Ignore:
Timestamp:
Feb 25, 2010 11:58:19 AM (12 years ago)
Author:
nanang
Message:

More ticket #1032:

  • Updated transport state notification callback to return void.
  • Updated transport state enum to only contain connected and disconnected, no more bitmask value.
  • Added direction field to SIP transport.
  • Removed remote hostname hash from transport key.
  • Updated cert info dump to return -1 when buffer is insufficient.
  • Added new error code PJSIP_TLS_ECERTVERIF.
  • Updated get_cert_name() in ssl_sock_symbian.c to use heap buffer instead of stack.
  • Minors, e.g: added prefix PJ in cipher types, docs.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c

    r3106 r3110  
    558558    tls->base.key.type = PJSIP_TRANSPORT_TLS; 
    559559    pj_memcpy(&tls->base.key.rem_addr, remote, sizeof(pj_sockaddr_in)); 
    560     tls->base.key.hname = pj_hash_calc_tolower(0, (char*)tls->remote_name.ptr, 
    561                                                &tls->remote_name); 
    562560    tls->base.type_name = "tls"; 
    563561    tls->base.flag = pjsip_transport_get_flag_from_type(PJSIP_TRANSPORT_TLS); 
     
    569567 
    570568    tls->base.addr_len = sizeof(pj_sockaddr_in); 
     569    tls->base.dir = is_server? PJSIP_TP_DIR_INCOMING : PJSIP_TP_DIR_OUTGOING; 
    571570     
    572571    /* Set initial local address */ 
     
    979978    pj_ssl_sock_info ssl_info; 
    980979    char addr[PJ_INET6_ADDRSTRLEN+10]; 
     980    pjsip_tp_state_callback *state_cb; 
     981    pj_bool_t is_shutdown; 
    981982    pj_status_t status; 
    982  
    983     pjsip_tp_state_callback *state_cb; 
    984     pj_bool_t tls_verif_ignored; 
    985983 
    986984    PJ_UNUSED_ARG(src_addr_len); 
     
    10221020    pj_ssl_sock_set_user_data(new_ssock, tls); 
    10231021 
    1024     tls_verif_ignored = !listener->tls_setting.verify_client; 
     1022    /* Prevent immediate transport destroy as application may access it  
     1023     * (getting info, etc) in transport state notification callback. 
     1024     */ 
     1025    pjsip_transport_add_ref(&tls->base); 
     1026 
     1027    /* If there is verification error and verification is mandatory, shutdown 
     1028     * and destroy the transport. 
     1029     */ 
     1030    if (ssl_info.verify_status && listener->tls_setting.verify_client) { 
     1031        if (tls->close_reason == PJ_SUCCESS)  
     1032            tls->close_reason = PJSIP_TLS_ECERTVERIF; 
     1033        pjsip_transport_shutdown(&tls->base); 
     1034    } 
    10251035 
    10261036    /* Notify transport state to application */ 
     
    10291039        pjsip_transport_state_info state_info; 
    10301040        pjsip_tls_state_info tls_info; 
    1031         pj_uint32_t tp_state = 0; 
    1032  
    1033         /* Init transport state notification callback */ 
     1041        pjsip_transport_state tp_state; 
     1042 
     1043        /* Init transport state info */ 
    10341044        pj_bzero(&tls_info, sizeof(tls_info)); 
    10351045        pj_bzero(&state_info, sizeof(state_info)); 
    1036  
    1037         /* Set transport state based on verification status */ 
    1038         if (ssl_info.verify_status) { 
    1039             state_info.status = PJSIP_TLS_EACCEPT; 
    1040             tp_state |= PJSIP_TP_STATE_TLS_VERIF_ERROR; 
    1041             if (listener->tls_setting.verify_client) 
    1042                 tp_state |= PJSIP_TP_STATE_REJECTED; 
    1043             else 
    1044                 tp_state |= PJSIP_TP_STATE_ACCEPTED; 
    1045         } else { 
    1046             tp_state |= PJSIP_TP_STATE_ACCEPTED; 
    1047         } 
    1048  
    10491046        tls_info.ssl_sock_info = &ssl_info; 
    10501047        state_info.ext_info = &tls_info; 
    10511048 
    1052         tls_verif_ignored = (*state_cb)(&tls->base, tp_state, &state_info); 
    1053     } 
    1054  
    1055     /* Transport should be destroyed when there is TLS verification error 
    1056      * and application doesn't want to ignore it. 
    1057      */ 
    1058     if (ssl_info.verify_status &&  
    1059         (listener->tls_setting.verify_client || !tls_verif_ignored)) 
    1060     { 
    1061         tls_destroy(&tls->base, PJSIP_TLS_EACCEPT); 
     1049        /* Set transport state based on verification status */ 
     1050        if (ssl_info.verify_status && listener->tls_setting.verify_client) 
     1051        { 
     1052            tp_state = PJSIP_TP_STATE_DISCONNECTED; 
     1053            state_info.status = PJSIP_TLS_ECERTVERIF; 
     1054        } else { 
     1055            tp_state = PJSIP_TP_STATE_CONNECTED; 
     1056            state_info.status = PJ_SUCCESS; 
     1057        } 
     1058 
     1059        (*state_cb)(&tls->base, tp_state, &state_info); 
     1060    } 
     1061 
     1062    /* Release transport reference. If transport is shutting down, it may 
     1063     * get destroyed here. 
     1064     */ 
     1065    is_shutdown = tls->base.is_shutdown; 
     1066    pjsip_transport_dec_ref(&tls->base); 
     1067    if (is_shutdown) 
    10621068        return PJ_TRUE; 
    1063     } 
     1069 
    10641070 
    10651071    status = tls_start_read(tls); 
     
    13321338    pj_ssl_sock_info ssl_info; 
    13331339    pj_sockaddr_in addr, *tp_addr; 
    1334  
    13351340    pjsip_tp_state_callback *state_cb; 
    1336     pj_bool_t tls_verif_ignored; 
     1341    pj_bool_t is_shutdown; 
    13371342 
    13381343    tls = (struct tls_transport*) pj_ssl_sock_get_user_data(ssock); 
     
    14331438    } 
    14341439 
    1435     tls_verif_ignored = !tls->verify_server; 
     1440    /* Prevent immediate transport destroy as application may access it  
     1441     * (getting info, etc) in transport state notification callback. 
     1442     */ 
     1443    pjsip_transport_add_ref(&tls->base); 
     1444 
     1445    /* If there is verification error and verification is mandatory, shutdown 
     1446     * and destroy the transport. 
     1447     */ 
     1448    if (ssl_info.verify_status && tls->verify_server) { 
     1449        if (tls->close_reason == PJ_SUCCESS)  
     1450            tls->close_reason = PJSIP_TLS_ECERTVERIF; 
     1451        pjsip_transport_shutdown(&tls->base); 
     1452    } 
    14361453 
    14371454    /* Notify transport state to application */ 
     
    14421459        pj_uint32_t tp_state = 0; 
    14431460 
    1444         /* Init transport state notification callback */ 
     1461        /* Init transport state info */ 
    14451462        pj_bzero(&state_info, sizeof(state_info)); 
    14461463        pj_bzero(&tls_info, sizeof(tls_info)); 
    1447  
    1448         /* Set transport state info */ 
    14491464        state_info.ext_info = &tls_info; 
    14501465        tls_info.ssl_sock_info = &ssl_info; 
    14511466 
    14521467        /* Set transport state based on verification status */ 
    1453         if (ssl_info.verify_status) { 
    1454             state_info.status = PJSIP_TLS_ECONNECT; 
    1455             tp_state |= PJSIP_TP_STATE_TLS_VERIF_ERROR; 
    1456             if (tls->verify_server) 
    1457                 tp_state |= PJSIP_TP_STATE_DISCONNECTED; 
    1458             else 
    1459                 tp_state |= PJSIP_TP_STATE_CONNECTED; 
     1468        if (ssl_info.verify_status && tls->verify_server) 
     1469        { 
     1470            tp_state = PJSIP_TP_STATE_DISCONNECTED; 
     1471            state_info.status = PJSIP_TLS_ECERTVERIF; 
    14601472        } else { 
    1461             tp_state |= PJSIP_TP_STATE_CONNECTED; 
     1473            tp_state = PJSIP_TP_STATE_CONNECTED; 
     1474            state_info.status = PJ_SUCCESS; 
    14621475        } 
    14631476 
    1464         tls_verif_ignored = (*state_cb)(&tls->base, tp_state, &state_info); 
    1465     } 
    1466  
    1467     /* Transport should be shutdown when there is TLS verification error 
    1468      * and application doesn't want to ignore it. 
    1469      */ 
    1470     if (ssl_info.verify_status &&  
    1471         (tls->verify_server || !tls_verif_ignored)) 
    1472     { 
    1473         if (tls->close_reason == PJ_SUCCESS)  
    1474             tls->close_reason = PJSIP_TLS_ECONNECT; 
    1475         pjsip_transport_shutdown(&tls->base); 
     1477        (*state_cb)(&tls->base, tp_state, &state_info); 
     1478    } 
     1479 
     1480    /* Release transport reference. If transport is shutting down, it may 
     1481     * get destroyed here. 
     1482     */ 
     1483    is_shutdown = tls->base.is_shutdown; 
     1484    pjsip_transport_dec_ref(&tls->base); 
     1485    if (is_shutdown) 
    14761486        return PJ_FALSE; 
    1477     } 
     1487 
    14781488 
    14791489    /* Mark that pending connect() operation has completed. */ 
Note: See TracChangeset for help on using the changeset viewer.