Pre-Submission Checklist

• Commit message has the format required by CONTRIBUTING guide
• Commits are split per component (core, individual modules, libs, utils, ...)
  • Not yet - first let's see if the work is valid, then I'll recompose the whole work to satisfy this. Otherwise... if I need to fix something, it's too hard to work like this...
• Each component has a single commit (if not, squash them into one commit)
  • ditto
• No commits to README files for modules (changes must be done to docbook files
  in doc/ subfolder, the README file is autogenerated)

Type Of Change

• Small bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds new functionality)
• Breaking change (fix or feature that would change existing functionality)

Checklist:

• PR should be backported to stable branches
• Tested changes locally
• Related to issue #XXXX (replace XXXX with an open issue number)

Description

Normally, the IMS P-CSCF should identify the clients (UEs) by the received IP address and ports on Rx. The current code is using a mix of that, plus using Contact and Via headers, with arguable potential security issues.

This patch adds a new parameter to ims_registrar_pcscf and ims_qos modules, allowing for an optional outsource of the IPsec functionality to another element, which is also in charge of checking/enforcing correct UE Via header. The existing code is allowed to work as before, with the default value of the flag being towards that.

List of functional changes:

• ims_qos
  • added trust_bottom_via parameter

List of indirect changes:

• default I-CSCF config example contained a questionable line which adds a + as a prefix in Request-URI. After way too much time wasted to figure out why the Diameter LIR has bogus SIP or TEL URI values in UserName AVP, I have discovered this. Seems like someone had just tel-URIs in their network, but otherwise the blind addition of this prefix makes no sense to me.
• added a str2ushort() macro, since code was using some dangerous casting and macros with a larger type

List of non-functional fixes:

• spelling in comments
• comments at the end of line moved above the line they refer to; with just 80 columns code-formatting, commenting on the same line provides for some super weird and hard to read code, so IMHO should not be allowed (or ... much harder now... increase to 120 columns)

You can view, comment on, or merge this pull request online at:

  https://github.com/kamailio/kamailio/pull/3891

Commit Summary

• 597208a squashed work

File Changes

(18 files)

• M misc/examples/ims/icscf/kamailio.cfg (4)
• M src/core/ut.h (36)
• M src/lib/ims/ims_getters.c (2)
• M src/modules/ims_icscf/location.c (10)
• M src/modules/ims_qos/ims_qos_mod.c (27)
• M src/modules/ims_qos/ims_qos_mod.h (1)
• M src/modules/ims_qos/rx_aar.h (4)
• M src/modules/ims_qos/rx_authdata.h (2)
• M src/modules/ims_qos/rx_avp.c (2)
• M src/modules/ims_qos/rx_avp.h (1)
• M src/modules/ims_registrar_pcscf/doc/ims_registrar_pcscf_admin.xml (39)
• M src/modules/ims_registrar_pcscf/ims_registrar_pcscf_mod.c (18)
• M src/modules/ims_registrar_pcscf/notify.c (2)
• M src/modules/ims_registrar_pcscf/save.c (78)
• M src/modules/ims_registrar_pcscf/service_routes.c (125)
• M src/modules/ims_registrar_pcscf/subscribe.c (75)
• M src/modules/ims_registrar_pcscf/subscribe.h (4)
• M src/modules/ims_usrloc_pcscf/udomain.c (4)

Patch Links:

• https://github.com/kamailio/kamailio/pull/3891.patch
• https://github.com/kamailio/kamailio/pull/3891.diff

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <kamailio/kamailio/pull/3891@github.com>