[asterisk-commits] bbryant: branch bbryant/ssl-tcp-tls r70952 - in /team/bbryant/ssl-tcp-tls: ch...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Thu Jun 21 17:48:21 CDT 2007


Author: bbryant
Date: Thu Jun 21 17:48:21 2007
New Revision: 70952

URL: http://svn.digium.com/view/asterisk?view=rev&rev=70952
Log:
Update progress.

Modified:
    team/bbryant/ssl-tcp-tls/channels/chan_sip.c
    team/bbryant/ssl-tcp-tls/include/asterisk/server.h
    team/bbryant/ssl-tcp-tls/main/server.c

Modified: team/bbryant/ssl-tcp-tls/channels/chan_sip.c
URL: http://svn.digium.com/view/asterisk/team/bbryant/ssl-tcp-tls/channels/chan_sip.c?view=diff&rev=70952&r1=70951&r2=70952
==============================================================================
--- team/bbryant/ssl-tcp-tls/channels/chan_sip.c (original)
+++ team/bbryant/ssl-tcp-tls/channels/chan_sip.c Thu Jun 21 17:48:21 2007
@@ -986,6 +986,7 @@
 		AST_STRING_FIELD(url);		/*!< URL to be sent with next message to peer */
 	);
 	int transport;
+	int fd;
 	struct server_instance *ser;
 	unsigned int ocseq;			/*!< Current outgoing seqno */
 	unsigned int icseq;			/*!< Current incoming seqno */
@@ -1737,16 +1738,11 @@
 		parse_request(&reqcpy);
 
 		if (sscanf(get_header(&reqcpy, "Content-Length"), "%d", &cl)) {
-			ast_debug(1, "Content-Length is ''%d''\n", cl);
 			while (cl > 0) {
-				ast_debug(2, "\tIteration: cl is %d\n", cl);
 				if (!fread(buf, (cl < sizeof(buf)) ? cl : sizeof(buf), 1, ser->f))
 					return NULL;
 
 				cl -= strlen(buf);
-
-				ast_debug(1, "\t%s", buf);
-
 				strncat(req.data, buf, sizeof(req.data) - req.len);
 				req.len = strlen(req.data);
 			}
@@ -2073,7 +2069,7 @@
 	int fd;
 	const struct sockaddr_in *dst = sip_real_dst(p);
 
-	fd = (p->transport & SIP_TRANSPORT_UDP) ? sipsock : p->ser->fd;
+	fd = (p->transport & SIP_TRANSPORT_UDP) ? sipsock : (p->ser) ? p->ser->fd : p->fd;
 
 	res = sendto(fd, data, len, 0, (const struct sockaddr *)dst, sizeof(struct sockaddr_in));
 
@@ -3395,6 +3391,35 @@
 
 		p->t38.jointcapability = p->t38.capability;
 		ast_debug(2,"Our T38 capability (%d), joint T38 capability (%d)\n", p->t38.capability, p->t38.jointcapability);
+
+		if (!(p->transport & SIP_TRANSPORT_UDP)) {
+			char name[256];
+			struct server_args *ca = ast_calloc(1, sizeof(*ca));
+
+			if(!ca)
+				return -1;
+
+			snprintf(name, sizeof(name), "SIP Call to %s", p->peername);
+
+			ca->name = ast_strdup(name);
+			ca->accept_fd = -1;
+			ca->tls_cfg = (p->ser) ? p->ser->parent->tls_cfg : NULL;
+			ca->sin = p->sa;
+			p->ser = (!p->ser) ? client_start(ca) : p->ser;
+
+			if (!p->ser)
+				return -1;
+
+			p->fd = ca->accept_fd;
+
+			if (ast_pthread_create_background(&ca->master, NULL, sip_tcp_helper_thread, p->ser)) {
+				ast_debug(1, "Unable to launch '%s'.", ca->name);
+				close(ca->accept_fd);
+				p->fd = ca->accept_fd = -1;
+				return -1;
+			}
+		}
+
 		xmitres = transmit_invite(p, SIP_INVITE, 1, 2);
 		if (xmitres == XMIT_ERROR)
 			return -1;
@@ -5019,7 +5044,6 @@
 			}
 		}
 		p->transport = SIP_TRANSPORT_UDP;
-
 		return p;
 	} else if( sip_methods[intended_method].can_create == CAN_CREATE_DIALOG_UNSUPPORTED_METHOD) {
 		/* A method we do not support, let's take it on the volley */
@@ -5036,7 +5060,6 @@
 		ast_debug(2, "That's odd...  Got a response on a call we dont know about. Callid %s\n", callid ? callid : "<unknown>");
 
 	p->transport = SIP_TRANSPORT_UDP;
-
 	return p;
 }
 
@@ -9701,7 +9724,7 @@
 	if (c) {
 		*c = '\0';
 		c = ast_skip_blanks(c+1);
-		if (strcasecmp(via, "SIP/2.0/UDP") && strcasecmp(via, "SIP/2.0/TCP") && strcasecmp(via, "SIPS/2.0/TCP")) {
+		if (strcasecmp(via, "SIP/2.0/UDP") && strcasecmp(via, "SIP/2.0/TCP") && strcasecmp(via, "SIP/2.0/TLS")) {
 			ast_log(LOG_WARNING, "Don't know how to respond via '%s'\n", via);
 			return;
 		}
@@ -17413,10 +17436,13 @@
 				ast_log(LOG_WARNING, "Invalid port number '%s' at line %d of %s\n", v->value, v->lineno, config);
 			}
 		} else if (!strcasecmp(v->name, "tlsenable")) {
-			sip_tls_desc.tls_cfg->enabled = ast_true(v->value) ? AF_INET : 0;
+			sip_tls_desc.tls_cfg->enabled = TRUE;
+			sip_tls_desc.sin.sin_family = AF_INET;
 		} else if (!strcasecmp(v->name, "tlscertfile")) {
+			ast_free(sip_tls_desc.tls_cfg->certfile);
 			sip_tls_desc.tls_cfg->certfile = ast_strdup(v->value);
 		} else if (!strcasecmp(v->name, "tlscipher")) {
+			ast_free(sip_tls_desc.tls_cfg->cipher);
 			sip_tls_desc.tls_cfg->cipher = ast_strdup(v->value);
 		} else if (!strcasecmp(v->name, "tlsbindaddr")) {
 			if((hp = ast_gethostbyname(v->value, &ahp))) {
@@ -17839,8 +17865,14 @@
 
 	server_start(&sip_tcp_desc);
 
-	if(ssl_setup(sip_tls_desc.tls_cfg))
+	if (ssl_setup(sip_tls_desc.tls_cfg)) {
 		server_start(&sip_tls_desc);
+		ast_log(LOG_WARNING, "SSL started on %s:%d\n", ast_inet_ntoa(sip_tls_desc.sin.sin_addr), ntohs(sip_tls_desc.sin.sin_port));
+		ast_log(LOG_WARNING, "\tCertfile: '%s'\n", sip_tls_desc.tls_cfg->certfile);
+		ast_log(LOG_WARNING, "\tCipher: '%s'\n", sip_tls_desc.tls_cfg->cipher);
+		ast_log(LOG_WARNING, "\tFamily: '%s'\n", ((sip_tls_desc.sin.sin_family == AF_INET) ? "AF_INET" : "0"));
+	} else if(sip_tls_desc.tls_cfg->enabled)
+		ast_log(LOG_WARNING, "SIP TLS did not load because of errors.\n");
 
 	/* Done, tell the manager */
 	manager_event(EVENT_FLAG_SYSTEM, "ChannelReload", "ChannelType: SIP\r\nReloadReason: %s\r\nRegistry_Count: %d\r\nPeer_Count: %d\r\nUser_Count: %d\r\n\r\n", channelreloadreason2txt(reason), registry_count, peer_count, user_count);

Modified: team/bbryant/ssl-tcp-tls/include/asterisk/server.h
URL: http://svn.digium.com/view/asterisk/team/bbryant/ssl-tcp-tls/include/asterisk/server.h?view=diff&rev=70952&r1=70951&r2=70952
==============================================================================
--- team/bbryant/ssl-tcp-tls/include/asterisk/server.h (original)
+++ team/bbryant/ssl-tcp-tls/include/asterisk/server.h Thu Jun 21 17:48:21 2007
@@ -126,6 +126,8 @@
 	const char *name;
 };
 
+struct server_instance *client_start(struct server_args *desc);
+
 void *server_root(void *);
 void server_start(struct server_args *desc);
 int ssl_setup(struct tls_config *cfg);

Modified: team/bbryant/ssl-tcp-tls/main/server.c
URL: http://svn.digium.com/view/asterisk/team/bbryant/ssl-tcp-tls/main/server.c?view=diff&rev=70952&r1=70951&r2=70952
==============================================================================
--- team/bbryant/ssl-tcp-tls/main/server.c (original)
+++ team/bbryant/ssl-tcp-tls/main/server.c Thu Jun 21 17:48:21 2007
@@ -153,11 +153,77 @@
 #endif
 }
 
+/*! A generic client routine for a TCP client
+ *  and starts a thread for handling accept()
+ */
+struct server_instance *client_start(struct server_args *desc) {
+	int x = 1, flags;
+	struct server_instance *ser;
+
+	/* Do nothing if nothing has changed */
+	if(!memcmp(&desc->oldsin, &desc->sin, sizeof(desc->oldsin))) {
+		if (option_debug)
+			ast_log(LOG_DEBUG, "Nothing changed in %s\n", desc->name);
+		return NULL;
+	}
+
+	desc->oldsin = desc->sin;
+
+	if (desc->accept_fd != -1)
+		close(desc->accept_fd);
+
+	desc->accept_fd = socket(AF_INET, SOCK_STREAM, 0);
+	if (desc->accept_fd < 0) {
+		ast_log(LOG_WARNING, "Unable to allocate socket for %s: %s\n",
+			desc->name, strerror(errno));
+		return NULL;
+	}
+
+	setsockopt(desc->accept_fd, SOL_SOCKET, SO_REUSEADDR, &x, sizeof(x));
+	if (connect(desc->accept_fd, (const struct sockaddr *)&desc->sin, sizeof(desc->sin))) {
+		ast_log(LOG_NOTICE, "Unable to connect %s to %s:%d: %s\n",
+			desc->name,
+			ast_inet_ntoa(desc->sin.sin_addr), ntohs(desc->sin.sin_port),
+			strerror(errno));
+		goto error;
+	}
+	if (desc->accept_fd < 0) {
+		if ((errno != EAGAIN) && (errno != EINTR))
+			ast_log(LOG_WARNING, "Connect failed: %s\n", strerror(errno));
+		goto error;
+	}
+	ser = ast_calloc(1, sizeof(*ser));
+	if (!ser) {
+		ast_log(LOG_WARNING, "No memory for new session: %s\n", strerror(errno));
+		goto error;
+	}
+
+	flags = fcntl(desc->accept_fd, F_GETFL);
+	fcntl(desc->accept_fd, F_SETFL, flags & ~O_NONBLOCK);
+	ser->fd = desc->accept_fd;
+	ser->parent = desc;
+	memcpy(&ser->requestor, &desc->sin, sizeof(ser->requestor));
+
+	ser->parent->worker_fn = NULL;
+
+	ast_make_file_from_fd(ser);
+
+	
+
+	return ser;
+
+error:
+	close(desc->accept_fd);
+	desc->accept_fd = -1;
+	return NULL;
+}
+
 /*!
  * This is a generic (re)start routine for a TCP server,
  * which does the socket/bind/listen and starts a thread for handling
  * accept().
  */
+
 void server_start(struct server_args *desc)
 {
 	int flags;
@@ -268,5 +334,9 @@
 		ast_free(ser);
 		return NULL;
    }
-   return ser->parent->worker_fn(ser);
-}
+
+	if (ser->parent->worker_fn)
+		return ser->parent->worker_fn(ser);
+	else
+		return NULL;
+}




More information about the asterisk-commits mailing list