Rename a number of tcptls_session variables. There are no functional changes here.
The name "ser" was used in a lot of places. However, it is a relic from when the struct was a server_instance, not a session_instance. It was renamed since it represents both a server or client connection. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@163670 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This commit is contained in:
parent
4dde380315
commit
90e65dc7d3
|
@ -1125,7 +1125,7 @@ struct sip_socket {
|
|||
enum sip_transport type; /*!< UDP, TCP or TLS */
|
||||
int fd; /*!< Filed descriptor, the actual socket */
|
||||
uint16_t port;
|
||||
struct ast_tcptls_session_instance *ser; /* If tcp or tls, a socket manager */
|
||||
struct ast_tcptls_session_instance *tcptls_session; /* If tcp or tls, a socket manager */
|
||||
};
|
||||
|
||||
/*! \brief sip_request: The data grabbed from the UDP socket
|
||||
|
@ -1896,7 +1896,7 @@ struct sip_registry {
|
|||
struct sip_threadinfo {
|
||||
int stop;
|
||||
pthread_t threadid;
|
||||
struct ast_tcptls_session_instance *ser;
|
||||
struct ast_tcptls_session_instance *tcptls_session;
|
||||
enum sip_transport type; /*!< We keep a copy of the type here so we can display it in the connection list */
|
||||
AST_LIST_ENTRY(sip_threadinfo) list;
|
||||
};
|
||||
|
@ -2439,7 +2439,7 @@ static int get_msg_text(char *buf, int len, struct sip_request *req, int addnewl
|
|||
static int transmit_state_notify(struct sip_pvt *p, int state, int full, int timeout);
|
||||
|
||||
/*-- TCP connection handling ---*/
|
||||
static void *_sip_tcp_helper_thread(struct sip_pvt *pvt, struct ast_tcptls_session_instance *ser);
|
||||
static void *_sip_tcp_helper_thread(struct sip_pvt *pvt, struct ast_tcptls_session_instance *tcptls_session);
|
||||
static void *sip_tcp_worker_fn(void *);
|
||||
|
||||
/*--- Constructing requests and responses */
|
||||
|
@ -2641,15 +2641,15 @@ static struct ast_rtp_protocol sip_rtp = {
|
|||
/*! \brief SIP TCP connection handler */
|
||||
static void *sip_tcp_worker_fn(void *data)
|
||||
{
|
||||
struct ast_tcptls_session_instance *ser = data;
|
||||
struct ast_tcptls_session_instance *tcptls_session = data;
|
||||
|
||||
return _sip_tcp_helper_thread(NULL, ser);
|
||||
return _sip_tcp_helper_thread(NULL, tcptls_session);
|
||||
}
|
||||
|
||||
/*! \brief SIP TCP thread management function
|
||||
This function reads from the socket, parses the packet into a request
|
||||
*/
|
||||
static void *_sip_tcp_helper_thread(struct sip_pvt *pvt, struct ast_tcptls_session_instance *ser)
|
||||
static void *_sip_tcp_helper_thread(struct sip_pvt *pvt, struct ast_tcptls_session_instance *tcptls_session)
|
||||
{
|
||||
int res, cl;
|
||||
struct sip_request req = { 0, } , reqcpy = { 0, };
|
||||
|
@ -2662,13 +2662,13 @@ static void *_sip_tcp_helper_thread(struct sip_pvt *pvt, struct ast_tcptls_sessi
|
|||
goto cleanup2;
|
||||
|
||||
me->threadid = pthread_self();
|
||||
me->ser = ser;
|
||||
if (ser->ssl)
|
||||
me->tcptls_session = tcptls_session;
|
||||
if (tcptls_session->ssl)
|
||||
me->type = SIP_TRANSPORT_TLS;
|
||||
else
|
||||
me->type = SIP_TRANSPORT_TCP;
|
||||
|
||||
ast_debug(2, "Starting thread for %s server\n", ser->ssl ? "SSL" : "TCP");
|
||||
ast_debug(2, "Starting thread for %s server\n", tcptls_session->ssl ? "SSL" : "TCP");
|
||||
|
||||
AST_LIST_LOCK(&threadl);
|
||||
AST_LIST_INSERT_TAIL(&threadl, me, list);
|
||||
|
@ -2692,28 +2692,28 @@ static void *_sip_tcp_helper_thread(struct sip_pvt *pvt, struct ast_tcptls_sessi
|
|||
reqcpy.data = str_save;
|
||||
ast_str_reset(reqcpy.data);
|
||||
|
||||
req.socket.fd = ser->fd;
|
||||
if (ser->ssl) {
|
||||
req.socket.fd = tcptls_session->fd;
|
||||
if (tcptls_session->ssl) {
|
||||
req.socket.type = SIP_TRANSPORT_TLS;
|
||||
req.socket.port = htons(ourport_tls);
|
||||
} else {
|
||||
req.socket.type = SIP_TRANSPORT_TCP;
|
||||
req.socket.port = htons(ourport_tcp);
|
||||
}
|
||||
res = ast_wait_for_input(ser->fd, -1);
|
||||
res = ast_wait_for_input(tcptls_session->fd, -1);
|
||||
if (res < 0) {
|
||||
ast_debug(2, "SIP %s server :: ast_wait_for_input returned %d\n", ser->ssl ? "SSL": "TCP", res);
|
||||
ast_debug(2, "SIP %s server :: ast_wait_for_input returned %d\n", tcptls_session->ssl ? "SSL": "TCP", res);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
/* Read in headers one line at a time */
|
||||
while (req.len < 4 || strncmp((char *)&req.data->str + req.len - 4, "\r\n\r\n", 4)) {
|
||||
ast_mutex_lock(&ser->lock);
|
||||
if (!fgets(buf, sizeof(buf), ser->f)) {
|
||||
ast_mutex_unlock(&ser->lock);
|
||||
ast_mutex_lock(&tcptls_session->lock);
|
||||
if (!fgets(buf, sizeof(buf), tcptls_session->f)) {
|
||||
ast_mutex_unlock(&tcptls_session->lock);
|
||||
goto cleanup;
|
||||
}
|
||||
ast_mutex_unlock(&ser->lock);
|
||||
ast_mutex_unlock(&tcptls_session->lock);
|
||||
if (me->stop)
|
||||
goto cleanup;
|
||||
ast_str_append(&req.data, 0, "%s", buf);
|
||||
|
@ -2724,12 +2724,12 @@ static void *_sip_tcp_helper_thread(struct sip_pvt *pvt, struct ast_tcptls_sessi
|
|||
/* In order to know how much to read, we need the content-length header */
|
||||
if (sscanf(get_header(&reqcpy, "Content-Length"), "%d", &cl)) {
|
||||
while (cl > 0) {
|
||||
ast_mutex_lock(&ser->lock);
|
||||
if (!fread(buf, (cl < sizeof(buf)) ? cl : sizeof(buf), 1, ser->f)) {
|
||||
ast_mutex_unlock(&ser->lock);
|
||||
ast_mutex_lock(&tcptls_session->lock);
|
||||
if (!fread(buf, (cl < sizeof(buf)) ? cl : sizeof(buf), 1, tcptls_session->f)) {
|
||||
ast_mutex_unlock(&tcptls_session->lock);
|
||||
goto cleanup;
|
||||
}
|
||||
ast_mutex_unlock(&ser->lock);
|
||||
ast_mutex_unlock(&tcptls_session->lock);
|
||||
if (me->stop)
|
||||
goto cleanup;
|
||||
cl -= strlen(buf);
|
||||
|
@ -2740,8 +2740,8 @@ static void *_sip_tcp_helper_thread(struct sip_pvt *pvt, struct ast_tcptls_sessi
|
|||
/*! \todo XXX If there's no Content-Length or if the content-length and what
|
||||
we receive is not the same - we should generate an error */
|
||||
|
||||
req.socket.ser = ser;
|
||||
handle_request_do(&req, &ser->remote_address);
|
||||
req.socket.tcptls_session = tcptls_session;
|
||||
handle_request_do(&req, &tcptls_session->remote_address);
|
||||
}
|
||||
|
||||
cleanup:
|
||||
|
@ -2750,9 +2750,9 @@ cleanup:
|
|||
AST_LIST_UNLOCK(&threadl);
|
||||
ast_free(me);
|
||||
cleanup2:
|
||||
fclose(ser->f);
|
||||
ser->f = NULL;
|
||||
ser->fd = -1;
|
||||
fclose(tcptls_session->f);
|
||||
tcptls_session->f = NULL;
|
||||
tcptls_session->fd = -1;
|
||||
if (reqcpy.data) {
|
||||
ast_free(reqcpy.data);
|
||||
}
|
||||
|
@ -2762,11 +2762,11 @@ cleanup2:
|
|||
req.data = NULL;
|
||||
}
|
||||
|
||||
ast_debug(2, "Shutting down thread for %s server\n", ser->ssl ? "SSL" : "TCP");
|
||||
ast_debug(2, "Shutting down thread for %s server\n", tcptls_session->ssl ? "SSL" : "TCP");
|
||||
|
||||
|
||||
ao2_ref(ser, -1);
|
||||
ser = NULL;
|
||||
ao2_ref(tcptls_session, -1);
|
||||
tcptls_session = NULL;
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
@ -3168,20 +3168,20 @@ static int __sip_xmit(struct sip_pvt *p, struct ast_str *data, int len)
|
|||
if (sip_prepare_socket(p) < 0)
|
||||
return XMIT_ERROR;
|
||||
|
||||
if (p->socket.ser)
|
||||
ast_mutex_lock(&p->socket.ser->lock);
|
||||
if (p->socket.tcptls_session)
|
||||
ast_mutex_lock(&p->socket.tcptls_session->lock);
|
||||
|
||||
if (p->socket.type & SIP_TRANSPORT_UDP)
|
||||
res = sendto(p->socket.fd, data->str, len, 0, (const struct sockaddr *)dst, sizeof(struct sockaddr_in));
|
||||
else {
|
||||
if (p->socket.ser->f)
|
||||
res = ast_tcptls_server_write(p->socket.ser, data->str, len);
|
||||
if (p->socket.tcptls_session->f)
|
||||
res = ast_tcptls_server_write(p->socket.tcptls_session, data->str, len);
|
||||
else
|
||||
ast_debug(2, "No p->socket.ser->f len=%d\n", len);
|
||||
ast_debug(2, "No p->socket.tcptls_session->f len=%d\n", len);
|
||||
}
|
||||
|
||||
if (p->socket.ser)
|
||||
ast_mutex_unlock(&p->socket.ser->lock);
|
||||
if (p->socket.tcptls_session)
|
||||
ast_mutex_unlock(&p->socket.tcptls_session->lock);
|
||||
|
||||
if (res == -1) {
|
||||
switch (errno) {
|
||||
|
@ -4185,9 +4185,9 @@ static void sip_destroy_peer(struct sip_peer *peer)
|
|||
ast_dnsmgr_release(peer->dnsmgr);
|
||||
clear_peer_mailboxes(peer);
|
||||
|
||||
if (peer->socket.ser) {
|
||||
ao2_ref(peer->socket.ser, -1);
|
||||
peer->socket.ser = NULL;
|
||||
if (peer->socket.tcptls_session) {
|
||||
ao2_ref(peer->socket.tcptls_session, -1);
|
||||
peer->socket.tcptls_session = NULL;
|
||||
}
|
||||
|
||||
ast_string_field_free_memory(peer);
|
||||
|
@ -4570,13 +4570,13 @@ static void set_t38_capabilities(struct sip_pvt *p)
|
|||
|
||||
static void copy_socket_data(struct sip_socket *to_sock, const struct sip_socket *from_sock)
|
||||
{
|
||||
if (to_sock->ser) {
|
||||
ao2_ref(to_sock->ser, -1);
|
||||
to_sock->ser = NULL;
|
||||
if (to_sock->tcptls_session) {
|
||||
ao2_ref(to_sock->tcptls_session, -1);
|
||||
to_sock->tcptls_session = NULL;
|
||||
}
|
||||
|
||||
if (from_sock->ser) {
|
||||
ao2_ref(from_sock->ser, +1);
|
||||
if (from_sock->tcptls_session) {
|
||||
ao2_ref(from_sock->tcptls_session, +1);
|
||||
}
|
||||
|
||||
*to_sock = *from_sock;
|
||||
|
@ -5080,9 +5080,9 @@ static void __sip_destroy(struct sip_pvt *p, int lockowner, int lockdialoglist)
|
|||
|
||||
ast_string_field_free_memory(p);
|
||||
|
||||
if (p->socket.ser) {
|
||||
ao2_ref(p->socket.ser, -1);
|
||||
p->socket.ser = NULL;
|
||||
if (p->socket.tcptls_session) {
|
||||
ao2_ref(p->socket.tcptls_session, -1);
|
||||
p->socket.tcptls_session = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -13161,10 +13161,10 @@ static char *sip_show_tcp(struct ast_cli_entry *e, int cmd, struct ast_cli_args
|
|||
ast_cli(a->fd, FORMAT2, "Host", "Port", "Transport", "Type");
|
||||
AST_LIST_LOCK(&threadl);
|
||||
AST_LIST_TRAVERSE(&threadl, th, list) {
|
||||
ast_cli(a->fd, FORMAT, ast_inet_ntoa(th->ser->remote_address.sin_addr),
|
||||
ntohs(th->ser->remote_address.sin_port),
|
||||
ast_cli(a->fd, FORMAT, ast_inet_ntoa(th->tcptls_session->remote_address.sin_addr),
|
||||
ntohs(th->tcptls_session->remote_address.sin_port),
|
||||
get_transport(th->type),
|
||||
(th->ser->client ? "Client" : "Server"));
|
||||
(th->tcptls_session->client ? "Client" : "Server"));
|
||||
|
||||
}
|
||||
AST_LIST_UNLOCK(&threadl);
|
||||
|
@ -15942,9 +15942,9 @@ static void parse_moved_contact(struct sip_pvt *p, struct sip_request *req)
|
|||
} while(0);
|
||||
s = remove_uri_parameters(s);
|
||||
|
||||
if (p->socket.ser) {
|
||||
ao2_ref(p->socket.ser, -1);
|
||||
p->socket.ser = NULL;
|
||||
if (p->socket.tcptls_session) {
|
||||
ao2_ref(p->socket.tcptls_session, -1);
|
||||
p->socket.tcptls_session = NULL;
|
||||
}
|
||||
|
||||
p->socket.fd = -1;
|
||||
|
@ -20204,7 +20204,7 @@ static int sipsock_read(int *id, int fd, short events, void *ignore)
|
|||
req.len = res;
|
||||
req.socket.fd = sipsock;
|
||||
req.socket.type = SIP_TRANSPORT_UDP;
|
||||
req.socket.ser = NULL;
|
||||
req.socket.tcptls_session = NULL;
|
||||
req.socket.port = bindaddr.sin_port;
|
||||
|
||||
handle_request_do(&req, &sin);
|
||||
|
@ -20338,10 +20338,10 @@ static struct ast_tcptls_session_instance *sip_tcp_locate(struct sockaddr_in *s)
|
|||
|
||||
AST_LIST_LOCK(&threadl);
|
||||
AST_LIST_TRAVERSE(&threadl, th, list) {
|
||||
if ((s->sin_family == th->ser->remote_address.sin_family) &&
|
||||
(s->sin_addr.s_addr == th->ser->remote_address.sin_addr.s_addr) &&
|
||||
(s->sin_port == th->ser->remote_address.sin_port)) {
|
||||
tcptls_instance = (ao2_ref(th->ser, +1), th->ser);
|
||||
if ((s->sin_family == th->tcptls_session->remote_address.sin_family) &&
|
||||
(s->sin_addr.s_addr == th->tcptls_session->remote_address.sin_addr.s_addr) &&
|
||||
(s->sin_port == th->tcptls_session->remote_address.sin_port)) {
|
||||
tcptls_instance = (ao2_ref(th->tcptls_session, +1), th->tcptls_session);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -20355,7 +20355,7 @@ static int sip_prepare_socket(struct sip_pvt *p)
|
|||
{
|
||||
struct sip_socket *s = &p->socket;
|
||||
static const char name[] = "SIP socket";
|
||||
struct ast_tcptls_session_instance *ser;
|
||||
struct ast_tcptls_session_instance *tcptls_session;
|
||||
struct ast_tcptls_session_args ca = {
|
||||
.name = name,
|
||||
.accept_fd = -1,
|
||||
|
@ -20378,18 +20378,18 @@ static int sip_prepare_socket(struct sip_pvt *p)
|
|||
|
||||
ca.remote_address = *(sip_real_dst(p));
|
||||
|
||||
if ((ser = sip_tcp_locate(&ca.remote_address))) { /* Check if we have a thread handling a socket connected to this IP/port */
|
||||
s->fd = ser->fd;
|
||||
if (s->ser) {
|
||||
ao2_ref(s->ser, -1);
|
||||
s->ser = NULL;
|
||||
if ((tcptls_session = sip_tcp_locate(&ca.remote_address))) { /* Check if we have a thread handling a socket connected to this IP/port */
|
||||
s->fd = tcptls_session->fd;
|
||||
if (s->tcptls_session) {
|
||||
ao2_ref(s->tcptls_session, -1);
|
||||
s->tcptls_session = NULL;
|
||||
}
|
||||
s->ser = ser;
|
||||
s->tcptls_session = tcptls_session;
|
||||
return s->fd;
|
||||
}
|
||||
|
||||
if (s->ser && s->ser->parent->tls_cfg) {
|
||||
ca.tls_cfg = s->ser->parent->tls_cfg;
|
||||
if (s->tcptls_session && s->tcptls_session->parent->tls_cfg) {
|
||||
ca.tls_cfg = s->tcptls_session->parent->tls_cfg;
|
||||
} else {
|
||||
if (s->type & SIP_TRANSPORT_TLS) {
|
||||
ca.tls_cfg = ast_calloc(1, sizeof(*ca.tls_cfg));
|
||||
|
@ -20401,13 +20401,13 @@ static int sip_prepare_socket(struct sip_pvt *p)
|
|||
}
|
||||
}
|
||||
|
||||
if (s->ser) {
|
||||
if (s->tcptls_session) {
|
||||
/* the pvt socket already has a server instance ... */
|
||||
} else {
|
||||
s->ser = ast_tcptls_client_start(&ca); /* Start a client connection to this address */
|
||||
s->tcptls_session = ast_tcptls_client_start(&ca); /* Start a client connection to this address */
|
||||
}
|
||||
|
||||
if (!s->ser) {
|
||||
if (!s->tcptls_session) {
|
||||
if (ca.tls_cfg)
|
||||
ast_free(ca.tls_cfg);
|
||||
return -1;
|
||||
|
@ -20416,11 +20416,11 @@ static int sip_prepare_socket(struct sip_pvt *p)
|
|||
s->fd = ca.accept_fd;
|
||||
|
||||
/* Give the new thread a reference */
|
||||
ao2_ref(s->ser, +1);
|
||||
ao2_ref(s->tcptls_session, +1);
|
||||
|
||||
if (ast_pthread_create_background(&ca.master, NULL, sip_tcp_worker_fn, s->ser)) {
|
||||
if (ast_pthread_create_background(&ca.master, NULL, sip_tcp_worker_fn, s->tcptls_session)) {
|
||||
ast_debug(1, "Unable to launch '%s'.", ca.name);
|
||||
ao2_ref(s->ser, -1);
|
||||
ao2_ref(s->tcptls_session, -1);
|
||||
close(ca.accept_fd);
|
||||
s->fd = ca.accept_fd = -1;
|
||||
}
|
||||
|
|
122
main/tcptls.c
122
main/tcptls.c
|
@ -82,34 +82,34 @@ static int ssl_close(void *cookie)
|
|||
}
|
||||
#endif /* DO_SSL */
|
||||
|
||||
HOOK_T ast_tcptls_server_read(struct ast_tcptls_session_instance *ser, void *buf, size_t count)
|
||||
HOOK_T ast_tcptls_server_read(struct ast_tcptls_session_instance *tcptls_session, void *buf, size_t count)
|
||||
{
|
||||
if (ser->fd == -1) {
|
||||
if (tcptls_session->fd == -1) {
|
||||
ast_log(LOG_ERROR, "server_read called with an fd of -1\n");
|
||||
errno = EIO;
|
||||
return -1;
|
||||
}
|
||||
|
||||
#ifdef DO_SSL
|
||||
if (ser->ssl)
|
||||
return ssl_read(ser->ssl, buf, count);
|
||||
if (tcptls_session->ssl)
|
||||
return ssl_read(tcptls_session->ssl, buf, count);
|
||||
#endif
|
||||
return read(ser->fd, buf, count);
|
||||
return read(tcptls_session->fd, buf, count);
|
||||
}
|
||||
|
||||
HOOK_T ast_tcptls_server_write(struct ast_tcptls_session_instance *ser, void *buf, size_t count)
|
||||
HOOK_T ast_tcptls_server_write(struct ast_tcptls_session_instance *tcptls_session, void *buf, size_t count)
|
||||
{
|
||||
if (ser->fd == -1) {
|
||||
if (tcptls_session->fd == -1) {
|
||||
ast_log(LOG_ERROR, "server_write called with an fd of -1\n");
|
||||
errno = EIO;
|
||||
return -1;
|
||||
}
|
||||
|
||||
#ifdef DO_SSL
|
||||
if (ser->ssl)
|
||||
return ssl_write(ser->ssl, buf, count);
|
||||
if (tcptls_session->ssl)
|
||||
return ssl_write(tcptls_session->ssl, buf, count);
|
||||
#endif
|
||||
return write(ser->fd, buf, count);
|
||||
return write(tcptls_session->fd, buf, count);
|
||||
}
|
||||
|
||||
static void session_instance_destructor(void *obj)
|
||||
|
@ -125,9 +125,9 @@ static void session_instance_destructor(void *obj)
|
|||
*/
|
||||
static void *handle_tls_connection(void *data)
|
||||
{
|
||||
struct ast_tcptls_session_instance *ser = data;
|
||||
struct ast_tcptls_session_instance *tcptls_session = data;
|
||||
#ifdef DO_SSL
|
||||
int (*ssl_setup)(SSL *) = (ser->client) ? SSL_connect : SSL_accept;
|
||||
int (*ssl_setup)(SSL *) = (tcptls_session->client) ? SSL_connect : SSL_accept;
|
||||
int ret;
|
||||
char err[256];
|
||||
#endif
|
||||
|
@ -135,37 +135,37 @@ static void *handle_tls_connection(void *data)
|
|||
/*
|
||||
* open a FILE * as appropriate.
|
||||
*/
|
||||
if (!ser->parent->tls_cfg)
|
||||
ser->f = fdopen(ser->fd, "w+");
|
||||
if (!tcptls_session->parent->tls_cfg)
|
||||
tcptls_session->f = fdopen(tcptls_session->fd, "w+");
|
||||
#ifdef DO_SSL
|
||||
else if ( (ser->ssl = SSL_new(ser->parent->tls_cfg->ssl_ctx)) ) {
|
||||
SSL_set_fd(ser->ssl, ser->fd);
|
||||
if ((ret = ssl_setup(ser->ssl)) <= 0) {
|
||||
else if ( (tcptls_session->ssl = SSL_new(tcptls_session->parent->tls_cfg->ssl_ctx)) ) {
|
||||
SSL_set_fd(tcptls_session->ssl, tcptls_session->fd);
|
||||
if ((ret = ssl_setup(tcptls_session->ssl)) <= 0) {
|
||||
ast_verb(2, "Problem setting up ssl connection: %s\n", ERR_error_string(ERR_get_error(), err));
|
||||
} else {
|
||||
#if defined(HAVE_FUNOPEN) /* the BSD interface */
|
||||
ser->f = funopen(ser->ssl, ssl_read, ssl_write, NULL, ssl_close);
|
||||
tcptls_session->f = funopen(tcptls_session->ssl, ssl_read, ssl_write, NULL, ssl_close);
|
||||
|
||||
#elif defined(HAVE_FOPENCOOKIE) /* the glibc/linux interface */
|
||||
static const cookie_io_functions_t cookie_funcs = {
|
||||
ssl_read, ssl_write, NULL, ssl_close
|
||||
};
|
||||
ser->f = fopencookie(ser->ssl, "w+", cookie_funcs);
|
||||
tcptls_session->f = fopencookie(tcptls_session->ssl, "w+", cookie_funcs);
|
||||
#else
|
||||
/* could add other methods here */
|
||||
ast_debug(2, "no ser->f methods attempted!");
|
||||
ast_debug(2, "no tcptls_session->f methods attempted!");
|
||||
#endif
|
||||
if ((ser->client && !ast_test_flag(&ser->parent->tls_cfg->flags, AST_SSL_DONT_VERIFY_SERVER))
|
||||
|| (!ser->client && ast_test_flag(&ser->parent->tls_cfg->flags, AST_SSL_VERIFY_CLIENT))) {
|
||||
if ((tcptls_session->client && !ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_DONT_VERIFY_SERVER))
|
||||
|| (!tcptls_session->client && ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_VERIFY_CLIENT))) {
|
||||
X509 *peer;
|
||||
long res;
|
||||
peer = SSL_get_peer_certificate(ser->ssl);
|
||||
peer = SSL_get_peer_certificate(tcptls_session->ssl);
|
||||
if (!peer)
|
||||
ast_log(LOG_WARNING, "No peer SSL certificate\n");
|
||||
res = SSL_get_verify_result(ser->ssl);
|
||||
res = SSL_get_verify_result(tcptls_session->ssl);
|
||||
if (res != X509_V_OK)
|
||||
ast_log(LOG_ERROR, "Certificate did not verify: %s\n", X509_verify_cert_error_string(res));
|
||||
if (!ast_test_flag(&ser->parent->tls_cfg->flags, AST_SSL_IGNORE_COMMON_NAME)) {
|
||||
if (!ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_IGNORE_COMMON_NAME)) {
|
||||
ASN1_STRING *str;
|
||||
unsigned char *str2;
|
||||
X509_NAME *name = X509_get_subject_name(peer);
|
||||
|
@ -181,19 +181,19 @@ static void *handle_tls_connection(void *data)
|
|||
str = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, pos));
|
||||
ASN1_STRING_to_UTF8(&str2, str);
|
||||
if (str2) {
|
||||
if (!strcasecmp(ser->parent->hostname, (char *) str2))
|
||||
if (!strcasecmp(tcptls_session->parent->hostname, (char *) str2))
|
||||
found = 1;
|
||||
ast_debug(3, "SSL Common Name compare s1='%s' s2='%s'\n", ser->parent->hostname, str2);
|
||||
ast_debug(3, "SSL Common Name compare s1='%s' s2='%s'\n", tcptls_session->parent->hostname, str2);
|
||||
OPENSSL_free(str2);
|
||||
}
|
||||
if (found)
|
||||
break;
|
||||
}
|
||||
if (!found) {
|
||||
ast_log(LOG_ERROR, "Certificate common name did not match (%s)\n", ser->parent->hostname);
|
||||
ast_log(LOG_ERROR, "Certificate common name did not match (%s)\n", tcptls_session->parent->hostname);
|
||||
if (peer)
|
||||
X509_free(peer);
|
||||
fclose(ser->f);
|
||||
fclose(tcptls_session->f);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
@ -201,22 +201,22 @@ static void *handle_tls_connection(void *data)
|
|||
X509_free(peer);
|
||||
}
|
||||
}
|
||||
if (!ser->f) /* no success opening descriptor stacking */
|
||||
SSL_free(ser->ssl);
|
||||
if (!tcptls_session->f) /* no success opening descriptor stacking */
|
||||
SSL_free(tcptls_session->ssl);
|
||||
}
|
||||
#endif /* DO_SSL */
|
||||
|
||||
if (!ser->f) {
|
||||
close(ser->fd);
|
||||
if (!tcptls_session->f) {
|
||||
close(tcptls_session->fd);
|
||||
ast_log(LOG_WARNING, "FILE * open failed!\n");
|
||||
ao2_ref(ser, -1);
|
||||
ao2_ref(tcptls_session, -1);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (ser && ser->parent->worker_fn)
|
||||
return ser->parent->worker_fn(ser);
|
||||
if (tcptls_session && tcptls_session->parent->worker_fn)
|
||||
return tcptls_session->parent->worker_fn(tcptls_session);
|
||||
else
|
||||
return ser;
|
||||
return tcptls_session;
|
||||
}
|
||||
|
||||
void *ast_tcptls_server_root(void *data)
|
||||
|
@ -225,7 +225,7 @@ void *ast_tcptls_server_root(void *data)
|
|||
int fd;
|
||||
struct sockaddr_in sin;
|
||||
socklen_t sinlen;
|
||||
struct ast_tcptls_session_instance *ser;
|
||||
struct ast_tcptls_session_instance *tcptls_session;
|
||||
pthread_t launched;
|
||||
|
||||
for (;;) {
|
||||
|
@ -243,27 +243,27 @@ void *ast_tcptls_server_root(void *data)
|
|||
ast_log(LOG_WARNING, "Accept failed: %s\n", strerror(errno));
|
||||
continue;
|
||||
}
|
||||
ser = ao2_alloc(sizeof(*ser), session_instance_destructor);
|
||||
if (!ser) {
|
||||
tcptls_session = ao2_alloc(sizeof(*tcptls_session), session_instance_destructor);
|
||||
if (!tcptls_session) {
|
||||
ast_log(LOG_WARNING, "No memory for new session: %s\n", strerror(errno));
|
||||
close(fd);
|
||||
continue;
|
||||
}
|
||||
|
||||
ast_mutex_init(&ser->lock);
|
||||
ast_mutex_init(&tcptls_session->lock);
|
||||
|
||||
flags = fcntl(fd, F_GETFL);
|
||||
fcntl(fd, F_SETFL, flags & ~O_NONBLOCK);
|
||||
ser->fd = fd;
|
||||
ser->parent = desc;
|
||||
memcpy(&ser->remote_address, &sin, sizeof(ser->remote_address));
|
||||
tcptls_session->fd = fd;
|
||||
tcptls_session->parent = desc;
|
||||
memcpy(&tcptls_session->remote_address, &sin, sizeof(tcptls_session->remote_address));
|
||||
|
||||
ser->client = 0;
|
||||
tcptls_session->client = 0;
|
||||
|
||||
if (ast_pthread_create_detached_background(&launched, NULL, handle_tls_connection, ser)) {
|
||||
if (ast_pthread_create_detached_background(&launched, NULL, handle_tls_connection, tcptls_session)) {
|
||||
ast_log(LOG_WARNING, "Unable to launch helper thread: %s\n", strerror(errno));
|
||||
close(ser->fd);
|
||||
ao2_ref(ser, -1);
|
||||
close(tcptls_session->fd);
|
||||
ao2_ref(tcptls_session, -1);
|
||||
}
|
||||
}
|
||||
return NULL;
|
||||
|
@ -331,7 +331,7 @@ struct ast_tcptls_session_instance *ast_tcptls_client_start(struct ast_tcptls_se
|
|||
{
|
||||
int flags;
|
||||
int x = 1;
|
||||
struct ast_tcptls_session_instance *ser = NULL;
|
||||
struct ast_tcptls_session_instance *tcptls_session = NULL;
|
||||
|
||||
/* Do nothing if nothing has changed */
|
||||
if(!memcmp(&desc->old_local_address, &desc->local_address, sizeof(desc->old_local_address))) {
|
||||
|
@ -372,37 +372,37 @@ struct ast_tcptls_session_instance *ast_tcptls_client_start(struct ast_tcptls_se
|
|||
goto error;
|
||||
}
|
||||
|
||||
if (!(ser = ao2_alloc(sizeof(*ser), session_instance_destructor)))
|
||||
if (!(tcptls_session = ao2_alloc(sizeof(*tcptls_session), session_instance_destructor)))
|
||||
goto error;
|
||||
|
||||
ast_mutex_init(&ser->lock);
|
||||
ast_mutex_init(&tcptls_session->lock);
|
||||
|
||||
flags = fcntl(desc->accept_fd, F_GETFL);
|
||||
fcntl(desc->accept_fd, F_SETFL, flags & ~O_NONBLOCK);
|
||||
|
||||
ser->fd = desc->accept_fd;
|
||||
ser->parent = desc;
|
||||
ser->parent->worker_fn = NULL;
|
||||
memcpy(&ser->remote_address, &desc->local_address, sizeof(ser->remote_address));
|
||||
tcptls_session->fd = desc->accept_fd;
|
||||
tcptls_session->parent = desc;
|
||||
tcptls_session->parent->worker_fn = NULL;
|
||||
memcpy(&tcptls_session->remote_address, &desc->local_address, sizeof(tcptls_session->remote_address));
|
||||
|
||||
ser->client = 1;
|
||||
tcptls_session->client = 1;
|
||||
|
||||
if (desc->tls_cfg) {
|
||||
desc->tls_cfg->enabled = 1;
|
||||
__ssl_setup(desc->tls_cfg, 1);
|
||||
}
|
||||
|
||||
ao2_ref(ser, +1);
|
||||
if (!handle_tls_connection(ser))
|
||||
ao2_ref(tcptls_session, +1);
|
||||
if (!handle_tls_connection(tcptls_session))
|
||||
goto error;
|
||||
|
||||
return ser;
|
||||
return tcptls_session;
|
||||
|
||||
error:
|
||||
close(desc->accept_fd);
|
||||
desc->accept_fd = -1;
|
||||
if (ser)
|
||||
ao2_ref(ser, -1);
|
||||
if (tcptls_session)
|
||||
ao2_ref(tcptls_session, -1);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue