Commit Graph

9 Commits

Author SHA1 Message Date
Sean Bright
642b84c9c9 pjsip_transport_events.c: Use %zu printf specifier for size_t.
Partially resolves #143.
2023-06-12 17:20:31 +00:00
Sean Bright
c85fc1278f doxygen: Fix doxygen errors.
Change-Id: Ic50e95b4fc10f74ab15416d908e8a87ee8ec2f85
2023-01-31 11:23:11 -06:00
George Joseph
120aca73ba pjsip_transport_events: Fix possible use after free on transport
It was possible for a module that registered for transport monitor
events to pass in a pjsip_transport that had already been freed.
This caused pjsip_transport_events to crash when looking up the
monitor for the transport.  The fix is a two pronged approach.

1. We now increment the reference count on pjsip_transports when we
create monitors for them, then decrement the count when the
transport is going to be destroyed.

2. There are now APIs to register and unregister monitor callbacks
by "transport key" which is a string concatenation of the remote ip
address and port.  This way the module needing to monitor the
transport doesn't have to hold on to the transport object itself to
unregister.  It just has to save the transport_key.

* Added the pjsip_transport reference increment and decrement.

* Changed the internal transport monitor container key from the
  transport->obj_name (which may not be unique anyway) to the
  transport_key.

* Added a helper macro AST_SIP_MAKE_REMOTE_IPADDR_PORT_STR() that
  fills a buffer with the transport_key using a passed-in
  pjsip_transport.

* Added the following functions:
  ast_sip_transport_monitor_register_key
  ast_sip_transport_monitor_register_replace_key
  ast_sip_transport_monitor_unregister_key
  and marked their non-key counterparts as deprecated.

* Updated res_pjsip_pubsub and res_pjsip_outbound_register to use
  the new "key" monitor functions.

NOTE: res_pjsip_registrar also uses the transport monitor
functionality but doesn't have a persistent object other than
contact to store a transport key.  At this time, it continues to
use the non-key monitor functions.

ASTERISK-30244

Change-Id: I1a20baf2a8643c272dcf819871d6c395f148f00b
(cherry picked from commit 7684c9e907)
2022-12-03 10:27:54 -06:00
Kevin Harwell
a3b2daf127 res_pjsip: allow TLS verification of wildcard cert-bearing servers
Rightly the use of wildcards in certificates is disallowed in accordance
with RFC5922. However, RFC2818 does make some allowances with regards to
their use when using subject alt names with DNS name types.

As such this patch creates a new setting for TLS transports called
'allow_wildcard_certs', which when it and 'verify_server' are both enabled
allows DNS name types, as well as the common name that start with '*.'
to match as a wildcard.

For instance: *.example.com
will match for: foo.example.com

Partial matching is not allowed, e.g. f*.example.com, foo.*.com, etc...
And the starting wildcard only matches for a single level.

For instance: *.example.com
will NOT match for: foo.bar.example.com

The new setting is disabled by default.

ASTERISK-30072 #close

Change-Id: If0be3fdab2e09c2a66bb54824fca406ebaac3da4
2022-06-30 16:20:07 -05:00
Alexander Traud
463f6c83e8 res_pjsip: Fix for Doxygen.
ASTERISK-29747

Change-Id: Ic7a1e9453f805a6264fe86c96b7d18b87b376084
2021-11-18 12:14:54 -06:00
Kevin Harwell
930a7fe910 res_pjsip_registrar: blocked threads on reliable transport shutdown take 3
When a contact was removed by the registrar it did not always check to see if
the circumstances involved a monitored reliable transport. For instance, if the
'remove_existing' option was set to 'true' then when existing contacts were
removed due to 'max_contacts' being reached, those existing contacts being
removed did not unregister the transport monitor.

Also, it was possible to add more than one monitor on a reliable transport for
a given aor and contact.

This patch makes it so all contact removals done by the registrar also remove
any associated transport monitors if necessary. It also makes it so duplicate
monitors cannot be added for a given transport.

ASTERISK-28213

Change-Id: I94b06f9026ed177d6adfd538317c784a42c1b17a
2019-02-27 17:02:43 -06:00
Ross Beer
f65488f546 pjsip_transport_events.c: Fix crash using stale transport pointer.
Apparently it is possible for the transport to be destroyed without
triggering the transport callback logic.  As a result the transport gets
destroyed and we have a stale pointer in the active_transports container.

* Invoke the transport monitor callback checks when the transport is
destroyed in addition to when it is disconnected and shutdown.

ASTERISK-27688

Change-Id: Ia9b5469fea8f2b3f2d8476fae6b748a4d23e7261
2018-03-28 16:20:11 -06:00
George Joseph
2b9aa6b5bb res_pjsip_pubsub: Prune subs with reliable transports at startup
In an earlier release, inbound registrations on a reliable transport
were pruned on Asterisk restart since the TCP connection would have
been torn down and become unusable when Asterisk stopped.  This same
process is now also applied to inbound subscriptions.

Also fixed issues in res_pjsip_registrar where it wasn't handling the
monitoring correctly when multiple registrations came in over the same
transport.

To accomplish this, the pjsip_transport_event feature needed to
be refactored to allow multiple monitors (multiple subcriptions or
registrations from the same endpoint) to exist on the same transport.
Since this changed the API, any external modules that may have used the
transport monitor feature (highly unlikey) will need to be changed.

ASTERISK-27612
Reported by: Ross Beer

Change-Id: Iee87cf4eb9b7b2b93d5739a72af52d6ca8fbbe36
2018-01-30 09:29:51 -06:00
Richard Mudgett
1dcb92bba8 res_pjsip: PJSIP Transport state monitor refactor.
The fix for the issue is broken up into three parts.

This is part one which refactors the transport state monitor code to allow
more modules to be able to monitor transports.

* Pull the management of PJPROJECT's transport state callback code from
res_pjsip_transport_management.c into res_pjsip.  Now other modules can
dynamically add and remove themselves from transport monitoring without
worrying about breaking PJPROJECT's callback chain.

* Add the ability for other modules to get a callback whenever a specific
transport is shutdown.

ASTERISK-27147

Change-Id: I7d9a31371eb1487c9b7050cf82a9af5180a57912
2017-08-10 12:18:58 -05:00