kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update patches imported from asterisk project to latest version.

Browse source 
Obtained from:	164e5372a2
This commit is contained in:
Guido Falsi 2019-11-02 14:43:56 +00:00
parent f5387ff86c
commit 8ac233b16f
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=516330
5 changed files with 262 additions and 1272 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/pjsip/Makefile
View file

@ -2,7 +2,7 @@
PORTNAME= pjsip
PORTVERSION= 2.9
PORTREVISION= 2
PORTREVISION= 3
CATEGORIES= net
MASTER_SITES= http://www.pjsip.org/release/${PORTVERSION}/
DISTNAME= pjproject-${DISTVERSION}

129
net/pjsip/files/patch-0030
View file

@ -1,60 +1,105 @@
From 8d0652d4a02c7b8da58b1b98421cfda57056184d Mon Sep 17 00:00:00 2001
From 489281f29fc7b97143cf79154f22e5007adaba39 Mon Sep 17 00:00:00 2001
From: George Joseph <gjoseph@digium.com>
Date: Tue, 24 Sep 2019 06:41:16 -0600
Subject: [PATCH 30/33] Revert "Misc (re #2147): Fixed warnings in SSL socket:
redefinition of typedef 'pj_ssl_sock_t' and unused 'get_pem'."
Date: Wed, 9 Oct 2019 07:49:44 -0600
Subject: [PATCH 30/31] ssl regression fix
This reverts commit 688a9b0de685328f62b2df86304b44c21e4460ae.
---
pjlib/src/pj/ssl_sock_imp_common.h | 4 ++--
pjlib/src/pj/ssl_sock_ossl.c | 5 +----
2 files changed, 3 insertions(+), 6 deletions(-)
pjlib/src/pj/ssl_sock_gtls.c | 6 ++++--
pjlib/src/pj/ssl_sock_imp_common.c | 4 ++++
pjlib/src/pj/ssl_sock_imp_common.h | 3 +++
pjlib/src/pj/ssl_sock_ossl.c | 9 +++++----
4 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/pjlib/src/pj/ssl_sock_gtls.c b/pjlib/src/pj/ssl_sock_gtls.c
index 311b7b757..484770ae4 100644
--- pjlib/src/pj/ssl_sock_gtls.c
+++ pjlib/src/pj/ssl_sock_gtls.c
@@ -1050,7 +1050,8 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
goto us_out;
tls_cert_get_info(ssock->pool, &ssock->local_cert_info, cert);
- tls_cert_get_chain_raw(ssock->pool, &ssock->local_cert_info, us, 1);
+ pj_pool_reset(ssock->info_pool);
+ tls_cert_get_chain_raw(ssock->info_pool, &ssock->local_cert_info, us, 1);
us_out:
tls_last_error = ret;
@@ -1077,7 +1078,8 @@ us_out:
goto peer_out;
tls_cert_get_info(ssock->pool, &ssock->remote_cert_info, cert);
- tls_cert_get_chain_raw(ssock->pool, &ssock->remote_cert_info, certs,
+ pj_pool_reset(ssock->info_pool);
+ tls_cert_get_chain_raw(ssock->info_pool, &ssock->remote_cert_info, certs,
certslen);
peer_out:
diff --git a/pjlib/src/pj/ssl_sock_imp_common.c b/pjlib/src/pj/ssl_sock_imp_common.c
index e6273d832..51a62a2fb 100644
--- pjlib/src/pj/ssl_sock_imp_common.c
+++ pjlib/src/pj/ssl_sock_imp_common.c
@@ -616,6 +616,7 @@ static void ssl_on_destroy(void *arg)
}
/* Secure release pool, i.e: all memory blocks will be zeroed first */
+ pj_pool_secure_release(&ssock->info_pool);
pj_pool_secure_release(&ssock->pool);
}
@@ -1262,15 +1263,18 @@ PJ_DEF(pj_status_t) pj_ssl_sock_create (pj_pool_t *pool,
{
pj_ssl_sock_t *ssock;
pj_status_t status;
+ pj_pool_t *info_pool;
PJ_ASSERT_RETURN(pool && param && p_ssock, PJ_EINVAL);
PJ_ASSERT_RETURN(param->sock_type == pj_SOCK_STREAM(), PJ_ENOTSUP);
+ info_pool = pj_pool_create(pool->factory, "ssl_chain%p", 512, 512, NULL);
pool = pj_pool_create(pool->factory, "ssl%p", 512, 512, NULL);
/* Create secure socket */
ssock = ssl_alloc(pool);
ssock->pool = pool;
+ ssock->info_pool = info_pool;
ssock->sock = PJ_INVALID_SOCKET;
ssock->ssl_state = SSL_STATE_NULL;
ssock->circ_buf_input.owner = ssock;
diff --git a/pjlib/src/pj/ssl_sock_imp_common.h b/pjlib/src/pj/ssl_sock_imp_common.h
index 09f259ef7..4edbb3b82 100644
index 09f259ef7..eb45f14e0 100644
--- pjlib/src/pj/ssl_sock_imp_common.h
+++ pjlib/src/pj/ssl_sock_imp_common.h
@@ -93,7 +93,7 @@ typedef struct circ_buf_t {
/*
* Secure socket structure definition.
*/
-struct pj_ssl_sock_t
+typedef struct pj_ssl_sock_t
@@ -96,6 +96,9 @@ typedef struct circ_buf_t {
struct pj_ssl_sock_t
{
pj_pool_t *pool;
+ pj_pool_t *info_pool; /* this is for certificate chain
+ * information allocation. Don't use for
+ * other purposes. */
pj_ssl_sock_t *parent;
@@ -139,7 +139,7 @@ struct pj_ssl_sock_t
circ_buf_t circ_buf_output;
pj_lock_t *circ_buf_output_mutex;
-};
+} pj_ssl_sock_t;
/*
pj_ssl_sock_param param;
pj_ssl_sock_param newsock_param;
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
index b4ac5c15f..debb105b1 100644
index b4ac5c15f..2545b7c37 100644
--- pjlib/src/pj/ssl_sock_ossl.c
+++ pjlib/src/pj/ssl_sock_ossl.c
@@ -37,6 +37,7 @@
#if defined(PJ_HAS_SSL_SOCK) && PJ_HAS_SSL_SOCK != 0 && \
(PJ_SSL_SOCK_IMP == PJ_SSL_SOCK_IMP_OPENSSL)
@@ -1637,11 +1637,12 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
+#include "ssl_sock_imp_common.h"
#include "ssl_sock_imp_common.c"
chain = SSL_get_peer_cert_chain(ossock->ossl_ssl);
if (chain) {
- ssl_update_remote_cert_chain_info(ssock->pool,
- &ssock->remote_cert_info,
- chain, PJ_TRUE);
+ pj_pool_reset(ssock->info_pool);
+ ssl_update_remote_cert_chain_info(ssock->info_pool,
+ &ssock->remote_cert_info,
+ chain, PJ_TRUE);
} else {
- ssock->remote_cert_info.raw_chain.cnt = 0;
+ ssock->remote_cert_info.raw_chain.cnt = 0;
}
}
#define THIS_FILE "ssl_sock_ossl.c"
@@ -1575,10 +1576,6 @@ static void ssl_update_remote_cert_chain_info(pj_pool_t *pool,
{
int i;
- /* For now, get_pem has to be PJ_TRUE */
- pj_assert(get_pem);
- PJ_UNUSED_ARG(get_pem);
-
ci->raw_chain.cert_raw = (pj_str_t *)pj_pool_calloc(pool,
sk_X509_num(chain),
sizeof(pj_str_t));
--
2.21.0

245
net/pjsip/files/patch-0031
View file

@ -1,84 +1,187 @@
From 616a13933f33a6d74f84d85b5bfb858279a09e2d Mon Sep 17 00:00:00 2001
From 9c6108ca392d5e0392e7fb5d2ffde85e3c44ce55 Mon Sep 17 00:00:00 2001
From: George Joseph <gjoseph@digium.com>
Date: Tue, 24 Sep 2019 06:42:04 -0600
Subject: [PATCH 31/33] Revert "Fixed #2204: Add OpenSSL remote certificate
chain info"
Date: Wed, 9 Oct 2019 07:50:32 -0600
Subject: [PATCH 31/31] transport regression fix
This reverts commit f71d60c866c4572a7c8398fe982416771fc6a7f5.
---
pjlib/src/pj/ssl_sock_ossl.c | 45 ------------------------------------
1 file changed, 45 deletions(-)
pjsip/src/pjsip/sip_transport.c | 73 +++++++++++++++++++++++++++------
1 file changed, 61 insertions(+), 12 deletions(-)
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
index debb105b1..109c5c1e2 100644
--- pjlib/src/pj/ssl_sock_ossl.c
+++ pjlib/src/pj/ssl_sock_ossl.c
@@ -1566,41 +1566,6 @@ static void get_cert_info(pj_pool_t *pool, pj_ssl_cert_info *ci, X509 *x,
}
diff --git a/pjsip/src/pjsip/sip_transport.c b/pjsip/src/pjsip/sip_transport.c
index 65ac823d4..da6b70e50 100644
--- pjsip/src/pjsip/sip_transport.c
+++ pjsip/src/pjsip/sip_transport.c
@@ -50,6 +50,24 @@ static const char *addr_string(const pj_sockaddr_t *addr)
str, sizeof(str));
return str;
}
-/* Update remote certificates chain info. This function should be
- * called after handshake or renegotiation successfully completed.
- */
-static void ssl_update_remote_cert_chain_info(pj_pool_t *pool,
- pj_ssl_cert_info *ci,
- STACK_OF(X509) *chain,
- pj_bool_t get_pem)
-{
- int i;
-
- ci->raw_chain.cert_raw = (pj_str_t *)pj_pool_calloc(pool,
- sk_X509_num(chain),
- sizeof(pj_str_t));
- ci->raw_chain.cnt = sk_X509_num(chain);
-
- for (i = 0; i < sk_X509_num(chain); i++) {
- BIO *bio;
- BUF_MEM *ptr;
- X509 *x = sk_X509_value(chain, i);
-
- bio = BIO_new(BIO_s_mem());
-
- if (!PEM_write_bio_X509(bio, x)) {
- PJ_LOG(3, (THIS_FILE, "Error retrieving raw certificate info"));
- ci->raw_chain.cert_raw[i].ptr = NULL;
- ci->raw_chain.cert_raw[i].slen = 0;
- } else {
- BIO_write(bio, "\0", 1);
- BIO_get_mem_ptr(bio, &ptr);
- pj_strdup2(pool, &ci->raw_chain.cert_raw[i], ptr->data );
- }
-
- BIO_free(bio);
- }
-}
/* Update local & remote certificates info. This function should be
* called after handshake or renegotiation successfully completed.
@@ -1609,7 +1574,6 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
{
ossl_sock_t *ossock = (ossl_sock_t *)ssock;
X509 *x;
- STACK_OF(X509) *chain;
pj_assert(ssock->ssl_state == SSL_STATE_ESTABLISHED);
@@ -1631,15 +1595,6 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
+static const char* print_tpsel_info(const pjsip_tpselector *sel)
+{
+ static char tpsel_info_buf[80];
+ if (!sel) return "(null)";
+ if (sel->type==PJSIP_TPSELECTOR_LISTENER)
+ pj_ansi_snprintf(tpsel_info_buf, sizeof(tpsel_info_buf),
+ "listener[%s], reuse=%d", sel->u.listener->obj_name,
+ !sel->disable_connection_reuse);
+ else if (sel->type==PJSIP_TPSELECTOR_TRANSPORT)
+ pj_ansi_snprintf(tpsel_info_buf, sizeof(tpsel_info_buf),
+ "transport[%s], reuse=%d", sel->u.transport->info,
+ !sel->disable_connection_reuse);
+ else
+ pj_ansi_snprintf(tpsel_info_buf, sizeof(tpsel_info_buf),
+ "unknown[%p], reuse=%d", sel->u.ptr,
+ !sel->disable_connection_reuse);
+ return tpsel_info_buf;
+}
#else
# define TRACE_(x)
#endif
@@ -1210,10 +1228,14 @@ PJ_DEF(pj_status_t) pjsip_transport_register( pjsip_tpmgr *mgr,
* new transport to the list.
*/
pj_list_push_back(tp_ref, tp_add);
+ TRACE_((THIS_FILE, "Remote address already registered, "
+ "appended the transport to the list"));
} else {
pj_bzero(&ssock->remote_cert_info, sizeof(pj_ssl_cert_info));
/* Transport list not found, add it to the hash table. */
pj_hash_set_np(mgr->table, &tp->key, key_len, hval, tp_add->tp_buf,
tp_add);
+ TRACE_((THIS_FILE, "Remote address not registered, "
+ "added the transport to the hash"));
}
-
- chain = SSL_get_peer_cert_chain(ossock->ossl_ssl);
- if (chain) {
- ssl_update_remote_cert_chain_info(ssock->pool,
- &ssock->remote_cert_info,
- chain, PJ_TRUE);
- } else {
- ssock->remote_cert_info.raw_chain.cnt = 0;
- }
/* Add ref transport group lock, if any */
@@ -1283,6 +1305,13 @@ static pj_status_t destroy_transport( pjsip_tpmgr *mgr,
/* The transport list has multiple entry. */
pj_hash_set_np(mgr->table, &tp_next->tp->key, key_len,
hval, tp_next->tp_buf, tp_next);
+ TRACE_((THIS_FILE, "Hash entry updated after "
+ "transport %d being destroyed",
+ tp->obj_name));
+ } else {
+ TRACE_((THIS_FILE, "Hash entry deleted after "
+ "transport %d being destroyed",
+ tp->obj_name));
}
}
@@ -1294,6 +1323,14 @@ static pj_status_t destroy_transport( pjsip_tpmgr *mgr,
}
tp_iter = tp_iter->next;
} while (tp_iter != tp_ref);
+
+ if (tp_iter->tp != tp) {
+ PJ_LOG(3, (THIS_FILE, "Warning: transport %s being destroyed is "
+ "not registered", tp->obj_name));
+ }
+ } else {
+ PJ_LOG(3, (THIS_FILE, "Warning: transport %s being destroyed is "
+ "not found in the hash table", tp->obj_name));
}
pj_lock_release(mgr->lock);
@@ -2159,6 +2196,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport(pjsip_tpmgr *mgr,
NULL, tp);
}
+
/*
* pjsip_tpmgr_acquire_transport2()
*
@@ -2176,8 +2214,9 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
pjsip_tpfactory *factory;
pj_status_t status;
- TRACE_((THIS_FILE,"Acquiring transport type=%s, remote=%s:%d",
+ TRACE_((THIS_FILE,"Acquiring transport type=%s, sel=%s remote=%s:%d",
pjsip_transport_get_type_name(type),
+ print_tpsel_info(sel),
addr_string(remote),
pj_sockaddr_get_port(remote)));
@@ -2194,6 +2233,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
/* See if the transport is (not) suitable */
if (seltp->key.type != type) {
pj_lock_release(mgr->lock);
+ TRACE_((THIS_FILE, "Transport type in tpsel not matched"));
return PJSIP_ETPNOTSUITABLE;
}
@@ -2234,6 +2274,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
{
if (sel->u.listener->type != type) {
pj_lock_release(mgr->lock);
+ TRACE_((THIS_FILE, "Listener type in tpsel not matched"));
return PJSIP_ETPNOTSUITABLE;
}
}
@@ -2249,21 +2290,25 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
tp_entry = (transport *)pj_hash_get(mgr->table, &key, key_len,
NULL);
if (tp_entry) {
- if (sel && sel->type == PJSIP_TPSELECTOR_LISTENER) {
- transport *tp_iter = tp_entry;
- do {
+ transport *tp_iter = tp_entry;
+ do {
+ /* Don't use transport being shutdown */
+ if (!tp_iter->tp->is_shutdown) {
if (sel && sel->type == PJSIP_TPSELECTOR_LISTENER &&
- sel->u.listener &&
- tp_iter->tp->factory == sel->u.listener)
+ sel->u.listener)
{
+ /* Match listener if selector is set */
+ if (tp_iter->tp->factory == sel->u.listener) {
+ tp_ref = tp_iter->tp;
+ break;
+ }
+ } else {
tp_ref = tp_iter->tp;
break;
}
- tp_iter = tp_iter->next;
- } while (tp_iter != tp_entry);
- } else {
- tp_ref = tp_entry->tp;
- }
+ }
+ tp_iter = tp_iter->next;
+ } while (tp_iter != tp_entry);
}
}
@@ -2276,7 +2321,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
/* Ignore address for loop transports. */
if (type == PJSIP_TRANSPORT_LOOP ||
- type == PJSIP_TRANSPORT_LOOP_DGRAM)
+ type == PJSIP_TRANSPORT_LOOP_DGRAM)
{
pj_sockaddr *addr = &key.rem_addr;
@@ -2315,6 +2360,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
* 'duplicate' of the existing transport (same type & remote addr,
* but different factory).
*/
+ TRACE_((THIS_FILE, "Transport found but from different listener"));
}
if (tp_ref!=NULL && !tp_ref->is_shutdown) {
@@ -2347,10 +2393,13 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
*/
/* Verify that the listener type matches the destination type */
+ /* Already checked above. */
+ /*
if (sel->u.listener->type != type) {
pj_lock_release(mgr->lock);
return PJSIP_ETPNOTSUITABLE;
}
+ */
/* We'll use this listener to create transport */
factory = sel->u.listener;
--
2.21.0

64
net/pjsip/files/patch-0032
View file

@ -1,64 +0,0 @@
From 17cd744e19cd332a219a512770fa6e18453044ba Mon Sep 17 00:00:00 2001
From: George Joseph <gjoseph@digium.com>
Date: Tue, 24 Sep 2019 06:45:25 -0600
Subject: [PATCH 32/33] Revert "Re #2147 (misc): Fix failed pjsip-test
(transport_loop_test) caused by r6002."
This reverts commit 342148f5bcf3a6b0029ce834b8567c2cd691b15b.
---
pjsip/src/pjsip/sip_transport.c | 12 +++++-------
pjsip/src/pjsip/sip_transport_loop.c | 2 +-
pjsip/src/test/transport_loop_test.c | 1 -
3 files changed, 6 insertions(+), 9 deletions(-)
diff --git a/pjsip/src/pjsip/sip_transport.c b/pjsip/src/pjsip/sip_transport.c
index 65ac823d4..d63823a98 100644
--- pjsip/src/pjsip/sip_transport.c
+++ pjsip/src/pjsip/sip_transport.c
@@ -1222,13 +1222,11 @@ PJ_DEF(pj_status_t) pjsip_transport_register( pjsip_tpmgr *mgr,
pj_lock_release(mgr->lock);
- TRACE_((THIS_FILE, "Transport %s registered: type=%s, remote=%s:%d",
- tp->obj_name,
- pjsip_transport_get_type_name(tp->key.type),
- pj_sockaddr_has_addr(&tp->key.rem_addr)?
- addr_string(&tp->key.rem_addr):"",
- pj_sockaddr_has_addr(&tp->key.rem_addr)?
- pj_sockaddr_get_port(&tp->key.rem_addr):0));
+ TRACE_((THIS_FILE,"Transport %s registered: type=%s, remote=%s:%d",
+ tp->obj_name,
+ pjsip_transport_get_type_name(tp->key.type),
+ addr_string(&tp->key.rem_addr),
+ pj_sockaddr_get_port(&tp->key.rem_addr)));
return PJ_SUCCESS;
}
diff --git a/pjsip/src/pjsip/sip_transport_loop.c b/pjsip/src/pjsip/sip_transport_loop.c
index 37e20e69b..24e1a5f69 100644
--- pjsip/src/pjsip/sip_transport_loop.c
+++ pjsip/src/pjsip/sip_transport_loop.c
@@ -376,7 +376,7 @@ PJ_DEF(pj_status_t) pjsip_loop_start( pjsip_endpoint *endpt,
if (status != PJ_SUCCESS)
goto on_error;
loop->base.key.type = PJSIP_TRANSPORT_LOOP_DGRAM;
- //loop->base.key.rem_addr.addr.sa_family = pj_AF_INET();
+ loop->base.key.rem_addr.addr.sa_family = pj_AF_INET();
loop->base.type_name = "LOOP-DGRAM";
loop->base.info = "LOOP-DGRAM";
loop->base.flag = PJSIP_TRANSPORT_DATAGRAM;
diff --git a/pjsip/src/test/transport_loop_test.c b/pjsip/src/test/transport_loop_test.c
index 5f2f03904..efa2ea116 100644
--- pjsip/src/test/transport_loop_test.c
+++ pjsip/src/test/transport_loop_test.c
@@ -36,7 +36,6 @@ static int datagram_loop_test()
PJ_LOG(3,(THIS_FILE, "testing datagram loop transport"));
- pj_sockaddr_in_init(&addr, NULL, 0);
/* Test acquire transport. */
status = pjsip_endpt_acquire_transport( endpt, PJSIP_TRANSPORT_LOOP_DGRAM,
&addr, sizeof(addr), NULL, &loop);
--
2.21.0

1094
net/pjsip/files/patch-0033
View file

File diff suppressed because it is too large Load diff