svn commit: r516330 - in head/net/pjsip: . files
Guido Falsi
madpilot at FreeBSD.org
Sat Nov 2 14:43:58 UTC 2019
Author: madpilot
Date: Sat Nov 2 14:43:56 2019
New Revision: 516330
URL: https://svnweb.freebsd.org/changeset/ports/516330
Log:
Update patches imported from asterisk project to latest version.
Obtained from: https://gerrit.asterisk.org/plugins/gitiles/asterisk/+/164e5372a213bd3264870d614f006df2be043938
Deleted:
head/net/pjsip/files/patch-0032
head/net/pjsip/files/patch-0033
Modified:
head/net/pjsip/Makefile
head/net/pjsip/files/patch-0030
head/net/pjsip/files/patch-0031
Modified: head/net/pjsip/Makefile
==============================================================================
--- head/net/pjsip/Makefile Sat Nov 2 14:33:44 2019 (r516329)
+++ head/net/pjsip/Makefile Sat Nov 2 14:43:56 2019 (r516330)
@@ -2,7 +2,7 @@
PORTNAME= pjsip
PORTVERSION= 2.9
-PORTREVISION= 2
+PORTREVISION= 3
CATEGORIES= net
MASTER_SITES= http://www.pjsip.org/release/${PORTVERSION}/
DISTNAME= pjproject-${DISTVERSION}
Modified: head/net/pjsip/files/patch-0030
==============================================================================
--- head/net/pjsip/files/patch-0030 Sat Nov 2 14:33:44 2019 (r516329)
+++ head/net/pjsip/files/patch-0030 Sat Nov 2 14:43:56 2019 (r516330)
@@ -1,60 +1,105 @@
-From 8d0652d4a02c7b8da58b1b98421cfda57056184d Mon Sep 17 00:00:00 2001
+From 489281f29fc7b97143cf79154f22e5007adaba39 Mon Sep 17 00:00:00 2001
From: George Joseph <gjoseph at digium.com>
-Date: Tue, 24 Sep 2019 06:41:16 -0600
-Subject: [PATCH 30/33] Revert "Misc (re #2147): Fixed warnings in SSL socket:
- redefinition of typedef 'pj_ssl_sock_t' and unused 'get_pem'."
+Date: Wed, 9 Oct 2019 07:49:44 -0600
+Subject: [PATCH 30/31] ssl regression fix
-This reverts commit 688a9b0de685328f62b2df86304b44c21e4460ae.
---
- pjlib/src/pj/ssl_sock_imp_common.h | 4 ++--
- pjlib/src/pj/ssl_sock_ossl.c | 5 +----
- 2 files changed, 3 insertions(+), 6 deletions(-)
+ pjlib/src/pj/ssl_sock_gtls.c | 6 ++++--
+ pjlib/src/pj/ssl_sock_imp_common.c | 4 ++++
+ pjlib/src/pj/ssl_sock_imp_common.h | 3 +++
+ pjlib/src/pj/ssl_sock_ossl.c | 9 +++++----
+ 4 files changed, 16 insertions(+), 6 deletions(-)
+diff --git a/pjlib/src/pj/ssl_sock_gtls.c b/pjlib/src/pj/ssl_sock_gtls.c
+index 311b7b757..484770ae4 100644
+--- pjlib/src/pj/ssl_sock_gtls.c
++++ pjlib/src/pj/ssl_sock_gtls.c
+@@ -1050,7 +1050,8 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
+ goto us_out;
+
+ tls_cert_get_info(ssock->pool, &ssock->local_cert_info, cert);
+- tls_cert_get_chain_raw(ssock->pool, &ssock->local_cert_info, us, 1);
++ pj_pool_reset(ssock->info_pool);
++ tls_cert_get_chain_raw(ssock->info_pool, &ssock->local_cert_info, us, 1);
+
+ us_out:
+ tls_last_error = ret;
+@@ -1077,7 +1078,8 @@ us_out:
+ goto peer_out;
+
+ tls_cert_get_info(ssock->pool, &ssock->remote_cert_info, cert);
+- tls_cert_get_chain_raw(ssock->pool, &ssock->remote_cert_info, certs,
++ pj_pool_reset(ssock->info_pool);
++ tls_cert_get_chain_raw(ssock->info_pool, &ssock->remote_cert_info, certs,
+ certslen);
+
+ peer_out:
+diff --git a/pjlib/src/pj/ssl_sock_imp_common.c b/pjlib/src/pj/ssl_sock_imp_common.c
+index e6273d832..51a62a2fb 100644
+--- pjlib/src/pj/ssl_sock_imp_common.c
++++ pjlib/src/pj/ssl_sock_imp_common.c
+@@ -616,6 +616,7 @@ static void ssl_on_destroy(void *arg)
+ }
+
+ /* Secure release pool, i.e: all memory blocks will be zeroed first */
++ pj_pool_secure_release(&ssock->info_pool);
+ pj_pool_secure_release(&ssock->pool);
+ }
+
+@@ -1262,15 +1263,18 @@ PJ_DEF(pj_status_t) pj_ssl_sock_create (pj_pool_t *pool,
+ {
+ pj_ssl_sock_t *ssock;
+ pj_status_t status;
++ pj_pool_t *info_pool;
+
+ PJ_ASSERT_RETURN(pool && param && p_ssock, PJ_EINVAL);
+ PJ_ASSERT_RETURN(param->sock_type == pj_SOCK_STREAM(), PJ_ENOTSUP);
+
++ info_pool = pj_pool_create(pool->factory, "ssl_chain%p", 512, 512, NULL);
+ pool = pj_pool_create(pool->factory, "ssl%p", 512, 512, NULL);
+
+ /* Create secure socket */
+ ssock = ssl_alloc(pool);
+ ssock->pool = pool;
++ ssock->info_pool = info_pool;
+ ssock->sock = PJ_INVALID_SOCKET;
+ ssock->ssl_state = SSL_STATE_NULL;
+ ssock->circ_buf_input.owner = ssock;
diff --git a/pjlib/src/pj/ssl_sock_imp_common.h b/pjlib/src/pj/ssl_sock_imp_common.h
-index 09f259ef7..4edbb3b82 100644
+index 09f259ef7..eb45f14e0 100644
--- pjlib/src/pj/ssl_sock_imp_common.h
+++ pjlib/src/pj/ssl_sock_imp_common.h
-@@ -93,7 +93,7 @@ typedef struct circ_buf_t {
- /*
- * Secure socket structure definition.
- */
--struct pj_ssl_sock_t
-+typedef struct pj_ssl_sock_t
+@@ -96,6 +96,9 @@ typedef struct circ_buf_t {
+ struct pj_ssl_sock_t
{
pj_pool_t *pool;
++ pj_pool_t *info_pool; /* this is for certificate chain
++ * information allocation. Don't use for
++ * other purposes. */
pj_ssl_sock_t *parent;
-@@ -139,7 +139,7 @@ struct pj_ssl_sock_t
-
- circ_buf_t circ_buf_output;
- pj_lock_t *circ_buf_output_mutex;
--};
-+} pj_ssl_sock_t;
-
-
- /*
+ pj_ssl_sock_param param;
+ pj_ssl_sock_param newsock_param;
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
-index b4ac5c15f..debb105b1 100644
+index b4ac5c15f..2545b7c37 100644
--- pjlib/src/pj/ssl_sock_ossl.c
+++ pjlib/src/pj/ssl_sock_ossl.c
-@@ -37,6 +37,7 @@
- #if defined(PJ_HAS_SSL_SOCK) && PJ_HAS_SSL_SOCK != 0 && \
- (PJ_SSL_SOCK_IMP == PJ_SSL_SOCK_IMP_OPENSSL)
+@@ -1637,11 +1637,12 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
-+#include "ssl_sock_imp_common.h"
- #include "ssl_sock_imp_common.c"
+ chain = SSL_get_peer_cert_chain(ossock->ossl_ssl);
+ if (chain) {
+- ssl_update_remote_cert_chain_info(ssock->pool,
+- &ssock->remote_cert_info,
+- chain, PJ_TRUE);
++ pj_pool_reset(ssock->info_pool);
++ ssl_update_remote_cert_chain_info(ssock->info_pool,
++ &ssock->remote_cert_info,
++ chain, PJ_TRUE);
+ } else {
+- ssock->remote_cert_info.raw_chain.cnt = 0;
++ ssock->remote_cert_info.raw_chain.cnt = 0;
+ }
+ }
- #define THIS_FILE "ssl_sock_ossl.c"
-@@ -1575,10 +1576,6 @@ static void ssl_update_remote_cert_chain_info(pj_pool_t *pool,
- {
- int i;
-
-- /* For now, get_pem has to be PJ_TRUE */
-- pj_assert(get_pem);
-- PJ_UNUSED_ARG(get_pem);
--
- ci->raw_chain.cert_raw = (pj_str_t *)pj_pool_calloc(pool,
- sk_X509_num(chain),
- sizeof(pj_str_t));
--
2.21.0
Modified: head/net/pjsip/files/patch-0031
==============================================================================
--- head/net/pjsip/files/patch-0031 Sat Nov 2 14:33:44 2019 (r516329)
+++ head/net/pjsip/files/patch-0031 Sat Nov 2 14:43:56 2019 (r516330)
@@ -1,84 +1,187 @@
-From 616a13933f33a6d74f84d85b5bfb858279a09e2d Mon Sep 17 00:00:00 2001
+From 9c6108ca392d5e0392e7fb5d2ffde85e3c44ce55 Mon Sep 17 00:00:00 2001
From: George Joseph <gjoseph at digium.com>
-Date: Tue, 24 Sep 2019 06:42:04 -0600
-Subject: [PATCH 31/33] Revert "Fixed #2204: Add OpenSSL remote certificate
- chain info"
+Date: Wed, 9 Oct 2019 07:50:32 -0600
+Subject: [PATCH 31/31] transport regression fix
-This reverts commit f71d60c866c4572a7c8398fe982416771fc6a7f5.
---
- pjlib/src/pj/ssl_sock_ossl.c | 45 ------------------------------------
- 1 file changed, 45 deletions(-)
+ pjsip/src/pjsip/sip_transport.c | 73 +++++++++++++++++++++++++++------
+ 1 file changed, 61 insertions(+), 12 deletions(-)
-diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
-index debb105b1..109c5c1e2 100644
---- pjlib/src/pj/ssl_sock_ossl.c
-+++ pjlib/src/pj/ssl_sock_ossl.c
-@@ -1566,41 +1566,6 @@ static void get_cert_info(pj_pool_t *pool, pj_ssl_cert_info *ci, X509 *x,
- }
+diff --git a/pjsip/src/pjsip/sip_transport.c b/pjsip/src/pjsip/sip_transport.c
+index 65ac823d4..da6b70e50 100644
+--- pjsip/src/pjsip/sip_transport.c
++++ pjsip/src/pjsip/sip_transport.c
+@@ -50,6 +50,24 @@ static const char *addr_string(const pj_sockaddr_t *addr)
+ str, sizeof(str));
+ return str;
}
++static const char* print_tpsel_info(const pjsip_tpselector *sel)
++{
++ static char tpsel_info_buf[80];
++ if (!sel) return "(null)";
++ if (sel->type==PJSIP_TPSELECTOR_LISTENER)
++ pj_ansi_snprintf(tpsel_info_buf, sizeof(tpsel_info_buf),
++ "listener[%s], reuse=%d", sel->u.listener->obj_name,
++ !sel->disable_connection_reuse);
++ else if (sel->type==PJSIP_TPSELECTOR_TRANSPORT)
++ pj_ansi_snprintf(tpsel_info_buf, sizeof(tpsel_info_buf),
++ "transport[%s], reuse=%d", sel->u.transport->info,
++ !sel->disable_connection_reuse);
++ else
++ pj_ansi_snprintf(tpsel_info_buf, sizeof(tpsel_info_buf),
++ "unknown[%p], reuse=%d", sel->u.ptr,
++ !sel->disable_connection_reuse);
++ return tpsel_info_buf;
++}
+ #else
+ # define TRACE_(x)
+ #endif
+@@ -1210,10 +1228,14 @@ PJ_DEF(pj_status_t) pjsip_transport_register( pjsip_tpmgr *mgr,
+ * new transport to the list.
+ */
+ pj_list_push_back(tp_ref, tp_add);
++ TRACE_((THIS_FILE, "Remote address already registered, "
++ "appended the transport to the list"));
+ } else {
+ /* Transport list not found, add it to the hash table. */
+ pj_hash_set_np(mgr->table, &tp->key, key_len, hval, tp_add->tp_buf,
+ tp_add);
++ TRACE_((THIS_FILE, "Remote address not registered, "
++ "added the transport to the hash"));
+ }
--/* Update remote certificates chain info. This function should be
-- * called after handshake or renegotiation successfully completed.
-- */
--static void ssl_update_remote_cert_chain_info(pj_pool_t *pool,
-- pj_ssl_cert_info *ci,
-- STACK_OF(X509) *chain,
-- pj_bool_t get_pem)
--{
-- int i;
--
-- ci->raw_chain.cert_raw = (pj_str_t *)pj_pool_calloc(pool,
-- sk_X509_num(chain),
-- sizeof(pj_str_t));
-- ci->raw_chain.cnt = sk_X509_num(chain);
--
-- for (i = 0; i < sk_X509_num(chain); i++) {
-- BIO *bio;
-- BUF_MEM *ptr;
-- X509 *x = sk_X509_value(chain, i);
--
-- bio = BIO_new(BIO_s_mem());
--
-- if (!PEM_write_bio_X509(bio, x)) {
-- PJ_LOG(3, (THIS_FILE, "Error retrieving raw certificate info"));
-- ci->raw_chain.cert_raw[i].ptr = NULL;
-- ci->raw_chain.cert_raw[i].slen = 0;
-- } else {
-- BIO_write(bio, "\0", 1);
-- BIO_get_mem_ptr(bio, &ptr);
-- pj_strdup2(pool, &ci->raw_chain.cert_raw[i], ptr->data );
-- }
--
-- BIO_free(bio);
-- }
--}
+ /* Add ref transport group lock, if any */
+@@ -1283,6 +1305,13 @@ static pj_status_t destroy_transport( pjsip_tpmgr *mgr,
+ /* The transport list has multiple entry. */
+ pj_hash_set_np(mgr->table, &tp_next->tp->key, key_len,
+ hval, tp_next->tp_buf, tp_next);
++ TRACE_((THIS_FILE, "Hash entry updated after "
++ "transport %d being destroyed",
++ tp->obj_name));
++ } else {
++ TRACE_((THIS_FILE, "Hash entry deleted after "
++ "transport %d being destroyed",
++ tp->obj_name));
+ }
+ }
- /* Update local & remote certificates info. This function should be
- * called after handshake or renegotiation successfully completed.
-@@ -1609,7 +1574,6 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
- {
- ossl_sock_t *ossock = (ossl_sock_t *)ssock;
- X509 *x;
-- STACK_OF(X509) *chain;
-
- pj_assert(ssock->ssl_state == SSL_STATE_ESTABLISHED);
-
-@@ -1631,15 +1595,6 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
- } else {
- pj_bzero(&ssock->remote_cert_info, sizeof(pj_ssl_cert_info));
+@@ -1294,6 +1323,14 @@ static pj_status_t destroy_transport( pjsip_tpmgr *mgr,
+ }
+ tp_iter = tp_iter->next;
+ } while (tp_iter != tp_ref);
++
++ if (tp_iter->tp != tp) {
++ PJ_LOG(3, (THIS_FILE, "Warning: transport %s being destroyed is "
++ "not registered", tp->obj_name));
++ }
++ } else {
++ PJ_LOG(3, (THIS_FILE, "Warning: transport %s being destroyed is "
++ "not found in the hash table", tp->obj_name));
}
--
-- chain = SSL_get_peer_cert_chain(ossock->ossl_ssl);
-- if (chain) {
-- ssl_update_remote_cert_chain_info(ssock->pool,
-- &ssock->remote_cert_info,
-- chain, PJ_TRUE);
-- } else {
-- ssock->remote_cert_info.raw_chain.cnt = 0;
-- }
+
+ pj_lock_release(mgr->lock);
+@@ -2159,6 +2196,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport(pjsip_tpmgr *mgr,
+ NULL, tp);
}
++
+ /*
+ * pjsip_tpmgr_acquire_transport2()
+ *
+@@ -2176,8 +2214,9 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
+ pjsip_tpfactory *factory;
+ pj_status_t status;
+- TRACE_((THIS_FILE,"Acquiring transport type=%s, remote=%s:%d",
++ TRACE_((THIS_FILE,"Acquiring transport type=%s, sel=%s remote=%s:%d",
+ pjsip_transport_get_type_name(type),
++ print_tpsel_info(sel),
+ addr_string(remote),
+ pj_sockaddr_get_port(remote)));
+
+@@ -2194,6 +2233,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
+ /* See if the transport is (not) suitable */
+ if (seltp->key.type != type) {
+ pj_lock_release(mgr->lock);
++ TRACE_((THIS_FILE, "Transport type in tpsel not matched"));
+ return PJSIP_ETPNOTSUITABLE;
+ }
+
+@@ -2234,6 +2274,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
+ {
+ if (sel->u.listener->type != type) {
+ pj_lock_release(mgr->lock);
++ TRACE_((THIS_FILE, "Listener type in tpsel not matched"));
+ return PJSIP_ETPNOTSUITABLE;
+ }
+ }
+@@ -2249,21 +2290,25 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
+ tp_entry = (transport *)pj_hash_get(mgr->table, &key, key_len,
+ NULL);
+ if (tp_entry) {
+- if (sel && sel->type == PJSIP_TPSELECTOR_LISTENER) {
+- transport *tp_iter = tp_entry;
+- do {
++ transport *tp_iter = tp_entry;
++ do {
++ /* Don't use transport being shutdown */
++ if (!tp_iter->tp->is_shutdown) {
+ if (sel && sel->type == PJSIP_TPSELECTOR_LISTENER &&
+- sel->u.listener &&
+- tp_iter->tp->factory == sel->u.listener)
++ sel->u.listener)
+ {
++ /* Match listener if selector is set */
++ if (tp_iter->tp->factory == sel->u.listener) {
++ tp_ref = tp_iter->tp;
++ break;
++ }
++ } else {
+ tp_ref = tp_iter->tp;
+ break;
+ }
+- tp_iter = tp_iter->next;
+- } while (tp_iter != tp_entry);
+- } else {
+- tp_ref = tp_entry->tp;
+- }
++ }
++ tp_iter = tp_iter->next;
++ } while (tp_iter != tp_entry);
+ }
+ }
+
+@@ -2276,7 +2321,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
+
+ /* Ignore address for loop transports. */
+ if (type == PJSIP_TRANSPORT_LOOP ||
+- type == PJSIP_TRANSPORT_LOOP_DGRAM)
++ type == PJSIP_TRANSPORT_LOOP_DGRAM)
+ {
+ pj_sockaddr *addr = &key.rem_addr;
+
+@@ -2315,6 +2360,7 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
+ * 'duplicate' of the existing transport (same type & remote addr,
+ * but different factory).
+ */
++ TRACE_((THIS_FILE, "Transport found but from different listener"));
+ }
+
+ if (tp_ref!=NULL && !tp_ref->is_shutdown) {
+@@ -2347,10 +2393,13 @@ PJ_DEF(pj_status_t) pjsip_tpmgr_acquire_transport2(pjsip_tpmgr *mgr,
+ */
+
+ /* Verify that the listener type matches the destination type */
++ /* Already checked above. */
++ /*
+ if (sel->u.listener->type != type) {
+ pj_lock_release(mgr->lock);
+ return PJSIP_ETPNOTSUITABLE;
+ }
++ */
+
+ /* We'll use this listener to create transport */
+ factory = sel->u.listener;
--
2.21.0
More information about the svn-ports-head
mailing list