*************** *** 3942,3947 **** */ static int create_addr_from_peer(struct sip_pvt *dialog, struct sip_peer *peer) { copy_socket_data(&dialog->socket, &peer->socket); if ((peer->addr.sin_addr.s_addr || peer->defaddr.sin_addr.s_addr) && --- 3973,3983 ---- */ static int create_addr_from_peer(struct sip_pvt *dialog, struct sip_peer *peer) { + /* this checks that the dialog is contacting the peer on a valid + * transport type based on the peers transport configuration, + * otherwise, this function bails out */ + if (dialog->socket.type && check_request_transport(peer, dialog)) + return -1; copy_socket_data(&dialog->socket, &peer->socket); if ((peer->addr.sin_addr.s_addr || peer->defaddr.sin_addr.s_addr) && *************** *** 10399,10425 **** break; } - if (peer->socket.type != req->socket.type ) { - if (!(peer->transports & req->socket.type)) { - ast_log(LOG_ERROR, - "peer '%s' has contacted us over %s, but we only accept '%s' for this peer! ending call.\n", - peer->name, get_transport(req->socket.type), get_transport_list(peer) - ); - - ast_set_flag(&p->flags[0], SIP_PENDINGBYE); - transmit_response_with_date(p, "403 Forbidden", req); - res = AUTH_BAD_TRANSPORT; - } else if (peer->socket.type & SIP_TRANSPORT_TLS) { - ast_log(LOG_WARNING, - "peer '%s' HAS STOPPED USING TLS in favor of '%s' (but this was allowed in sip.conf)!\n", - peer->name, get_transport(req->socket.type) - ); - } else { - ast_log(LOG_DEBUG, - "peer '%s' has contacted us over %s even though we prefer %s.\n", - peer->name, get_transport(req->socket.type), get_transport(peer->socket.type) - ); - } } } } --- 10435,10444 ---- break; } + if (check_request_transport(peer, req)) { + ast_set_flag(&p->flags[0], SIP_PENDINGBYE); + transmit_response_with_date(p, "403 Forbidden", req); + res = AUTH_BAD_TRANSPORT; } } }