Changeset 3110 for pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c
- Timestamp:
- Feb 25, 2010 11:58:19 AM (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c
r3106 r3110 558 558 tls->base.key.type = PJSIP_TRANSPORT_TLS; 559 559 pj_memcpy(&tls->base.key.rem_addr, remote, sizeof(pj_sockaddr_in)); 560 tls->base.key.hname = pj_hash_calc_tolower(0, (char*)tls->remote_name.ptr,561 &tls->remote_name);562 560 tls->base.type_name = "tls"; 563 561 tls->base.flag = pjsip_transport_get_flag_from_type(PJSIP_TRANSPORT_TLS); … … 569 567 570 568 tls->base.addr_len = sizeof(pj_sockaddr_in); 569 tls->base.dir = is_server? PJSIP_TP_DIR_INCOMING : PJSIP_TP_DIR_OUTGOING; 571 570 572 571 /* Set initial local address */ … … 979 978 pj_ssl_sock_info ssl_info; 980 979 char addr[PJ_INET6_ADDRSTRLEN+10]; 980 pjsip_tp_state_callback *state_cb; 981 pj_bool_t is_shutdown; 981 982 pj_status_t status; 982 983 pjsip_tp_state_callback *state_cb;984 pj_bool_t tls_verif_ignored;985 983 986 984 PJ_UNUSED_ARG(src_addr_len); … … 1022 1020 pj_ssl_sock_set_user_data(new_ssock, tls); 1023 1021 1024 tls_verif_ignored = !listener->tls_setting.verify_client; 1022 /* Prevent immediate transport destroy as application may access it 1023 * (getting info, etc) in transport state notification callback. 1024 */ 1025 pjsip_transport_add_ref(&tls->base); 1026 1027 /* If there is verification error and verification is mandatory, shutdown 1028 * and destroy the transport. 1029 */ 1030 if (ssl_info.verify_status && listener->tls_setting.verify_client) { 1031 if (tls->close_reason == PJ_SUCCESS) 1032 tls->close_reason = PJSIP_TLS_ECERTVERIF; 1033 pjsip_transport_shutdown(&tls->base); 1034 } 1025 1035 1026 1036 /* Notify transport state to application */ … … 1029 1039 pjsip_transport_state_info state_info; 1030 1040 pjsip_tls_state_info tls_info; 1031 pj _uint32_t tp_state = 0;1032 1033 /* Init transport state notification callback*/1041 pjsip_transport_state tp_state; 1042 1043 /* Init transport state info */ 1034 1044 pj_bzero(&tls_info, sizeof(tls_info)); 1035 1045 pj_bzero(&state_info, sizeof(state_info)); 1036 1037 /* Set transport state based on verification status */1038 if (ssl_info.verify_status) {1039 state_info.status = PJSIP_TLS_EACCEPT;1040 tp_state |= PJSIP_TP_STATE_TLS_VERIF_ERROR;1041 if (listener->tls_setting.verify_client)1042 tp_state |= PJSIP_TP_STATE_REJECTED;1043 else1044 tp_state |= PJSIP_TP_STATE_ACCEPTED;1045 } else {1046 tp_state |= PJSIP_TP_STATE_ACCEPTED;1047 }1048 1049 1046 tls_info.ssl_sock_info = &ssl_info; 1050 1047 state_info.ext_info = &tls_info; 1051 1048 1052 tls_verif_ignored = (*state_cb)(&tls->base, tp_state, &state_info); 1053 } 1054 1055 /* Transport should be destroyed when there is TLS verification error 1056 * and application doesn't want to ignore it. 1057 */ 1058 if (ssl_info.verify_status && 1059 (listener->tls_setting.verify_client || !tls_verif_ignored)) 1060 { 1061 tls_destroy(&tls->base, PJSIP_TLS_EACCEPT); 1049 /* Set transport state based on verification status */ 1050 if (ssl_info.verify_status && listener->tls_setting.verify_client) 1051 { 1052 tp_state = PJSIP_TP_STATE_DISCONNECTED; 1053 state_info.status = PJSIP_TLS_ECERTVERIF; 1054 } else { 1055 tp_state = PJSIP_TP_STATE_CONNECTED; 1056 state_info.status = PJ_SUCCESS; 1057 } 1058 1059 (*state_cb)(&tls->base, tp_state, &state_info); 1060 } 1061 1062 /* Release transport reference. If transport is shutting down, it may 1063 * get destroyed here. 1064 */ 1065 is_shutdown = tls->base.is_shutdown; 1066 pjsip_transport_dec_ref(&tls->base); 1067 if (is_shutdown) 1062 1068 return PJ_TRUE; 1063 } 1069 1064 1070 1065 1071 status = tls_start_read(tls); … … 1332 1338 pj_ssl_sock_info ssl_info; 1333 1339 pj_sockaddr_in addr, *tp_addr; 1334 1335 1340 pjsip_tp_state_callback *state_cb; 1336 pj_bool_t tls_verif_ignored;1341 pj_bool_t is_shutdown; 1337 1342 1338 1343 tls = (struct tls_transport*) pj_ssl_sock_get_user_data(ssock); … … 1433 1438 } 1434 1439 1435 tls_verif_ignored = !tls->verify_server; 1440 /* Prevent immediate transport destroy as application may access it 1441 * (getting info, etc) in transport state notification callback. 1442 */ 1443 pjsip_transport_add_ref(&tls->base); 1444 1445 /* If there is verification error and verification is mandatory, shutdown 1446 * and destroy the transport. 1447 */ 1448 if (ssl_info.verify_status && tls->verify_server) { 1449 if (tls->close_reason == PJ_SUCCESS) 1450 tls->close_reason = PJSIP_TLS_ECERTVERIF; 1451 pjsip_transport_shutdown(&tls->base); 1452 } 1436 1453 1437 1454 /* Notify transport state to application */ … … 1442 1459 pj_uint32_t tp_state = 0; 1443 1460 1444 /* Init transport state notification callback*/1461 /* Init transport state info */ 1445 1462 pj_bzero(&state_info, sizeof(state_info)); 1446 1463 pj_bzero(&tls_info, sizeof(tls_info)); 1447 1448 /* Set transport state info */1449 1464 state_info.ext_info = &tls_info; 1450 1465 tls_info.ssl_sock_info = &ssl_info; 1451 1466 1452 1467 /* Set transport state based on verification status */ 1453 if (ssl_info.verify_status) { 1454 state_info.status = PJSIP_TLS_ECONNECT; 1455 tp_state |= PJSIP_TP_STATE_TLS_VERIF_ERROR; 1456 if (tls->verify_server) 1457 tp_state |= PJSIP_TP_STATE_DISCONNECTED; 1458 else 1459 tp_state |= PJSIP_TP_STATE_CONNECTED; 1468 if (ssl_info.verify_status && tls->verify_server) 1469 { 1470 tp_state = PJSIP_TP_STATE_DISCONNECTED; 1471 state_info.status = PJSIP_TLS_ECERTVERIF; 1460 1472 } else { 1461 tp_state |= PJSIP_TP_STATE_CONNECTED; 1473 tp_state = PJSIP_TP_STATE_CONNECTED; 1474 state_info.status = PJ_SUCCESS; 1462 1475 } 1463 1476 1464 tls_verif_ignored = (*state_cb)(&tls->base, tp_state, &state_info); 1465 } 1466 1467 /* Transport should be shutdown when there is TLS verification error 1468 * and application doesn't want to ignore it. 1469 */ 1470 if (ssl_info.verify_status && 1471 (tls->verify_server || !tls_verif_ignored)) 1472 { 1473 if (tls->close_reason == PJ_SUCCESS) 1474 tls->close_reason = PJSIP_TLS_ECONNECT; 1475 pjsip_transport_shutdown(&tls->base); 1477 (*state_cb)(&tls->base, tp_state, &state_info); 1478 } 1479 1480 /* Release transport reference. If transport is shutting down, it may 1481 * get destroyed here. 1482 */ 1483 is_shutdown = tls->base.is_shutdown; 1484 pjsip_transport_dec_ref(&tls->base); 1485 if (is_shutdown) 1476 1486 return PJ_FALSE; 1477 } 1487 1478 1488 1479 1489 /* Mark that pending connect() operation has completed. */
Note: See TracChangeset
for help on using the changeset viewer.