Relax header validation for SIP. (#925)

dennwc · web-flow · commit 9eb04893181c · 2024-12-17T18:26:25.000+02:00
diff --git a/.changeset/proud-boats-clean.md b/.changeset/proud-boats-clean.md
@@ -0,0 +1,5 @@
+---
+"github.com/livekit/protocol": patch
+---
+
+Relax SIP header validation.
diff --git a/livekit/sip.go b/livekit/sip.go
@@ -3,6 +3,7 @@ package livekit
 import (
 	"errors"
 	"fmt"
+	"regexp"
 	"slices"
 	"strings"
 )
@@ -102,10 +103,11 @@ func (p *SIPOutboundTrunkInfo) AsTrunkInfo() *SIPTrunkInfo {
 	}
 }
 
+var reHeaders = regexp.MustCompile(`^[a-zA-Z][a-zA-Z0-9\-]*$`)
+
 func validateHeader(header string) error {
-	v := strings.ToLower(header)
-	if !strings.HasPrefix(v, "x-") {
-		return fmt.Errorf("only X-* headers are allowed: %s", header)
+	if !reHeaders.MatchString(header) {
+		return fmt.Errorf("invalid header name: %q", header)
 	}
 	return nil
 }
diff --git a/livekit/sip_test.go b/livekit/sip_test.go
@@ -91,6 +91,16 @@ func TestSIPValidate(t *testing.T) {
 					"From": "from",
 				},
 			},
+			exp: true,
+		},
+		{
+			name: "inbound invalid header",
+			req: &SIPInboundTrunkInfo{
+				Numbers: []string{"+1111"},
+				HeadersToAttributes: map[string]string{
+					"From ": "from",
+				},
+			},
 			exp: false,
 		},
 		{
@@ -165,6 +175,17 @@ func TestSIPValidate(t *testing.T) {
 					"From": "from",
 				},
 			},
+			exp: true,
+		},
+		{
+			name: "outbound invalid header",
+			req: &SIPOutboundTrunkInfo{
+				Address: "sip.example.com",
+				Numbers: []string{"+2222"},
+				HeadersToAttributes: map[string]string{
+					"From ": "from",
+				},
+			},
 			exp: false,
 		},
 	}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +"github.com/livekit/protocol": patch
 +---
++
 +Relax SIP header validation.
Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,7 @@ package livekit`
`3`	`3`	`import (`
`4`	`4`	`"errors"`
`5`	`5`	`"fmt"`
	`6`	`+ "regexp"`
`6`	`7`	`"slices"`
`7`	`8`	`"strings"`
`8`	`9`	`)`
`@@ -102,10 +103,11 @@ func (p SIPOutboundTrunkInfo) AsTrunkInfo() SIPTrunkInfo {`
`102`	`103`	`}`
`103`	`104`	`}`
`104`	`105`
	`106`	+var reHeaders = regexp.MustCompile(`^[a-zA-Z][a-zA-Z0-9\-]*$`)
	`107`	`+`
`105`	`108`	`func validateHeader(header string) error {`
`106`		`- v := strings.ToLower(header)`
`107`		`- if !strings.HasPrefix(v, "x-") {`
`108`		`- return fmt.Errorf("only X-* headers are allowed: %s", header)`
	`109`	`+ if !reHeaders.MatchString(header) {`
	`110`	`+ return fmt.Errorf("invalid header name: %q", header)`
`109`	`111`	`}`
`110`	`112`	`return nil`
`111`	`113`	`}`