[Freeswitch-svn] [commit] r7617 - in freeswitch/trunk/libs/sofia-sip: . libsofia-sip-ua/nua libsofia-sip-ua/tport

Fri Feb 15 10:58:10 EST 2008

Author: mikej
Date: Fri Feb 15 10:58:10 2008
New Revision: 7617

Modified:
   freeswitch/trunk/libs/sofia-sip/.update
   freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/nua/nua_subnotref.c
   freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/test_tport.c
   freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/tport.c
   freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.c

Log:
sync with darcs:

Fri Feb  1 09:41:42 EST 2008  Pekka.Pessi at nokia.com
  * tport_tls.c: restructured error logging code.

Fri Feb  1 10:10:25 EST 2008  Pekka.Pessi at nokia.com
  * tport_tls.c: cleared confused logging levels

Fri Feb  1 10:13:09 EST 2008  Pekka.Pessi at nokia.com
  * test_tport.c: fixed type-punning warning.

Tue Feb 12 14:26:26 EST 2008  Pekka.Pessi at nokia.com
  * tport.c: tport_name_dup() now validates the input

Wed Feb 13 09:23:24 EST 2008  Pekka Pessi <Pekka.Pessi at nokia.com>
  * nua_subnotref.c: do not terminate subscriptions immediately after receiving 200 OK to un-SUBSCRIBE



Modified: freeswitch/trunk/libs/sofia-sip/.update
==============================================================================

--- freeswitch/trunk/libs/sofia-sip/.update	(original)
+++ freeswitch/trunk/libs/sofia-sip/.update	Fri Feb 15 10:58:10 2008
@@ -1 +1 @@
-Tue Jan 29 16:16:02 EST 2008
+Fri Feb 15 10:57:26 EST 2008

Modified: freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/nua/nua_subnotref.c
==============================================================================
--- freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/nua/nua_subnotref.c	(original)
+++ freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/nua/nua_subnotref.c	Fri Feb 15 10:58:10 2008
@@ -376,23 +376,23 @@
     if (delta > 0) {
       nua_dialog_usage_set_refresh(du, delta);
     } 
-    else if (!eu->eu_notified) {
-      /* This is a fetch: subscription was really terminated
-	 but we wait 32 seconds for NOTIFY. */
-      delta = 64 * NTA_SIP_T1 / 1000;
-
-      if (win_messenger_enable)
-	delta = 4 * 60; 	/* Wait 4 minutes for NOTIFY from Messenger */
+    else {
+      if (eu->eu_substate == nua_substate_terminated) {
+	if (!eu->eu_notified)
+	  eu->eu_substate = nua_substate_embryonic;
+      }
 
-      eu->eu_final_wait = 1;
+      if (eu->eu_substate != nua_substate_terminated) {
+	/* Wait 32 seconds for NOTIFY. */
+	delta = 64 * NTA_SIP_T1 / 1000;
 	
-      if (eu->eu_substate == nua_substate_terminated)
-	eu->eu_substate = nua_substate_embryonic;
+	eu->eu_final_wait = 1;
 
-      nua_dialog_usage_set_refresh_range(du, delta, delta);
-    }
-    else {
-      eu->eu_substate = nua_substate_terminated;
+	if (!eu->eu_notified && win_messenger_enable)
+	  delta = 4 * 60; 	/* Wait 4 minutes for NOTIFY from Messenger */
+
+	nua_dialog_usage_set_refresh_range(du, delta, delta);
+      }
     }
 
     substate = eu->eu_substate;

Modified: freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/test_tport.c
==============================================================================
--- freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/test_tport.c	(original)
+++ freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/test_tport.c	Fri Feb 15 10:58:10 2008
@@ -48,6 +48,7 @@
 typedef struct tp_test_s tp_test_t;
 
 #define TP_STACK_T tp_test_t
+#define TP_CLIENT_T struct called
  
 #include <sofia-sip/su_wait.h>
 #include <sofia-sip/su_md5.h>

Modified: freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/tport.c
==============================================================================
--- freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/tport.c	(original)
+++ freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/tport.c	Fri Feb 15 10:58:10 2008
@@ -4655,6 +4655,9 @@
   size_t n_proto, n_host, n_port, n_canon, n_comp = 0;
   char *s;
 
+  if (!src->tpn_proto || !src->tpn_host || !src->tpn_port || !src->tpn_canon)
+    return -1;
+
   if (strcmp(src->tpn_proto, tpn_any)) 
     n_proto = strlen(src->tpn_proto) + 1;
   else

Modified: freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.c
==============================================================================
--- freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.c	(original)
+++ freeswitch/trunk/libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.c	Fri Feb 15 10:58:10 2008
@@ -90,13 +90,35 @@
 
 enum { tls_buffer_size = 16384 };
 
+/** Log TLS error(s).
+ *
+ * Log the TLS error specified by the error code @a e and all the errors in
+ * the queue. The error code @a e implies no error, and it is not logged.
+ */
 static
-int tls_print_errors(const char *str, size_t len, void *u)
+void tls_log_errors(unsigned level, char const *s, unsigned long e)
 {
-	SU_DEBUG_1((str));
-	return 0;
+  if (e == 0)
+    e = ERR_get_error();
+
+  if (!tport_log->log_init)
+    su_log_init(tport_log);
+
+  if (s == NULL) s = "tls";
+
+  for (; e != 0; e = ERR_get_error()) {
+    if (level <= tport_log->log_level) {
+      const char *error = ERR_lib_error_string(e);
+      const char *func = ERR_func_error_string(e);
+      const char *reason = ERR_reason_error_string(e);
+
+      su_llog(tport_log, level, "%s: %08lx:%s:%s:%s\n", 
+	      s, e, error, func, reason);
+    }
+  }
 }
 
+
 static
 tls_t *tls_create(int type)
 {
@@ -108,6 +130,7 @@
   return tls;
 }
 
+
 static
 void tls_set_default(tls_issues_t *i)
 {
@@ -123,22 +146,18 @@
   /* TLS_RSA_WITH_3DES_EDE_CBC_SHA; */
 }
 
+
 static
 int tls_verify_cb(int ok, X509_STORE_CTX *store)
 {
-  char data[256];
-
-  X509 *cert = X509_STORE_CTX_get_current_cert(store);
-  int  depth = X509_STORE_CTX_get_error_depth(store);
-  int  err = X509_STORE_CTX_get_error(store);
-
-#if nomore 
-  509_NAME_oneline(X509_get_subject_name(cert), data, 256);
-  SU_DEBUG_1(("depth=%d %s\n",depth,data));
-#endif
-
   if (!ok)
   {
+    char data[256];
+
+    X509 *cert = X509_STORE_CTX_get_current_cert(store);
+    int  depth = X509_STORE_CTX_get_error_depth(store);
+    int  err = X509_STORE_CTX_get_error(store);
+
     SU_DEBUG_1(("-Error with certificate at depth: %i\n", depth));
     X509_NAME_oneline(X509_get_issuer_name(cert), data, 256);
     SU_DEBUG_1(("  issuer   = %s\n", data));
@@ -163,9 +182,9 @@
     if (ti->randFile &&
 	!RAND_load_file(ti->randFile, 1024 * 1024)) {
       if (ti->configured > 1) {
-	SU_DEBUG_1(("%s: cannot open randFile %s\n", 
+	SU_DEBUG_3(("%s: cannot open randFile %s\n", 
 		   "tls_init_context", ti->randFile));
-	ERR_print_errors_cb(&tls_print_errors, NULL);
+	tls_log_errors(3, "tls_init_context", 0);
       }
       /* errno = EIO; */
       /* return -1; */
@@ -192,7 +211,7 @@
   }
 
   if (tls->ctx == NULL) {
-    ERR_print_errors_cb(&tls_print_errors, NULL);
+    tls_log_errors(1, "tls_init_context", 0);
     errno = EIO;
     return -1;
   }
@@ -201,9 +220,9 @@
 				    ti->cert,
 				    SSL_FILETYPE_PEM)) {
     if (ti->configured > 0) {
-      SU_DEBUG_1(("%s: invalid certificate: %s\n",
+      SU_DEBUG_1(("%s: invalid local certificate: %s\n",
 		 "tls_init_context", ti->cert));
-      ERR_print_errors_cb(&tls_print_errors, NULL);
+      tls_log_errors(1, "tls_init_context", 0);
 #if require_client_certificate
       errno = EIO;
       return -1;
@@ -215,7 +234,7 @@
                                    ti->key, 
                                    SSL_FILETYPE_PEM)) {
     if (ti->configured > 0) {
-      ERR_print_errors_cb(&tls_print_errors, NULL);
+      tls_log_errors(1, "tls_init_context", 0);
 #if require_client_certificate
       errno = EIO;
       return -1;
@@ -225,7 +244,8 @@
 
   if (!SSL_CTX_check_private_key(tls->ctx)) {
     if (ti->configured > 0) {
-      SU_DEBUG_1(("Private key does not match the certificate public key\n"));
+      SU_DEBUG_1(("%s: private key does not match the certificate public key\n",
+		  "tls_init_context"));
     }
 #if require_client_certificate
     errno = EIO;
@@ -237,7 +257,7 @@
                                      ti->CAfile, 
                                      ti->CApath)) {
     if (ti->configured > 0)
-      ERR_print_errors_cb(&tls_print_errors, NULL);
+      tls_log_errors(1, "tls_init_context", 0);
     errno = EIO;
     return -1;
   }
@@ -250,8 +270,8 @@
                      tls_verify_cb);
 
   if (!SSL_CTX_set_cipher_list(tls->ctx, ti->cipher)) {
-    SU_DEBUG_1(("error setting cipher list\n"));
-    ERR_print_errors_cb(&tls_print_errors, NULL);
+    SU_DEBUG_1(("%s: error setting cipher list\n", "tls_init_context"));
+    tls_log_errors(1, "tls_init_context", 0);
     errno = EIO;
     return -1;
   }
@@ -331,8 +351,7 @@
     tls->bio_con = BIO_new_socket(sock, BIO_NOCLOSE);
 
     if (tls->bio_con == NULL) {
-      SU_DEBUG_1(("tls_init_master: BIO_new_socket failed\n"));
-      ERR_print_errors_cb(&tls_print_errors, NULL);
+      tls_log_errors(1, "tls_init_master", 0);
       tls_free(tls);
       errno = EIO;
       return NULL;
@@ -343,56 +362,6 @@
   return tls;
 }
 
-#if 0
-#include <poll.h>
-
-static 
-int tls_accept(tls_t *tls)
-{
-  int ret = SSL_accept(tls->con);
-  int verify_result;
-
-  if (ret <= 0) {
-    int err = SSL_get_error(tls->con, ret);
-    switch(err) {
-    case SSL_ERROR_WANT_READ:
-      return errno = EAGAIN, tls->read_events = SU_WAIT_IN, 0;
-    case SSL_ERROR_WANT_WRITE:
-      return errno = EAGAIN, tls->read_events = SU_WAIT_OUT, 0;
-
-    default:    
-      SU_DEBUG_1(("SSL_connect failed: %d %s\n", 
-                 err,
-                 ERR_error_string(err, NULL)));
-      ERR_print_errors_cb(&tls_print_errors, NULL);
-      return -1;
-    }
-  }
-
-  verify_result = SSL_get_verify_result(tls->con);
-
-  if (verify_result != X509_V_OK) {
-    SU_DEBUG_1((
-               "Client certificate doesn't verify: %s\n",
-               X509_verify_cert_error_string(verify_result)));
-#if 0
-    tls_free(tls);
-    return NULL;
-#endif
-  }
-
-  if (SSL_get_peer_certificate(tls->con) == NULL) {
-    SU_DEBUG_1(("Client didn't send certificate\n"));
-#if 0
-    tls_free(tls);
-    return NULL;
-#endif
-  }
-
-  return 1;
-}
-#endif
-
 tls_t *tls_clone(tls_t *master, int sock, int accept)
 {
   tls_t *tls = tls_create(tls_slave);
@@ -412,8 +381,7 @@
   tls->con = SSL_new(tls->ctx);
 
   if (tls->con == NULL) {
-    SU_DEBUG_1(("tls_clone: SSL_new failed\n"));
-    ERR_print_errors_cb(&tls_print_errors, NULL);
+    tls_log_errors(1, "tls_clone", 0);
     tls_free(tls);
     errno = EIO;
     return NULL;
@@ -566,10 +534,9 @@
 }
 
 static
-int tls_error(tls_t *tls, int ret, char const *who, char const *operation,
+int tls_error(tls_t *tls, int ret, char const *who,
 	      void *buf, int size)
 {
-  char errorbuf[128];
   int events = 0;
   int err = SSL_get_error(tls->con, ret);
 
@@ -593,9 +560,7 @@
     return -1;
 
   default:
-    SU_DEBUG_1(("%s: %s failed (%d): %s\n", 
-	       who, operation, err, ERR_error_string(err, errorbuf)));
-    ERR_print_errors_cb(&tls_print_errors, NULL);
+    tls_log_errors(1, who, err);
     errno = EIO;
     return -1;
   }
@@ -633,7 +598,7 @@
 
   ret = SSL_read(tls->con, tls->read_buffer, tls_buffer_size);
   if (ret <= 0)
-    return tls_error(tls, ret, "tls_read", "SSL_read", NULL, 0);
+    return tls_error(tls, ret, "tls_read: SSL_read", NULL, 0);
 
   if (!tls->verified) {
     int err = tls_post_connection_check(tls);
@@ -737,7 +702,7 @@
 
   ret = SSL_write(tls->con, buf, size);
   if (ret < 0)
-    return tls_error(tls, ret, "tls_write", "SSL_write", buf, size);
+    return tls_error(tls, ret, "tls_write: SSL_write", buf, size);
 
   return ret;
 }

