matchoff, unsigned int *matchlen,
2bbb2116SPatrick McHardy				 unsigned int *val)
2bbb2116SPatrick McHardy{
2bbb2116SPatrick McHardy	const char *limit = dptr + datalen;
2bbb2116SPatrick McHardy	const char *start;
2bbb2116SPatrick McHardy	char *end;
2bbb2116SPatrick McHardy
2bbb2116SPatrick McHardy	limit = ct_sip_header_search(dptr + dataoff, limit, ",", strlen(","));
2bbb2116SPatrick McHardy	if (!limit)
2bbb2116SPatrick McHardy		limit = dptr + datalen;
2bbb2116SPatrick McHardy
2bbb2116SPatrick McHardy	start = ct_sip_header_search(dptr + dataoff, limit, name, strlen(name));
2bbb2116SPatrick McHardy	if (!start)
2bbb2116SPatrick McHardy		return 0;
2bbb2116SPatrick McHardy
2bbb2116SPatrick McHardy	start += strlen(name);
2bbb2116SPatrick McHardy	*val = simple_strtoul(start, &end, 0);
2bbb2116SPatrick McHardy	if (start == end)
*f188d300SIlia.Gavrilov		return -1;
2bbb2116SPatrick McHardy	if (matchoff && matchlen) {
2bbb2116SPatrick McHardy		*matchoff = start - dptr;
2bbb2116SPatrick McHardy		*matchlen = end - start;
2bbb2116SPatrick McHardy	}
2bbb2116SPatrick McHardy	return 1;
2bbb2116SPatrick McHardy}
2bbb2116SPatrick McHardyEXPORT_SYMBOL_GPL(ct_sip_parse_numerical_param);
2bbb2116SPatrick McHardy
f5b321bdSPatrick McHardystatic int ct_sip_parse_transport(struct nf_conn *ct, const char *dptr,
f5b321bdSPatrick McHardy				  unsigned int dataoff, unsigned int datalen,
f5b321bdSPatrick McHardy				  u8 *proto)
f5b321bdSPatrick McHardy{
f5b321bdSPatrick McHardy	unsigned int matchoff, matchlen;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	if (ct_sip_parse_param(ct, dptr, dataoff, datalen, "transport=",
f5b321bdSPatrick McHardy			       &matchoff, &matchlen)) {
18082746SRasmus Villemoes		if (!strncasecmp(dptr + matchoff, "TCP", strlen("TCP")))
f5b321bdSPatrick McHardy			*proto = IPPROTO_TCP;
18082746SRasmus Villemoes		else if (!strncasecmp(dptr + matchoff, "UDP", strlen("UDP")))
f5b321bdSPatrick McHardy			*proto = IPPROTO_UDP;
f5b321bdSPatrick McHardy		else
f5b321bdSPatrick McHardy			return 0;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy		if (*proto != nf_ct_protonum(ct))
f5b321bdSPatrick McHardy			return 0;
f5b321bdSPatrick McHardy	} else
f5b321bdSPatrick McHardy		*proto = nf_ct_protonum(ct);
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	return 1;
f5b321bdSPatrick McHardy}
f5b321bdSPatrick McHardy
02b69cbdSPatrick McHardystatic int sdp_parse_addr(const struct nf_conn *ct, const char *cp,
02b69cbdSPatrick McHardy			  const char **endp, union nf_inet_addr *addr,
02b69cbdSPatrick McHardy			  const char *limit)
02b69cbdSPatrick McHardy{
02b69cbdSPatrick McHardy	const char *end;
02b69cbdSPatrick McHardy	int ret;
02b69cbdSPatrick McHardy
02b69cbdSPatrick McHardy	memset(addr, 0, sizeof(*addr));
02b69cbdSPatrick McHardy	switch (nf_ct_l3num(ct)) {
02b69cbdSPatrick McHardy	case AF_INET:
02b69cbdSPatrick McHardy		ret = in4_pton(cp, limit - cp, (u8 *)&addr->ip, -1, &end);
02b69cbdSPatrick McHardy		break;
02b69cbdSPatrick McHardy	case AF_INET6:
02b69cbdSPatrick McHardy		ret = in6_pton(cp, limit - cp, (u8 *)&addr->ip6, -1, &end);
02b69cbdSPatrick McHardy		break;
02b69cbdSPatrick McHardy	default:
02b69cbdSPatrick McHardy		BUG();
02b69cbdSPatrick McHardy	}
02b69cbdSPatrick McHardy
02b69cbdSPatrick McHardy	if (ret == 0)
02b69cbdSPatrick McHardy		return 0;
02b69cbdSPatrick McHardy	if (endp)
02b69cbdSPatrick McHardy		*endp = end;
02b69cbdSPatrick McHardy	return 1;
02b69cbdSPatrick McHardy}
02b69cbdSPatrick McHardy
02b69cbdSPatrick McHardy/* skip ip address. returns its length. */
02b69cbdSPatrick McHardystatic int sdp_addr_len(const struct nf_conn *ct, const char *dptr,
02b69cbdSPatrick McHardy			const char *limit, int *shift)
02b69cbdSPatrick McHardy{
02b69cbdSPatrick McHardy	union nf_inet_addr addr;
02b69cbdSPatrick McHardy	const char *aux = dptr;
02b69cbdSPatrick McHardy
02b69cbdSPatrick McHardy	if (!sdp_parse_addr(ct, dptr, &dptr, &addr, limit)) {
02b69cbdSPatrick McHardy		pr_debug("ip: %s parse failed.!\n", dptr);
02b69cbdSPatrick McHardy		return 0;
02b69cbdSPatrick McHardy	}
02b69cbdSPatrick McHardy
02b69cbdSPatrick McHardy	return dptr - aux;
02b69cbdSPatrick McHardy}
02b69cbdSPatrick McHardy
3e9b4600SPatrick McHardy/* SDP header parsing: a SDP session description contains an ordered set of
3e9b4600SPatrick McHardy * headers, starting with a section containing general session parameters,
3e9b4600SPatrick McHardy * optionally followed by multiple media descriptions.
3e9b4600SPatrick McHardy *
3e9b4600SPatrick McHardy * SDP headers always start at the beginning of a line. According to RFC 2327:
3e9b4600SPatrick McHardy * "The sequence CRLF (0x0d0a) is used to end a record, although parsers should
3e9b4600SPatrick McHardy * be tolerant and also accept records terminated with a single newline
3e9b4600SPatrick McHardy * character". We handle both cases.
3e9b4600SPatrick McHardy */
9a664821SPatrick McHardystatic const struct sip_header ct_sdp_hdrs_v4[] = {
3e9b4600SPatrick McHardy	[SDP_HDR_VERSION]	= SDP_HDR("v=", NULL, digits_len),
9a664821SPatrick McHardy	[SDP_HDR_OWNER]		= SDP_HDR("o=", "IN IP4 ", sdp_addr_len),
9a664821SPatrick McHardy	[SDP_HDR_CONNECTION]	= SDP_HDR("c=", "IN IP4 ", sdp_addr_len),
9a664821SPatrick McHardy	[SDP_HDR_MEDIA]		= SDP_HDR("m=", NULL, media_len),
9a664821SPatrick McHardy};
9a664821SPatrick McHardy
9a664821SPatrick McHardystatic const struct sip_header ct_sdp_hdrs_v6[] = {
9a664821SPatrick McHardy	[SDP_HDR_VERSION]	= SDP_HDR("v=", NULL, digits_len),
9a664821SPatrick McHardy	[SDP_HDR_OWNER]		= SDP_HDR("o=", "IN IP6 ", sdp_addr_len),
9a664821SPatrick McHardy	[SDP_HDR_CONNECTION]	= SDP_HDR("c=", "IN IP6 ", sdp_addr_len),
0d0ab037SPatrick McHardy	[SDP_HDR_MEDIA]		= SDP_HDR("m=", NULL, media_len),
3e9b4600SPatrick McHardy};
3e9b4600SPatrick McHardy
3e9b4600SPatrick McHardy/* Linear string search within SDP header values */
3e9b4600SPatrick McHardystatic const char *ct_sdp_header_search(const char *dptr, const char *limit,
3e9b4600SPatrick McHardy					const char *needle, unsigned int len)
3e9b4600SPatrick McHardy{
3e9b4600SPatrick McHardy	for (limit -= len; dptr < limit; dptr++) {
3e9b4600SPatrick McHardy		if (*dptr == '\r' || *dptr == '\n')
3e9b4600SPatrick McHardy			break;
3e9b4600SPatrick McHardy		if (strncmp(dptr, needle, len) == 0)
3e9b4600SPatrick McHardy			return dptr;
3e9b4600SPatrick McHardy	}
3e9b4600SPatrick McHardy	return NULL;
3e9b4600SPatrick McHardy}
3e9b4600SPatrick McHardy
3e9b4600SPatrick McHardy/* Locate a SDP header (optionally a substring within the header value),
25985edcSLucas De Marchi * optionally stopping at the first occurrence of the term header, parse
3e9b4600SPatrick McHardy * it and return the offset and length of the data we're interested in.
3e9b4600SPatrick McHardy */
3e9b4600SPatrick McHardyint ct_sip_get_sdp_header(const struct nf_conn *ct, const char *dptr,
3e9b4600SPatrick McHardy			  unsigned int dataoff, unsigned int datalen,
3e9b4600SPatrick McHardy			  enum sdp_header_types type,
3e9b4600SPatrick McHardy			  enum sdp_header_types term,
3e9b4600SPatrick McHardy			  unsigned int *matchoff, unsigned int *matchlen)
3e9b4600SPatrick McHardy{
9a664821SPatrick McHardy	const struct sip_header *hdrs, *hdr, *thdr;
3e9b4600SPatrick McHardy	const char *start = dptr, *limit = dptr + datalen;
3e9b4600SPatrick McHardy	int shift = 0;
3e9b4600SPatrick McHardy
9a664821SPatrick McHardy	hdrs = nf_ct_l3num(ct) == NFPROTO_IPV4 ? ct_sdp_hdrs_v4 : ct_sdp_hdrs_v6;
9a664821SPatrick McHardy	hdr = &hdrs[type];
9a664821SPatrick McHardy	thdr = &hdrs[term];
9a664821SPatrick McHardy
3e9b4600SPatrick McHardy	for (dptr += dataoff; dptr < limit; dptr++) {
3e9b4600SPatrick McHardy		/* Find beginning of line */
3e9b4600SPatrick McHardy		if (*dptr != '\r' && *dptr != '\n')
3e9b4600SPatrick McHardy			continue;
3e9b4600SPatrick McHardy		if (++dptr >= limit)
3e9b4600SPatrick McHardy			break;
3e9b4600SPatrick McHardy		if (*(dptr - 1) == '\r' && *dptr == '\n') {
3e9b4600SPatrick McHardy			if (++dptr >= limit)
3e9b4600SPatrick McHardy				break;
3e9b4600SPatrick McHardy		}
3e9b4600SPatrick McHardy
3e9b4600SPatrick McHardy		if (term != SDP_HDR_UNSPEC &&
3e9b4600SPatrick McHardy		    limit - dptr >= thdr->len &&
18082746SRasmus Villemoes		    strncasecmp(dptr, thdr->name, thdr->len) == 0)
3e9b4600SPatrick McHardy			break;
3e9b4600SPatrick McHardy		else if (limit - dptr >= hdr->len &&
18082746SRasmus Villemoes			 strncasecmp(dptr, hdr->name, hdr->len) == 0)
3e9b4600SPatrick McHardy			dptr += hdr->len;
3e9b4600SPatrick McHardy		else
3e9b4600SPatrick McHardy			continue;
3e9b4600SPatrick McHardy
3e9b4600SPatrick McHardy		*matchoff = dptr - start;
3e9b4600SPatrick McHardy		if (hdr->search) {
3e9b4600SPatrick McHardy			dptr = ct_sdp_header_search(dptr, limit, hdr->search,
3e9b4600SPatrick McHardy						    hdr->slen);
3e9b4600SPatrick McHardy			if (!dptr)
3e9b4600SPatrick McHardy				return -1;
3e9b4600SPatrick McHardy			dptr += hdr->slen;
3e9b4600SPatrick McHardy		}
3e9b4600SPatrick McHardy
3e9b4600SPatrick McHardy		*matchlen = hdr->match_len(ct, dptr, limit, &shift);
3e9b4600SPatrick McHardy		if (!*matchlen)
3e9b4600SPatrick McHardy			return -1;
3e9b4600SPatrick McHardy		*matchoff = dptr - start + shift;
3e9b4600SPatrick McHardy		return 1;
3e9b4600SPatrick McHardy	}
3e9b4600SPatrick McHardy	return 0;
3e9b4600SPatrick McHardy}
3e9b4600SPatrick McHardyEXPORT_SYMBOL_GPL(ct_sip_get_sdp_header);
3e9b4600SPatrick McHardy
4ab9e64eSPatrick McHardystatic int ct_sip_parse_sdp_addr(const struct nf_conn *ct, const char *dptr,
4ab9e64eSPatrick McHardy				 unsigned int dataoff, unsigned int datalen,
4ab9e64eSPatrick McHardy				 enum sdp_header_types type,
4ab9e64eSPatrick McHardy				 enum sdp_header_types term,
4ab9e64eSPatrick McHardy				 unsigned int *matchoff, unsigned int *matchlen,
4ab9e64eSPatrick McHardy				 union nf_inet_addr *addr)
4ab9e64eSPatrick McHardy{
4ab9e64eSPatrick McHardy	int ret;
4ab9e64eSPatrick McHardy
4ab9e64eSPatrick McHardy	ret = ct_sip_get_sdp_header(ct, dptr, dataoff, datalen, type, term,
4ab9e64eSPatrick McHardy				    matchoff, matchlen);
4ab9e64eSPatrick McHardy	if (ret <= 0)
4ab9e64eSPatrick McHardy		return ret;
4ab9e64eSPatrick McHardy
02b69cbdSPatrick McHardy	if (!sdp_parse_addr(ct, dptr + *matchoff, NULL, addr,
4ab9e64eSPatrick McHardy			    dptr + *matchoff + *matchlen))
4ab9e64eSPatrick McHardy		return -1;
4ab9e64eSPatrick McHardy	return 1;
4ab9e64eSPatrick McHardy}
4ab9e64eSPatrick McHardy
0f32a40fSPatrick McHardystatic int refresh_signalling_expectation(struct nf_conn *ct,
0f32a40fSPatrick McHardy					  union nf_inet_addr *addr,
f5b321bdSPatrick McHardy					  u8 proto, __be16 port,
0f32a40fSPatrick McHardy					  unsigned int expires)
0f32a40fSPatrick McHardy{
0f32a40fSPatrick McHardy	struct nf_conn_help *help = nfct_help(ct);
0f32a40fSPatrick McHardy	struct nf_conntrack_expect *exp;
b67bfe0dSSasha Levin	struct hlist_node *next;
0f32a40fSPatrick McHardy	int found = 0;
0f32a40fSPatrick McHardy
ca7433dfSJesper Dangaard Brouer	spin_lock_bh(&nf_conntrack_expect_lock);
b67bfe0dSSasha Levin	hlist_for_each_entry_safe(exp, next, &help->expectations, lnode) {
0f32a40fSPatrick McHardy		if (exp->class != SIP_EXPECT_SIGNALLING ||
0f32a40fSPatrick McHardy		    !nf_inet_addr_cmp(&exp->tuple.dst.u3, addr) ||
f5b321bdSPatrick McHardy		    exp->tuple.dst.protonum != proto ||
0f32a40fSPatrick McHardy		    exp->tuple.dst.u.udp.port != port)
0f32a40fSPatrick McHardy			continue;
a96e66e7SGao Feng		if (mod_timer_pending(&exp->timeout, jiffies + expires * HZ)) {
0f32a40fSPatrick McHardy			exp->flags &= ~NF_CT_EXPECT_INACTIVE;
0f32a40fSPatrick McHardy			found = 1;
0f32a40fSPatrick McHardy			break;
0f32a40fSPatrick McHardy		}
a96e66e7SGao Feng	}
ca7433dfSJesper Dangaard Brouer	spin_unlock_bh(&nf_conntrack_expect_lock);
0f32a40fSPatrick McHardy	return found;
0f32a40fSPatrick McHardy}
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardystatic void flush_expectations(struct nf_conn *ct, bool media)
9467ee38SPatrick McHardy{
9467ee38SPatrick McHardy	struct nf_conn_help *help = nfct_help(ct);
9467ee38SPatrick McHardy	struct nf_conntrack_expect *exp;
b67bfe0dSSasha Levin	struct hlist_node *next;
9467ee38SPatrick McHardy
ca7433dfSJesper Dangaard Brouer	spin_lock_bh(&nf_conntrack_expect_lock);
b67bfe0dSSasha Levin	hlist_for_each_entry_safe(exp, next, &help->expectations, lnode) {
0f32a40fSPatrick McHardy		if ((exp->class != SIP_EXPECT_SIGNALLING) ^ media)
0f32a40fSPatrick McHardy			continue;
ec0e3f01SGao Feng		if (!nf_ct_remove_expect(exp))
9467ee38SPatrick McHardy			continue;
0f32a40fSPatrick McHardy		if (!media)
0f32a40fSPatrick McHardy			break;
9467ee38SPatrick McHardy	}
ca7433dfSJesper Dangaard Brouer	spin_unlock_bh(&nf_conntrack_expect_lock);
9467ee38SPatrick McHardy}
9467ee38SPatrick McHardy
051966c0SPatrick McHardystatic int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy				 unsigned int dataoff,
212440a7SPatrick McHardy				 const char **dptr, unsigned int *datalen,
4ab9e64eSPatrick McHardy				 union nf_inet_addr *daddr, __be16 port,
0d0ab037SPatrick McHardy				 enum sip_expectation_classes class,
4ab9e64eSPatrick McHardy				 unsigned int mediaoff, unsigned int medialen)
9fafcd7bSPatrick McHardy{
a9c1d359SPatrick McHardy	struct nf_conntrack_expect *exp, *rtp_exp, *rtcp_exp;
212440a7SPatrick McHardy	enum ip_conntrack_info ctinfo;
212440a7SPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
a5c3a800SAlexey Dobriyan	struct net *net = nf_ct_net(ct);
9fafcd7bSPatrick McHardy	enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
d901a936SPatrick McHardy	union nf_inet_addr *saddr;
d901a936SPatrick McHardy	struct nf_conntrack_tuple tuple;
c7f485abSPatrick McHardy	int direct_rtp = 0, skip_expect = 0, ret = NF_DROP;
a9c1d359SPatrick McHardy	u_int16_t base_port;
a9c1d359SPatrick McHardy	__be16 rtp_port, rtcp_port;
180cf72fSholger@eitzenberger.org	const struct nf_nat_sip_hooks *hooks;
9fafcd7bSPatrick McHardy
d901a936SPatrick McHardy	saddr = NULL;
d901a936SPatrick McHardy	if (sip_direct_media) {
d901a936SPatrick McHardy		if (!nf_inet_addr_cmp(daddr, &ct->tuplehash[dir].tuple.src.u3))
d901a936SPatrick McHardy			return NF_ACCEPT;
d901a936SPatrick McHardy		saddr = &ct->tuplehash[!dir].tuple.src.u3;
a3419ce3SAlin Nastac	} else if (sip_external_media) {
a3419ce3SAlin Nastac		struct net_device *dev = skb_dst(skb)->dev;
a3419ce3SAlin Nastac		struct net *net = dev_net(dev);
29b0b5d5SAlin Nastac		struct flowi fl;
a3419ce3SAlin Nastac		struct dst_entry *dst = NULL;
a3419ce3SAlin Nastac
29b0b5d5SAlin Nastac		memset(&fl, 0, sizeof(fl));
29b0b5d5SAlin Nastac
a3419ce3SAlin Nastac		switch (nf_ct_l3num(ct)) {
a3419ce3SAlin Nastac			case NFPROTO_IPV4:
29b0b5d5SAlin Nastac				fl.u.ip4.daddr = daddr->ip;
29b0b5d5SAlin Nastac				nf_ip_route(net, &dst, &fl, false);
a3419ce3SAlin Nastac				break;
a3419ce3SAlin Nastac
a3419ce3SAlin Nastac			case NFPROTO_IPV6:
29b0b5d5SAlin Nastac				fl.u.ip6.daddr = daddr->in6;
29b0b5d5SAlin Nastac				nf_ip6_route(net, &dst, &fl, false);
a3419ce3SAlin Nastac				break;
a3419ce3SAlin Nastac		}
a3419ce3SAlin Nastac
a3419ce3SAlin Nastac		/* Don't predict any conntracks when media endpoint is reachable
a3419ce3SAlin Nastac		 * through the same interface as the signalling peer.
a3419ce3SAlin Nastac		 */
29b0b5d5SAlin Nastac		if (dst) {
29b0b5d5SAlin Nastac			bool external_media = (dst->dev == dev);
29b0b5d5SAlin Nastac
29b0b5d5SAlin Nastac			dst_release(dst);
29b0b5d5SAlin Nastac			if (external_media)
a3419ce3SAlin Nastac				return NF_ACCEPT;
d901a936SPatrick McHardy		}
29b0b5d5SAlin Nastac	}
d901a936SPatrick McHardy
d901a936SPatrick McHardy	/* We need to check whether the registration exists before attempting
d901a936SPatrick McHardy	 * to register it since we can see the same media description multiple
d901a936SPatrick McHardy	 * times on different connections in case multiple endpoints receive
d901a936SPatrick McHardy	 * the same call.
c7f485abSPatrick McHardy	 *
c7f485abSPatrick McHardy	 * RTP optimization: if we find a matching media channel expectation
c7f485abSPatrick McHardy	 * and both the expectation and this connection are SNATed, we assume
c7f485abSPatrick McHardy	 * both sides can reach each other directly and use the final
c7f485abSPatrick McHardy	 * destination address from the expectation. We still need to keep
c7f485abSPatrick McHardy	 * the NATed expectations for media that might arrive from the
c7f485abSPatrick McHardy	 * outside, and additionally need to expect the direct RTP stream
c7f485abSPatrick McHardy	 * in case it passes through us even without NAT.
d901a936SPatrick McHardy	 */
d901a936SPatrick McHardy	memset(&tuple, 0, sizeof(tuple));
d901a936SPatrick McHardy	if (saddr)
d901a936SPatrick McHardy		tuple.src.u3 = *saddr;
5e8fbe2aSPatrick McHardy	tuple.src.l3num		= nf_ct_l3num(ct);
d901a936SPatrick McHardy	tuple.dst.protonum	= IPPROTO_UDP;
d901a936SPatrick McHardy	tuple.dst.u3		= *daddr;
d901a936SPatrick McHardy	tuple.dst.u.udp.port	= port;
d901a936SPatrick McHardy
c7f485abSPatrick McHardy	do {
5d0aa2ccSPatrick McHardy		exp = __nf_ct_expect_find(net, nf_ct_zone(ct), &tuple);
d901a936SPatrick McHardy
c7f485abSPatrick McHardy		if (!exp || exp->master == ct ||
c7f485abSPatrick McHardy		    nfct_help(exp->master)->helper != nfct_help(ct)->helper ||
c7f485abSPatrick McHardy		    exp->class != class)
c7f485abSPatrick McHardy			break;
4806e975SFlorian Westphal#if IS_ENABLED(CONFIG_NF_NAT)
9a664821SPatrick McHardy		if (!direct_rtp &&
9a664821SPatrick McHardy		    (!nf_inet_addr_cmp(&exp->saved_addr, &exp->tuple.dst.u3) ||
c7f485abSPatrick McHardy		     exp->saved_proto.udp.port != exp->tuple.dst.u.udp.port) &&
c7f485abSPatrick McHardy		    ct->status & IPS_NAT_MASK) {
9a664821SPatrick McHardy			*daddr			= exp->saved_addr;
9a664821SPatrick McHardy			tuple.dst.u3		= exp->saved_addr;
c7f485abSPatrick McHardy			tuple.dst.u.udp.port	= exp->saved_proto.udp.port;
c7f485abSPatrick McHardy			direct_rtp = 1;
c7f485abSPatrick McHardy		} else
e1f9a464SPatrick McHardy#endif
c7f485abSPatrick McHardy			skip_expect = 1;
c7f485abSPatrick McHardy	} while (!skip_expect);
d901a936SPatrick McHardy
a9c1d359SPatrick McHardy	base_port = ntohs(tuple.dst.u.udp.port) & ~1;
a9c1d359SPatrick McHardy	rtp_port = htons(base_port);
a9c1d359SPatrick McHardy	rtcp_port = htons(base_port + 1);
a9c1d359SPatrick McHardy
c7f485abSPatrick McHardy	if (direct_rtp) {
180cf72fSholger@eitzenberger.org		hooks = rcu_dereference(nf_nat_sip_hooks);
180cf72fSholger@eitzenberger.org		if (hooks &&
180cf72fSholger@eitzenberger.org		    !hooks->sdp_port(skb, protoff, dataoff, dptr, datalen,
c7f485abSPatrick McHardy				     mediaoff, medialen, ntohs(rtp_port)))
c7f485abSPatrick McHardy			goto err1;
c7f485abSPatrick McHardy	}
c7f485abSPatrick McHardy
0b35f603STaehee Yoo	if (skip_expect)
c7f485abSPatrick McHardy		return NF_ACCEPT;
c7f485abSPatrick McHardy
a9c1d359SPatrick McHardy	rtp_exp = nf_ct_expect_alloc(ct);
a9c1d359SPatrick McHardy	if (rtp_exp == NULL)
a9c1d359SPatrick McHardy		goto err1;
5e8fbe2aSPatrick McHardy	nf_ct_expect_init(rtp_exp, class, nf_ct_l3num(ct), saddr, daddr,
a9c1d359SPatrick McHardy			  IPPROTO_UDP, NULL, &rtp_port);
a9c1d359SPatrick McHardy
a9c1d359SPatrick McHardy	rtcp_exp = nf_ct_expect_alloc(ct);
a9c1d359SPatrick McHardy	if (rtcp_exp == NULL)
a9c1d359SPatrick McHardy		goto err2;
5e8fbe2aSPatrick McHardy	nf_ct_expect_init(rtcp_exp, class, nf_ct_l3num(ct), saddr, daddr,
a9c1d359SPatrick McHardy			  IPPROTO_UDP, NULL, &rtcp_port);
9fafcd7bSPatrick McHardy
180cf72fSholger@eitzenberger.org	hooks = rcu_dereference(nf_nat_sip_hooks);
180cf72fSholger@eitzenberger.org	if (hooks && ct->status & IPS_NAT_MASK && !direct_rtp)
180cf72fSholger@eitzenberger.org		ret = hooks->sdp_media(skb, protoff, dataoff, dptr,
180cf72fSholger@eitzenberger.org				       datalen, rtp_exp, rtcp_exp,
4ab9e64eSPatrick McHardy				       mediaoff, medialen, daddr);
9fafcd7bSPatrick McHardy	else {
876c2731SFlorian Westphal		/* -EALREADY handling works around end-points that send
876c2731SFlorian Westphal		 * SDP messages with identical port but different media type,
876c2731SFlorian Westphal		 * we pretend expectation was set up.
3c00fb0bSxiao ruizhu		 * It also works in the case that SDP messages are sent with
3c00fb0bSxiao ruizhu		 * identical expect tuples but for different master conntracks.
876c2731SFlorian Westphal		 */
3c00fb0bSxiao ruizhu		int errp = nf_ct_expect_related(rtp_exp,
3c00fb0bSxiao ruizhu						NF_CT_EXP_F_SKIP_MASTER);
876c2731SFlorian Westphal
876c2731SFlorian Westphal		if (errp == 0 || errp == -EALREADY) {
3c00fb0bSxiao ruizhu			int errcp = nf_ct_expect_related(rtcp_exp,
3c00fb0bSxiao ruizhu						NF_CT_EXP_F_SKIP_MASTER);
876c2731SFlorian Westphal
876c2731SFlorian Westphal			if (errcp == 0 || errcp == -EALREADY)
9fafcd7bSPatrick McHardy				ret = NF_ACCEPT;
876c2731SFlorian Westphal			else if (errp == 0)
876c2731SFlorian Westphal				nf_ct_unexpect_related(rtp_exp);
9fafcd7bSPatrick McHardy		}
a9c1d359SPatrick McHardy	}
a9c1d359SPatrick McHardy	nf_ct_expect_put(rtcp_exp);
a9c1d359SPatrick McHardyerr2:
a9c1d359SPatrick McHardy	nf_ct_expect_put(rtp_exp);
a9c1d359SPatrick McHardyerr1:
9fafcd7bSPatrick McHardy	return ret;
9fafcd7bSPatrick McHardy}
9fafcd7bSPatrick McHardy
0d0ab037SPatrick McHardystatic const struct sdp_media_type sdp_media_types[] = {
0d0ab037SPatrick McHardy	SDP_MEDIA_TYPE("audio ", SIP_EXPECT_AUDIO),
0d0ab037SPatrick McHardy	SDP_MEDIA_TYPE("video ", SIP_EXPECT_VIDEO),
9d288dffSPatrick McHardy	SDP_MEDIA_TYPE("image ", SIP_EXPECT_IMAGE),
0d0ab037SPatrick McHardy};
0d0ab037SPatrick McHardy
0d0ab037SPatrick McHardystatic const struct sdp_media_type *sdp_media_type(const char *dptr,
0d0ab037SPatrick McHardy						   unsigned int matchoff,
0d0ab037SPatrick McHardy						   unsigned int matchlen)
0d0ab037SPatrick McHardy{
0d0ab037SPatrick McHardy	const struct sdp_media_type *t;
0d0ab037SPatrick McHardy	unsigned int i;
0d0ab037SPatrick McHardy
0d0ab037SPatrick McHardy	for (i = 0; i < ARRAY_SIZE(sdp_media_types); i++) {
0d0ab037SPatrick McHardy		t = &sdp_media_types[i];
0d0ab037SPatrick McHardy		if (matchlen < t->len ||
0d0ab037SPatrick McHardy		    strncmp(dptr + matchoff, t->name, t->len))
0d0ab037SPatrick McHardy			continue;
0d0ab037SPatrick McHardy		return t;
0d0ab037SPatrick McHardy	}
0d0ab037SPatrick McHardy	return NULL;
0d0ab037SPatrick McHardy}
0d0ab037SPatrick McHardy
051966c0SPatrick McHardystatic int process_sdp(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy		       unsigned int dataoff,
30f33e6dSPatrick McHardy		       const char **dptr, unsigned int *datalen,
30f33e6dSPatrick McHardy		       unsigned int cseq)
7d3dd043SPatrick McHardy{
7d3dd043SPatrick McHardy	enum ip_conntrack_info ctinfo;
7d3dd043SPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
7d3dd043SPatrick McHardy	unsigned int matchoff, matchlen;
4ab9e64eSPatrick McHardy	unsigned int mediaoff, medialen;
4ab9e64eSPatrick McHardy	unsigned int sdpoff;
4ab9e64eSPatrick McHardy	unsigned int caddr_len, maddr_len;
0d0ab037SPatrick McHardy	unsigned int i;
4ab9e64eSPatrick McHardy	union nf_inet_addr caddr, maddr, rtp_addr;
180cf72fSholger@eitzenberger.org	const struct nf_nat_sip_hooks *hooks;
7d3dd043SPatrick McHardy	unsigned int port;
0d0ab037SPatrick McHardy	const struct sdp_media_type *t;
0d0ab037SPatrick McHardy	int ret = NF_ACCEPT;
7d3dd043SPatrick McHardy
180cf72fSholger@eitzenberger.org	hooks = rcu_dereference(nf_nat_sip_hooks);
7d3dd043SPatrick McHardy
4ab9e64eSPatrick McHardy	/* Find beginning of session description */
7d3dd043SPatrick McHardy	if (ct_sip_get_sdp_header(ct, *dptr, 0, *datalen,
4ab9e64eSPatrick McHardy				  SDP_HDR_VERSION, SDP_HDR_UNSPEC,
7d3dd043SPatrick McHardy				  &matchoff, &matchlen) <= 0)
7d3dd043SPatrick McHardy		return NF_ACCEPT;
4ab9e64eSPatrick McHardy	sdpoff = matchoff;
7d3dd043SPatrick McHardy
4ab9e64eSPatrick McHardy	/* The connection information is contained in the session description
4ab9e64eSPatrick McHardy	 * and/or once per media description. The first media description marks
4ab9e64eSPatrick McHardy	 * the end of the session description. */
4ab9e64eSPatrick McHardy	caddr_len = 0;
4ab9e64eSPatrick McHardy	if (ct_sip_parse_sdp_addr(ct, *dptr, sdpoff, *datalen,
9a664821SPatrick McHardy				  SDP_HDR_CONNECTION, SDP_HDR_MEDIA,
4ab9e64eSPatrick McHardy				  &matchoff, &matchlen, &caddr) > 0)
4ab9e64eSPatrick McHardy		caddr_len = matchlen;
7d3dd043SPatrick McHardy
0d0ab037SPatrick McHardy	mediaoff = sdpoff;
0d0ab037SPatrick McHardy	for (i = 0; i < ARRAY_SIZE(sdp_media_types); ) {
0d0ab037SPatrick McHardy		if (ct_sip_get_sdp_header(ct, *dptr, mediaoff, *datalen,
7d3dd043SPatrick McHardy					  SDP_HDR_MEDIA, SDP_HDR_UNSPEC,
4ab9e64eSPatrick McHardy					  &mediaoff, &medialen) <= 0)
0d0ab037SPatrick McHardy			break;
0d0ab037SPatrick McHardy
0d0ab037SPatrick McHardy		/* Get media type and port number. A media port value of zero
0d0ab037SPatrick McHardy		 * indicates an inactive stream. */
0d0ab037SPatrick McHardy		t = sdp_media_type(*dptr, mediaoff, medialen);
0d0ab037SPatrick McHardy		if (!t) {
0d0ab037SPatrick McHardy			mediaoff += medialen;
0d0ab037SPatrick McHardy			continue;
0d0ab037SPatrick McHardy		}
0d0ab037SPatrick McHardy		mediaoff += t->len;
0d0ab037SPatrick McHardy		medialen -= t->len;
7d3dd043SPatrick McHardy
4ab9e64eSPatrick McHardy		port = simple_strtoul(*dptr + mediaoff, NULL, 10);
0d0ab037SPatrick McHardy		if (port == 0)
0d0ab037SPatrick McHardy			continue;
b20ab9ccSPablo Neira Ayuso		if (port < 1024 || port > 65535) {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct, "wrong port %u", port);
7d3dd043SPatrick McHardy			return NF_DROP;
b20ab9ccSPablo Neira Ayuso		}
7d3dd043SPatrick McHardy
4ab9e64eSPatrick McHardy		/* The media description overrides the session description. */
4ab9e64eSPatrick McHardy		maddr_len = 0;
4ab9e64eSPatrick McHardy		if (ct_sip_parse_sdp_addr(ct, *dptr, mediaoff, *datalen,
9a664821SPatrick McHardy					  SDP_HDR_CONNECTION, SDP_HDR_MEDIA,
4ab9e64eSPatrick McHardy					  &matchoff, &matchlen, &maddr) > 0) {
4ab9e64eSPatrick McHardy			maddr_len = matchlen;
4ab9e64eSPatrick McHardy			memcpy(&rtp_addr, &maddr, sizeof(rtp_addr));
4ab9e64eSPatrick McHardy		} else if (caddr_len)
4ab9e64eSPatrick McHardy			memcpy(&rtp_addr, &caddr, sizeof(rtp_addr));
b20ab9ccSPablo Neira Ayuso		else {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct, "cannot parse SDP message");
4ab9e64eSPatrick McHardy			return NF_DROP;
b20ab9ccSPablo Neira Ayuso		}
4ab9e64eSPatrick McHardy
051966c0SPatrick McHardy		ret = set_expected_rtp_rtcp(skb, protoff, dataoff,
051966c0SPatrick McHardy					    dptr, datalen,
0d0ab037SPatrick McHardy					    &rtp_addr, htons(port), t->class,
4ab9e64eSPatrick McHardy					    mediaoff, medialen);
b20ab9ccSPablo Neira Ayuso		if (ret != NF_ACCEPT) {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct,
b20ab9ccSPablo Neira Ayuso					 "cannot add expectation for voice");
4ab9e64eSPatrick McHardy			return ret;
b20ab9ccSPablo Neira Ayuso		}
4ab9e64eSPatrick McHardy
4ab9e64eSPatrick McHardy		/* Update media connection address if present */
180cf72fSholger@eitzenberger.org		if (maddr_len && hooks && ct->status & IPS_NAT_MASK) {
180cf72fSholger@eitzenberger.org			ret = hooks->sdp_addr(skb, protoff, dataoff,
9a664821SPatrick McHardy					      dptr, datalen, mediaoff,
180cf72fSholger@eitzenberger.org					      SDP_HDR_CONNECTION,
180cf72fSholger@eitzenberger.org					      SDP_HDR_MEDIA,
3b6b9fabSPatrick McHardy					      &rtp_addr);
b20ab9ccSPablo Neira Ayuso			if (ret != NF_ACCEPT) {
b20ab9ccSPablo Neira Ayuso				nf_ct_helper_log(skb, ct, "cannot mangle SDP");
4ab9e64eSPatrick McHardy				return ret;
4ab9e64eSPatrick McHardy			}
b20ab9ccSPablo Neira Ayuso		}
0d0ab037SPatrick McHardy		i++;
4ab9e64eSPatrick McHardy	}
4ab9e64eSPatrick McHardy
4ab9e64eSPatrick McHardy	/* Update session connection and owner addresses */
180cf72fSholger@eitzenberger.org	hooks = rcu_dereference(nf_nat_sip_hooks);
180cf72fSholger@eitzenberger.org	if (hooks && ct->status & IPS_NAT_MASK)
180cf72fSholger@eitzenberger.org		ret = hooks->sdp_session(skb, protoff, dataoff,
180cf72fSholger@eitzenberger.org					 dptr, datalen, sdpoff,
180cf72fSholger@eitzenberger.org					 &rtp_addr);
4ab9e64eSPatrick McHardy
4ab9e64eSPatrick McHardy	return ret;
7d3dd043SPatrick McHardy}
051966c0SPatrick McHardystatic int process_invite_response(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy				   unsigned int dataoff,
30f33e6dSPatrick McHardy				   const char **dptr, unsigned int *datalen,
30f33e6dSPatrick McHardy				   unsigned int cseq, unsigned int code)
30f33e6dSPatrick McHardy{
9467ee38SPatrick McHardy	enum ip_conntrack_info ctinfo;
9467ee38SPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1afc5679SPablo Neira Ayuso	struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
9467ee38SPatrick McHardy
30f33e6dSPatrick McHardy	if ((code >= 100 && code <= 199) ||
30f33e6dSPatrick McHardy	    (code >= 200 && code <= 299))
051966c0SPatrick McHardy		return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1afc5679SPablo Neira Ayuso	else if (ct_sip_info->invite_cseq == cseq)
0f32a40fSPatrick McHardy		flush_expectations(ct, true);
30f33e6dSPatrick McHardy	return NF_ACCEPT;
30f33e6dSPatrick McHardy}
30f33e6dSPatrick McHardy
051966c0SPatrick McHardystatic int process_update_response(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy				   unsigned int dataoff,
30f33e6dSPatrick McHardy				   const char **dptr, unsigned int *datalen,
30f33e6dSPatrick McHardy				   unsigned int cseq, unsigned int code)
30f33e6dSPatrick McHardy{
9467ee38SPatrick McHardy	enum ip_conntrack_info ctinfo;
9467ee38SPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1afc5679SPablo Neira Ayuso	struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
9467ee38SPatrick McHardy
30f33e6dSPatrick McHardy	if ((code >= 100 && code <= 199) ||
30f33e6dSPatrick McHardy	    (code >= 200 && code <= 299))
051966c0SPatrick McHardy		return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1afc5679SPablo Neira Ayuso	else if (ct_sip_info->invite_cseq == cseq)
0f32a40fSPatrick McHardy		flush_expectations(ct, true);
30f33e6dSPatrick McHardy	return NF_ACCEPT;
30f33e6dSPatrick McHardy}
30f33e6dSPatrick McHardy
051966c0SPatrick McHardystatic int process_prack_response(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy				  unsigned int dataoff,
595a8ecbSPatrick McHardy				  const char **dptr, unsigned int *datalen,
595a8ecbSPatrick McHardy				  unsigned int cseq, unsigned int code)
595a8ecbSPatrick McHardy{
9467ee38SPatrick McHardy	enum ip_conntrack_info ctinfo;
9467ee38SPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1afc5679SPablo Neira Ayuso	struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
9467ee38SPatrick McHardy
595a8ecbSPatrick McHardy	if ((code >= 100 && code <= 199) ||
595a8ecbSPatrick McHardy	    (code >= 200 && code <= 299))
051966c0SPatrick McHardy		return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
1afc5679SPablo Neira Ayuso	else if (ct_sip_info->invite_cseq == cseq)
0f32a40fSPatrick McHardy		flush_expectations(ct, true);
9467ee38SPatrick McHardy	return NF_ACCEPT;
9467ee38SPatrick McHardy}
595a8ecbSPatrick McHardy
051966c0SPatrick McHardystatic int process_invite_request(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy				  unsigned int dataoff,
9d288dffSPatrick McHardy				  const char **dptr, unsigned int *datalen,
9d288dffSPatrick McHardy				  unsigned int cseq)
9d288dffSPatrick McHardy{
9d288dffSPatrick McHardy	enum ip_conntrack_info ctinfo;
9d288dffSPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1afc5679SPablo Neira Ayuso	struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
9d288dffSPatrick McHardy	unsigned int ret;
9d288dffSPatrick McHardy
9d288dffSPatrick McHardy	flush_expectations(ct, true);
051966c0SPatrick McHardy	ret = process_sdp(skb, protoff, dataoff, dptr, datalen, cseq);
9d288dffSPatrick McHardy	if (ret == NF_ACCEPT)
1afc5679SPablo Neira Ayuso		ct_sip_info->invite_cseq = cseq;
9d288dffSPatrick McHardy	return ret;
9d288dffSPatrick McHardy}
9d288dffSPatrick McHardy
051966c0SPatrick McHardystatic int process_bye_request(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy			       unsigned int dataoff,
9467ee38SPatrick McHardy			       const char **dptr, unsigned int *datalen,
9467ee38SPatrick McHardy			       unsigned int cseq)
9467ee38SPatrick McHardy{
9467ee38SPatrick McHardy	enum ip_conntrack_info ctinfo;
9467ee38SPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
9467ee38SPatrick McHardy
0f32a40fSPatrick McHardy	flush_expectations(ct, true);
0f32a40fSPatrick McHardy	return NF_ACCEPT;
0f32a40fSPatrick McHardy}
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy/* Parse a REGISTER request and create a permanent expectation for incoming
0f32a40fSPatrick McHardy * signalling connections. The expectation is marked inactive and is activated
0f32a40fSPatrick McHardy * when receiving a response indicating success from the registrar.
0f32a40fSPatrick McHardy */
051966c0SPatrick McHardystatic int process_register_request(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy				    unsigned int dataoff,
0f32a40fSPatrick McHardy				    const char **dptr, unsigned int *datalen,
0f32a40fSPatrick McHardy				    unsigned int cseq)
0f32a40fSPatrick McHardy{
0f32a40fSPatrick McHardy	enum ip_conntrack_info ctinfo;
0f32a40fSPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1afc5679SPablo Neira Ayuso	struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
0f32a40fSPatrick McHardy	enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
0f32a40fSPatrick McHardy	unsigned int matchoff, matchlen;
0f32a40fSPatrick McHardy	struct nf_conntrack_expect *exp;
0f32a40fSPatrick McHardy	union nf_inet_addr *saddr, daddr;
180cf72fSholger@eitzenberger.org	const struct nf_nat_sip_hooks *hooks;
e14575faSFlorian Westphal	struct nf_conntrack_helper *helper;
0f32a40fSPatrick McHardy	__be16 port;
f5b321bdSPatrick McHardy	u8 proto;
0f32a40fSPatrick McHardy	unsigned int expires = 0;
0f32a40fSPatrick McHardy	int ret;
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	/* Expected connections can not register again. */
0f32a40fSPatrick McHardy	if (ct->status & IPS_EXPECTED)
0f32a40fSPatrick McHardy		return NF_ACCEPT;
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	/* We must check the expiration time: a value of zero signals the
0f32a40fSPatrick McHardy	 * registrar to release the binding. We'll remove our expectation
0f32a40fSPatrick McHardy	 * when receiving the new bindings in the response, but we don't
0f32a40fSPatrick McHardy	 * want to create new ones.
0f32a40fSPatrick McHardy	 *
0f32a40fSPatrick McHardy	 * The expiration time may be contained in Expires: header, the
0f32a40fSPatrick McHardy	 * Contact: header parameters or the URI parameters.
0f32a40fSPatrick McHardy	 */
0f32a40fSPatrick McHardy	if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_EXPIRES,
0f32a40fSPatrick McHardy			      &matchoff, &matchlen) > 0)
0f32a40fSPatrick McHardy		expires = simple_strtoul(*dptr + matchoff, NULL, 10);
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	ret = ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen,
0f32a40fSPatrick McHardy				      SIP_HDR_CONTACT, NULL,
0f32a40fSPatrick McHardy				      &matchoff, &matchlen, &daddr, &port);
b20ab9ccSPablo Neira Ayuso	if (ret < 0) {
b20ab9ccSPablo Neira Ayuso		nf_ct_helper_log(skb, ct, "cannot parse contact");
0f32a40fSPatrick McHardy		return NF_DROP;
b20ab9ccSPablo Neira Ayuso	} else if (ret == 0)
0f32a40fSPatrick McHardy		return NF_ACCEPT;
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	/* We don't support third-party registrations */
0f32a40fSPatrick McHardy	if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3, &daddr))
0f32a40fSPatrick McHardy		return NF_ACCEPT;
0f32a40fSPatrick McHardy
f5b321bdSPatrick McHardy	if (ct_sip_parse_transport(ct, *dptr, matchoff + matchlen, *datalen,
f5b321bdSPatrick McHardy				   &proto) == 0)
f5b321bdSPatrick McHardy		return NF_ACCEPT;
f5b321bdSPatrick McHardy
0f32a40fSPatrick McHardy	if (ct_sip_parse_numerical_param(ct, *dptr,
0f32a40fSPatrick McHardy					 matchoff + matchlen, *datalen,
b20ab9ccSPablo Neira Ayuso					 "expires=", NULL, NULL, &expires) < 0) {
b20ab9ccSPablo Neira Ayuso		nf_ct_helper_log(skb, ct, "cannot parse expires");
0f32a40fSPatrick McHardy		return NF_DROP;
b20ab9ccSPablo Neira Ayuso	}
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	if (expires == 0) {
0f32a40fSPatrick McHardy		ret = NF_ACCEPT;
0f32a40fSPatrick McHardy		goto store_cseq;
0f32a40fSPatrick McHardy	}
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	exp = nf_ct_expect_alloc(ct);
b20ab9ccSPablo Neira Ayuso	if (!exp) {
b20ab9ccSPablo Neira Ayuso		nf_ct_helper_log(skb, ct, "cannot alloc expectation");
0f32a40fSPatrick McHardy		return NF_DROP;
b20ab9ccSPablo Neira Ayuso	}
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	saddr = NULL;
0f32a40fSPatrick McHardy	if (sip_direct_signalling)
0f32a40fSPatrick McHardy		saddr = &ct->tuplehash[!dir].tuple.src.u3;
0f32a40fSPatrick McHardy
e14575faSFlorian Westphal	helper = rcu_dereference(nfct_help(ct)->helper);
e14575faSFlorian Westphal	if (!helper)
e14575faSFlorian Westphal		return NF_DROP;
e14575faSFlorian Westphal
5e8fbe2aSPatrick McHardy	nf_ct_expect_init(exp, SIP_EXPECT_SIGNALLING, nf_ct_l3num(ct),
f5b321bdSPatrick McHardy			  saddr, &daddr, proto, NULL, &port);
0f32a40fSPatrick McHardy	exp->timeout.expires = sip_timeout * HZ;
e14575faSFlorian Westphal	exp->helper = helper;
0f32a40fSPatrick McHardy	exp->flags = NF_CT_EXPECT_PERMANENT | NF_CT_EXPECT_INACTIVE;
0f32a40fSPatrick McHardy
180cf72fSholger@eitzenberger.org	hooks = rcu_dereference(nf_nat_sip_hooks);
180cf72fSholger@eitzenberger.org	if (hooks && ct->status & IPS_NAT_MASK)
180cf72fSholger@eitzenberger.org		ret = hooks->expect(skb, protoff, dataoff, dptr, datalen,
051966c0SPatrick McHardy				    exp, matchoff, matchlen);
0f32a40fSPatrick McHardy	else {
3c00fb0bSxiao ruizhu		if (nf_ct_expect_related(exp, 0) != 0) {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct, "cannot add expectation");
0f32a40fSPatrick McHardy			ret = NF_DROP;
b20ab9ccSPablo Neira Ayuso		} else
0f32a40fSPatrick McHardy			ret = NF_ACCEPT;
0f32a40fSPatrick McHardy	}
0f32a40fSPatrick McHardy	nf_ct_expect_put(exp);
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardystore_cseq:
0f32a40fSPatrick McHardy	if (ret == NF_ACCEPT)
1afc5679SPablo Neira Ayuso		ct_sip_info->register_cseq = cseq;
0f32a40fSPatrick McHardy	return ret;
0f32a40fSPatrick McHardy}
0f32a40fSPatrick McHardy
051966c0SPatrick McHardystatic int process_register_response(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy				     unsigned int dataoff,
0f32a40fSPatrick McHardy				     const char **dptr, unsigned int *datalen,
0f32a40fSPatrick McHardy				     unsigned int cseq, unsigned int code)
0f32a40fSPatrick McHardy{
0f32a40fSPatrick McHardy	enum ip_conntrack_info ctinfo;
0f32a40fSPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
1afc5679SPablo Neira Ayuso	struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
0f32a40fSPatrick McHardy	enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
0f32a40fSPatrick McHardy	union nf_inet_addr addr;
0f32a40fSPatrick McHardy	__be16 port;
f5b321bdSPatrick McHardy	u8 proto;
3b6b9fabSPatrick McHardy	unsigned int matchoff, matchlen, coff = 0;
0f32a40fSPatrick McHardy	unsigned int expires = 0;
0f32a40fSPatrick McHardy	int in_contact = 0, ret;
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	/* According to RFC 3261, "UAs MUST NOT send a new registration until
0f32a40fSPatrick McHardy	 * they have received a final response from the registrar for the
0f32a40fSPatrick McHardy	 * previous one or the previous REGISTER request has timed out".
0f32a40fSPatrick McHardy	 *
0f32a40fSPatrick McHardy	 * However, some servers fail to detect retransmissions and send late
0f32a40fSPatrick McHardy	 * responses, so we store the sequence number of the last valid
0f32a40fSPatrick McHardy	 * request and compare it here.
0f32a40fSPatrick McHardy	 */
1afc5679SPablo Neira Ayuso	if (ct_sip_info->register_cseq != cseq)
0f32a40fSPatrick McHardy		return NF_ACCEPT;
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	if (code >= 100 && code <= 199)
0f32a40fSPatrick McHardy		return NF_ACCEPT;
0f32a40fSPatrick McHardy	if (code < 200 || code > 299)
0f32a40fSPatrick McHardy		goto flush;
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_EXPIRES,
0f32a40fSPatrick McHardy			      &matchoff, &matchlen) > 0)
0f32a40fSPatrick McHardy		expires = simple_strtoul(*dptr + matchoff, NULL, 10);
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy	while (1) {
0f32a40fSPatrick McHardy		unsigned int c_expires = expires;
0f32a40fSPatrick McHardy
3b6b9fabSPatrick McHardy		ret = ct_sip_parse_header_uri(ct, *dptr, &coff, *datalen,
0f32a40fSPatrick McHardy					      SIP_HDR_CONTACT, &in_contact,
0f32a40fSPatrick McHardy					      &matchoff, &matchlen,
0f32a40fSPatrick McHardy					      &addr, &port);
b20ab9ccSPablo Neira Ayuso		if (ret < 0) {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct, "cannot parse contact");
0f32a40fSPatrick McHardy			return NF_DROP;
b20ab9ccSPablo Neira Ayuso		} else if (ret == 0)
0f32a40fSPatrick McHardy			break;
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardy		/* We don't support third-party registrations */
0f32a40fSPatrick McHardy		if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.dst.u3, &addr))
0f32a40fSPatrick McHardy			continue;
0f32a40fSPatrick McHardy
f5b321bdSPatrick McHardy		if (ct_sip_parse_transport(ct, *dptr, matchoff + matchlen,
f5b321bdSPatrick McHardy					   *datalen, &proto) == 0)
f5b321bdSPatrick McHardy			continue;
f5b321bdSPatrick McHardy
0f32a40fSPatrick McHardy		ret = ct_sip_parse_numerical_param(ct, *dptr,
0f32a40fSPatrick McHardy						   matchoff + matchlen,
0f32a40fSPatrick McHardy						   *datalen, "expires=",
0f32a40fSPatrick McHardy						   NULL, NULL, &c_expires);
b20ab9ccSPablo Neira Ayuso		if (ret < 0) {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct, "cannot parse expires");
0f32a40fSPatrick McHardy			return NF_DROP;
b20ab9ccSPablo Neira Ayuso		}
0f32a40fSPatrick McHardy		if (c_expires == 0)
0f32a40fSPatrick McHardy			break;
f5b321bdSPatrick McHardy		if (refresh_signalling_expectation(ct, &addr, proto, port,
f5b321bdSPatrick McHardy						   c_expires))
0f32a40fSPatrick McHardy			return NF_ACCEPT;
0f32a40fSPatrick McHardy	}
0f32a40fSPatrick McHardy
0f32a40fSPatrick McHardyflush:
0f32a40fSPatrick McHardy	flush_expectations(ct, false);
595a8ecbSPatrick McHardy	return NF_ACCEPT;
595a8ecbSPatrick McHardy}
595a8ecbSPatrick McHardy
30f33e6dSPatrick McHardystatic const struct sip_handler sip_handlers[] = {
9d288dffSPatrick McHardy	SIP_HANDLER("INVITE", process_invite_request, process_invite_response),
30f33e6dSPatrick McHardy	SIP_HANDLER("UPDATE", process_sdp, process_update_response),
595a8ecbSPatrick McHardy	SIP_HANDLER("ACK", process_sdp, NULL),
595a8ecbSPatrick McHardy	SIP_HANDLER("PRACK", process_sdp, process_prack_response),
9467ee38SPatrick McHardy	SIP_HANDLER("BYE", process_bye_request, NULL),
0f32a40fSPatrick McHardy	SIP_HANDLER("REGISTER", process_register_request, process_register_response),
30f33e6dSPatrick McHardy};
30f33e6dSPatrick McHardy
051966c0SPatrick McHardystatic int process_sip_response(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy				unsigned int dataoff,
30f33e6dSPatrick McHardy				const char **dptr, unsigned int *datalen)
30f33e6dSPatrick McHardy{
30f33e6dSPatrick McHardy	enum ip_conntrack_info ctinfo;
30f33e6dSPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
3b6b9fabSPatrick McHardy	unsigned int matchoff, matchlen, matchend;
3b6b9fabSPatrick McHardy	unsigned int code, cseq, i;
30f33e6dSPatrick McHardy
30f33e6dSPatrick McHardy	if (*datalen < strlen("SIP/2.0 200"))
30f33e6dSPatrick McHardy		return NF_ACCEPT;
30f33e6dSPatrick McHardy	code = simple_strtoul(*dptr + strlen("SIP/2.0 "), NULL, 10);
b20ab9ccSPablo Neira Ayuso	if (!code) {
b20ab9ccSPablo Neira Ayuso		nf_ct_helper_log(skb, ct, "cannot get code");
30f33e6dSPatrick McHardy		return NF_DROP;
b20ab9ccSPablo Neira Ayuso	}
30f33e6dSPatrick McHardy
30f33e6dSPatrick McHardy	if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_CSEQ,
b20ab9ccSPablo Neira Ayuso			      &matchoff, &matchlen) <= 0) {
b20ab9ccSPablo Neira Ayuso		nf_ct_helper_log(skb, ct, "cannot parse cseq");
30f33e6dSPatrick McHardy		return NF_DROP;
b20ab9ccSPablo Neira Ayuso	}
30f33e6dSPatrick McHardy	cseq = simple_strtoul(*dptr + matchoff, NULL, 10);
0d35d081SChristophe Leroy	if (!cseq && *(*dptr + matchoff) != '0') {
b20ab9ccSPablo Neira Ayuso		nf_ct_helper_log(skb, ct, "cannot get cseq");
30f33e6dSPatrick McHardy		return NF_DROP;
b20ab9ccSPablo Neira Ayuso	}
3b6b9fabSPatrick McHardy	matchend = matchoff + matchlen + 1;
30f33e6dSPatrick McHardy
30f33e6dSPatrick McHardy	for (i = 0; i < ARRAY_SIZE(sip_handlers); i++) {
66bf7918SAlexey Dobriyan		const struct sip_handler *handler;
66bf7918SAlexey Dobriyan
30f33e6dSPatrick McHardy		handler = &sip_handlers[i];
30f33e6dSPatrick McHardy		if (handler->response == NULL)
30f33e6dSPatrick McHardy			continue;
3b6b9fabSPatrick McHardy		if (*datalen < matchend + handler->len ||
18082746SRasmus Villemoes		    strncasecmp(*dptr + matchend, handler->method, handler->len))
30f33e6dSPatrick McHardy			continue;
051966c0SPatrick McHardy		return handler->response(skb, protoff, dataoff, dptr, datalen,
3b6b9fabSPatrick McHardy					 cseq, code);
30f33e6dSPatrick McHardy	}
30f33e6dSPatrick McHardy	return NF_ACCEPT;
30f33e6dSPatrick McHardy}
30f33e6dSPatrick McHardy
051966c0SPatrick McHardystatic int process_sip_request(struct sk_buff *skb, unsigned int protoff,
051966c0SPatrick McHardy			       unsigned int dataoff,
30f33e6dSPatrick McHardy			       const char **dptr, unsigned int *datalen)
30f33e6dSPatrick McHardy{
30f33e6dSPatrick McHardy	enum ip_conntrack_info ctinfo;
30f33e6dSPatrick McHardy	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
7266507dSKevin Cernekee	struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct);
7266507dSKevin Cernekee	enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo);
30f33e6dSPatrick McHardy	unsigned int matchoff, matchlen;
30f33e6dSPatrick McHardy	unsigned int cseq, i;
7266507dSKevin Cernekee	union nf_inet_addr addr;
7266507dSKevin Cernekee	__be16 port;
7266507dSKevin Cernekee
7266507dSKevin Cernekee	/* Many Cisco IP phones use a high source port for SIP requests, but
7266507dSKevin Cernekee	 * listen for the response on port 5060.  If we are the local
7266507dSKevin Cernekee	 * router for one of these phones, save the port number from the
7266507dSKevin Cernekee	 * Via: header so that nf_nat_sip can redirect the responses to
7266507dSKevin Cernekee	 * the correct port.
7266507dSKevin Cernekee	 */
7266507dSKevin Cernekee	if (ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen,
7266507dSKevin Cernekee				    SIP_HDR_VIA_UDP, NULL, &matchoff,
7266507dSKevin Cernekee				    &matchlen, &addr, &port) > 0 &&
7266507dSKevin Cernekee	    port != ct->tuplehash[dir].tuple.src.u.udp.port &&
7266507dSKevin Cernekee	    nf_inet_addr_cmp(&addr, &ct->tuplehash[dir].tuple.src.u3))
7266507dSKevin Cernekee		ct_sip_info->forced_dport = port;
30f33e6dSPatrick McHardy
30f33e6dSPatrick McHardy	for (i = 0; i < ARRAY_SIZE(sip_handlers); i++) {
66bf7918SAlexey Dobriyan		const struct sip_handler *handler;
66bf7918SAlexey Dobriyan
30f33e6dSPatrick McHardy		handler = &sip_handlers[i];
30f33e6dSPatrick McHardy		if (handler->request == NULL)
30f33e6dSPatrick McHardy			continue;
444f9017SUlrich Weber		if (*datalen < handler->len + 2 ||
18082746SRasmus Villemoes		    strncasecmp(*dptr, handler->method, handler->len))
30f33e6dSPatrick McHardy			continue;
444f9017SUlrich Weber		if ((*dptr)[handler->len] != ' ' ||
444f9017SUlrich Weber		    !isalpha((*dptr)[handler->len+1]))
444f9017SUlrich Weber			continue;
30f33e6dSPatrick McHardy
30f33e6dSPatrick McHardy		if (ct_sip_get_header(ct, *dptr, 0, *datalen, SIP_HDR_CSEQ,
b20ab9ccSPablo Neira Ayuso				      &matchoff, &matchlen) <= 0) {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct, "cannot parse cseq");
30f33e6dSPatrick McHardy			return NF_DROP;
b20ab9ccSPablo Neira Ayuso		}
30f33e6dSPatrick McHardy		cseq = simple_strtoul(*dptr + matchoff, NULL, 10);
0d35d081SChristophe Leroy		if (!cseq && *(*dptr + matchoff) != '0') {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct, "cannot get cseq");
30f33e6dSPatrick McHardy			return NF_DROP;
b20ab9ccSPablo Neira Ayuso		}
30f33e6dSPatrick McHardy
051966c0SPatrick McHardy		return handler->request(skb, protoff, dataoff, dptr, datalen,
051966c0SPatrick McHardy					cseq);
30f33e6dSPatrick McHardy	}
30f33e6dSPatrick McHardy	return NF_ACCEPT;
30f33e6dSPatrick McHardy}
7d3dd043SPatrick McHardy
f5b321bdSPatrick McHardystatic int process_sip_msg(struct sk_buff *skb, struct nf_conn *ct,
051966c0SPatrick McHardy			   unsigned int protoff, unsigned int dataoff,
051966c0SPatrick McHardy			   const char **dptr, unsigned int *datalen)
f5b321bdSPatrick McHardy{
180cf72fSholger@eitzenberger.org	const struct nf_nat_sip_hooks *hooks;
f5b321bdSPatrick McHardy	int ret;
f5b321bdSPatrick McHardy
18082746SRasmus Villemoes	if (strncasecmp(*dptr, "SIP/2.0 ", strlen("SIP/2.0 ")) != 0)
051966c0SPatrick McHardy		ret = process_sip_request(skb, protoff, dataoff, dptr, datalen);
f5b321bdSPatrick McHardy	else
051966c0SPatrick McHardy		ret = process_sip_response(skb, protoff, dataoff, dptr, datalen);
f5b321bdSPatrick McHardy
9a664821SPatrick McHardy	if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) {
180cf72fSholger@eitzenberger.org		hooks = rcu_dereference(nf_nat_sip_hooks);
180cf72fSholger@eitzenberger.org		if (hooks && !hooks->msg(skb, protoff, dataoff,
b20ab9ccSPablo Neira Ayuso					 dptr, datalen)) {
b20ab9ccSPablo Neira Ayuso			nf_ct_helper_log(skb, ct, "cannot NAT SIP message");
f5b321bdSPatrick McHardy			ret = NF_DROP;
f5b321bdSPatrick McHardy		}
b20ab9ccSPablo Neira Ayuso	}
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	return ret;
f5b321bdSPatrick McHardy}
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardystatic int sip_help_tcp(struct sk_buff *skb, unsigned int protoff,
f5b321bdSPatrick McHardy			struct nf_conn *ct, enum ip_conntrack_info ctinfo)
f5b321bdSPatrick McHardy{
f5b321bdSPatrick McHardy	struct tcphdr *th, _tcph;
f5b321bdSPatrick McHardy	unsigned int dataoff, datalen;
f5b321bdSPatrick McHardy	unsigned int matchoff, matchlen, clen;
f5b321bdSPatrick McHardy	unsigned int msglen, origlen;
f5b321bdSPatrick McHardy	const char *dptr, *end;
f5b321bdSPatrick McHardy	s16 diff, tdiff = 0;
7874896aSSimon Horman	int ret = NF_ACCEPT;
e6e4d9edSPatrick McHardy	bool term;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	if (ctinfo != IP_CT_ESTABLISHED &&
fb048833SEric Dumazet	    ctinfo != IP_CT_ESTABLISHED_REPLY)
f5b321bdSPatrick McHardy		return NF_ACCEPT;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	/* No Data ? */
f5b321bdSPatrick McHardy	th = skb_header_pointer(skb, protoff, sizeof(_tcph), &_tcph);
f5b321bdSPatrick McHardy	if (th == NULL)
f5b321bdSPatrick McHardy		return NF_ACCEPT;
f5b321bdSPatrick McHardy	dataoff = protoff + th->doff * 4;
f5b321bdSPatrick McHardy	if (dataoff >= skb->len)
f5b321bdSPatrick McHardy		return NF_ACCEPT;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	nf_ct_refresh(ct, skb, sip_timeout * HZ);
f5b321bdSPatrick McHardy
a1d7c1b4SPatrick McHardy	if (unlikely(skb_linearize(skb)))
a1d7c1b4SPatrick McHardy		return NF_DROP;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	dptr = skb->data + dataoff;
f5b321bdSPatrick McHardy	datalen = skb->len - dataoff;
f5b321bdSPatrick McHardy	if (datalen < strlen("SIP/2.0 200"))
f5b321bdSPatrick McHardy		return NF_ACCEPT;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy	while (1) {
f5b321bdSPatrick McHardy		if (ct_sip_get_header(ct, dptr, 0, datalen,
f5b321bdSPatrick McHardy				      SIP_HDR_CONTENT_LENGTH,
f5b321bdSPatrick McHardy				      &matchoff, &matchlen) <= 0)
f5b321bdSPatrick McHardy			break;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy		clen = simple_strtoul(dptr + matchoff, (char **)&end, 10);
f5b321bdSPatrick McHardy		if (dptr + matchoff == end)
f5b321bdSPatrick McHardy			break;
f5b321bdSPatrick McHardy
e6e4d9edSPatrick McHardy		term = false;
e6e4d9edSPatrick McHardy		for (; end + strlen("\r\n\r\n") <= dptr + datalen; end++) {
e6e4d9edSPatrick McHardy			if (end[0] == '\r' && end[1] == '\n' &&
e6e4d9edSPatrick McHardy			    end[2] == '\r' && end[3] == '\n') {
e6e4d9edSPatrick McHardy				term = true;
f5b321bdSPatrick McHardy				break;
e6e4d9edSPatrick McHardy			}
e6e4d9edSPatrick McHardy		}
e6e4d9edSPatrick McHardy		if (!term)
f5b321bdSPatrick McHardy			break;
f5b321bdSPatrick McHardy		end += strlen("\r\n\r\n") + clen;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy		msglen = origlen = end - dptr;
3a7b21eaSPatrick McHardy		if (msglen > datalen)
3a7b21eaSPatrick McHardy			return NF_ACCEPT;
f5b321bdSPatrick McHardy
051966c0SPatrick McHardy		ret = process_sip_msg(skb, ct, protoff, dataoff,
051966c0SPatrick McHardy				      &dptr, &msglen);
b20ab9ccSPablo Neira Ayuso		/* process_sip_* functions report why this packet is dropped */
f5b321bdSPatrick McHardy		if (ret != NF_ACCEPT)
f5b321bdSPatrick McHardy			break;
f5b321bdSPatrick McHardy		diff     = msglen - origlen;
f5b321bdSPatrick McHardy		tdiff   += diff;
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardy		dataoff += msglen;
f5b321bdSPatrick McHardy		dptr    += msglen;
f5b321bdSPatrick McHardy		datalen  = datalen + diff - msglen;
f5b321bdSPatrick McHardy	}
f5b321bdSPatrick McHardy
9a664821SPatrick McHardy	if (ret == NF_ACCEPT && ct->status & IPS_NAT_MASK) {
180cf72fSholger@eitzenberger.org		const struct nf_nat_sip_hooks *hooks;
180cf72fSholger@eitzenberger.org
180cf72fSholger@eitzenberger.org		hooks = rcu_dereference(nf_nat_sip_hooks);
180cf72fSholger@eitzenberger.org		if (hooks)
180cf72fSholger@eitzenberger.org			hooks->seq_adjust(skb, protoff, tdiff);
48f8ac26SPatrick McHardy	}
48f8ac26SPatrick McHardy
f5b321bdSPatrick McHardy	return ret;
f5b321bdSPatrick McHardy}
f5b321bdSPatrick McHardy
f5b321bdSPatrick McHardystatic int sip_help_udp(struct sk_buff *skb, unsigned int protoff,
f5b321bdSPatrick McHardy			struct nf_conn *ct, enum ip_conntrack_info ctinfo)
9fafcd7bSPatrick McHardy{
9fafcd7bSPatrick McHardy	unsigned int dataoff, datalen;
9fafcd7bSPatrick McHardy	const char *dptr;
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy	/* No Data ? */
9fafcd7bSPatrick McHardy	dataoff = protoff + sizeof(struct udphdr);
3db05feaSHerbert Xu	if (dataoff >= skb->len)
9fafcd7bSPatrick McHardy		return NF_ACCEPT;
9fafcd7bSPatrick McHardy
3db05feaSHerbert Xu	nf_ct_refresh(ct, skb, sip_timeout * HZ);
9fafcd7bSPatrick McHardy
a1d7c1b4SPatrick McHardy	if (unlikely(skb_linearize(skb)))
a1d7c1b4SPatrick McHardy		return NF_DROP;
9fafcd7bSPatrick McHardy
f5b321bdSPatrick McHardy	dptr = skb->data + dataoff;
3db05feaSHerbert Xu	datalen = skb->len - dataoff;
779382ebSPatrick McHardy	if (datalen < strlen("SIP/2.0 200"))
7d3dd043SPatrick McHardy		return NF_ACCEPT;
9fafcd7bSPatrick McHardy
051966c0SPatrick McHardy	return process_sip_msg(skb, ct, protoff, dataoff, &dptr, &datalen);
33cb1e9aSPatrick McHardy}
33cb1e9aSPatrick McHardy
82de0be6SGao Fengstatic struct nf_conntrack_helper sip[MAX_PORTS * 4] __read_mostly;
9fafcd7bSPatrick McHardy
0f32a40fSPatrick McHardystatic const struct nf_conntrack_expect_policy sip_exp_policy[SIP_EXPECT_MAX + 1] = {
0f32a40fSPatrick McHardy	[SIP_EXPECT_SIGNALLING] = {
b87921bdSPatrick McHardy		.name		= "signalling",
0f32a40fSPatrick McHardy		.max_expected	= 1,
6002f266SPatrick McHardy		.timeout	= 3 * 60,
0f32a40fSPatrick McHardy	},
0f32a40fSPatrick McHardy	[SIP_EXPECT_AUDIO] = {
b87921bdSPatrick McHardy		.name		= "audio",
a9c1d359SPatrick McHardy		.max_expected	= 2 * IP_CT_DIR_MAX,
0f32a40fSPatrick McHardy		.timeout	= 3 * 60,
0f32a40fSPatrick McHardy	},
0d0ab037SPatrick McHardy	[SIP_EXPECT_VIDEO] = {
b87921bdSPatrick McHardy		.name		= "video",
0d0ab037SPatrick McHardy		.max_expected	= 2 * IP_CT_DIR_MAX,
0d0ab037SPatrick McHardy		.timeout	= 3 * 60,
0d0ab037SPatrick McHardy	},
9d288dffSPatrick McHardy	[SIP_EXPECT_IMAGE] = {
9d288dffSPatrick McHardy		.name		= "image",
9d288dffSPatrick McHardy		.max_expected	= IP_CT_DIR_MAX,
9d288dffSPatrick McHardy		.timeout	= 3 * 60,
9d288dffSPatrick McHardy	},
6002f266SPatrick McHardy};
6002f266SPatrick McHardy
35341a61STaehee Yoostatic void __exit nf_conntrack_sip_fini(void)
9fafcd7bSPatrick McHardy{
82de0be6SGao Feng	nf_conntrack_helpers_unregister(sip, ports_c * 4);
9fafcd7bSPatrick McHardy}
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardystatic int __init nf_conntrack_sip_init(void)
9fafcd7bSPatrick McHardy{
82de0be6SGao Feng	int i, ret;
9fafcd7bSPatrick McHardy
dcf67740SFlorian Westphal	NF_CT_HELPER_BUILD_BUG_ON(sizeof(struct nf_ct_sip_master));
dcf67740SFlorian Westphal
9fafcd7bSPatrick McHardy	if (ports_c == 0)
9fafcd7bSPatrick McHardy		ports[ports_c++] = SIP_PORT;
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardy	for (i = 0; i < ports_c; i++) {
08010a21SFlavio Leitner		nf_ct_helper_init(&sip[4 * i], AF_INET, IPPROTO_UDP,
08010a21SFlavio Leitner				  HELPER_NAME, SIP_PORT, ports[i], i,
08010a21SFlavio Leitner				  sip_exp_policy, SIP_EXPECT_MAX, sip_help_udp,
82de0be6SGao Feng				  NULL, THIS_MODULE);
08010a21SFlavio Leitner		nf_ct_helper_init(&sip[4 * i + 1], AF_INET, IPPROTO_TCP,
08010a21SFlavio Leitner				  HELPER_NAME, SIP_PORT, ports[i], i,
08010a21SFlavio Leitner				  sip_exp_policy, SIP_EXPECT_MAX, sip_help_tcp,
82de0be6SGao Feng				  NULL, THIS_MODULE);
08010a21SFlavio Leitner		nf_ct_helper_init(&sip[4 * i + 2], AF_INET6, IPPROTO_UDP,
08010a21SFlavio Leitner				  HELPER_NAME, SIP_PORT, ports[i], i,
08010a21SFlavio Leitner				  sip_exp_policy, SIP_EXPECT_MAX, sip_help_udp,
82de0be6SGao Feng				  NULL, THIS_MODULE);
08010a21SFlavio Leitner		nf_ct_helper_init(&sip[4 * i + 3], AF_INET6, IPPROTO_TCP,
08010a21SFlavio Leitner				  HELPER_NAME, SIP_PORT, ports[i], i,
08010a21SFlavio Leitner				  sip_exp_policy, SIP_EXPECT_MAX, sip_help_tcp,
82de0be6SGao Feng				  NULL, THIS_MODULE);
82de0be6SGao Feng	}
f5b321bdSPatrick McHardy
82de0be6SGao Feng	ret = nf_conntrack_helpers_register(sip, ports_c * 4);
82de0be6SGao Feng	if (ret < 0) {
82de0be6SGao Feng		pr_err("failed to register helpers\n");
9fafcd7bSPatrick McHardy		return ret;
9fafcd7bSPatrick McHardy	}
9fafcd7bSPatrick McHardy	return 0;
9fafcd7bSPatrick McHardy}
9fafcd7bSPatrick McHardy
9fafcd7bSPatrick McHardymodule_init(nf_conntrack_sip_init);
9fafcd7bSPatrick McHardymodule_exit(nf_conntrack_sip_fini);