![(please configure the [header_logo] section in trac.ini)](/repos/chrome/site/pj.jpg)
Changeset 3110 for pjproject/trunk
- Timestamp:
- Feb 25, 2010 11:58:19 AM (15 years ago)
- Location:
- pjproject/trunk
- Files:
-
- 17 edited
-
pjlib/include/pj/ssl_sock.h (modified) (4 diffs)
-
pjlib/src/pj/ssl_sock_common.c (modified) (2 diffs)
-
pjlib/src/pj/ssl_sock_dump.c (modified) (9 diffs)
-
pjlib/src/pj/ssl_sock_symbian.cpp (modified) (6 diffs)
-
pjlib/src/pjlib-test/ssl_sock.c (modified) (6 diffs)
-
pjsip-apps/src/pjsua/pjsua_app.c (modified) (6 diffs)
-
pjsip-apps/src/symbian_ua/ua.cpp (modified) (4 diffs)
-
pjsip/include/pjsip/sip_errno.h (modified) (1 diff)
-
pjsip/include/pjsip/sip_transport.h (modified) (8 diffs)
-
pjsip/include/pjsip/sip_transport_tls.h (modified) (4 diffs)
-
pjsip/include/pjsua-lib/pjsua.h (modified) (1 diff)
-
pjsip/src/pjsip/sip_errno.c (modified) (1 diff)
-
pjsip/src/pjsip/sip_transport.c (modified) (7 diffs)
-
pjsip/src/pjsip/sip_transport_loop.c (modified) (1 diff)
-
pjsip/src/pjsip/sip_transport_tcp.c (modified) (2 diffs)
-
pjsip/src/pjsip/sip_transport_tls.c (modified) (8 diffs)
-
pjsip/src/pjsip/sip_transport_udp.c (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjlib/include/pj/ssl_sock.h
r3106 r3110 155 155 pj_str_t cn; /**< Common name */ 156 156 pj_str_t info; /**< One line subject, fields 157 are separated by slash */ 157 are separated by slash, e.g: 158 "CN=sample.org/OU=HRD" */ 158 159 } subject; /**< Subject */ 159 160 … … 207 208 * 208 209 * @param ci The certificate info. 209 * @param prefix Prefix string for each line.210 * @param indent String for left indentation. 210 211 * @param buf The buffer where certificate info will be printed on. 211 212 * @param buf_size The buffer size. 212 213 * 213 * @return PJ_SUCCESS when successful. 214 */ 215 PJ_DECL(pj_status_t) pj_ssl_cert_info_dump(const pj_ssl_cert_info *ci, 216 const char *prefix, 217 char *buf, 218 pj_size_t buf_size); 214 * @return The length of the dump result, or -1 when buffer size 215 * is not sufficient. 216 */ 217 PJ_DECL(pj_ssize_t) pj_ssl_cert_info_dump(const pj_ssl_cert_info *ci, 218 const char *indent, 219 char *buf, 220 pj_size_t buf_size); 219 221 220 222 … … 231 233 * @return PJ_SUCCESS when successful. 232 234 */ 233 PJ_DECL(pj_status_t) pj_ssl_cert_verify_error_st(pj_uint32_t verify_status, 235 PJ_DECL(pj_status_t) pj_ssl_cert_get_verify_status_strings( 236 pj_uint32_t verify_status, 234 237 const char *error_strings[], 235 238 unsigned *count); … … 242 245 243 246 /* NULL */ 244 TLS_NULL_WITH_NULL_NULL= 0x00000000,247 PJ_TLS_NULL_WITH_NULL_NULL = 0x00000000, 245 248 246 249 /* TLS/SSLv3 */ 247 TLS_RSA_WITH_NULL_MD5= 0x00000001,248 TLS_RSA_WITH_NULL_SHA= 0x00000002,249 TLS_RSA_WITH_NULL_SHA256= 0x0000003B,250 TLS_RSA_WITH_RC4_128_MD5= 0x00000004,251 TLS_RSA_WITH_RC4_128_SHA= 0x00000005,252 TLS_RSA_WITH_3DES_EDE_CBC_SHA= 0x0000000A,253 TLS_RSA_WITH_AES_128_CBC_SHA= 0x0000002F,254 TLS_RSA_WITH_AES_256_CBC_SHA= 0x00000035,255 TLS_RSA_WITH_AES_128_CBC_SHA256= 0x0000003C,256 TLS_RSA_WITH_AES_256_CBC_SHA256= 0x0000003D,257 TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA= 0x0000000D,258 TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA= 0x00000010,259 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA= 0x00000013,260 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA= 0x00000016,261 TLS_DH_DSS_WITH_AES_128_CBC_SHA= 0x00000030,262 TLS_DH_RSA_WITH_AES_128_CBC_SHA= 0x00000031,263 TLS_DHE_DSS_WITH_AES_128_CBC_SHA= 0x00000032,264 TLS_DHE_RSA_WITH_AES_128_CBC_SHA= 0x00000033,265 TLS_DH_DSS_WITH_AES_256_CBC_SHA= 0x00000036,266 TLS_DH_RSA_WITH_AES_256_CBC_SHA= 0x00000037,267 TLS_DHE_DSS_WITH_AES_256_CBC_SHA= 0x00000038,268 TLS_DHE_RSA_WITH_AES_256_CBC_SHA= 0x00000039,269 TLS_DH_DSS_WITH_AES_128_CBC_SHA256= 0x0000003E,270 TLS_DH_RSA_WITH_AES_128_CBC_SHA256= 0x0000003F,271 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256= 0x00000040,272 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256= 0x00000067,273 TLS_DH_DSS_WITH_AES_256_CBC_SHA256= 0x00000068,274 TLS_DH_RSA_WITH_AES_256_CBC_SHA256= 0x00000069,275 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256= 0x0000006A,276 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256= 0x0000006B,277 TLS_DH_anon_WITH_RC4_128_MD5= 0x00000018,278 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA= 0x0000001B,279 TLS_DH_anon_WITH_AES_128_CBC_SHA= 0x00000034,280 TLS_DH_anon_WITH_AES_256_CBC_SHA= 0x0000003A,281 TLS_DH_anon_WITH_AES_128_CBC_SHA256= 0x0000006C,282 TLS_DH_anon_WITH_AES_256_CBC_SHA256= 0x0000006D,250 PJ_TLS_RSA_WITH_NULL_MD5 = 0x00000001, 251 PJ_TLS_RSA_WITH_NULL_SHA = 0x00000002, 252 PJ_TLS_RSA_WITH_NULL_SHA256 = 0x0000003B, 253 PJ_TLS_RSA_WITH_RC4_128_MD5 = 0x00000004, 254 PJ_TLS_RSA_WITH_RC4_128_SHA = 0x00000005, 255 PJ_TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x0000000A, 256 PJ_TLS_RSA_WITH_AES_128_CBC_SHA = 0x0000002F, 257 PJ_TLS_RSA_WITH_AES_256_CBC_SHA = 0x00000035, 258 PJ_TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003C, 259 PJ_TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x0000003D, 260 PJ_TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x0000000D, 261 PJ_TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000010, 262 PJ_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x00000013, 263 PJ_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000016, 264 PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x00000030, 265 PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x00000031, 266 PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x00000032, 267 PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x00000033, 268 PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x00000036, 269 PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x00000037, 270 PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x00000038, 271 PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x00000039, 272 PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x0000003E, 273 PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003F, 274 PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x00000040, 275 PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x00000067, 276 PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x00000068, 277 PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x00000069, 278 PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x0000006A, 279 PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x0000006B, 280 PJ_TLS_DH_anon_WITH_RC4_128_MD5 = 0x00000018, 281 PJ_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x0000001B, 282 PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x00000034, 283 PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x0000003A, 284 PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x0000006C, 285 PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x0000006D, 283 286 284 287 /* TLS (deprecated) */ 285 TLS_RSA_EXPORT_WITH_RC4_40_MD5= 0x00000003,286 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5= 0x00000006,287 TLS_RSA_WITH_IDEA_CBC_SHA= 0x00000007,288 TLS_RSA_EXPORT_WITH_DES40_CBC_SHA= 0x00000008,289 TLS_RSA_WITH_DES_CBC_SHA= 0x00000009,290 TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA= 0x0000000B,291 TLS_DH_DSS_WITH_DES_CBC_SHA= 0x0000000C,292 TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA= 0x0000000E,293 TLS_DH_RSA_WITH_DES_CBC_SHA= 0x0000000F,294 TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA= 0x00000011,295 TLS_DHE_DSS_WITH_DES_CBC_SHA= 0x00000012,296 TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA= 0x00000014,297 TLS_DHE_RSA_WITH_DES_CBC_SHA= 0x00000015,298 TLS_DH_anon_EXPORT_WITH_RC4_40_MD5= 0x00000017,299 TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA= 0x00000019,300 TLS_DH_anon_WITH_DES_CBC_SHA= 0x0000001A,288 PJ_TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x00000003, 289 PJ_TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x00000006, 290 PJ_TLS_RSA_WITH_IDEA_CBC_SHA = 0x00000007, 291 PJ_TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000008, 292 PJ_TLS_RSA_WITH_DES_CBC_SHA = 0x00000009, 293 PJ_TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0000000B, 294 PJ_TLS_DH_DSS_WITH_DES_CBC_SHA = 0x0000000C, 295 PJ_TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0000000E, 296 PJ_TLS_DH_RSA_WITH_DES_CBC_SHA = 0x0000000F, 297 PJ_TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x00000011, 298 PJ_TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x00000012, 299 PJ_TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000014, 300 PJ_TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x00000015, 301 PJ_TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x00000017, 302 PJ_TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x00000019, 303 PJ_TLS_DH_anon_WITH_DES_CBC_SHA = 0x0000001A, 301 304 302 305 /* SSLv3 */ 303 SSL_FORTEZZA_KEA_WITH_NULL_SHA= 0x0000001C,304 SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA= 0x0000001D,305 SSL_FORTEZZA_KEA_WITH_RC4_128_SHA= 0x0000001E,306 PJ_SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x0000001C, 307 PJ_SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 0x0000001D, 308 PJ_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 0x0000001E, 306 309 307 310 /* SSLv2 */ 308 SSL_CK_RC4_128_WITH_MD5= 0x00010080,309 SSL_CK_RC4_128_EXPORT40_WITH_MD5= 0x00020080,310 SSL_CK_RC2_128_CBC_WITH_MD5= 0x00030080,311 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5= 0x00040080,312 SSL_CK_IDEA_128_CBC_WITH_MD5= 0x00050080,313 SSL_CK_DES_64_CBC_WITH_MD5= 0x00060040,314 SSL_CK_DES_192_EDE3_CBC_WITH_MD5= 0x000700C0311 PJ_SSL_CK_RC4_128_WITH_MD5 = 0x00010080, 312 PJ_SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x00020080, 313 PJ_SSL_CK_RC2_128_CBC_WITH_MD5 = 0x00030080, 314 PJ_SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x00040080, 315 PJ_SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x00050080, 316 PJ_SSL_CK_DES_64_CBC_WITH_MD5 = 0x00060040, 317 PJ_SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x000700C0 315 318 316 319 } pj_ssl_cipher; -
pjproject/trunk/pjlib/src/pj/ssl_sock_common.c
r3106 r3110 31 31 static cipher_name_t cipher_names[] = 32 32 { 33 { TLS_NULL_WITH_NULL_NULL, "NULL"},33 {PJ_TLS_NULL_WITH_NULL_NULL, "NULL"}, 34 34 35 35 /* TLS/SSLv3 */ 36 { TLS_RSA_WITH_NULL_MD5, "TLS_RSA_WITH_NULL_MD5"},37 { TLS_RSA_WITH_NULL_SHA, "TLS_RSA_WITH_NULL_SHA"},38 { TLS_RSA_WITH_NULL_SHA256, "TLS_RSA_WITH_NULL_SHA256"},39 { TLS_RSA_WITH_RC4_128_MD5, "TLS_RSA_WITH_RC4_128_MD5"},40 { TLS_RSA_WITH_RC4_128_SHA, "TLS_RSA_WITH_RC4_128_SHA"},41 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"},42 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA"},43 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA"},44 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256"},45 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS_RSA_WITH_AES_256_CBC_SHA256"},46 { TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"},47 { TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"},48 { TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"},49 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"},50 { TLS_DH_DSS_WITH_AES_128_CBC_SHA, "TLS_DH_DSS_WITH_AES_128_CBC_SHA"},51 { TLS_DH_RSA_WITH_AES_128_CBC_SHA, "TLS_DH_RSA_WITH_AES_128_CBC_SHA"},52 { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"},53 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"},54 { TLS_DH_DSS_WITH_AES_256_CBC_SHA, "TLS_DH_DSS_WITH_AES_256_CBC_SHA"},55 { TLS_DH_RSA_WITH_AES_256_CBC_SHA, "TLS_DH_RSA_WITH_AES_256_CBC_SHA"},56 { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"},57 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"},58 { TLS_DH_DSS_WITH_AES_128_CBC_SHA256, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"},59 { TLS_DH_RSA_WITH_AES_128_CBC_SHA256, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"},60 { TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"},61 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"},62 { TLS_DH_DSS_WITH_AES_256_CBC_SHA256, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"},63 { TLS_DH_RSA_WITH_AES_256_CBC_SHA256, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"},64 { TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"},65 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"},66 { TLS_DH_anon_WITH_RC4_128_MD5, "TLS_DH_anon_WITH_RC4_128_MD5"},67 { TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"},68 { TLS_DH_anon_WITH_AES_128_CBC_SHA, "TLS_DH_anon_WITH_AES_128_CBC_SHA"},69 { TLS_DH_anon_WITH_AES_256_CBC_SHA, "TLS_DH_anon_WITH_AES_256_CBC_SHA"},70 { TLS_DH_anon_WITH_AES_128_CBC_SHA256, "TLS_DH_anon_WITH_AES_128_CBC_SHA256"},71 { TLS_DH_anon_WITH_AES_256_CBC_SHA256, "TLS_DH_anon_WITH_AES_256_CBC_SHA256"},36 {PJ_TLS_RSA_WITH_NULL_MD5, "TLS_RSA_WITH_NULL_MD5"}, 37 {PJ_TLS_RSA_WITH_NULL_SHA, "TLS_RSA_WITH_NULL_SHA"}, 38 {PJ_TLS_RSA_WITH_NULL_SHA256, "TLS_RSA_WITH_NULL_SHA256"}, 39 {PJ_TLS_RSA_WITH_RC4_128_MD5, "TLS_RSA_WITH_RC4_128_MD5"}, 40 {PJ_TLS_RSA_WITH_RC4_128_SHA, "TLS_RSA_WITH_RC4_128_SHA"}, 41 {PJ_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"}, 42 {PJ_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA"}, 43 {PJ_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA"}, 44 {PJ_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256"}, 45 {PJ_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS_RSA_WITH_AES_256_CBC_SHA256"}, 46 {PJ_TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"}, 47 {PJ_TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"}, 48 {PJ_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"}, 49 {PJ_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 50 {PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA, "TLS_DH_DSS_WITH_AES_128_CBC_SHA"}, 51 {PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA, "TLS_DH_RSA_WITH_AES_128_CBC_SHA"}, 52 {PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"}, 53 {PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}, 54 {PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA, "TLS_DH_DSS_WITH_AES_256_CBC_SHA"}, 55 {PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA, "TLS_DH_RSA_WITH_AES_256_CBC_SHA"}, 56 {PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"}, 57 {PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"}, 58 {PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA256, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"}, 59 {PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA256, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"}, 60 {PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"}, 61 {PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"}, 62 {PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA256, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"}, 63 {PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA256, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"}, 64 {PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"}, 65 {PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"}, 66 {PJ_TLS_DH_anon_WITH_RC4_128_MD5, "TLS_DH_anon_WITH_RC4_128_MD5"}, 67 {PJ_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"}, 68 {PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA, "TLS_DH_anon_WITH_AES_128_CBC_SHA"}, 69 {PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA, "TLS_DH_anon_WITH_AES_256_CBC_SHA"}, 70 {PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA256, "TLS_DH_anon_WITH_AES_128_CBC_SHA256"}, 71 {PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA256, "TLS_DH_anon_WITH_AES_256_CBC_SHA256"}, 72 72 73 73 /* TLS (deprecated) */ 74 { TLS_RSA_EXPORT_WITH_RC4_40_MD5, "TLS_RSA_EXPORT_WITH_RC4_40_MD5"},75 { TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"},76 { TLS_RSA_WITH_IDEA_CBC_SHA, "TLS_RSA_WITH_IDEA_CBC_SHA"},77 { TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"},78 { TLS_RSA_WITH_DES_CBC_SHA, "TLS_RSA_WITH_DES_CBC_SHA"},79 { TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"},80 { TLS_DH_DSS_WITH_DES_CBC_SHA, "TLS_DH_DSS_WITH_DES_CBC_SHA"},81 { TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"},82 { TLS_DH_RSA_WITH_DES_CBC_SHA, "TLS_DH_RSA_WITH_DES_CBC_SHA"},83 { TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"},84 { TLS_DHE_DSS_WITH_DES_CBC_SHA, "TLS_DHE_DSS_WITH_DES_CBC_SHA"},85 { TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"},86 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS_DHE_RSA_WITH_DES_CBC_SHA"},87 { TLS_DH_anon_EXPORT_WITH_RC4_40_MD5, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"},88 { TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"},89 { TLS_DH_anon_WITH_DES_CBC_SHA, "TLS_DH_anon_WITH_DES_CBC_SHA"},74 {PJ_TLS_RSA_EXPORT_WITH_RC4_40_MD5, "TLS_RSA_EXPORT_WITH_RC4_40_MD5"}, 75 {PJ_TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"}, 76 {PJ_TLS_RSA_WITH_IDEA_CBC_SHA, "TLS_RSA_WITH_IDEA_CBC_SHA"}, 77 {PJ_TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 78 {PJ_TLS_RSA_WITH_DES_CBC_SHA, "TLS_RSA_WITH_DES_CBC_SHA"}, 79 {PJ_TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 80 {PJ_TLS_DH_DSS_WITH_DES_CBC_SHA, "TLS_DH_DSS_WITH_DES_CBC_SHA"}, 81 {PJ_TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 82 {PJ_TLS_DH_RSA_WITH_DES_CBC_SHA, "TLS_DH_RSA_WITH_DES_CBC_SHA"}, 83 {PJ_TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 84 {PJ_TLS_DHE_DSS_WITH_DES_CBC_SHA, "TLS_DHE_DSS_WITH_DES_CBC_SHA"}, 85 {PJ_TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 86 {PJ_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS_DHE_RSA_WITH_DES_CBC_SHA"}, 87 {PJ_TLS_DH_anon_EXPORT_WITH_RC4_40_MD5, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"}, 88 {PJ_TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"}, 89 {PJ_TLS_DH_anon_WITH_DES_CBC_SHA, "TLS_DH_anon_WITH_DES_CBC_SHA"}, 90 90 91 91 /* SSLv3 */ 92 { SSL_FORTEZZA_KEA_WITH_NULL_SHA, "SSL_FORTEZZA_KEA_WITH_NULL_SHA"},93 { SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA,"SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"},94 { SSL_FORTEZZA_KEA_WITH_RC4_128_SHA, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"},92 {PJ_SSL_FORTEZZA_KEA_WITH_NULL_SHA, "SSL_FORTEZZA_KEA_WITH_NULL_SHA"}, 93 {PJ_SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA,"SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"}, 94 {PJ_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"}, 95 95 96 96 /* SSLv2 */ 97 { SSL_CK_RC4_128_WITH_MD5, "SSL_CK_RC4_128_WITH_MD5"},98 { SSL_CK_RC4_128_EXPORT40_WITH_MD5, "SSL_CK_RC4_128_EXPORT40_WITH_MD5"},99 { SSL_CK_RC2_128_CBC_WITH_MD5, "SSL_CK_RC2_128_CBC_WITH_MD5"},100 { SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5, "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5"},101 { SSL_CK_IDEA_128_CBC_WITH_MD5, "SSL_CK_IDEA_128_CBC_WITH_MD5"},102 { SSL_CK_DES_64_CBC_WITH_MD5, "SSL_CK_DES_64_CBC_WITH_MD5"},103 { SSL_CK_DES_192_EDE3_CBC_WITH_MD5, "SSL_CK_DES_192_EDE3_CBC_WITH_MD5"}97 {PJ_SSL_CK_RC4_128_WITH_MD5, "SSL_CK_RC4_128_WITH_MD5"}, 98 {PJ_SSL_CK_RC4_128_EXPORT40_WITH_MD5, "SSL_CK_RC4_128_EXPORT40_WITH_MD5"}, 99 {PJ_SSL_CK_RC2_128_CBC_WITH_MD5, "SSL_CK_RC2_128_CBC_WITH_MD5"}, 100 {PJ_SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5, "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5"}, 101 {PJ_SSL_CK_IDEA_128_CBC_WITH_MD5, "SSL_CK_IDEA_128_CBC_WITH_MD5"}, 102 {PJ_SSL_CK_DES_64_CBC_WITH_MD5, "SSL_CK_DES_64_CBC_WITH_MD5"}, 103 {PJ_SSL_CK_DES_192_EDE3_CBC_WITH_MD5, "SSL_CK_DES_192_EDE3_CBC_WITH_MD5"} 104 104 }; 105 105 … … 147 147 148 148 149 PJ_DEF(pj_status_t) pj_ssl_cert_verify_error_st(pj_uint32_t verify_status, 149 PJ_DEF(pj_status_t) pj_ssl_cert_get_verify_status_strings( 150 pj_uint32_t verify_status, 150 151 const char *error_strings[], 151 152 unsigned *count) -
pjproject/trunk/pjlib/src/pj/ssl_sock_dump.c
r3106 r3110 28 28 #define THIS_FILE "ssl_sock_dump.c" 29 29 30 #define CHECK_BUF_LEN() \ 31 if ((len < 0) || ((p+=len) >= end)) { \ 32 *(p-1) = '\0'; \ 33 return PJ_ETOOSMALL; \ 34 } 30 #define CHECK_BUF_LEN() \ 31 if ((len < 0) || (len >= end-p)) { \ 32 *p = '\0'; \ 33 return -1; \ 34 } \ 35 p += len; 35 36 36 PJ_DEF(pj_s tatus_t) pj_ssl_cert_info_dump(const pj_ssl_cert_info *ci,37 const char *prefix,38 39 37 PJ_DEF(pj_ssize_t) pj_ssl_cert_info_dump(const pj_ssl_cert_info *ci, 38 const char *indent, 39 char *buf, 40 pj_size_t buf_size) 40 41 { 41 42 const char *wdays[] = {"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"}; … … 54 55 /* Version */ 55 56 len = pj_ansi_snprintf(p, end-p, "%sVersion : v%d\n", 56 prefix, ci->version);57 indent, ci->version); 57 58 CHECK_BUF_LEN(); 58 59 59 60 /* Serial number */ 60 len = pj_ansi_snprintf(p, end-p, "%sSerial : ", prefix);61 len = pj_ansi_snprintf(p, end-p, "%sSerial : ", indent); 61 62 CHECK_BUF_LEN(); 62 63 … … 69 70 70 71 /* Subject */ 71 len = pj_ansi_snprintf( p, end-p, "%sSubject : %.*s\n", prefix,72 len = pj_ansi_snprintf( p, end-p, "%sSubject : %.*s\n", indent, 72 73 ci->subject.cn.slen, 73 74 ci->subject.cn.ptr); 74 75 CHECK_BUF_LEN(); 75 len = pj_ansi_snprintf( p, end-p, "%s %.*s\n", prefix,76 len = pj_ansi_snprintf( p, end-p, "%s %.*s\n", indent, 76 77 ci->subject.info.slen, 77 78 ci->subject.info.ptr); … … 79 80 80 81 /* Issuer */ 81 len = pj_ansi_snprintf( p, end-p, "%sIssuer : %.*s\n", prefix,82 len = pj_ansi_snprintf( p, end-p, "%sIssuer : %.*s\n", indent, 82 83 ci->issuer.cn.slen, 83 84 ci->issuer.cn.ptr); 84 85 CHECK_BUF_LEN(); 85 len = pj_ansi_snprintf( p, end-p, "%s %.*s\n", prefix,86 len = pj_ansi_snprintf( p, end-p, "%s %.*s\n", indent, 86 87 ci->issuer.info.slen, 87 88 ci->issuer.info.ptr); … … 90 91 /* Validity period */ 91 92 len = pj_ansi_snprintf( p, end-p, "%sValid from : %s %4d-%02d-%02d " 92 "%02d:%02d:%02d.%03d %s\n", prefix,93 "%02d:%02d:%02d.%03d %s\n", indent, 93 94 wdays[pt1.wday], pt1.year, pt1.mon+1, pt1.day, 94 95 pt1.hour, pt1.min, pt1.sec, pt1.msec, … … 97 98 98 99 len = pj_ansi_snprintf( p, end-p, "%sValid to : %s %4d-%02d-%02d " 99 "%02d:%02d:%02d.%03d %s\n", prefix,100 "%02d:%02d:%02d.%03d %s\n", indent, 100 101 wdays[pt2.wday], pt2.year, pt2.mon+1, pt2.day, 101 102 pt2.hour, pt2.min, pt2.sec, pt2.msec, … … 108 109 109 110 len = pj_ansi_snprintf(p, end-p, "%ssubjectAltName extension\n", 110 prefix);111 indent); 111 112 CHECK_BUF_LEN(); 112 113 … … 131 132 } 132 133 if (type) { 133 len = pj_ansi_snprintf( p, end-p, "%s %s : %.*s\n", prefix,134 len = pj_ansi_snprintf( p, end-p, "%s %s : %.*s\n", indent, 134 135 type, 135 136 ci->subj_alt_name.entry[i].name.slen, … … 140 141 } 141 142 142 return PJ_SUCCESS;143 return (p-buf); 143 144 } 144 145 -
pjproject/trunk/pjlib/src/pj/ssl_sock_symbian.cpp
r3106 r3110 445 445 446 446 447 static pj_str_t get_cert_name( pj_pool_t *pool,447 static pj_str_t get_cert_name(char *buf, unsigned buf_len, 448 448 const CX500DistinguishedName &name) 449 449 { 450 450 TInt i; 451 char buf[1024];452 451 TUint8 *p; 453 TInt l = sizeof(buf);452 TInt l = buf_len; 454 453 455 454 p = (TUint8*)buf; … … 480 479 } 481 480 482 pj_str_t src, res; 483 pj_strset(&src, buf, sizeof(buf) - l); 484 pj_strdup(pool, &res, &src); 485 486 return res; 481 pj_str_t src; 482 pj_strset(&src, buf, buf_len - l); 483 484 return src; 487 485 } 488 486 … … 492 490 const CX509Certificate *x) 493 491 { 492 enum { tmp_buf_len = 512 }; 493 char *tmp_buf; 494 494 unsigned len; 495 495 496 496 pj_assert(pool && ci && x); 497 497 498 /* Init */ 499 tmp_buf = new char[tmp_buf_len]; 498 500 pj_bzero(ci, sizeof(*ci)); 499 501 … … 519 521 pj_strset(&ci->subject.cn, (char*)ptr8.Ptr(), ptr8.Length()); 520 522 } 521 ci->subject.info = get_cert_name(pool, x->SubjectName()); 523 pj_str_t tmp = get_cert_name(tmp_buf, tmp_buf_len, 524 x->SubjectName()); 525 pj_strdup(pool, &ci->subject.info, &tmp); 522 526 } 523 527 … … 533 537 pj_strset(&ci->issuer.cn, (char*)ptr8.Ptr(), ptr8.Length()); 534 538 } 535 ci->issuer.info = get_cert_name(pool, x->IssuerName()); 539 pj_str_t tmp = get_cert_name(tmp_buf, tmp_buf_len, 540 x->IssuerName()); 541 pj_strdup(pool, &ci->issuer.info, &tmp); 536 542 } 537 543 … … 544 550 valid_period.Finish().SecondsFrom(base_time, tmp_sec); 545 551 ci->validity.end.sec = tmp_sec.Int(); 552 553 /* Deinit */ 554 delete [] tmp_buf; 546 555 } 547 556 -
pjproject/trunk/pjlib/src/pjlib-test/ssl_sock.c
r3106 r3110 108 108 /* Dump remote TLS certificate verification result */ 109 109 verif_msg_cnt = PJ_ARRAY_SIZE(verif_msgs); 110 pj_ssl_cert_ verify_error_st(si->verify_status,111 verif_msgs, &verif_msg_cnt);110 pj_ssl_cert_get_verify_status_strings(si->verify_status, 111 verif_msgs, &verif_msg_cnt); 112 112 PJ_LOG(3,("", ".....Remote certificate verification result: %s", 113 113 (verif_msg_cnt == 1? verif_msgs[0]:""))); … … 1154 1154 #ifndef PJ_SYMBIAN 1155 1155 1156 PJ_LOG(3,("", "..echo test w/ TLSv1 and TLS_RSA_WITH_DES_CBC_SHA cipher"));1156 PJ_LOG(3,("", "..echo test w/ TLSv1 and PJ_TLS_RSA_WITH_DES_CBC_SHA cipher")); 1157 1157 ret = echo_test(PJ_SSL_SOCK_PROTO_TLS1, PJ_SSL_SOCK_PROTO_TLS1, 1158 TLS_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_DES_CBC_SHA,1158 PJ_TLS_RSA_WITH_DES_CBC_SHA, PJ_TLS_RSA_WITH_DES_CBC_SHA, 1159 1159 PJ_FALSE, PJ_FALSE); 1160 1160 if (ret != 0) 1161 1161 return ret; 1162 1162 1163 PJ_LOG(3,("", "..echo test w/ SSLv23 and TLS_RSA_WITH_AES_256_CBC_SHA cipher"));1163 PJ_LOG(3,("", "..echo test w/ SSLv23 and PJ_TLS_RSA_WITH_AES_256_CBC_SHA cipher")); 1164 1164 ret = echo_test(PJ_SSL_SOCK_PROTO_SSL23, PJ_SSL_SOCK_PROTO_SSL23, 1165 TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,1165 PJ_TLS_RSA_WITH_AES_256_CBC_SHA, PJ_TLS_RSA_WITH_AES_256_CBC_SHA, 1166 1166 PJ_FALSE, PJ_FALSE); 1167 1167 if (ret != 0) … … 1170 1170 PJ_LOG(3,("", "..echo test w/ incompatible proto")); 1171 1171 ret = echo_test(PJ_SSL_SOCK_PROTO_TLS1, PJ_SSL_SOCK_PROTO_SSL3, 1172 TLS_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_DES_CBC_SHA,1172 PJ_TLS_RSA_WITH_DES_CBC_SHA, PJ_TLS_RSA_WITH_DES_CBC_SHA, 1173 1173 PJ_FALSE, PJ_FALSE); 1174 1174 if (ret == 0) … … 1177 1177 PJ_LOG(3,("", "..echo test w/ incompatible ciphers")); 1178 1178 ret = echo_test(PJ_SSL_SOCK_PROTO_DEFAULT, PJ_SSL_SOCK_PROTO_DEFAULT, 1179 TLS_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,1179 PJ_TLS_RSA_WITH_DES_CBC_SHA, PJ_TLS_RSA_WITH_AES_256_CBC_SHA, 1180 1180 PJ_FALSE, PJ_FALSE); 1181 1181 if (ret == 0) … … 1184 1184 PJ_LOG(3,("", "..echo test w/ client cert required but not provided")); 1185 1185 ret = echo_test(PJ_SSL_SOCK_PROTO_DEFAULT, PJ_SSL_SOCK_PROTO_DEFAULT, 1186 TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,1186 PJ_TLS_RSA_WITH_AES_256_CBC_SHA, PJ_TLS_RSA_WITH_AES_256_CBC_SHA, 1187 1187 PJ_TRUE, PJ_FALSE); 1188 1188 if (ret == 0) … … 1191 1191 PJ_LOG(3,("", "..echo test w/ client cert required and provided")); 1192 1192 ret = echo_test(PJ_SSL_SOCK_PROTO_DEFAULT, PJ_SSL_SOCK_PROTO_DEFAULT, 1193 TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,1193 PJ_TLS_RSA_WITH_AES_256_CBC_SHA, PJ_TLS_RSA_WITH_AES_256_CBC_SHA, 1194 1194 PJ_TRUE, PJ_TRUE); 1195 1195 if (ret != 0) -
pjproject/trunk/pjsip-apps/src/pjsua/pjsua_app.c
r3106 r3110 2791 2791 * Transport status notification 2792 2792 */ 2793 static pj_bool_t on_transport_state(pjsip_transport *tp, pj_uint32_t state, 2794 const pjsip_transport_state_info *info) 2793 static void on_transport_state(pjsip_transport *tp, 2794 pjsip_transport_state state, 2795 const pjsip_transport_state_info *info) 2795 2796 { 2796 2797 char host_port[128]; … … 2801 2802 tp->remote_name.port); 2802 2803 2803 if (state & PJSIP_TP_STATE_CONNECTED) { 2804 PJ_LOG(3,(THIS_FILE, "SIP transport %s is connected to %s", 2805 tp->type_name, host_port)); 2806 } 2807 else if (state & PJSIP_TP_STATE_ACCEPTED) { 2808 PJ_LOG(3,(THIS_FILE, "SIP transport %s accepted %s", 2809 tp->type_name, host_port)); 2810 } 2811 else if (state & PJSIP_TP_STATE_DISCONNECTED) { 2812 char buf[100]; 2813 2814 snprintf(buf, sizeof(buf), "SIP transport %s is disconnected from %s", 2815 tp->type_name, host_port); 2816 pjsua_perror(THIS_FILE, buf, info->status); 2817 } 2818 else if (state & PJSIP_TP_STATE_REJECTED) { 2819 char buf[100]; 2820 2821 snprintf(buf, sizeof(buf), "SIP transport %s rejected %s", 2822 tp->type_name, host_port); 2823 pjsua_perror(THIS_FILE, buf, info->status); 2804 switch (state) { 2805 case PJSIP_TP_STATE_CONNECTED: 2806 { 2807 PJ_LOG(3,(THIS_FILE, "SIP transport %s is connected to %s", 2808 tp->type_name, host_port)); 2809 } 2810 break; 2811 2812 case PJSIP_TP_STATE_DISCONNECTED: 2813 { 2814 char buf[100]; 2815 2816 snprintf(buf, sizeof(buf), "SIP transport %s is disconnected from %s", 2817 tp->type_name, host_port); 2818 pjsua_perror(THIS_FILE, buf, info->status); 2819 } 2820 break; 2821 2822 default: 2823 break; 2824 2824 } 2825 2825 … … 2828 2828 if (!pj_ansi_stricmp(tp->type_name, "tls") && info->ext_info && 2829 2829 (state == PJSIP_TP_STATE_CONNECTED || 2830 (state & PJSIP_TP_STATE_TLS_VERIF_ERROR))) 2830 ((pjsip_tls_state_info*)info->ext_info)-> 2831 ssl_sock_info->verify_status != PJ_SUCCESS)) 2831 2832 { 2832 2833 pjsip_tls_state_info *tls_info = (pjsip_tls_state_info*)info->ext_info; 2833 pj_ssl_sock_info *ssl_sock_info = (pj_ssl_sock_info*) 2834 tls_info->ssl_sock_info; 2834 pj_ssl_sock_info *ssl_sock_info = tls_info->ssl_sock_info; 2835 2835 char buf[2048]; 2836 2836 const char *verif_msgs[32]; … … 2844 2844 /* Dump server TLS certificate verification result */ 2845 2845 verif_msg_cnt = PJ_ARRAY_SIZE(verif_msgs); 2846 pj_ssl_cert_ verify_error_st(ssl_sock_info->verify_status,2847 verif_msgs, &verif_msg_cnt);2846 pj_ssl_cert_get_verify_status_strings(ssl_sock_info->verify_status, 2847 verif_msgs, &verif_msg_cnt); 2848 2848 PJ_LOG(3,(THIS_FILE, "TLS cert verification result of %s : %s", 2849 2849 host_port, … … 2855 2855 } 2856 2856 2857 if (s tate & PJSIP_TP_STATE_TLS_VERIF_ERROR &&2857 if (ssl_sock_info->verify_status && 2858 2858 !app_config.udp_cfg.tls_setting.verify_server) 2859 2859 { … … 2864 2864 2865 2865 #endif 2866 return PJ_TRUE; 2866 2867 2867 } 2868 2868 -
pjproject/trunk/pjsip-apps/src/symbian_ua/ua.cpp
r3106 r3110 274 274 * Transport status notification 275 275 */ 276 static pj_bool_t on_transport_state(pjsip_transport *tp, pj_uint32_t state, 277 const pjsip_transport_state_info *info) 276 static void on_transport_state(pjsip_transport *tp, 277 pjsip_transport_state state, 278 const pjsip_transport_state_info *info) 278 279 { 279 280 char host_port[128]; … … 284 285 tp->remote_name.port); 285 286 286 if (state & PJSIP_TP_STATE_CONNECTED) { 287 PJ_LOG(3,(THIS_FILE, "SIP transport %s is connected to %s", 288 tp->type_name, host_port)); 289 } 290 else if (state & PJSIP_TP_STATE_ACCEPTED) { 291 PJ_LOG(3,(THIS_FILE, "SIP transport %s accepted %s", 292 tp->type_name, host_port)); 293 } 294 else if (state & PJSIP_TP_STATE_DISCONNECTED) { 295 char buf[100]; 296 297 snprintf(buf, sizeof(buf), "SIP transport %s is disconnected from %s", 298 tp->type_name, host_port); 299 pjsua_perror(THIS_FILE, buf, info->status); 300 } 301 else if (state & PJSIP_TP_STATE_REJECTED) { 302 char buf[100]; 303 304 snprintf(buf, sizeof(buf), "SIP transport %s rejected %s", 305 tp->type_name, host_port); 306 pjsua_perror(THIS_FILE, buf, info->status); 287 switch (state) { 288 case PJSIP_TP_STATE_CONNECTED: 289 { 290 PJ_LOG(3,(THIS_FILE, "SIP transport %s is connected to %s", 291 tp->type_name, host_port)); 292 } 293 break; 294 295 case PJSIP_TP_STATE_DISCONNECTED: 296 { 297 char buf[100]; 298 299 snprintf(buf, sizeof(buf), "SIP transport %s is disconnected from %s", 300 tp->type_name, host_port); 301 pjsua_perror(THIS_FILE, buf, info->status); 302 } 303 break; 304 305 default: 306 break; 307 307 } 308 308 … … 310 310 311 311 if (!pj_ansi_stricmp(tp->type_name, "tls") && info->ext_info && 312 (state == PJSIP_TP_STATE_CONNECTED || 313 (state & PJSIP_TP_STATE_TLS_VERIF_ERROR))) 312 state == PJSIP_TP_STATE_CONNECTED) 314 313 { 315 314 pjsip_tls_state_info *tls_info = (pjsip_tls_state_info*)info->ext_info; … … 325 324 326 325 #endif 327 return PJ_TRUE;328 326 } 329 327 -
pjproject/trunk/pjsip/include/pjsip/sip_errno.h
r2394 r3110 505 505 */ 506 506 #define PJSIP_TLS_ETIMEDOUT (PJSIP_ERRNO_START_PJSIP+172) /* 171172 */ 507 /** 508 * @hideinitializer 509 * SSL certificate verification error. 510 */ 511 #define PJSIP_TLS_ECERTVERIF (PJSIP_ERRNO_START_PJSIP+173) /* 171173 */ 507 512 508 513 -
pjproject/trunk/pjsip/include/pjsip/sip_transport.h
r3106 r3110 694 694 695 695 /** 696 * Hash of host name.697 */698 pj_uint32_t hname;699 700 /**701 696 * Destination address. 702 697 */ … … 704 699 705 700 } pjsip_transport_key; 701 702 703 /** 704 * Enumeration of transport direction types. 705 */ 706 typedef enum pjsip_transport_dir 707 { 708 PJSIP_TP_DIR_NONE, /**< Direction not set, normally used by 709 connectionless transports such as 710 UDP transport. */ 711 PJSIP_TP_DIR_OUTGOING, /**< Outgoing connection or client mode, 712 this is only for connection-oriented 713 transports. */ 714 PJSIP_TP_DIR_INCOMING, /**< Incoming connection or server mode, 715 this is only for connection-oriented 716 transports. */ 717 } pjsip_transport_dir; 718 706 719 707 720 /** … … 732 745 pjsip_host_port local_name; /**< Published name (eg. STUN). */ 733 746 pjsip_host_port remote_name; /**< Remote address name. */ 747 pjsip_transport_dir dir; /**< Connection direction. */ 734 748 735 749 pjsip_endpoint *endpt; /**< Endpoint instance. */ … … 1131 1145 * 1132 1146 * This is an internal function since normally application doesn't have access 1133 * to transport manager. Application should use pjsip_endpt_acquire_transport ()1147 * to transport manager. Application should use pjsip_endpt_acquire_transport2() 1134 1148 * instead. 1135 1149 * … … 1245 1259 * Enumeration of transport state types. 1246 1260 */ 1247 typedef enum pjsip_transport_state_type { 1248 1249 /** Transport connected. */ 1250 PJSIP_TP_STATE_CONNECTED = (1 << 0), 1251 1252 /** Transport accepted. */ 1253 PJSIP_TP_STATE_ACCEPTED = (1 << 1), 1254 1255 /** Transport disconnected. */ 1256 PJSIP_TP_STATE_DISCONNECTED = (1 << 2), 1257 1258 /** Incoming connection rejected. */ 1259 PJSIP_TP_STATE_REJECTED = (1 << 3), 1260 1261 /** TLS verification error. */ 1262 PJSIP_TP_STATE_TLS_VERIF_ERROR = (1 << 8) 1263 1264 } pjsip_transport_state_type; 1265 1266 1267 /** 1268 * Structure of transport state info. 1261 typedef enum pjsip_transport_state 1262 { 1263 PJSIP_TP_STATE_CONNECTED, /**< Transport connected, applicable only 1264 to connection-oriented transports 1265 such as TCP and TLS. */ 1266 PJSIP_TP_STATE_DISCONNECTED /**< Transport disconnected, applicable 1267 only to connection-oriented 1268 transports such as TCP and TLS. */ 1269 } pjsip_transport_state; 1270 1271 1272 /** 1273 * Structure of transport state info passed by #pjsip_tp_state_callback. 1269 1274 */ 1270 1275 typedef struct pjsip_transport_state_info { … … 1273 1278 */ 1274 1279 pj_status_t status; 1275 1280 1276 1281 /** 1277 1282 * Optional extended info, the content is specific for each transport type. … … 1283 1288 /** 1284 1289 * Type of callback to receive transport state notifications, such as 1285 * transport connected, disconnected or TLS verification error. 1290 * transport connected/disconnected. Application may shutdown the transport 1291 * in this callback. 1286 1292 * 1287 1293 * @param tp The transport instance. 1288 * @param state The transport state, this may contain single or 1289 * combination of transport state types defined in 1290 * #pjsip_transport_state_type. 1294 * @param state The transport state. 1291 1295 * @param info The transport state info. 1292 * 1293 * @return When TLS verification fails and peer verification in 1294 * #pjsip_tls_setting is not set, application may return 1295 * PJ_TRUE to ignore the verification result and continue 1296 * using the transport. On other cases, this return value 1297 * is currently not used and will be ignored. 1298 */ 1299 typedef pj_bool_t (*pjsip_tp_state_callback)( 1296 */ 1297 typedef void (*pjsip_tp_state_callback)( 1300 1298 pjsip_transport *tp, 1301 pj _uint32_tstate,1299 pjsip_transport_state state, 1302 1300 const pjsip_transport_state_info *info); 1303 1301 … … 1306 1304 * Setting callback of transport state notification. The caller will be 1307 1305 * notified whenever the state of transport is changed. The type of 1308 * events are defined in #pjsip_transport_state _type.1306 * events are defined in #pjsip_transport_state. 1309 1307 * 1310 1308 * @param mgr Transport manager. -
pjproject/trunk/pjsip/include/pjsip/sip_transport_tls.h
r3106 r3110 123 123 124 124 /** 125 * Specifies the action when verification of server TLS certificate126 * resulting errors:125 * Specifies TLS transport behavior on the server TLS certificate 126 * verification result: 127 127 * - If \a verify_server is disabled (set to PJ_FALSE), TLS transport 128 128 * will just notify the application via #pjsip_tp_state_callback with 129 * state (PJSIP_TP_STATE_CONNECTED | PJSIP_TP_STATE_TLS_VERIF_ERROR) 130 * whenever there is any TLS verification error, the return value of 131 * the callback will be used to decide whether transport should be 132 * shutdown. 129 * state PJSIP_TP_STATE_CONNECTED regardless TLS verification result. 133 130 * - If \a verify_server is enabled (set to PJ_TRUE), TLS transport 134 131 * will be shutdown and application will be notified with state 135 * (PJSIP_TP_STATE_DISCONNECTED | PJSIP_TP_STATE_TLS_VERIF_ERROR)136 * whenever there is any TLS verification error.137 * 138 * When the verification resulting success, application will be notified139 * via #pjsip_tp_state_callback with state PJSIP_TP_STATE_CONNECTED.132 * PJSIP_TP_STATE_DISCONNECTED whenever there is any TLS verification 133 * error, otherwise PJSIP_TP_STATE_CONNECTED will be notified. 134 * 135 * In any cases, application can inspect #pjsip_tls_state_info in the 136 * callback to see the verification detail. 140 137 * 141 138 * Default value is PJ_FALSE. … … 144 141 145 142 /** 146 * Specifies the action when verification of server TLS certificate147 * resulting errors:143 * Specifies TLS transport behavior on the client TLS certificate 144 * verification result: 148 145 * - If \a verify_client is disabled (set to PJ_FALSE), TLS transport 149 146 * will just notify the application via #pjsip_tp_state_callback with 150 * state (PJSIP_TP_STATE_ACCEPTED | PJSIP_TP_STATE_TLS_VERIF_ERROR) 151 * whenever there is any TLS verification error, the return value of 152 * the callback will be used to decide whether transport should be 153 * shutdown. 147 * state PJSIP_TP_STATE_CONNECTED regardless TLS verification result. 154 148 * - If \a verify_client is enabled (set to PJ_TRUE), TLS transport 155 149 * will be shutdown and application will be notified with state 156 * (PJSIP_TP_STATE_REJECTED | PJSIP_TP_STATE_TLS_VERIF_ERROR)157 * whenever there is any TLS verification error.158 * 159 * When the verification resulting success, application will be notified160 * via #pjsip_tp_state_callback with state PJSIP_TP_STATE_ACCEPTED.150 * PJSIP_TP_STATE_DISCONNECTED whenever there is any TLS verification 151 * error, otherwise PJSIP_TP_STATE_CONNECTED will be notified. 152 * 153 * In any cases, application can inspect #pjsip_tls_state_info in the 154 * callback to see the verification detail. 161 155 * 162 156 * Default value is PJ_FALSE. … … 166 160 /** 167 161 * When acting as server (incoming TLS connections), reject inocming 168 * connection if client doesn't have a validcertificate.162 * connection if client doesn't supply a TLS certificate. 169 163 * 170 164 * This setting corresponds to SSL_VERIFY_FAIL_IF_NO_PEER_CERT flag. … … 210 204 211 205 /** 212 * This structure defines transport state extended info specifically for 213 * TLS transport. 206 * This structure defines TLS transport extended info in <tt>ext_info</tt> 207 * field of #pjsip_transport_state_info for the transport state notification 208 * callback #pjsip_tp_state_callback. 214 209 */ 215 210 typedef struct pjsip_tls_state_info -
pjproject/trunk/pjsip/include/pjsua-lib/pjsua.h
r3109 r3110 847 847 * This callback is called when transport state is changed. See also 848 848 * #pjsip_tp_state_callback. 849 * 850 * @param tp The transport instance. 851 * @param state The transport state, this may contain single or 852 * combination of transport state types defined in 853 * #pjsip_transport_state_type. 854 * @param info The transport state info. 855 * 856 * @return When TLS verification fails and peer verification in 857 * #pjsip_tls_setting is not set, application may return 858 * PJ_TRUE to ignore the verification result and continue 859 * using the transport. On other cases, this return value 860 * is currently not used and will be ignored. 861 */ 862 pj_bool_t (*on_transport_state)(pjsip_transport *tp, pj_uint32_t state, 863 const pjsip_transport_state_info *info); 849 */ 850 pjsip_tp_state_callback on_transport_state; 864 851 865 852 } pjsua_callback; -
pjproject/trunk/pjsip/src/pjsip/sip_errno.c
r2394 r3110 132 132 PJ_BUILD_ERR( PJSIP_TLS_EREAD, "Unknown error when reading SSL data"), 133 133 PJ_BUILD_ERR( PJSIP_TLS_ETIMEDOUT, "SSL negotiation has timed out"), 134 PJ_BUILD_ERR( PJSIP_TLS_ECERTVERIF, "SSL certificate verification error"), 134 135 }; 135 136 -
pjproject/trunk/pjsip/src/pjsip/sip_transport.c
r3106 r3110 867 867 * Register to hash table (see Trac ticket #42). 868 868 */ 869 key_len = sizeof(tp->key.type) + sizeof(tp->key.hname) +tp->addr_len;869 key_len = sizeof(tp->key.type) + tp->addr_len; 870 870 pj_lock_acquire(mgr->lock); 871 871 … … 917 917 * Unregister from hash table (see Trac ticket #42). 918 918 */ 919 key_len = sizeof(tp->key.type) + sizeof(tp->key.hname) +tp->addr_len;919 key_len = sizeof(tp->key.type) + tp->addr_len; 920 920 hval = 0; 921 921 entry = pj_hash_get(mgr->table, &tp->key, key_len, &hval); … … 1592 1592 pjsip_transport *transport; 1593 1593 1594 /*1595 * Find factory that can create such transport.1596 */1597 factory = mgr->factory_list.next;1598 while (factory != &mgr->factory_list) {1599 if (factory->type == type)1600 break;1601 factory = factory->next;1602 }1603 if (factory == &mgr->factory_list)1604 factory = NULL;1605 1606 1594 pj_bzero(&key, sizeof(key)); 1607 key_len = sizeof(key.type) + sizeof(key.hname) +addr_len;1595 key_len = sizeof(key.type) + addr_len; 1608 1596 1609 1597 /* First try to get exact destination. */ 1610 1598 key.type = type; 1611 1599 pj_memcpy(&key.rem_addr, remote, addr_len); 1612 if (factory && factory->create_transport2 &&1613 tdata && tdata->dest_info.name.slen)1614 {1615 /* Only include hostname hash in the key when the factory support1616 * create_transport2() and tdata is supplied.1617 */1618 key.hname = pj_hash_calc_tolower(0,1619 (char*)tdata->dest_info.name.ptr,1620 &tdata->dest_info.name);1621 }1622 1600 1623 1601 transport = (pjsip_transport*) … … 1636 1614 1637 1615 pj_bzero(addr, addr_len); 1638 key_len = sizeof(key.type) + sizeof(key.hname) +addr_len;1616 key_len = sizeof(key.type) + addr_len; 1639 1617 transport = (pjsip_transport*) 1640 1618 pj_hash_get(mgr->table, &key, key_len, NULL); … … 1649 1627 addr->addr.sa_family = remote_addr->addr.sa_family; 1650 1628 1651 key_len = sizeof(key.type) + sizeof(key.hname) +addr_len;1629 key_len = sizeof(key.type) + addr_len; 1652 1630 transport = (pjsip_transport*) 1653 1631 pj_hash_get(mgr->table, &key, key_len, NULL); … … 1669 1647 /* 1670 1648 * Transport not found! 1649 * Find factory that can create such transport. 1671 1650 */ 1672 if (NULL == factory) { 1651 factory = mgr->factory_list.next; 1652 while (factory != &mgr->factory_list) { 1653 if (factory->type == type) 1654 break; 1655 factory = factory->next; 1656 } 1657 1658 if (factory == &mgr->factory_list) { 1673 1659 /* No factory can create the transport! */ 1674 1660 pj_lock_release(mgr->lock); … … 1678 1664 } 1679 1665 1680 1681 1666 TRACE_((THIS_FILE, "Creating new transport from factory")); 1682 1667 -
pjproject/trunk/pjsip/src/pjsip/sip_transport_loop.c
r2394 r3110 382 382 loop->base.key.type); 383 383 loop->base.addr_len = sizeof(pj_sockaddr_in); 384 loop->base.dir = PJSIP_TP_DIR_NONE; 384 385 loop->base.endpt = endpt; 385 386 loop->base.tpmgr = pjsip_endpt_get_tpmgr(endpt); -
pjproject/trunk/pjsip/src/pjsip/sip_transport_tcp.c
r3106 r3110 585 585 sockaddr_to_host_port(pool, &tcp->base.local_name, local); 586 586 sockaddr_to_host_port(pool, &tcp->base.remote_name, remote); 587 tcp->base.dir = is_server? PJSIP_TP_DIR_INCOMING : PJSIP_TP_DIR_OUTGOING; 587 588 588 589 tcp->base.endpt = listener->endpt; … … 1005 1006 1006 1007 pj_bzero(&state_info, sizeof(state_info)); 1007 (*state_cb)(&tcp->base, PJSIP_TP_STATE_ ACCEPTED, &state_info);1008 (*state_cb)(&tcp->base, PJSIP_TP_STATE_CONNECTED, &state_info); 1008 1009 } 1009 1010 } -
pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c
r3106 r3110 558 558 tls->base.key.type = PJSIP_TRANSPORT_TLS; 559 559 pj_memcpy(&tls->base.key.rem_addr, remote, sizeof(pj_sockaddr_in)); 560 tls->base.key.hname = pj_hash_calc_tolower(0, (char*)tls->remote_name.ptr,561 &tls->remote_name);562 560 tls->base.type_name = "tls"; 563 561 tls->base.flag = pjsip_transport_get_flag_from_type(PJSIP_TRANSPORT_TLS); … … 569 567 570 568 tls->base.addr_len = sizeof(pj_sockaddr_in); 569 tls->base.dir = is_server? PJSIP_TP_DIR_INCOMING : PJSIP_TP_DIR_OUTGOING; 571 570 572 571 /* Set initial local address */ … … 979 978 pj_ssl_sock_info ssl_info; 980 979 char addr[PJ_INET6_ADDRSTRLEN+10]; 980 pjsip_tp_state_callback *state_cb; 981 pj_bool_t is_shutdown; 981 982 pj_status_t status; 982 983 pjsip_tp_state_callback *state_cb;984 pj_bool_t tls_verif_ignored;985 983 986 984 PJ_UNUSED_ARG(src_addr_len); … … 1022 1020 pj_ssl_sock_set_user_data(new_ssock, tls); 1023 1021 1024 tls_verif_ignored = !listener->tls_setting.verify_client; 1022 /* Prevent immediate transport destroy as application may access it 1023 * (getting info, etc) in transport state notification callback. 1024 */ 1025 pjsip_transport_add_ref(&tls->base); 1026 1027 /* If there is verification error and verification is mandatory, shutdown 1028 * and destroy the transport. 1029 */ 1030 if (ssl_info.verify_status && listener->tls_setting.verify_client) { 1031 if (tls->close_reason == PJ_SUCCESS) 1032 tls->close_reason = PJSIP_TLS_ECERTVERIF; 1033 pjsip_transport_shutdown(&tls->base); 1034 } 1025 1035 1026 1036 /* Notify transport state to application */ … … 1029 1039 pjsip_transport_state_info state_info; 1030 1040 pjsip_tls_state_info tls_info; 1031 pj _uint32_t tp_state = 0;1032 1033 /* Init transport state notification callback*/1041 pjsip_transport_state tp_state; 1042 1043 /* Init transport state info */ 1034 1044 pj_bzero(&tls_info, sizeof(tls_info)); 1035 1045 pj_bzero(&state_info, sizeof(state_info)); 1036 1037 /* Set transport state based on verification status */1038 if (ssl_info.verify_status) {1039 state_info.status = PJSIP_TLS_EACCEPT;1040 tp_state |= PJSIP_TP_STATE_TLS_VERIF_ERROR;1041 if (listener->tls_setting.verify_client)1042 tp_state |= PJSIP_TP_STATE_REJECTED;1043 else1044 tp_state |= PJSIP_TP_STATE_ACCEPTED;1045 } else {1046 tp_state |= PJSIP_TP_STATE_ACCEPTED;1047 }1048 1049 1046 tls_info.ssl_sock_info = &ssl_info; 1050 1047 state_info.ext_info = &tls_info; 1051 1048 1052 tls_verif_ignored = (*state_cb)(&tls->base, tp_state, &state_info); 1053 } 1054 1055 /* Transport should be destroyed when there is TLS verification error 1056 * and application doesn't want to ignore it. 1057 */ 1058 if (ssl_info.verify_status && 1059 (listener->tls_setting.verify_client || !tls_verif_ignored)) 1060 { 1061 tls_destroy(&tls->base, PJSIP_TLS_EACCEPT); 1049 /* Set transport state based on verification status */ 1050 if (ssl_info.verify_status && listener->tls_setting.verify_client) 1051 { 1052 tp_state = PJSIP_TP_STATE_DISCONNECTED; 1053 state_info.status = PJSIP_TLS_ECERTVERIF; 1054 } else { 1055 tp_state = PJSIP_TP_STATE_CONNECTED; 1056 state_info.status = PJ_SUCCESS; 1057 } 1058 1059 (*state_cb)(&tls->base, tp_state, &state_info); 1060 } 1061 1062 /* Release transport reference. If transport is shutting down, it may 1063 * get destroyed here. 1064 */ 1065 is_shutdown = tls->base.is_shutdown; 1066 pjsip_transport_dec_ref(&tls->base); 1067 if (is_shutdown) 1062 1068 return PJ_TRUE; 1063 } 1069 1064 1070 1065 1071 status = tls_start_read(tls); … … 1332 1338 pj_ssl_sock_info ssl_info; 1333 1339 pj_sockaddr_in addr, *tp_addr; 1334 1335 1340 pjsip_tp_state_callback *state_cb; 1336 pj_bool_t tls_verif_ignored;1341 pj_bool_t is_shutdown; 1337 1342 1338 1343 tls = (struct tls_transport*) pj_ssl_sock_get_user_data(ssock); … … 1433 1438 } 1434 1439 1435 tls_verif_ignored = !tls->verify_server; 1440 /* Prevent immediate transport destroy as application may access it 1441 * (getting info, etc) in transport state notification callback. 1442 */ 1443 pjsip_transport_add_ref(&tls->base); 1444 1445 /* If there is verification error and verification is mandatory, shutdown 1446 * and destroy the transport. 1447 */ 1448 if (ssl_info.verify_status && tls->verify_server) { 1449 if (tls->close_reason == PJ_SUCCESS) 1450 tls->close_reason = PJSIP_TLS_ECERTVERIF; 1451 pjsip_transport_shutdown(&tls->base); 1452 } 1436 1453 1437 1454 /* Notify transport state to application */ … … 1442 1459 pj_uint32_t tp_state = 0; 1443 1460 1444 /* Init transport state notification callback*/1461 /* Init transport state info */ 1445 1462 pj_bzero(&state_info, sizeof(state_info)); 1446 1463 pj_bzero(&tls_info, sizeof(tls_info)); 1447 1448 /* Set transport state info */1449 1464 state_info.ext_info = &tls_info; 1450 1465 tls_info.ssl_sock_info = &ssl_info; 1451 1466 1452 1467 /* Set transport state based on verification status */ 1453 if (ssl_info.verify_status) { 1454 state_info.status = PJSIP_TLS_ECONNECT; 1455 tp_state |= PJSIP_TP_STATE_TLS_VERIF_ERROR; 1456 if (tls->verify_server) 1457 tp_state |= PJSIP_TP_STATE_DISCONNECTED; 1458 else 1459 tp_state |= PJSIP_TP_STATE_CONNECTED; 1468 if (ssl_info.verify_status && tls->verify_server) 1469 { 1470 tp_state = PJSIP_TP_STATE_DISCONNECTED; 1471 state_info.status = PJSIP_TLS_ECERTVERIF; 1460 1472 } else { 1461 tp_state |= PJSIP_TP_STATE_CONNECTED; 1473 tp_state = PJSIP_TP_STATE_CONNECTED; 1474 state_info.status = PJ_SUCCESS; 1462 1475 } 1463 1476 1464 tls_verif_ignored = (*state_cb)(&tls->base, tp_state, &state_info); 1465 } 1466 1467 /* Transport should be shutdown when there is TLS verification error 1468 * and application doesn't want to ignore it. 1469 */ 1470 if (ssl_info.verify_status && 1471 (tls->verify_server || !tls_verif_ignored)) 1472 { 1473 if (tls->close_reason == PJ_SUCCESS) 1474 tls->close_reason = PJSIP_TLS_ECONNECT; 1475 pjsip_transport_shutdown(&tls->base); 1477 (*state_cb)(&tls->base, tp_state, &state_info); 1478 } 1479 1480 /* Release transport reference. If transport is shutting down, it may 1481 * get destroyed here. 1482 */ 1483 is_shutdown = tls->base.is_shutdown; 1484 pjsip_transport_dec_ref(&tls->base); 1485 if (is_shutdown) 1476 1486 return PJ_FALSE; 1477 } 1487 1478 1488 1479 1489 /* Mark that pending connect() operation has completed. */ -
pjproject/trunk/pjsip/src/pjsip/sip_transport_udp.c
r3060 r3110 737 737 tp->base.remote_name.port = 0; 738 738 739 /* Init direction */ 740 tp->base.dir = PJSIP_TP_DIR_NONE; 741 739 742 /* Set endpoint. */ 740 743 tp->base.endpt = endpt;
Note: See TracChangeset
for help on using the changeset viewer.
