linux-hardened/include/linux/netfilter
Patrick McHardy 02b69cbdc2 netfilter: nf_ct_sip: fix IPv6 address parsing
Within SIP messages IPv6 addresses are enclosed in square brackets in most
cases, with the exception of the "received=" header parameter. Currently
the helper fails to parse enclosed addresses.

This patch:

- changes the SIP address parsing function to enforce square brackets
  when required, and accept them when not required but present, as
  recommended by RFC 5118.

- adds a new SDP address parsing function that never accepts square
  brackets since SDP doesn't use them.

With these changes, the SIP helper correctly parses all test messages
from RFC 5118 (Session Initiation Protocol (SIP) Torture Test Messages
for Internet Protocol Version 6 (IPv6)).

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-08-10 11:53:11 +02:00
..
ipset Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-05-16 22:17:37 -04:00
Kbuild netfilter: add user-space connection tracking helper infrastructure 2012-06-16 15:40:02 +02:00
nf_conntrack_amanda.h
nf_conntrack_common.h netfilter: nf_conntrack: fix explicit helper attachment and NAT 2012-05-08 19:44:42 +02:00
nf_conntrack_dccp.h
nf_conntrack_ftp.h
nf_conntrack_h323.h
nf_conntrack_h323_asn1.h
nf_conntrack_h323_types.h net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
nf_conntrack_irc.h
nf_conntrack_pptp.h
nf_conntrack_proto_gre.h Fix common misspellings 2011-03-31 11:26:23 -03:00
nf_conntrack_sane.h
nf_conntrack_sctp.h
nf_conntrack_sip.h netfilter: nf_ct_sip: fix IPv6 address parsing 2012-08-10 11:53:11 +02:00
nf_conntrack_snmp.h
nf_conntrack_tcp.h netfilter: nf_ct_tcp: move retransmission and unacknowledged timeout to array 2012-03-07 17:41:15 +01:00
nf_conntrack_tftp.h
nf_conntrack_tuple_common.h netfilter: nf_nat: export NAT definitions to userspace 2011-12-23 14:36:43 +01:00
nf_nat.h netfilter: nf_nat: export NAT definitions to userspace 2011-12-23 14:36:43 +01:00
nfnetlink.h netfilter: add user-space connection tracking helper infrastructure 2012-06-16 15:40:02 +02:00
nfnetlink_acct.h netfilter: add extended accounting infrastructure over nfnetlink 2011-12-25 02:43:03 +01:00
nfnetlink_compat.h
nfnetlink_conntrack.h netfilter: ctnetlink: add new messages to obtain statistics 2012-06-27 17:28:03 +02:00
nfnetlink_cthelper.h netfilter: add user-space connection tracking helper infrastructure 2012-06-16 15:40:02 +02:00
nfnetlink_cttimeout.h netfilter: add cttimeout infrastructure for fine timeout tuning 2012-03-07 17:41:22 +01:00
nfnetlink_log.h headers: use __aligned_xx types for userspace 2011-03-18 15:14:45 -07:00
nfnetlink_queue.h netfilter: nfnetlink_queue: do not allow to set unsupported flag bits 2012-07-04 19:51:50 +02:00
x_tables.h percpu: Remove irqsafe_cpu_xxx variants 2011-12-22 10:40:20 -08:00
xt_addrtype.h netfilter: xt_addrtype: ipv6 support 2011-03-15 20:17:44 +01:00
xt_AUDIT.h
xt_CHECKSUM.h
xt_CLASSIFY.h
xt_cluster.h
xt_comment.h
xt_connbytes.h headers: use __aligned_xx types for userspace 2011-03-18 15:14:45 -07:00
xt_connlimit.h netfilter: xt_connlimit: remove revision 0 2012-06-07 14:58:39 +02:00
xt_connmark.h
xt_CONNMARK.h
xt_CONNSECMARK.h
xt_conntrack.h headers, xtables: Add missing #include <linux/netfilter.h> 2011-08-26 12:02:50 -04:00
xt_cpu.h
xt_CT.h netfilter: xt_CT: allow to attach timeout policy + glue code 2012-03-07 17:41:28 +01:00
xt_dccp.h
xt_devgroup.h netfilter: xtables: add device group match 2011-02-03 00:05:43 +01:00
xt_DSCP.h
xt_dscp.h
xt_ecn.h netfilter: xtables: give xt_ecn its own name 2011-12-27 20:31:38 +01:00
xt_esp.h
xt_hashlimit.h netfilter: xt_hashlimit: use _ALL macro to reject unknown flag bits 2012-05-17 00:56:31 +02:00
xt_helper.h
xt_HMARK.h netfilter: xt_HMARK: fix endianness and provide consistent hashing 2012-06-07 14:53:01 +02:00
xt_IDLETIMER.h
xt_iprange.h headers, xtables: Add missing #include <linux/netfilter.h> 2011-08-26 12:02:50 -04:00
xt_ipvs.h
xt_LED.h
xt_length.h
xt_limit.h
xt_LOG.h netfilter: merge ipt_LOG and ip6_LOG into xt_LOG 2012-03-07 17:40:49 +01:00
xt_mac.h
xt_mark.h
xt_MARK.h
xt_multiport.h
xt_nfacct.h netfilter: xtables: add nfacct match to support extended accounting 2011-12-25 02:43:17 +01:00
xt_NFLOG.h
xt_NFQUEUE.h
xt_osf.h
xt_owner.h
xt_physdev.h
xt_pkttype.h
xt_policy.h
xt_quota.h headers: use __aligned_xx types for userspace 2011-03-18 15:14:45 -07:00
xt_RATEEST.h
xt_rateest.h
xt_realm.h
xt_recent.h netfilter: xt_recent: add address masking option 2012-06-07 14:58:42 +02:00
xt_rpfilter.h netfilter: add ipv4 reverse path filter match 2011-12-04 22:43:37 +01:00
xt_sctp.h
xt_SECMARK.h
xt_set.h netfilter: ipset: avoid use of kernel-only types 2012-03-26 21:06:30 +02:00
xt_socket.h
xt_state.h
xt_statistic.h
xt_string.h
xt_TCPMSS.h
xt_tcpmss.h
xt_TCPOPTSTRIP.h
xt_tcpudp.h
xt_TEE.h
xt_time.h
xt_TPROXY.h
xt_u32.h