Changeset 4770


Ignore:
Timestamp:
Feb 27, 2014 6:16:36 AM (8 years ago)
Author:
nanang
Message:

Fixed #1740: TLS will be used whenever request URI uses "sips" scheme regardless the target-URI scheme/transport. This behavior is configurable via 'PJSIP_DONT_SWITCH_TO_TLS' in compile-time, or 'pjsip_cfg()->disable_tls_switch' in run-time.

Location:
pjproject/trunk/pjsip
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • pjproject/trunk/pjsip/include/pjsip/sip_config.h

    r4720 r4770  
    113113 
    114114        /** 
     115         * Disable automatic switching to TLS if target-URI does not use 
     116         * "sips" scheme nor TLS transport, even when request-URI uses 
     117         * "sips" scheme. 
     118         * 
     119         * Default is PJSIP_DONT_SWITCH_TO_TLS. 
     120         */ 
     121        pj_bool_t disable_tls_switch; 
     122 
     123        /** 
    115124         * Enable call media session to always be updated to the latest 
    116125         * received early media SDP when receiving forked early media 
     
    310319 
    311320/** 
     321 * As specified RFC 3261 section 8.1.2, when request-URI uses "sips" scheme, 
     322 * TLS must always be used regardless of the target-URI scheme or transport 
     323 * type. 
     324 * 
     325 * This option will specify whether the behavior of automatic switching to TLS 
     326 * should be disabled, i.e: regard the target-URI scheme or transport type. 
     327 * 
     328 * This option can also be controlled at run-time by the \a disable_tls_switch 
     329 * setting in pjsip_cfg_t. 
     330 * 
     331 * Default is 0 (no). 
     332 */ 
     333#ifndef PJSIP_DONT_SWITCH_TO_TLS 
     334#   define PJSIP_DONT_SWITCH_TO_TLS     0 
     335#endif 
     336 
     337 
     338/** 
    312339 * Specify whether the call media session should be updated to the latest 
    313340 * received early media SDP when receiving forked early media (multiple 183 
  • pjproject/trunk/pjsip/src/pjsip/sip_config.c

    r4442 r4770  
    3131       0, 
    3232       PJSIP_DONT_SWITCH_TO_TCP, 
     33       PJSIP_DONT_SWITCH_TO_TLS, 
    3334       PJSIP_FOLLOW_EARLY_MEDIA_FORK, 
    3435       PJSIP_REQ_HAS_VIA_ALIAS 
  • pjproject/trunk/pjsip/src/pjsip/sip_util.c

    r4537 r4770  
    803803/* Fill-up destination information from a target URI */ 
    804804static pj_status_t get_dest_info(const pjsip_uri *target_uri,  
     805                                 const pjsip_uri *request_uri,  
    805806                                 pj_pool_t *pool, 
    806807                                 pjsip_host_info *dest_info) 
     
    811812    pj_bzero(dest_info, sizeof(*dest_info)); 
    812813 
    813     if (PJSIP_URI_SCHEME_IS_SIPS(target_uri)) { 
     814    /* When request URI uses sips scheme, TLS must always be used regardless 
     815     * of the target scheme or transport type (see ticket #1740). 
     816     */ 
     817    if (PJSIP_URI_SCHEME_IS_SIPS(target_uri) ||  
     818        (pjsip_cfg()->endpt.disable_tls_switch == 0 && request_uri && 
     819         PJSIP_URI_SCHEME_IS_SIPS(request_uri))) 
     820    { 
    814821        pjsip_uri *uri = (pjsip_uri*) target_uri; 
    815822        const pjsip_sip_uri *url=(const pjsip_sip_uri*)pjsip_uri_get_uri(uri); 
    816823        unsigned flag; 
     824 
     825        if (!PJSIP_URI_SCHEME_IS_SIPS(target_uri)) { 
     826            PJ_LOG(4,(THIS_FILE, "Automatic switch to TLS transport as " 
     827                                 "request-URI uses ""sips"" scheme.")); 
     828        } 
    817829 
    818830        dest_info->flag |= (PJSIP_TRANSPORT_SECURE | PJSIP_TRANSPORT_RELIABLE); 
     
    896908    } 
    897909 
    898     return get_dest_info(target_uri, (pj_pool_t*)tdata->pool, dest_info); 
     910    return get_dest_info(target_uri, tdata->msg->line.req.uri, 
     911                         (pj_pool_t*)tdata->pool, dest_info); 
    899912} 
    900913 
     
    9991012 
    10001013    /* Fill up the destination host/port from the URI. */ 
    1001     status = get_dest_info(target_uri, tdata->pool, dest_info); 
     1014    status = get_dest_info(target_uri, new_request_uri, tdata->pool, 
     1015                           dest_info); 
    10021016    if (status != PJ_SUCCESS) 
    10031017        return status; 
     
    14961510 
    14971511    /* Build destination info. */ 
    1498     status = get_dest_info(uri, tdata->pool, &dest_info); 
     1512    status = get_dest_info(uri, NULL, tdata->pool, &dest_info); 
    14991513    if (status != PJ_SUCCESS) { 
    15001514        pjsip_tx_data_dec_ref(tdata); 
Note: See TracChangeset for help on using the changeset viewer.