[Pkg-voip-commits] [resiprocate] 01/09: Imported Upstream version 1.9.0~beta2
Daniel Pocock
pocock at alioth.debian.org
Sat Sep 28 21:17:59 UTC 2013
This is an automated email from the git hooks/post-receive script.
pocock pushed a commit to annotated tag debian-experimental/1.9.0_beta2-1
in repository resiprocate.
commit 7732f3c1907b7d0affa0c113c5009f14727c1597
Author: Daniel Pocock <daniel at pocock.com.au>
Date: Sat Sep 28 22:57:37 2013 +0200
Imported Upstream version 1.9.0~beta2
---
Makefile.am | 2 +
Makefile.in | 19 +-
config.h.in | 9 +
configure | 134 ++++++++++-
configure.ac | 23 +-
reSIProcate_10_0.sln | 37 +--
reTurn/AsyncUdpSocketBase.cxx | 9 +
reTurn/ReTurnConfig.cxx | 2 +
reTurn/ReTurnConfig.hxx | 1 +
reTurn/TcpServer.cxx | 9 +
reTurn/TlsServer.cxx | 9 +
reTurn/reTurnServer.config | 6 +
reTurn/reTurnServer.cxx | 18 ++
.../BasicWsConnectionValidator.cxx | 70 +++---
.../BasicWsConnectionValidator.hxx | 45 ++--
repro/Makefile.am | 4 +
repro/Makefile.in | 41 +++-
repro/ReproRunner.cxx | 102 ++++++--
repro/RequestContext.cxx | 3 +-
repro/monkeys/CookieAuthenticator.cxx | 185 +++++++++++++++
.../monkeys/CookieAuthenticator.hxx | 52 ++---
repro/repro.config | 41 +++-
repro/repro_10_0.vcxproj | 4 +
repro/reprolib_10_0.vcxproj | 12 +-
repro/reprolib_10_0.vcxproj.filters | 12 +
resip/Makefile.am | 5 +-
resip/Makefile.in | 5 +-
resip/dum/ClientInviteSession.cxx | 1 -
resip/dum/Makefile.am | 2 +
resip/dum/Makefile.in | 40 ++--
resip/dum/WsCookieAuthManager.cxx | 201 ++++++++++++++++
.../WsCookieAuthManager.hxx} | 62 +++--
resip/dum/dum_10_0.vcxproj | 2 +
resip/dum/dum_10_0.vcxproj.filters | 6 +
resip/rend/Makefile.am | 1 +
resip/rend/Makefile.in | 2 +-
resip/stack/Connection.cxx | 4 +-
resip/stack/ConnectionBase.cxx | 85 +++++++
resip/stack/ConnectionBase.hxx | 2 +
resip/stack/{WsTransport.cxx => Cookie.cxx} | 92 +++++---
resip/stack/{WsTransport.hxx => Cookie.hxx} | 53 +++--
resip/stack/HeaderHash.cxx | 245 ++++++++++----------
resip/stack/HeaderHash.gperf | 1 +
resip/stack/HeaderTypes.hxx | 1 +
resip/stack/Headers.cxx | 1 +
resip/stack/Headers.hxx | 1 +
resip/stack/Makefile.am | 19 +-
resip/stack/Makefile.in | 58 +++--
resip/stack/SecurityTypes.hxx | 1 +
resip/stack/SipMessage.cxx | 1 +
resip/stack/SipMessage.hxx | 17 +-
resip/stack/SipStack.cxx | 9 +-
resip/stack/SipStack.hxx | 5 +-
resip/stack/Symbols.cxx | 2 +
resip/stack/Symbols.hxx | 2 +
resip/stack/TransportSelector.cxx | 3 +
.../stack/{WsTransport.cxx => WsBaseTransport.cxx} | 33 +--
.../stack/{WsTransport.hxx => WsBaseTransport.hxx} | 30 +--
resip/stack/{WsTransport.hxx => WsConnection.cxx} | 46 ++--
resip/stack/{WsTransport.hxx => WsConnection.hxx} | 45 ++--
.../{WsTransport.hxx => WsConnectionBase.cxx} | 45 ++--
.../{WsTransport.hxx => WsConnectionBase.hxx} | 48 ++--
.../{WsTransport.hxx => WsConnectionValidator.hxx} | 32 +--
resip/stack/WsCookieContext.cxx | 115 +++++++++
.../stack/{WsTransport.hxx => WsCookieContext.hxx} | 52 +++--
resip/stack/WsTransport.cxx | 10 +-
resip/stack/WsTransport.hxx | 8 +-
resip/stack/resiprocate_10_0.vcxproj | 26 ++-
resip/stack/resiprocate_10_0.vcxproj.filters | 39 ++++
resip/stack/ssl/Security.cxx | 70 +-----
.../{WsTransport.hxx => ssl/WssConnection.cxx} | 54 ++---
.../{WsTransport.hxx => ssl/WssConnection.hxx} | 44 ++--
resip/stack/ssl/WssTransport.cxx | 19 +-
resip/stack/ssl/WssTransport.hxx | 11 +-
resiprocate.spec | 6 +-
resiprocate.spec.in | 2 +-
rutil/Data.cxx | 53 +++++
rutil/Data.hxx | 2 +
rutil/FileSystem.cxx | 1 +
rutil/RADIUSDigestAuthenticator.hxx | 5 +
rutil/TransportType.cxx | 15 ++
rutil/TransportType.hxx | 3 +
rutil/dns/ares/ares_init.c | 66 +++---
rutil/test/testCompat.cxx | 56 ++---
84 files changed, 1898 insertions(+), 816 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 9d7d272..98852f2 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -5,7 +5,9 @@ ACLOCAL_AMFLAGS = -I m4
SUBDIRS = rutil
SUBDIRS += resip
+if BUILD_REPRO
SUBDIRS += repro
+endif
if BUILD_TFM
SUBDIRS += tfm
endif
diff --git a/Makefile.in b/Makefile.in
index acc5a81..2693311 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -50,14 +50,15 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
- at BUILD_TFM_TRUE@am__append_1 = tfm
- at BUILD_APPS_TRUE@am__append_2 = apps
+ at BUILD_REPRO_TRUE@am__append_1 = repro
+ at BUILD_TFM_TRUE@am__append_2 = tfm
+ at BUILD_APPS_TRUE@am__append_3 = apps
# The Makefiles for these don't separate SSL stuff yet...
- at USE_SSL_TRUE@am__append_3 = reTurn
- at BUILD_RECON_TRUE@@USE_SSL_TRUE at am__append_4 = reflow resip/recon
- at USE_SSL_TRUE@am__append_5 = presSvr
- at BUILD_P2P_TRUE@@USE_SSL_TRUE at am__append_6 = p2p/s2c/s2c p2p
+ at USE_SSL_TRUE@am__append_4 = reTurn
+ at BUILD_RECON_TRUE@@USE_SSL_TRUE at am__append_5 = reflow resip/recon
+ at USE_SSL_TRUE@am__append_6 = presSvr
+ at BUILD_P2P_TRUE@@USE_SSL_TRUE at am__append_7 = p2p/s2c/s2c p2p
subdir = .
DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
$(srcdir)/Makefile.in $(srcdir)/config.h.in \
@@ -275,9 +276,9 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
AUTOMAKE_OPTIONS = foreign dist-tarZ
ACLOCAL_AMFLAGS = -I m4
-SUBDIRS = rutil resip repro $(am__append_1) $(am__append_2) \
- $(am__append_3) $(am__append_4) $(am__append_5) \
- $(am__append_6)
+SUBDIRS = rutil resip $(am__append_1) $(am__append_2) $(am__append_3) \
+ $(am__append_4) $(am__append_5) $(am__append_6) \
+ $(am__append_7)
#EXTRA_DIST = build-contrib.sh
#EXTRA_DIST += reSIProcate_7_1.sln
diff --git a/config.h.in b/config.h.in
index bd69125..bdcb3e7 100644
--- a/config.h.in
+++ b/config.h.in
@@ -15,6 +15,12 @@
/* BUILD_RECON */
#undef BUILD_RECON
+/* BUILD_REND */
+#undef BUILD_REND
+
+/* BUILD_REPRO */
+#undef BUILD_REPRO
+
/* BUILD_TFM */
#undef BUILD_TFM
@@ -121,6 +127,9 @@
/* RESIP_BIG_ENDIAN */
#undef RESIP_BIG_ENDIAN
+/* RESIP_HAVE_FREERADIUS_CLIENT */
+#undef RESIP_HAVE_FREERADIUS_CLIENT
+
/* Maximum SIP message size to try and parse (bytes) */
#undef RESIP_SIP_MSG_MAX_BYTES
diff --git a/configure b/configure
index 1440470..1941575 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for resiprocate 1.9.0~beta1.
+# Generated by GNU Autoconf 2.69 for resiprocate 1.9.0~beta2.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -587,8 +587,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='resiprocate'
PACKAGE_TARNAME='resiprocate'
-PACKAGE_VERSION='1.9.0~beta1'
-PACKAGE_STRING='resiprocate 1.9.0~beta1'
+PACKAGE_VERSION='1.9.0~beta2'
+PACKAGE_STRING='resiprocate 1.9.0~beta2'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -646,6 +646,10 @@ BUILD_APPS_FALSE
BUILD_APPS_TRUE
BUILD_TFM_FALSE
BUILD_TFM_TRUE
+BUILD_REND_FALSE
+BUILD_REND_TRUE
+BUILD_REPRO_FALSE
+BUILD_REPRO_TRUE
LIBRADIUS_LIBADD
USE_RADIUS_CLIENT_FALSE
USE_RADIUS_CLIENT_TRUE
@@ -809,6 +813,9 @@ enable_pedantic_stack
with_mysql
with_geoip
with_radius
+with_freeradius
+with_repro
+with_rend
with_tfm
with_apps
with_ichat_gw
@@ -1369,7 +1376,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures resiprocate 1.9.0~beta1 to adapt to many kinds of systems.
+\`configure' configures resiprocate 1.9.0~beta2 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1439,7 +1446,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of resiprocate 1.9.0~beta1:";;
+ short | recursive ) echo "Configuration of resiprocate 1.9.0~beta2:";;
esac
cat <<\_ACEOF
@@ -1475,7 +1482,10 @@ Optional Packages:
--with-sigcomp Link against Open SigComp libraries for SigComp
--with-mysql Link against MySQL client libraries
--with-geoip Link against MaxMind GeoIP libraries
- --with-radius Link against RADIUS client libraries
+ --with-radius Link against RADIUS client libraries (ng)
+ --with-freeradius Link against FreeRADIUS client libraries
+ --with-repro Build repro, requires CAJUN and bdb
+ --with-rend Build rend
--with-tfm Build TFM, links against Netxx and cppunit
--with-apps Build apps, links against various things
--with-ichat-gw Build iChat gateway, links against gloox
@@ -1561,7 +1571,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-resiprocate configure 1.9.0~beta1
+resiprocate configure 1.9.0~beta2
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2104,7 +2114,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by resiprocate $as_me 1.9.0~beta1, which was
+It was created by resiprocate $as_me 1.9.0~beta2, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2932,7 +2942,7 @@ fi
# Define the identity of the package.
PACKAGE='resiprocate'
- VERSION='1.9.0~beta1'
+ VERSION='1.9.0~beta2'
cat >>confdefs.h <<_ACEOF
@@ -16025,6 +16035,88 @@ else
fi
+# Check whether --with-freeradius was given.
+if test "${with_freeradius+set}" = set; then :
+ withval=$with_freeradius;
+cat >>confdefs.h <<_ACEOF
+#define USE_RADIUS_CLIENT /**/
+_ACEOF
+
+
+cat >>confdefs.h <<_ACEOF
+#define RESIP_HAVE_FREERADIUS_CLIENT /**/
+_ACEOF
+
+ LIBRADIUS_LIBADD="-lfreeradius-client"
+
+ if true; then
+ USE_RADIUS_CLIENT_TRUE=
+ USE_RADIUS_CLIENT_FALSE='#'
+else
+ USE_RADIUS_CLIENT_TRUE='#'
+ USE_RADIUS_CLIENT_FALSE=
+fi
+
+else
+ LIBRADIUS_LIBADD=""
+
+fi
+
+
+ if false; then
+ BUILD_REPRO_TRUE=
+ BUILD_REPRO_FALSE='#'
+else
+ BUILD_REPRO_TRUE='#'
+ BUILD_REPRO_FALSE=
+fi
+
+
+# Check whether --with-repro was given.
+if test "${with_repro+set}" = set; then :
+ withval=$with_repro;
+cat >>confdefs.h <<_ACEOF
+#define BUILD_REPRO /**/
+_ACEOF
+
+ if true; then
+ BUILD_REPRO_TRUE=
+ BUILD_REPRO_FALSE='#'
+else
+ BUILD_REPRO_TRUE='#'
+ BUILD_REPRO_FALSE=
+fi
+
+fi
+
+
+ if false; then
+ BUILD_REND_TRUE=
+ BUILD_REND_FALSE='#'
+else
+ BUILD_REND_TRUE='#'
+ BUILD_REND_FALSE=
+fi
+
+
+# Check whether --with-rend was given.
+if test "${with_rend+set}" = set; then :
+ withval=$with_rend;
+cat >>confdefs.h <<_ACEOF
+#define BUILD_REND /**/
+_ACEOF
+
+ if true; then
+ BUILD_REND_TRUE=
+ BUILD_REND_FALSE='#'
+else
+ BUILD_REND_TRUE='#'
+ BUILD_REND_FALSE=
+fi
+
+fi
+
+
if false; then
BUILD_TFM_TRUE=
BUILD_TFM_FALSE='#'
@@ -16805,6 +16897,26 @@ if test -z "${USE_RADIUS_CLIENT_TRUE}" && test -z "${USE_RADIUS_CLIENT_FALSE}";
as_fn_error $? "conditional \"USE_RADIUS_CLIENT\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
fi
+if test -z "${USE_RADIUS_CLIENT_TRUE}" && test -z "${USE_RADIUS_CLIENT_FALSE}"; then
+ as_fn_error $? "conditional \"USE_RADIUS_CLIENT\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_REPRO_TRUE}" && test -z "${BUILD_REPRO_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_REPRO\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_REPRO_TRUE}" && test -z "${BUILD_REPRO_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_REPRO\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_REND_TRUE}" && test -z "${BUILD_REND_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_REND\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_REND_TRUE}" && test -z "${BUILD_REND_FALSE}"; then
+ as_fn_error $? "conditional \"BUILD_REND\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
if test -z "${BUILD_TFM_TRUE}" && test -z "${BUILD_TFM_FALSE}"; then
as_fn_error $? "conditional \"BUILD_TFM\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
@@ -17246,7 +17358,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by resiprocate $as_me 1.9.0~beta1, which was
+This file was extended by resiprocate $as_me 1.9.0~beta2, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -17312,7 +17424,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-resiprocate config.status 1.9.0~beta1
+resiprocate config.status 1.9.0~beta2
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index 2b9d7be..827ef6f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,5 +1,5 @@
-AC_INIT(resiprocate,1.9.0~beta1)
+AC_INIT(resiprocate,1.9.0~beta2)
AC_CONFIG_SRCDIR(repro/repro.cxx)
SO_RELEASE=`echo $PACKAGE_VERSION | cut -f1,2 -d.`
@@ -211,11 +211,30 @@ AC_ARG_WITH(geoip,
AM_CONDITIONAL(USE_RADIUS_CLIENT, false)
AC_ARG_WITH(radius,
-[ --with-radius Link against RADIUS client libraries],
+[ --with-radius Link against RADIUS client libraries (ng)],
[AC_DEFINE_UNQUOTED(USE_RADIUS_CLIENT, , USE_RADIUS_CLIENT)
AC_SUBST(LIBRADIUS_LIBADD, "-lradiusclient-ng")
AM_CONDITIONAL(USE_RADIUS_CLIENT, true)],
[ AC_SUBST(LIBRADIUS_LIBADD, "")])
+AC_ARG_WITH(freeradius,
+[ --with-freeradius Link against FreeRADIUS client libraries],
+ [AC_DEFINE_UNQUOTED(USE_RADIUS_CLIENT, , USE_RADIUS_CLIENT)
+ AC_DEFINE_UNQUOTED(RESIP_HAVE_FREERADIUS_CLIENT, , RESIP_HAVE_FREERADIUS_CLIENT)
+ AC_SUBST(LIBRADIUS_LIBADD, "-lfreeradius-client")
+ AM_CONDITIONAL(USE_RADIUS_CLIENT, true)],
+ [ AC_SUBST(LIBRADIUS_LIBADD, "")])
+
+AM_CONDITIONAL(BUILD_REPRO, false)
+AC_ARG_WITH(repro,
+[ --with-repro Build repro, requires CAJUN and bdb],
+ [AC_DEFINE_UNQUOTED(BUILD_REPRO, , BUILD_REPRO)
+ AM_CONDITIONAL(BUILD_REPRO, true)], )
+
+AM_CONDITIONAL(BUILD_REND, false)
+AC_ARG_WITH(rend,
+[ --with-rend Build rend],
+ [AC_DEFINE_UNQUOTED(BUILD_REND, , BUILD_REND)
+ AM_CONDITIONAL(BUILD_REND, true)], )
AM_CONDITIONAL(BUILD_TFM, false)
AC_ARG_WITH(tfm,
diff --git a/reSIProcate_10_0.sln b/reSIProcate_10_0.sln
index 7ec21e7..d85efec 100644
--- a/reSIProcate_10_0.sln
+++ b/reSIProcate_10_0.sln
@@ -17,6 +17,9 @@ EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pcre", "contrib\pcre\pcre_10_0.vcxproj", "{B933F895-8EFB-4FDD-A46D-09B8C00D1D26}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "repro", "repro\repro_10_0.vcxproj", "{9D8D2649-213F-49D3-A8B0-C1849C611654}"
+ ProjectSection(ProjectDependencies) = postProject
+ {AD07B52E-85B4-0EDF-F68C-43089397658D} = {AD07B52E-85B4-0EDF-F68C-43089397658D}
+ EndProjectSection
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "resip_test", "resip\stack\test\test_10_0.vcxproj", "{16CD976A-5D3B-4329-88BA-A32560CDFCC5}"
EndProject
@@ -26,7 +29,7 @@ Project("{54435603-DBB4-11D2-8724-00A0C9A8B90C}") = "ReproSetup", "repro\WinSetu
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "reprolib", "repro\reprolib_10_0.vcxproj", "{31B0654F-E08E-405F-909F-80F86CB14B9E}"
EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "popt", "contrib\popt\popt_10_0.vcxproj", "{22028BD0-E552-7D2A-57D6-729BE51DEED7}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "popt", "contrib\popt\popt_10_0.vcxproj", "{AD07B52E-85B4-0EDF-F68C-43089397658D}"
EndProject
Project("{54435603-DBB4-11D2-8724-00A0C9A8B90C}") = "ReproSetupx64", "repro\WinSetupx64\Setupx64_10_0.vdproj", "{91601068-BE73-4BE9-8030-143F4620E907}"
EndProject
@@ -261,22 +264,22 @@ Global
{31B0654F-E08E-405F-909F-80F86CB14B9E}.SSL-Release|Win32.Build.0 = SSL-Release|Win32
{31B0654F-E08E-405F-909F-80F86CB14B9E}.SSL-Release|x64.ActiveCfg = SSL-Release|x64
{31B0654F-E08E-405F-909F-80F86CB14B9E}.SSL-Release|x64.Build.0 = SSL-Release|x64
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.Debug|Win32.ActiveCfg = Debug|Win32
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.Debug|Win32.Build.0 = Debug|Win32
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.Debug|x64.ActiveCfg = Debug|x64
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.Debug|x64.Build.0 = Debug|x64
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.Release|Win32.ActiveCfg = Release|Win32
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.Release|Win32.Build.0 = Release|Win32
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.Release|x64.ActiveCfg = Release|x64
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.Release|x64.Build.0 = Release|x64
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.SSL-Debug|Win32.ActiveCfg = SSL-Debug|Win32
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.SSL-Debug|Win32.Build.0 = SSL-Debug|Win32
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.SSL-Debug|x64.ActiveCfg = SSL-Debug|x64
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.SSL-Debug|x64.Build.0 = SSL-Debug|x64
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.SSL-Release|Win32.ActiveCfg = SSL-Release|Win32
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.SSL-Release|Win32.Build.0 = SSL-Release|Win32
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.SSL-Release|x64.ActiveCfg = SSL-Release|x64
- {22028BD0-E552-7D2A-57D6-729BE51DEED7}.SSL-Release|x64.Build.0 = SSL-Release|x64
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.Debug|Win32.ActiveCfg = Debug|Win32
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.Debug|Win32.Build.0 = Debug|Win32
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.Debug|x64.ActiveCfg = Debug|x64
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.Debug|x64.Build.0 = Debug|x64
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.Release|Win32.ActiveCfg = Release|Win32
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.Release|Win32.Build.0 = Release|Win32
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.Release|x64.ActiveCfg = Release|x64
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.Release|x64.Build.0 = Release|x64
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.SSL-Debug|Win32.ActiveCfg = SSL-Debug|Win32
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.SSL-Debug|Win32.Build.0 = SSL-Debug|Win32
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.SSL-Debug|x64.ActiveCfg = SSL-Debug|x64
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.SSL-Debug|x64.Build.0 = SSL-Debug|x64
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.SSL-Release|Win32.ActiveCfg = SSL-Release|Win32
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.SSL-Release|Win32.Build.0 = SSL-Release|Win32
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.SSL-Release|x64.ActiveCfg = SSL-Release|x64
+ {AD07B52E-85B4-0EDF-F68C-43089397658D}.SSL-Release|x64.Build.0 = SSL-Release|x64
{91601068-BE73-4BE9-8030-143F4620E907}.Debug|Win32.ActiveCfg = Debug
{91601068-BE73-4BE9-8030-143F4620E907}.Debug|x64.ActiveCfg = Debug
{91601068-BE73-4BE9-8030-143F4620E907}.Debug|x64.Build.0 = Debug
diff --git a/reTurn/AsyncUdpSocketBase.cxx b/reTurn/AsyncUdpSocketBase.cxx
index 8f107c5..186dbb5 100644
--- a/reTurn/AsyncUdpSocketBase.cxx
+++ b/reTurn/AsyncUdpSocketBase.cxx
@@ -35,6 +35,15 @@ AsyncUdpSocketBase::bind(const asio::ip::address& address, unsigned short port)
mSocket.open(address.is_v6() ? asio::ip::udp::v6() : asio::ip::udp::v4(), errorCode);
if(!errorCode)
{
+#ifdef USE_IPV6
+#ifdef __linux__
+ if(address.is_v6())
+ {
+ asio::ip::v6_only v6_opt(true);
+ mSocket.set_option(v6_opt);
+ }
+#endif
+#endif
mSocket.set_option(asio::ip::udp::socket::reuse_address(true), errorCode);
mSocket.set_option(asio::socket_base::receive_buffer_size(66560));
//mSocket.set_option(asio::socket_base::send_buffer_size(66560));
diff --git a/reTurn/ReTurnConfig.cxx b/reTurn/ReTurnConfig.cxx
index 93b1aaa..1c21eff 100644
--- a/reTurn/ReTurnConfig.cxx
+++ b/reTurn/ReTurnConfig.cxx
@@ -21,6 +21,7 @@ ReTurnConfig::ReTurnConfig() :
mTlsTurnPort(5349),
mAltStunPort(0), // Note: The default is to disable RFC3489 binding support
mTurnAddress(asio::ip::address::from_string("0.0.0.0")),
+ mTurnV6Address(asio::ip::address::from_string("::0")),
mAltStunAddress(asio::ip::address::from_string("0.0.0.0")),
mAuthenticationRealm("reTurn"),
mNonceLifetime(3600), // 1 hour - at least 1 hours is recommended by the RFC
@@ -51,6 +52,7 @@ void ReTurnConfig::parseConfig(int argc, char** argv, const resip::Data& default
mTlsTurnPort = getConfigUnsignedShort("TlsTurnPort", mTlsTurnPort);
mAltStunPort = getConfigUnsignedShort("AltStunPort", mAltStunPort);
mTurnAddress = asio::ip::address::from_string(getConfigData("TurnAddress", "0.0.0.0").c_str());
+ mTurnV6Address = asio::ip::address::from_string(getConfigData("TurnV6Address", "::0").c_str());
mAltStunAddress = asio::ip::address::from_string(getConfigData("AltStunAddress", "0.0.0.0").c_str());
mAuthenticationRealm = getConfigData("AuthenticationRealm", mAuthenticationRealm);
mNonceLifetime = getConfigUnsignedLong("NonceLifetime", mNonceLifetime);
diff --git a/reTurn/ReTurnConfig.hxx b/reTurn/ReTurnConfig.hxx
index 3eac225..c0685a4 100644
--- a/reTurn/ReTurnConfig.hxx
+++ b/reTurn/ReTurnConfig.hxx
@@ -48,6 +48,7 @@ public:
unsigned short mTlsTurnPort;
unsigned short mAltStunPort;
asio::ip::address mTurnAddress;
+ asio::ip::address mTurnV6Address;
asio::ip::address mAltStunAddress;
resip::Data mAuthenticationRealm;
diff --git a/reTurn/TcpServer.cxx b/reTurn/TcpServer.cxx
index 6565030..fcc7004 100644
--- a/reTurn/TcpServer.cxx
+++ b/reTurn/TcpServer.cxx
@@ -20,6 +20,15 @@ TcpServer::TcpServer(asio::io_service& ioService, RequestHandler& requestHandler
mAcceptor.open(endpoint.protocol());
mAcceptor.set_option(asio::ip::tcp::acceptor::reuse_address(true));
+#ifdef USE_IPV6
+#ifdef __linux__
+ if(address.is_v6())
+ {
+ asio::ip::v6_only v6_opt(true);
+ mAcceptor.set_option(v6_opt);
+ }
+#endif
+#endif
mAcceptor.bind(endpoint);
mAcceptor.listen();
diff --git a/reTurn/TlsServer.cxx b/reTurn/TlsServer.cxx
index cc91d9e..9fad0e8 100644
--- a/reTurn/TlsServer.cxx
+++ b/reTurn/TlsServer.cxx
@@ -52,6 +52,15 @@ TlsServer::TlsServer(asio::io_service& ioService, RequestHandler& requestHandler
mAcceptor.open(endpoint.protocol());
mAcceptor.set_option(asio::ip::tcp::acceptor::reuse_address(true));
+#ifdef USE_IPV6
+#ifdef __linux__
+ if(address.is_v6())
+ {
+ asio::ip::v6_only v6_opt(true);
+ mAcceptor.set_option(v6_opt);
+ }
+#endif
+#endif
mAcceptor.bind(endpoint);
mAcceptor.listen();
diff --git a/reTurn/reTurnServer.config b/reTurn/reTurnServer.config
index 0559c76..912a3fa 100644
--- a/reTurn/reTurnServer.config
+++ b/reTurn/reTurnServer.config
@@ -15,6 +15,12 @@
# a valid IP address from a local NIC here.
TurnAddress = 0.0.0.0
+# Local IPv6 Address to bind base STUN/TURN transports to.
+# Note: This is the IP Address that IPv6 clients should be configured to
+# send STUN/TURN traffic to.
+# Not currently supported with RFC3489 backwards compatability
+TurnV6Address = ::0
+
# Local UDP/TCP Port to bind base STUN/TURN transports to.
# Note: This is the port that clients should be configured to
# send STUN/TURN traffic over UDP and TCP.
diff --git a/reTurn/reTurnServer.cxx b/reTurn/reTurnServer.cxx
index 536979f..9211cdf 100644
--- a/reTurn/reTurnServer.cxx
+++ b/reTurn/reTurnServer.cxx
@@ -97,6 +97,12 @@ reTurn::ReTurnServerProcess::main(int argc, char* argv[])
boost::shared_ptr<reTurn::UdpServer> a2p1StunUdpServer;
boost::shared_ptr<reTurn::UdpServer> a2p2StunUdpServer;
+#ifdef USE_IPV6
+ boost::shared_ptr<reTurn::UdpServer> udpV6TurnServer;
+ boost::shared_ptr<reTurn::TcpServer> tcpV6TurnServer;
+ boost::shared_ptr<reTurn::TlsServer> tlsV6TurnServer;
+#endif
+
// The one and only RequestHandler - if altStunPort is non-zero, then assume RFC3489 support is enabled and pass settings to request handler
reTurn::RequestHandler requestHandler(turnManager,
reTurnConfig.mAltStunPort != 0 ? &reTurnConfig.mTurnAddress : 0,
@@ -108,6 +114,12 @@ reTurn::ReTurnServerProcess::main(int argc, char* argv[])
tcpTurnServer.reset(new reTurn::TcpServer(ioService, requestHandler, reTurnConfig.mTurnAddress, reTurnConfig.mTurnPort));
tlsTurnServer.reset(new reTurn::TlsServer(ioService, requestHandler, reTurnConfig.mTurnAddress, reTurnConfig.mTlsTurnPort));
+#ifdef USE_IPV6
+ udpV6TurnServer.reset(new reTurn::UdpServer(ioService, requestHandler, reTurnConfig.mTurnV6Address, reTurnConfig.mTurnPort));
+ tcpV6TurnServer.reset(new reTurn::TcpServer(ioService, requestHandler, reTurnConfig.mTurnV6Address, reTurnConfig.mTurnPort));
+ tlsV6TurnServer.reset(new reTurn::TlsServer(ioService, requestHandler, reTurnConfig.mTurnV6Address, reTurnConfig.mTlsTurnPort));
+#endif
+
if(reTurnConfig.mAltStunPort != 0) // if alt stun port is non-zero, then RFC3489 support is enabled
{
a1p2StunUdpServer.reset(new reTurn::UdpServer(ioService, requestHandler, reTurnConfig.mTurnAddress, reTurnConfig.mAltStunPort));
@@ -126,6 +138,12 @@ reTurn::ReTurnServerProcess::main(int argc, char* argv[])
tcpTurnServer->start();
tlsTurnServer->start();
+#ifdef USE_IPV6
+ udpV6TurnServer->start();
+ tcpV6TurnServer->start();
+ tlsV6TurnServer->start();
+#endif
+
// Drop privileges (can do this now that sockets are bound)
if(!reTurnConfig.mRunAsUser.empty())
{
diff --git a/resip/stack/WsTransport.cxx b/repro/BasicWsConnectionValidator.cxx
similarity index 57%
copy from resip/stack/WsTransport.cxx
copy to repro/BasicWsConnectionValidator.cxx
index db3b142..76fab45 100644
--- a/resip/stack/WsTransport.cxx
+++ b/repro/BasicWsConnectionValidator.cxx
@@ -1,54 +1,58 @@
+
#if defined(HAVE_CONFIG_H)
-#include "config.h"
+ #include "config.h"
#endif
-#include <memory>
-#include "rutil/compat.hxx"
-#include "rutil/Data.hxx"
-#include "rutil/Socket.hxx"
+#include "repro/BasicWsConnectionValidator.hxx"
+#include "resip/stack/Cookie.hxx"
+#include "resip/stack/WsCookieContext.hxx"
+#include "rutil/ParseBuffer.hxx"
+#include "rutil/stun/Stun.hxx"
#include "rutil/Logger.hxx"
-#include "resip/stack/WsTransport.hxx"
-#include "resip/stack/TcpConnection.hxx"
-#include "rutil/WinLeakCheck.hxx"
-#define RESIPROCATE_SUBSYSTEM Subsystem::TRANSPORT
+#include <time.h>
-using namespace std;
-using namespace resip;
+#define RESIPROCATE_SUBSYSTEM resip::Subsystem::REPRO
-WsTransport::WsTransport(Fifo<TransactionMessage>& fifo, int portNum,
- IpVersion version, const Data& pinterface,
- AfterSocketCreationFuncPtr socketFunc,
- Compression &compression,
- unsigned transportFlags)
-: TcpBaseTransport(fifo, portNum, version, pinterface, socketFunc, compression, transportFlags)
-{
- mTuple.setType(WS);
-
- init();
+using namespace resip;
+using namespace repro;
+using namespace std;
- InfoLog (<< "Creating WS transport host=" << pinterface
- << " port=" << mTuple.getPort()
- << " ipv4=" << bool(version==V4) );
- mTxFifo.setDescription("WsTransport::mTxFifo");
+BasicWsConnectionValidator::BasicWsConnectionValidator(const Data& wsCookieAuthSharedSecret)
+ : mWsCookieAuthSharedSecret(wsCookieAuthSharedSecret)
+{
}
-WsTransport::~WsTransport()
+BasicWsConnectionValidator::~BasicWsConnectionValidator()
{
}
-Connection*
-WsTransport::createConnection(const Tuple& who, Socket fd, bool server)
+bool BasicWsConnectionValidator::validateConnection(const resip::WsCookieContext& wsCookieContext)
{
- assert(this);
- Connection* conn = new TcpConnection(this,who, fd, mCompression);
- return conn;
+ Data message = wsCookieContext.getWsSessionInfo() + ':' + wsCookieContext.getWsSessionExtra();
+ unsigned char hmac[20];
+ computeHmac((char*)hmac, message.data(), message.size(), mWsCookieAuthSharedSecret.data(), mWsCookieAuthSharedSecret.size());
+
+ if(strncasecmp(wsCookieContext.getWsSessionMAC().data(), Data(hmac, 20).hex().data(), 40) != 0)
+ {
+ WarningLog(<< "Cookie MAC validation failed");
+ return false;
+ }
+
+ if(difftime(wsCookieContext.getExpiresTime(), time(NULL)) < 0)
+ {
+ WarningLog(<< "Received expired cookie");
+ return false;
+ }
+
+ return true;
}
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -80,6 +84,4 @@ WsTransport::createConnection(const Tuple& who, Socket fd, bool server)
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/WsTransport.hxx b/repro/BasicWsConnectionValidator.hxx
similarity index 67%
copy from resip/stack/WsTransport.hxx
copy to repro/BasicWsConnectionValidator.hxx
index d97bc4c..5c1e24a 100644
--- a/resip/stack/WsTransport.hxx
+++ b/repro/BasicWsConnectionValidator.hxx
@@ -1,41 +1,36 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#if !defined(REPRO_BASICWSCONNECTIONVALIDATOR_HXX)
+#define REPRO_BASICWSCONNECTIONVALIDATOR_HXX
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#include "resip/stack/WsConnectionValidator.hxx"
+#include "resip/stack/Cookie.hxx"
+#include "rutil/Data.hxx"
-namespace resip
-{
+using namespace resip;
-class Connection;
-class Message;
-class Security;
+namespace repro
+{
-class WsTransport : public TcpBaseTransport
+class BasicWsConnectionValidator: public WsConnectionValidator
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
-};
+ BasicWsConnectionValidator(const Data& wsCookieAuthSharedSecret);
+ virtual ~BasicWsConnectionValidator();
-}
+ virtual bool validateConnection(const resip::WsCookieContext& wsCookieContext);
+ private:
+ Data mWsCookieAuthSharedSecret;
+};
+
+}
#endif
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +62,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/repro/Makefile.am b/repro/Makefile.am
index 4ebad80..9b0c85c 100644
--- a/repro/Makefile.am
+++ b/repro/Makefile.am
@@ -50,6 +50,7 @@ librepro_la_SOURCES = \
Store.cxx \
AbstractDb.cxx \
BerkeleyDb.cxx \
+ BasicWsConnectionValidator.cxx \
\
CommandServer.cxx \
CommandServerThread.cxx \
@@ -84,6 +85,7 @@ librepro_la_SOURCES = \
\
monkeys/CertificateAuthenticator.cxx \
monkeys/DigestAuthenticator.cxx \
+ monkeys/CookieAuthenticator.cxx \
monkeys/StrictRouteFixup.cxx \
monkeys/AmIResponsible.cxx \
monkeys/IsTrustedNode.cxx \
@@ -108,6 +110,7 @@ nobase_reproinclude_HEADERS = AbstractDb.hxx \
AsyncProcessorMessage.hxx \
AsyncProcessorWorker.hxx \
BerkeleyDb.hxx \
+ BasicWsConnectionValidator.hxx \
CommandServer.hxx \
CommandServerThread.hxx \
ConfigStore.hxx \
@@ -118,6 +121,7 @@ nobase_reproinclude_HEADERS = AbstractDb.hxx \
HttpConnection.hxx \
monkeys/AmIResponsible.hxx \
monkeys/CertificateAuthenticator.hxx \
+ monkeys/CookieAuthenticator.hxx \
monkeys/ConstantLocationMonkey.hxx \
monkeys/DigestAuthenticator.hxx \
monkeys/GruuMonkey.hxx \
diff --git a/repro/Makefile.in b/repro/Makefile.in
index 5844229..5f25acb 100644
--- a/repro/Makefile.in
+++ b/repro/Makefile.in
@@ -118,18 +118,20 @@ librepro_la_DEPENDENCIES = ../resip/dum/libdum.la \
am__librepro_la_SOURCES_DIST = RouteStore.cxx UserStore.cxx \
ConfigStore.cxx AclStore.cxx StaticRegStore.cxx \
FilterStore.cxx SiloStore.cxx Store.cxx AbstractDb.cxx \
- BerkeleyDb.cxx CommandServer.cxx CommandServerThread.cxx \
- ProxyConfig.cxx ReproVersion.cxx HttpBase.cxx \
- HttpConnection.cxx WebAdmin.cxx WebAdminThread.cxx \
- AccountingCollector.cxx Proxy.cxx Registrar.cxx \
- RegSyncClient.cxx RegSyncServer.cxx RegSyncServerThread.cxx \
- ReproRunner.cxx ReproServerAuthManager.cxx RequestContext.cxx \
+ BerkeleyDb.cxx BasicWsConnectionValidator.cxx \
+ CommandServer.cxx CommandServerThread.cxx ProxyConfig.cxx \
+ ReproVersion.cxx HttpBase.cxx HttpConnection.cxx WebAdmin.cxx \
+ WebAdminThread.cxx AccountingCollector.cxx Proxy.cxx \
+ Registrar.cxx RegSyncClient.cxx RegSyncServer.cxx \
+ RegSyncServerThread.cxx ReproRunner.cxx \
+ ReproServerAuthManager.cxx RequestContext.cxx \
ResponseContext.cxx RRDecorator.cxx Processor.cxx \
ProcessorChain.cxx Target.cxx WorkerThread.cxx \
XmlRpcConnection.cxx XmlRpcServerBase.cxx Dispatcher.cxx \
OutboundTarget.cxx PersistentMessageQueue.cxx QValueTarget.cxx \
monkeys/CertificateAuthenticator.cxx \
- monkeys/DigestAuthenticator.cxx monkeys/StrictRouteFixup.cxx \
+ monkeys/DigestAuthenticator.cxx \
+ monkeys/CookieAuthenticator.cxx monkeys/StrictRouteFixup.cxx \
monkeys/AmIResponsible.cxx monkeys/IsTrustedNode.cxx \
monkeys/ConstantLocationMonkey.cxx monkeys/LocationServer.cxx \
monkeys/OutboundTargetHandler.cxx \
@@ -149,7 +151,8 @@ am__librepro_la_SOURCES_DIST = RouteStore.cxx UserStore.cxx \
@USE_MYSQL_TRUE at am__objects_2 = MySqlDb.lo
am_librepro_la_OBJECTS = RouteStore.lo UserStore.lo ConfigStore.lo \
AclStore.lo StaticRegStore.lo FilterStore.lo SiloStore.lo \
- Store.lo AbstractDb.lo BerkeleyDb.lo CommandServer.lo \
+ Store.lo AbstractDb.lo BerkeleyDb.lo \
+ BasicWsConnectionValidator.lo CommandServer.lo \
CommandServerThread.lo ProxyConfig.lo ReproVersion.lo \
HttpBase.lo HttpConnection.lo WebAdmin.lo WebAdminThread.lo \
AccountingCollector.lo Proxy.lo Registrar.lo RegSyncClient.lo \
@@ -159,8 +162,9 @@ am_librepro_la_OBJECTS = RouteStore.lo UserStore.lo ConfigStore.lo \
WorkerThread.lo XmlRpcConnection.lo XmlRpcServerBase.lo \
Dispatcher.lo OutboundTarget.lo PersistentMessageQueue.lo \
QValueTarget.lo CertificateAuthenticator.lo \
- DigestAuthenticator.lo StrictRouteFixup.lo AmIResponsible.lo \
- IsTrustedNode.lo ConstantLocationMonkey.lo LocationServer.lo \
+ DigestAuthenticator.lo CookieAuthenticator.lo \
+ StrictRouteFixup.lo AmIResponsible.lo IsTrustedNode.lo \
+ ConstantLocationMonkey.lo LocationServer.lo \
OutboundTargetHandler.lo RecursiveRedirect.lo \
SimpleStaticRoute.lo StaticRoute.lo QValueTargetHandler.lo \
SimpleTargetHandler.lo GeoProximityTargetSorter.lo \
@@ -393,7 +397,8 @@ librepro_la_LIBADD = -ldb_cxx ../resip/dum/libdum.la \
$(am__append_3) $(am__append_4)
librepro_la_SOURCES = RouteStore.cxx UserStore.cxx ConfigStore.cxx \
AclStore.cxx StaticRegStore.cxx FilterStore.cxx SiloStore.cxx \
- Store.cxx AbstractDb.cxx BerkeleyDb.cxx CommandServer.cxx \
+ Store.cxx AbstractDb.cxx BerkeleyDb.cxx \
+ BasicWsConnectionValidator.cxx CommandServer.cxx \
CommandServerThread.cxx ProxyConfig.cxx ReproVersion.cxx \
HttpBase.cxx HttpConnection.cxx WebAdmin.cxx \
WebAdminThread.cxx AccountingCollector.cxx Proxy.cxx \
@@ -405,7 +410,8 @@ librepro_la_SOURCES = RouteStore.cxx UserStore.cxx ConfigStore.cxx \
XmlRpcConnection.cxx XmlRpcServerBase.cxx Dispatcher.cxx \
OutboundTarget.cxx PersistentMessageQueue.cxx QValueTarget.cxx \
monkeys/CertificateAuthenticator.cxx \
- monkeys/DigestAuthenticator.cxx monkeys/StrictRouteFixup.cxx \
+ monkeys/DigestAuthenticator.cxx \
+ monkeys/CookieAuthenticator.cxx monkeys/StrictRouteFixup.cxx \
monkeys/AmIResponsible.cxx monkeys/IsTrustedNode.cxx \
monkeys/ConstantLocationMonkey.cxx monkeys/LocationServer.cxx \
monkeys/OutboundTargetHandler.cxx \
@@ -423,6 +429,7 @@ nobase_reproinclude_HEADERS = AbstractDb.hxx \
AsyncProcessorMessage.hxx \
AsyncProcessorWorker.hxx \
BerkeleyDb.hxx \
+ BasicWsConnectionValidator.hxx \
CommandServer.hxx \
CommandServerThread.hxx \
ConfigStore.hxx \
@@ -433,6 +440,7 @@ nobase_reproinclude_HEADERS = AbstractDb.hxx \
HttpConnection.hxx \
monkeys/AmIResponsible.hxx \
monkeys/CertificateAuthenticator.hxx \
+ monkeys/CookieAuthenticator.hxx \
monkeys/ConstantLocationMonkey.hxx \
monkeys/DigestAuthenticator.hxx \
monkeys/GruuMonkey.hxx \
@@ -618,6 +626,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/AccountingCollector.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/AclStore.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/AmIResponsible.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/BasicWsConnectionValidator.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/BerkeleyDb.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/CertPublicationHandler.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/CertServer.Plo at am__quote@
@@ -627,6 +636,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/CommandServerThread.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ConfigStore.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ConstantLocationMonkey.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/CookieAuthenticator.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/DigestAuthenticator.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/Dispatcher.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/FilterStore.Plo at am__quote@
@@ -712,6 +722,13 @@ DigestAuthenticator.lo: monkeys/DigestAuthenticator.cxx
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o DigestAuthenticator.lo `test -f 'monkeys/DigestAuthenticator.cxx' || echo '$(srcdir)/'`monkeys/DigestAuthenticator.cxx
+CookieAuthenticator.lo: monkeys/CookieAuthenticator.cxx
+ at am__fastdepCXX_TRUE@ $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT CookieAuthenticator.lo -MD -MP -MF $(DEPDIR)/CookieAuthenticator.Tpo -c -o CookieAuthenticator.lo `test -f 'monkeys/CookieAuthenticator.cxx' || echo '$(srcdir)/'`monkeys/CookieAuthenticator.cxx
+ at am__fastdepCXX_TRUE@ $(am__mv) $(DEPDIR)/CookieAuthenticator.Tpo $(DEPDIR)/CookieAuthenticator.Plo
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ source='monkeys/CookieAuthenticator.cxx' object='CookieAuthenticator.lo' libtool=yes @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o CookieAuthenticator.lo `test -f 'monkeys/CookieAuthenticator.cxx' || echo '$(srcdir)/'`monkeys/CookieAuthenticator.cxx
+
StrictRouteFixup.lo: monkeys/StrictRouteFixup.cxx
@am__fastdepCXX_TRUE@ $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT StrictRouteFixup.lo -MD -MP -MF $(DEPDIR)/StrictRouteFixup.Tpo -c -o StrictRouteFixup.lo `test -f 'monkeys/StrictRouteFixup.cxx' || echo '$(srcdir)/'`monkeys/StrictRouteFixup.cxx
@am__fastdepCXX_TRUE@ $(am__mv) $(DEPDIR)/StrictRouteFixup.Tpo $(DEPDIR)/StrictRouteFixup.Plo
diff --git a/repro/ReproRunner.cxx b/repro/ReproRunner.cxx
index 542b2f1..5fb4fa0 100644
--- a/repro/ReproRunner.cxx
+++ b/repro/ReproRunner.cxx
@@ -24,6 +24,7 @@
#include "resip/dum/DialogUsageManager.hxx"
#include "resip/dum/DumThread.hxx"
#include "resip/dum/TlsPeerAuthManager.hxx"
+#include "resip/dum/WsCookieAuthManager.hxx"
#include "repro/AsyncProcessorWorker.hxx"
#include "repro/ReproRunner.hxx"
@@ -43,6 +44,8 @@
#include "repro/RegSyncServerThread.hxx"
#include "repro/CommandServer.hxx"
#include "repro/CommandServerThread.hxx"
+#include "repro/BasicWsConnectionValidator.hxx"
+#include "repro/monkeys/CookieAuthenticator.hxx"
#include "repro/monkeys/IsTrustedNode.hxx"
#include "repro/monkeys/AmIResponsible.hxx"
#include "repro/monkeys/DigestAuthenticator.hxx"
@@ -424,14 +427,15 @@ ReproRunner::createSipStack()
Security* security = 0;
Compression* compression = 0;
#ifdef USE_SSL
-#ifdef WIN32
- Data certPath("C:\\sipCerts");
-#else
- Data certPath(getenv("HOME"));
- certPath += "/.sipCerts";
-#endif
- mProxyConfig->getConfigValue("CertificatePath", certPath);
- security = new Security(certPath);
+ Data certPath = mProxyConfig->getConfigData("CertificatePath", "");
+ if(certPath.empty())
+ {
+ security = new Security();
+ }
+ else
+ {
+ security = new Security(certPath);
+ }
Data caDir;
mProxyConfig->getConfigValue("CADirectory", caDir);
if(!caDir.empty())
@@ -751,6 +755,8 @@ ReproRunner::createDialogUsageManager()
#endif
}
+ mSipAuthDisabled = mProxyConfig->getConfigBool("DisableAuth", false);
+
if (mDum)
{
bool enableCertAuth = mProxyConfig->getConfigBool("EnableCertificateAuthenticator", false);
@@ -768,7 +774,12 @@ ReproRunner::createDialogUsageManager()
mDum->addIncomingFeature(certAuth);
}
- mSipAuthDisabled = mProxyConfig->getConfigBool("DisableAuth", false);
+ Data wsCookieAuthSharedSecret = mProxyConfig->getConfigData("WSCookieAuthSharedSecret", "");
+ if(mSipAuthDisabled && !wsCookieAuthSharedSecret.empty())
+ {
+ SharedPtr<WsCookieAuthManager> cookieAuth(new WsCookieAuthManager(*mDum, mDum->dumIncomingTarget()));
+ mDum->addIncomingFeature(cookieAuth);
+ }
// If Authentication is enabled, then configure DUM to authenticate requests
if (!mSipAuthDisabled)
@@ -1134,6 +1145,14 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
assert(mSipStack);
allTransportsSpecifyRecordRoute=false;
bool useEmailAsSIP = mProxyConfig->getConfigBool("TLSUseEmailAsSIP", false);
+
+ Data wsCookieAuthSharedSecret = mProxyConfig->getConfigData("WSCookieAuthSharedSecret", "");
+ SharedPtr<BasicWsConnectionValidator> basicWsConnectionValidator; // NULL
+ if(!wsCookieAuthSharedSecret.empty())
+ {
+ basicWsConnectionValidator.reset(new BasicWsConnectionValidator(wsCookieAuthSharedSecret));
+ }
+
try
{
// Check if advanced transport settings are provided
@@ -1147,6 +1166,8 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
// Transport1Interface = 192.168.1.106:5061
// Transport1Type = TLS
// Transport1TlsDomain = sipdomain.com
+ // Transport1TlsCertificate = /etc/ssl/crt/sipdomain.com.pem
+ // Transport1TlsPrivateKey = /etc/ssl/private/sipdomain.com.pem
// Transport1TlsClientVerification = None
// Transport1RecordRouteUri = sip:sipdomain.com;transport=TLS
// Transport1RcvBufLen = 2000
@@ -1158,6 +1179,8 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
{
Data typeSettingKey(settingKeyBase + "Type");
Data tlsDomainSettingKey(settingKeyBase + "TlsDomain");
+ Data tlsCertificateSettingKey(settingKeyBase + "TlsCertificate");
+ Data tlsPrivateKeySettingKey(settingKeyBase + "TlsPrivateKey");
Data tlsCVMSettingKey(settingKeyBase + "TlsClientVerification");
Data recordRouteUriSettingKey(settingKeyBase + "RecordRouteUri");
Data rcvBufSettingKey(settingKeyBase + "RcvBufLen");
@@ -1192,6 +1215,8 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
CritLog(<< "Unknown transport type found in " << typeSettingKey << " setting: " << mProxyConfig->getConfigData(typeSettingKey, "UDP"));
}
Data tlsDomain = mProxyConfig->getConfigData(tlsDomainSettingKey, "");
+ Data tlsCertificate = mProxyConfig->getConfigData(tlsCertificateSettingKey, "");
+ Data tlsPrivateKey = mProxyConfig->getConfigData(tlsPrivateKeySettingKey, "");
Data tlsCVMValue = mProxyConfig->getConfigData(tlsCVMSettingKey, "NONE");
SecurityTypes::TlsClientVerificationMode cvm = SecurityTypes::None;
if(isEqualNoCase(tlsCVMValue, "Optional"))
@@ -1206,6 +1231,25 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
{
CritLog(<< "Unknown TLS client verification mode found in " << tlsCVMSettingKey << " setting: " << tlsCVMValue);
}
+
+#ifdef USE_SSL
+ // Make sure certificate material available before trying to instantiate Transport
+ if(isSecure(tt))
+ {
+ Security* security = mSipStack->getSecurity();
+ assert(security != 0);
+ // FIXME: see comments about CertificatePath
+ if(!tlsCertificate.empty())
+ {
+ security->addDomainCertPEM(tlsDomain, Data::fromFile(tlsCertificate));
+ }
+ if(!tlsPrivateKey.empty())
+ {
+ security->addDomainPrivateKeyPEM(tlsDomain, Data::fromFile(tlsPrivateKey));
+ }
+ }
+#endif
+
int rcvBufLen = mProxyConfig->getConfigInt(rcvBufSettingKey, 0);
Transport *t = mSipStack->addTransport(tt,
port,
@@ -1217,7 +1261,8 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
SecurityTypes::TLSv1, // sslType
0, // transport flags
cvm, // tls client verification mode
- useEmailAsSIP);
+ useEmailAsSIP,
+ basicWsConnectionValidator);
if (t && rcvBufLen>0 )
{
@@ -1296,6 +1341,8 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
int wssPort = mProxyConfig->getConfigInt("WSSPort", 443);
int dtlsPort = mProxyConfig->getConfigInt("DTLSPort", 0);
Data tlsDomain = mProxyConfig->getConfigData("TLSDomainName", "");
+ Data tlsCertificate = mProxyConfig->getConfigData("TLSCertificate", "");
+ Data tlsPrivateKey = mProxyConfig->getConfigData("TLSPrivateKey", "");
Data tlsCVMValue = mProxyConfig->getConfigData("TLSClientVerification", "NONE");
SecurityTypes::TlsClientVerificationMode cvm = SecurityTypes::None;
if(isEqualNoCase(tlsCVMValue, "Optional"))
@@ -1311,6 +1358,27 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
CritLog(<< "Unknown TLS client verification mode found in TLSClientVerification setting: " << tlsCVMValue);
}
+#ifdef USE_SSL
+ // Make sure certificate material available before trying to instantiate Transport
+ if (tlsPort || wssPort || dtlsPort)
+ {
+ Security* security = mSipStack->getSecurity();
+ assert(security != 0);
+ // FIXME: should check that EITHER CertificatePath was set or both of these
+ // are supplied
+ // In any case, it will still give a helpful error when it fails to
+ // create the transport
+ if(!tlsCertificate.empty())
+ {
+ security->addDomainCertPEM(tlsDomain, Data::fromFile(tlsCertificate));
+ }
+ if(!tlsPrivateKey.empty())
+ {
+ security->addDomainPrivateKeyPEM(tlsDomain, Data::fromFile(tlsPrivateKey));
+ }
+ }
+#endif
+
if (udpPort)
{
if (mUseV4) mSipStack->addTransport(UDP, udpPort, V4, StunEnabled);
@@ -1328,13 +1396,13 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute)
}
if (wsPort)
{
- if (mUseV4) mSipStack->addTransport(WS, wsPort, V4, StunEnabled);
- if (mUseV6) mSipStack->addTransport(WS, wsPort, V6, StunEnabled);
+ if (mUseV4) mSipStack->addTransport(WS, wsPort, V4, StunEnabled, Data::Empty, Data::Empty, Data::Empty, SecurityTypes::NoSSL, 0, SecurityTypes::None, false, basicWsConnectionValidator);
+ if (mUseV6) mSipStack->addTransport(WS, wsPort, V6, StunEnabled, Data::Empty, Data::Empty, Data::Empty, SecurityTypes::NoSSL, 0, SecurityTypes::None, false, basicWsConnectionValidator);
}
if (wssPort)
{
- if (mUseV4) mSipStack->addTransport(WSS, wssPort, V4, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, cvm, useEmailAsSIP);
- if (mUseV6) mSipStack->addTransport(WSS, wssPort, V6, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, cvm, useEmailAsSIP);
+ if (mUseV4) mSipStack->addTransport(WSS, wssPort, V4, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, cvm, useEmailAsSIP, basicWsConnectionValidator);
+ if (mUseV6) mSipStack->addTransport(WSS, wssPort, V6, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, cvm, useEmailAsSIP, basicWsConnectionValidator);
}
if (dtlsPort)
{
@@ -1444,6 +1512,12 @@ ReproRunner::makeRequestProcessorChain(ProcessorChain& chain)
addProcessor(chain, std::auto_ptr<Processor>(new CertificateAuthenticator(*mProxyConfig, mSipStack, trustedPeers, true, mCommonNameMappings)));
}
+ Data wsCookieAuthSharedSecret = mProxyConfig->getConfigData("WSCookieAuthSharedSecret", "");
+ if(mSipAuthDisabled && !wsCookieAuthSharedSecret.empty())
+ {
+ addProcessor(chain, std::auto_ptr<Processor>(new CookieAuthenticator(wsCookieAuthSharedSecret, mSipStack)));
+ }
+
// Add digest authenticator monkey - if required
if (!mSipAuthDisabled)
{
diff --git a/repro/RequestContext.cxx b/repro/RequestContext.cxx
index 07f1419..002eee4 100644
--- a/repro/RequestContext.cxx
+++ b/repro/RequestContext.cxx
@@ -155,8 +155,7 @@ RequestContext::process(std::auto_ptr<resip::SipMessage> sipMessage)
Uri& requestUri = sip->header(h_RequestLine).uri();
if(requestUri.exists(resip::p_wsSrcIp) &&
requestUri.exists(resip::p_wsSrcPort) &&
- sip->getSource().getType() != resip::WS &&
- sip->getSource().getType() != resip::WSS)
+ !isWebSocket(sip->getSource().getType()))
{
requestUri.host() = requestUri.param(resip::p_wsSrcIp);
requestUri.remove(resip::p_wsSrcIp);
diff --git a/repro/monkeys/CookieAuthenticator.cxx b/repro/monkeys/CookieAuthenticator.cxx
new file mode 100644
index 0000000..acdfbe7
--- /dev/null
+++ b/repro/monkeys/CookieAuthenticator.cxx
@@ -0,0 +1,185 @@
+
+#if defined(HAVE_CONFIG_H)
+ #include "config.h"
+#endif
+
+#include "rutil/DnsUtil.hxx"
+#include "resip/stack/Message.hxx"
+#include "resip/stack/SipMessage.hxx"
+#include "resip/stack/Auth.hxx"
+#include "resip/stack/Helper.hxx"
+#include "rutil/Logger.hxx"
+#include "rutil/TransportType.hxx"
+#include "rutil/stun/Stun.hxx"
+
+#include "repro/monkeys/CookieAuthenticator.hxx"
+#include "repro/monkeys/IsTrustedNode.hxx"
+#include "repro/RequestContext.hxx"
+#include "repro/Proxy.hxx"
+#include "repro/UserInfoMessage.hxx"
+#include "repro/UserStore.hxx"
+#include "repro/Dispatcher.hxx"
+#include "resip/stack/SipStack.hxx"
+#include "rutil/ParseBuffer.hxx"
+#include "rutil/WinLeakCheck.hxx"
+
+#include <time.h>
+
+#define RESIPROCATE_SUBSYSTEM resip::Subsystem::REPRO
+
+using namespace resip;
+using namespace repro;
+using namespace std;
+
+
+CookieAuthenticator::CookieAuthenticator(const Data& wsCookieAuthSharedSecret,
+ resip::SipStack* stack) :
+ Processor("CookieAuthenticator")
+{
+}
+
+CookieAuthenticator::~CookieAuthenticator()
+{
+}
+
+repro::Processor::processor_action_t
+CookieAuthenticator::process(repro::RequestContext &rc)
+{
+ DebugLog(<< "Monkey handling request: " << *this << "; reqcontext = " << rc);
+
+ Message *message = rc.getCurrentEvent();
+
+ SipMessage *sipMessage = dynamic_cast<SipMessage*>(message);
+ Proxy &proxy = rc.getProxy();
+
+ if (sipMessage)
+ {
+ // Only check message coming over WebSockets
+ if(!isWebSocket(sipMessage->getReceivedTransport()->transport()))
+ {
+ return Continue;
+ }
+
+ if (sipMessage->method() == ACK ||
+ sipMessage->method() == BYE)
+ {
+ return Continue;
+ }
+
+ if(!sipMessage->header(h_From).isWellFormed() ||
+ sipMessage->header(h_From).isAllContacts() )
+ {
+ InfoLog(<<"Malformed From header: cannot verify against cookie. Rejecting.");
+ rc.sendResponse(*auto_ptr<SipMessage>
+ (Helper::makeResponse(*sipMessage, 400, "Malformed From header")));
+ return SkipAllChains;
+ }
+
+ const CookieList &cookieList = sipMessage->getWsCookies();
+ const WsCookieContext &wsCookieContext = sipMessage->getWsCookieContext();
+ if (proxy.isMyDomain(sipMessage->header(h_From).uri().host()))
+ {
+ if(authorizedForThisIdentity(sipMessage->header(h_RequestLine).method(), wsCookieContext, sipMessage->header(h_From).uri(), sipMessage->header(h_To).uri()))
+ {
+ return Continue;
+ }
+ rc.sendResponse(*auto_ptr<SipMessage>
+ (Helper::makeResponse(*sipMessage, 403, "Authentication against cookie failed")));
+ return SkipAllChains;
+ }
+ else
+ {
+ rc.sendResponse(*auto_ptr<SipMessage>
+ (Helper::makeResponse(*sipMessage, 403, "Authentication against cookie failed")));
+ return SkipAllChains;
+ }
+ }
+
+ return Continue;
+}
+
+bool
+CookieAuthenticator::cookieUriMatch(const resip::Uri &first, const resip::Uri &second)
+{
+ return(
+ (isEqualNoCase(first.user(), second.user()) || first.user() == "*") &&
+ (isEqualNoCase(first.host(), second.host()) || first.host() == "*")
+ );
+}
+
+bool
+CookieAuthenticator::authorizedForThisIdentity(const MethodTypes method,
+ const WsCookieContext& wsCookieContext,
+ resip::Uri &fromUri,
+ resip::Uri &toUri)
+{
+ if(difftime(wsCookieContext.getExpiresTime(), time(NULL)) < 0)
+ {
+ WarningLog(<< "Received expired cookie");
+ return false;
+ }
+
+ Uri wsFromUri = wsCookieContext.getWsFromUri();
+ Uri wsDestUri = wsCookieContext.getWsDestUri();
+ if(cookieUriMatch(wsFromUri, fromUri))
+ {
+ DebugLog(<< "Matched cookie source URI field" << wsFromUri << " against request From header field URI " << fromUri);
+ // When registering, "From" URI == "To" URI, so we can ignore the
+ // "To" URI restriction from the cookie when processing REGISTER
+ if(method == REGISTER && isEqualNoCase(fromUri.user(), toUri.user()) && isEqualNoCase(fromUri.host(), toUri.host()))
+ {
+ return true;
+ }
+ if(cookieUriMatch(wsDestUri, toUri))
+ {
+ DebugLog(<< "Matched cookie destination URI field" << wsDestUri << " against request To header field URI " << toUri);
+ return true;
+ }
+ }
+
+ // catch-all: access denied
+ return false;
+}
+
+void
+CookieAuthenticator::dump(EncodeStream &os) const
+{
+ os << "CookieAuthentication monkey" << std::endl;
+}
+
+/* ====================================================================
+ * BSD License
+ *
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. Neither the name of the author(s) nor the names of any contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * ====================================================================
+ *
+ */
diff --git a/resip/stack/WsTransport.hxx b/repro/monkeys/CookieAuthenticator.hxx
similarity index 64%
copy from resip/stack/WsTransport.hxx
copy to repro/monkeys/CookieAuthenticator.hxx
index d97bc4c..068af0c 100644
--- a/resip/stack/WsTransport.hxx
+++ b/repro/monkeys/CookieAuthenticator.hxx
@@ -1,41 +1,39 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#if !defined(RESIP_COOKIE_AUTHENTICATOR_HXX)
+#define RESIP_COOKIE_AUTHENTICATOR_HXX
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#include "rutil/Data.hxx"
+#include "repro/Processor.hxx"
+#include "resip/stack/Cookie.hxx"
+#include "resip/stack/WsCookieContext.hxx"
+#include "resip/stack/SipStack.hxx"
-namespace resip
-{
-
-class Connection;
-class Message;
-class Security;
+using namespace resip;
-class WsTransport : public TcpBaseTransport
+namespace repro
{
- public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
+ class CookieAuthenticator : public Processor
+ {
+ public:
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
-};
+ CookieAuthenticator(const Data& wsCookieAuthSharedSecret, resip::SipStack* stack);
+ ~CookieAuthenticator();
-}
+ virtual processor_action_t process(RequestContext &);
+ virtual void dump(EncodeStream &os) const;
+ private:
+ bool cookieUriMatch(const resip::Uri &first, const resip::Uri &second);
+ bool authorizedForThisIdentity(const MethodTypes method, const WsCookieContext& wsCookieContext, resip::Uri &fromUri, resip::Uri &toUri);
+ };
+}
#endif
+
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +65,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/repro/repro.config b/repro/repro.config
index 2327966..842d2b6 100644
--- a/repro/repro.config
+++ b/repro/repro.config
@@ -58,6 +58,16 @@ DTLSPort = 0
# TLS domain name for this server (note: domain cert for this domain must be present)
TLSDomainName =
+# PEM-encoded X.509 certificate for TLS
+# Must contain any intermediate certificates from the CA
+# The TLSCertificate and TLSPrivateKey parameters are optional. The stack
+# will also try to automatically detect any suitable certificates
+# in the directory specified by CertificatePath
+TLSCertificate =
+
+# PEM-encoded private key for TLS
+TLSPrivateKey =
+
# Whether or not we ask for (Optional) or expect (Mandatory) TLS
# clients to present a client certificate
# Possible values:
@@ -87,6 +97,8 @@ TLSUseEmailAsSIP = false
# is not used.
# Transport<Num>Type = <'TCP'|'UDP'|'TLS'|'DTLS'|'WS'|'WSS'> - default is UDP if missing
# Transport<Num>TlsDomain = <TLSDomain> - only required if transport is TLS, DTLS or WSS
+# Transport<Num>TlsCertificate = <TLSCertificate> - only for TLS, DTLS or WSS
+# Transport<Num>TlsPrivateKey = <TLSPrivateKey> - only for TLS, DTLS or WSS
# Transport<Num>TlsClientVerification = <'None'|'Optional'|'Mandatory'> - default is None
# Transport<Num>RecordRouteUri = <'auto'|URI> - if set to auto then record route URI
# is automatically generated from the other
@@ -112,6 +124,8 @@ TLSUseEmailAsSIP = false
# Transport3Interface = 192.168.1.106:5061
# Transport3Type = TLS
# Transport3TlsDomain = sipdomain.com
+# Transport3TlsCertificate = /etc/ssl/crt/sipdomain.com.crt
+# Transport3TlsPrivateKey = /etc/ssl/private/sipdomain.com.key
# Transport3TlsClientVerification = Mandatory
# Transport3RecordRouteUri = sip:h1.sipdomain.com;transport=TLS
#
@@ -190,14 +204,24 @@ Daemonize = false
# if unspecified, no attempt will be made to create a PID file
#PidFile = /var/run/repro/repro.pid
-# Path to load certificates from (default: "$(HOME)/.sipCerts on *nix, and c:\sipCerts
-# on windows)
-# Note that repro loads ALL root certificates found by the settings
-# CertificatePath, CADirectory and CAFile. Setting one option does
-# not disable the other options.
+# Path to load certificates from (optional, there is no default)
+# Note that repro loads ALL root certificates found by any of the settings
+#
+# CertificatePath
+# CADirectory
+# CAFile
+#
+# Setting one option does not disable the other options.
+#
# Certificates in this location have to match one of the filename
# patterns expected by the legacy reSIProcate SSL code:
+#
# domain_cert_NAME.pem, root_cert_NAME.pem, ...
+#
+# For domain certificates, it is recommended to use the options
+# for individual transports, such as TransportXTlsCertificate and
+# TransportXTlsPrivateKey and not set CertificatePath at all.
+#
CertificatePath =
# Path to load root certificates from
@@ -570,6 +594,13 @@ RejectBadNonces = false
# allow To tag in registrations
AllowBadReg = false
+########################################################
+# Cookie Authentication Settings
+########################################################
+
+# Shared secret for cookie HMAC validation. If there is no WSCookieAuthSharedSecret
+# there will be no cookie validation.
+# WSCookieAuthSharedSecret =
########################################################
# RequestFilter Monkey Settings
diff --git a/repro/repro_10_0.vcxproj b/repro/repro_10_0.vcxproj
index 0090e14..9246dca 100644
--- a/repro/repro_10_0.vcxproj
+++ b/repro/repro_10_0.vcxproj
@@ -203,6 +203,7 @@ endlocal
</DataExecutionPrevention>
<TargetMachine>MachineX86</TargetMachine>
<AdditionalDependencies>Ws2_32.lib;Iphlpapi.lib;winmm.lib;Dnsapi.lib;"$(ProjectDir)..\contrib\MySQLConnectorC\lib\debug\libmysql.lib";%(AdditionalDependencies)</AdditionalDependencies>
+ <DelayLoadDLLs>libmysql.dll</DelayLoadDLLs>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
@@ -288,6 +289,7 @@ endlocal
<DataExecutionPrevention>
</DataExecutionPrevention>
<TargetMachine>MachineX86</TargetMachine>
+ <DelayLoadDLLs>libmysql.dll</DelayLoadDLLs>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
@@ -374,6 +376,7 @@ endlocal
<DataExecutionPrevention>
</DataExecutionPrevention>
<TargetMachine>MachineX86</TargetMachine>
+ <DelayLoadDLLs>libmysql.dll</DelayLoadDLLs>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SSL-Debug|x64'">
@@ -460,6 +463,7 @@ endlocal
<DataExecutionPrevention>
</DataExecutionPrevention>
<TargetMachine>MachineX86</TargetMachine>
+ <DelayLoadDLLs>libmysql.dll</DelayLoadDLLs>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SSL-Release|x64'">
diff --git a/repro/reprolib_10_0.vcxproj b/repro/reprolib_10_0.vcxproj
index 6f1b910..078d1ee 100644
--- a/repro/reprolib_10_0.vcxproj
+++ b/repro/reprolib_10_0.vcxproj
@@ -163,7 +163,7 @@
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<Optimization>Disabled</Optimization>
- <AdditionalIncludeDirectories>$(ProjectDir)../;$(ProjectDir)../resip/stack;$(ProjectDir)../contrib/pcre;$(ProjectDir)../contrib/GeoIP/libGeoIP;$(ProjectDir)../contrib/MySQLConnectorC/include;$(ProjectDir)../contrib/db/build_windows;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories>$(ProjectDir)../;$(ProjectDir)../resip/stack;$(ProjectDir)../contrib/pcre;$(ProjectDir)../contrib/GeoIP/libGeoIP;$(ProjectDir)../contrib/MySQLConnectorC/include;$(ProjectDir)../contrib/db/build_windows;%(AdditionalIncludeDirectories);$(ProjectDir)../contrib/cajun/include</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_DEBUG;USE_ARES;USE_IPV6;USE_MYSQL;USE_MAXMIND_GEOIP;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>false</MinimalRebuild>
<BasicRuntimeChecks>
@@ -194,7 +194,7 @@
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
- <AdditionalIncludeDirectories>$(ProjectDir)../;$(ProjectDir)../resip/stack;$(ProjectDir)../contrib/pcre;$(ProjectDir)../contrib/GeoIP/libGeoIP;$(ProjectDir)../contrib/MySQLConnectorC/include;$(ProjectDir)../contrib/db/build_windows;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories>$(ProjectDir)../;$(ProjectDir)../resip/stack;$(ProjectDir)../contrib/pcre;$(ProjectDir)../contrib/GeoIP/libGeoIP;$(ProjectDir)../contrib/MySQLConnectorC/include;$(ProjectDir)../contrib/db/build_windows;%(AdditionalIncludeDirectories);$(ProjectDir)../contrib/cajun/include</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;NDEBUG;USE_ARES;USE_IPV6;USE_MYSQL;USE_MAXMIND_GEOIP;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>false</MinimalRebuild>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
@@ -221,7 +221,7 @@
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SSL-Debug|Win32'">
<ClCompile>
<Optimization>Disabled</Optimization>
- <AdditionalIncludeDirectories>$(ProjectDir)../;$(ProjectDir)../resip/stack;$(ProjectDir)../contrib/pcre;$(ProjectDir)../contrib/openssl/include;$(ProjectDir)../contrib/openssl/inc32;$(ProjectDir)../contrib/GeoIP/libGeoIP;$(ProjectDir)../contrib/MySQLConnectorC/include;$(ProjectDir)../contrib/db/build_windows;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories>$(ProjectDir)../;$(ProjectDir)../resip/stack;$(ProjectDir)../contrib/pcre;$(ProjectDir)../contrib/openssl/include;$(ProjectDir)../contrib/openssl/inc32;$(ProjectDir)../contrib/GeoIP/libGeoIP;$(ProjectDir)../contrib/MySQLConnectorC/include;$(ProjectDir)../contrib/db/build_windows;%(AdditionalIncludeDirectories);$(ProjectDir)../contrib/cajun/include</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_DEBUG;USE_ARES;LEAK_CHECK;USE_IPV6;USE_MYSQL;USE_SSL;USE_MAXMIND_GEOIP;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>false</MinimalRebuild>
<BasicRuntimeChecks>
@@ -252,7 +252,7 @@
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='SSL-Release|Win32'">
<ClCompile>
- <AdditionalIncludeDirectories>$(ProjectDir)../;$(ProjectDir)../resip/stack;$(ProjectDir)../contrib/pcre;$(ProjectDir)../contrib/openssl/include;$(ProjectDir)../contrib/openssl/inc32;$(ProjectDir)../contrib/GeoIP/libGeoIP;$(ProjectDir)../contrib/MySQLConnectorC/include;$(ProjectDir)../contrib/db/build_windows;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories>$(ProjectDir)../;$(ProjectDir)../resip/stack;$(ProjectDir)../contrib/pcre;$(ProjectDir)../contrib/openssl/include;$(ProjectDir)../contrib/openssl/inc32;$(ProjectDir)../contrib/GeoIP/libGeoIP;$(ProjectDir)../contrib/MySQLConnectorC/include;$(ProjectDir)../contrib/db/build_windows;%(AdditionalIncludeDirectories);$(ProjectDir)../contrib/cajun/include</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;NDEBUG;USE_ARES;USE_IPV6;USE_SSL;USE_MYSQL;USE_MAXMIND_GEOIP;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>false</MinimalRebuild>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
@@ -294,9 +294,11 @@
<ClCompile Include="AbstractDb.cxx" />
<ClCompile Include="AccountingCollector.cxx" />
<ClCompile Include="AclStore.cxx" />
+ <ClCompile Include="BasicWsConnectionValidator.cxx" />
<ClCompile Include="FilterStore.cxx" />
<ClCompile Include="monkeys\AmIResponsible.cxx" />
<ClCompile Include="monkeys\CertificateAuthenticator.cxx" />
+ <ClCompile Include="monkeys\CookieAuthenticator.cxx" />
<ClCompile Include="monkeys\GeoProximityTargetSorter.cxx" />
<ClCompile Include="monkeys\MessageSilo.cxx" />
<ClCompile Include="monkeys\RequestFilter.cxx" />
@@ -378,10 +380,12 @@
<ClInclude Include="AsyncProcessor.hxx" />
<ClInclude Include="AsyncProcessorMessage.hxx" />
<ClInclude Include="AsyncProcessorWorker.hxx" />
+ <ClInclude Include="BasicWsConnectionValidator.hxx" />
<ClInclude Include="FilterStore.hxx" />
<ClInclude Include="ForkControlMessage.hxx" />
<ClInclude Include="monkeys\AmIResponsible.hxx" />
<ClInclude Include="monkeys\CertificateAuthenticator.hxx" />
+ <ClInclude Include="monkeys\CookieAuthenticator.hxx" />
<ClInclude Include="monkeys\GeoProximityTargetSorter.hxx" />
<ClInclude Include="monkeys\MessageSilo.hxx" />
<ClInclude Include="monkeys\RequestFilter.hxx" />
diff --git a/repro/reprolib_10_0.vcxproj.filters b/repro/reprolib_10_0.vcxproj.filters
index 7ef9d08..ff1a926 100644
--- a/repro/reprolib_10_0.vcxproj.filters
+++ b/repro/reprolib_10_0.vcxproj.filters
@@ -174,6 +174,12 @@
<ClCompile Include="AccountingCollector.cxx">
<Filter>Source Files</Filter>
</ClCompile>
+ <ClCompile Include="BasicWsConnectionValidator.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ <ClCompile Include="monkeys\CookieAuthenticator.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="AbstractDb.hxx">
@@ -365,5 +371,11 @@
<ClInclude Include="AccountingCollector.hxx">
<Filter>Header Files</Filter>
</ClInclude>
+ <ClInclude Include="BasicWsConnectionValidator.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ <ClInclude Include="monkeys\CookieAuthenticator.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
</ItemGroup>
</Project>
\ No newline at end of file
diff --git a/resip/Makefile.am b/resip/Makefile.am
index 30c55cf..a1cc25c 100644
--- a/resip/Makefile.am
+++ b/resip/Makefile.am
@@ -3,7 +3,10 @@ EXTRA_DIST = README.windows
EXTRA_DIST += sip.mcp.xml
EXTRA_DIST += update-svn-ignores.sh
-SUBDIRS = stack dum certs rend
+SUBDIRS = stack dum certs
+if BUILD_REND
+SUBDIRS += rend
+endif
# recon has a lot of dependencies, e.g. sipX, so it is not yet
# adapted for autotools
diff --git a/resip/Makefile.in b/resip/Makefile.in
index 5c172bb..36a42ef 100644
--- a/resip/Makefile.in
+++ b/resip/Makefile.in
@@ -50,6 +50,7 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
+ at BUILD_REND_TRUE@am__append_1 = rend
subdir = resip
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in COPYING
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
@@ -85,7 +86,7 @@ AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \
distdir
ETAGS = etags
CTAGS = ctags
-DIST_SUBDIRS = $(SUBDIRS)
+DIST_SUBDIRS = stack dum certs rend
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -244,7 +245,7 @@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
EXTRA_DIST = README.windows sip.mcp.xml update-svn-ignores.sh
-SUBDIRS = stack dum certs rend
+SUBDIRS = stack dum certs $(am__append_1)
all: all-recursive
.SUFFIXES:
diff --git a/resip/dum/ClientInviteSession.cxx b/resip/dum/ClientInviteSession.cxx
index 230705e..4442f69 100644
--- a/resip/dum/ClientInviteSession.cxx
+++ b/resip/dum/ClientInviteSession.cxx
@@ -344,7 +344,6 @@ ClientInviteSession::startStaleCallTimer()
{
InfoLog (<< toData(mState) << ": startStaleCallTimer");
unsigned long when = mDialog.mDialogSet.getUserProfile()->getDefaultStaleCallTime();
- when += Random::getRandom() % 120;
mDum.addTimer(DumTimeout::StaleCall,
when,
diff --git a/resip/dum/Makefile.am b/resip/dum/Makefile.am
index 0fbf444..019f5b0 100644
--- a/resip/dum/Makefile.am
+++ b/resip/dum/Makefile.am
@@ -82,6 +82,7 @@ libdum_la_SOURCES = \
SubscriptionCreator.cxx \
SubscriptionState.cxx \
TlsPeerAuthManager.cxx \
+ WsCookieAuthManager.cxx \
KeepAliveManager.cxx \
KeepAliveTimeout.cxx \
NetworkAssociation.cxx \
@@ -205,6 +206,7 @@ nobase_duminclude_HEADERS = AppDialog.hxx \
SubscriptionState.hxx \
TargetCommand.hxx \
TlsPeerAuthManager.hxx \
+ WsCookieAuthManager.hxx \
UsageUseException.hxx \
UserAuthInfo.hxx \
UserProfile.hxx
diff --git a/resip/dum/Makefile.in b/resip/dum/Makefile.in
index e9b1906..f4a042d 100644
--- a/resip/dum/Makefile.in
+++ b/resip/dum/Makefile.in
@@ -129,12 +129,13 @@ am__libdum_la_SOURCES_DIST = AppDialog.cxx AppDialogSet.cxx \
ServerRegistration.cxx ServerSubscription.cxx \
SubscriptionHandler.cxx SubscriptionCreator.cxx \
SubscriptionState.cxx TlsPeerAuthManager.cxx \
- KeepAliveManager.cxx KeepAliveTimeout.cxx \
- NetworkAssociation.cxx DumDecrypted.cxx CertMessage.cxx \
- DumFeatureChain.cxx DumFeatureMessage.cxx IdentityHandler.cxx \
- TargetCommand.cxx DumFeature.cxx OutgoingEvent.cxx \
- HttpProvider.cxx HttpGetMessage.cxx DumHelper.cxx \
- MergedRequestRemovalCommand.cxx ssl/EncryptionManager.cxx
+ WsCookieAuthManager.cxx KeepAliveManager.cxx \
+ KeepAliveTimeout.cxx NetworkAssociation.cxx DumDecrypted.cxx \
+ CertMessage.cxx DumFeatureChain.cxx DumFeatureMessage.cxx \
+ IdentityHandler.cxx TargetCommand.cxx DumFeature.cxx \
+ OutgoingEvent.cxx HttpProvider.cxx HttpGetMessage.cxx \
+ DumHelper.cxx MergedRequestRemovalCommand.cxx \
+ ssl/EncryptionManager.cxx
@USE_SSL_TRUE at am__objects_1 = EncryptionManager.lo
am_libdum_la_OBJECTS = AppDialog.lo AppDialogSet.lo \
AppDialogSetFactory.lo BaseCreator.lo BaseUsage.lo \
@@ -161,12 +162,13 @@ am_libdum_la_OBJECTS = AppDialog.lo AppDialogSet.lo \
ServerPagerMessage.lo ServerPublication.lo \
ServerRegistration.lo ServerSubscription.lo \
SubscriptionHandler.lo SubscriptionCreator.lo \
- SubscriptionState.lo TlsPeerAuthManager.lo KeepAliveManager.lo \
- KeepAliveTimeout.lo NetworkAssociation.lo DumDecrypted.lo \
- CertMessage.lo DumFeatureChain.lo DumFeatureMessage.lo \
- IdentityHandler.lo TargetCommand.lo DumFeature.lo \
- OutgoingEvent.lo HttpProvider.lo HttpGetMessage.lo \
- DumHelper.lo MergedRequestRemovalCommand.lo $(am__objects_1)
+ SubscriptionState.lo TlsPeerAuthManager.lo \
+ WsCookieAuthManager.lo KeepAliveManager.lo KeepAliveTimeout.lo \
+ NetworkAssociation.lo DumDecrypted.lo CertMessage.lo \
+ DumFeatureChain.lo DumFeatureMessage.lo IdentityHandler.lo \
+ TargetCommand.lo DumFeature.lo OutgoingEvent.lo \
+ HttpProvider.lo HttpGetMessage.lo DumHelper.lo \
+ MergedRequestRemovalCommand.lo $(am__objects_1)
libdum_la_OBJECTS = $(am_libdum_la_OBJECTS)
libdum_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \
@@ -402,12 +404,12 @@ libdum_la_SOURCES = AppDialog.cxx AppDialogSet.cxx \
ServerRegistration.cxx ServerSubscription.cxx \
SubscriptionHandler.cxx SubscriptionCreator.cxx \
SubscriptionState.cxx TlsPeerAuthManager.cxx \
- KeepAliveManager.cxx KeepAliveTimeout.cxx \
- NetworkAssociation.cxx DumDecrypted.cxx CertMessage.cxx \
- DumFeatureChain.cxx DumFeatureMessage.cxx IdentityHandler.cxx \
- TargetCommand.cxx DumFeature.cxx OutgoingEvent.cxx \
- HttpProvider.cxx HttpGetMessage.cxx DumHelper.cxx \
- MergedRequestRemovalCommand.cxx $(am__append_1)
+ WsCookieAuthManager.cxx KeepAliveManager.cxx \
+ KeepAliveTimeout.cxx NetworkAssociation.cxx DumDecrypted.cxx \
+ CertMessage.cxx DumFeatureChain.cxx DumFeatureMessage.cxx \
+ IdentityHandler.cxx TargetCommand.cxx DumFeature.cxx \
+ OutgoingEvent.cxx HttpProvider.cxx HttpGetMessage.cxx \
+ DumHelper.cxx MergedRequestRemovalCommand.cxx $(am__append_1)
dumincludedir = $(includedir)/resip/dum
nobase_duminclude_HEADERS = AppDialog.hxx \
AppDialogSetFactory.hxx \
@@ -509,6 +511,7 @@ nobase_duminclude_HEADERS = AppDialog.hxx \
SubscriptionState.hxx \
TargetCommand.hxx \
TlsPeerAuthManager.hxx \
+ WsCookieAuthManager.hxx \
UsageUseException.hxx \
UserAuthInfo.hxx \
UserProfile.hxx
@@ -667,6 +670,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/TlsPeerAuthManager.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/UserAuthInfo.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/UserProfile.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WsCookieAuthManager.Plo at am__quote@
.cxx.o:
@am__fastdepCXX_TRUE@ $(CXXCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
diff --git a/resip/dum/WsCookieAuthManager.cxx b/resip/dum/WsCookieAuthManager.cxx
new file mode 100644
index 0000000..2b99191
--- /dev/null
+++ b/resip/dum/WsCookieAuthManager.cxx
@@ -0,0 +1,201 @@
+#include <cassert>
+
+#include "resip/dum/DumFeature.hxx"
+#include "resip/dum/DumFeatureChain.hxx"
+#include "resip/dum/DialogUsageManager.hxx"
+#include "resip/dum/TargetCommand.hxx"
+#include "resip/dum/WsCookieAuthManager.hxx"
+#include "resip/stack/Helper.hxx"
+#include "rutil/Logger.hxx"
+#include "rutil/WinLeakCheck.hxx"
+
+#define RESIPROCATE_SUBSYSTEM Subsystem::DUM
+
+using namespace resip;
+using namespace std;
+
+WsCookieAuthManager::WsCookieAuthManager(DialogUsageManager& dum, TargetCommand::Target& target) :
+ DumFeature(dum, target)
+{
+}
+
+WsCookieAuthManager::~WsCookieAuthManager()
+{
+ InfoLog(<< "~WsCookieAuthManager");
+}
+
+// !bwc! We absolutely, positively, MUST NOT throw here. This is because in
+// DialogUsageManager::process(), we do not know if a DumFeature has taken
+// ownership of msg until we get a return. If we throw, the ownership of msg
+// is unknown. This is unacceptable.
+DumFeature::ProcessingResult
+WsCookieAuthManager::process(Message* msg)
+{
+ SipMessage* sipMessage = dynamic_cast<SipMessage*>(msg);
+
+ if (sipMessage)
+ {
+ //!dcm! -- unecessary happens in handle
+ switch ( handle(sipMessage) )
+ {
+ case WsCookieAuthManager::Rejected:
+ InfoLog(<< "WsCookieAuth rejected request " << sipMessage->brief());
+ return DumFeature::ChainDoneAndEventDone;
+ default: // includes Authorized, Skipped
+ return DumFeature::FeatureDone;
+ }
+ }
+
+ // Catch-all (handles something that was not a SipMessage)
+ return FeatureDone;
+}
+
+bool
+WsCookieAuthManager::cookieUriMatch(const resip::Uri &first, const resip::Uri &second)
+{
+ return(
+ (isEqualNoCase(first.user(), second.user()) || first.user() == "*") &&
+ (isEqualNoCase(first.host(), second.host()) || first.host() == "*")
+ );
+}
+
+bool
+WsCookieAuthManager::authorizedForThisIdentity(
+ const MethodTypes method,
+ const WsCookieContext &wsCookieContext,
+ const resip::Uri &fromUri,
+ const resip::Uri &toUri)
+{
+ if(difftime(wsCookieContext.getExpiresTime(), time(NULL)) < 0)
+ {
+ WarningLog(<< "Received expired cookie");
+ return false;
+ }
+
+ Uri wsFromUri = wsCookieContext.getWsFromUri();
+ Uri wsDestUri = wsCookieContext.getWsDestUri();
+ if(cookieUriMatch(wsFromUri, fromUri))
+ {
+ DebugLog(<< "Matched cookie source URI field" << wsFromUri << " against request From header field URI " << fromUri);
+ // When registering, "From" URI == "To" URI, so we can ignore the
+ // "To" URI restriction from the cookie when processing REGISTER
+ if(method == REGISTER && isEqualNoCase(fromUri.user(), toUri.user()) && isEqualNoCase(fromUri.host(), toUri.host()))
+ {
+ return true;
+ }
+ if(cookieUriMatch(wsDestUri, toUri))
+ {
+ DebugLog(<< "Matched cookie destination URI field" << wsDestUri << " against request To header field URI " << toUri);
+ return true;
+ }
+ }
+
+ // catch-all: access denied
+ return false;
+}
+
+// return true if request has been consumed
+WsCookieAuthManager::Result
+WsCookieAuthManager::handle(SipMessage* sipMessage)
+{
+ // Only check message coming over WebSockets
+ if(!isWebSocket(sipMessage->getReceivedTransport()->transport()))
+ {
+ return Skipped;
+ }
+ //InfoLog( << "trying to do auth" );
+ if (!sipMessage->isRequest() ||
+ sipMessage->header(h_RequestLine).method() == ACK ||
+ sipMessage->header(h_RequestLine).method() == CANCEL)
+ {
+ // Do not inspect ACKs or CANCELs
+ return Skipped;
+ }
+
+ if(!sipMessage->header(h_From).isWellFormed() ||
+ sipMessage->header(h_From).isAllContacts() )
+ {
+ InfoLog(<<"Malformed From header: cannot verify against cookie. Rejecting.");
+ SharedPtr<SipMessage> response(new SipMessage);
+ Helper::makeResponse(*response, *sipMessage, 400, "Malformed From header");
+ mDum.send(response);
+ return Rejected;
+ }
+
+ const CookieList &cookieList = sipMessage->getWsCookies();
+ const WsCookieContext &wsCookieContext = sipMessage->getWsCookieContext();
+ if (mDum.isMyDomain(sipMessage->header(h_From).uri().host()))
+ {
+ if (requiresAuthorization(*sipMessage))
+ {
+ if(authorizedForThisIdentity(sipMessage->header(h_RequestLine).method(), wsCookieContext, sipMessage->header(h_From).uri(), sipMessage->header(h_To).uri()))
+ {
+ return Authorized;
+ }
+ SharedPtr<SipMessage> response(new SipMessage);
+ Helper::makeResponse(*response, *sipMessage, 403, "Cookie-based authorization failed");
+ mDum.send(response);
+ return Rejected;
+ }
+ else
+ {
+ return Skipped;
+ }
+ }
+ else
+ {
+ SharedPtr<SipMessage> response(new SipMessage);
+ Helper::makeResponse(*response, *sipMessage, 403, "Cookie-based authorization failed");
+ mDum.send(response);
+ return Rejected;
+ }
+
+ InfoLog(<< "Skipping some message that we didn't explicitly handle");
+ return Skipped;
+}
+
+bool
+WsCookieAuthManager::requiresAuthorization(const SipMessage& msg)
+{
+ // everything must be authorized, over-ride this method
+ // to implement some other policy
+ return true;
+}
+
+
+/* ====================================================================
+ * BSD License
+ *
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. Neither the name of the author(s) nor the names of any contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * ====================================================================
+ *
+ */
diff --git a/resip/stack/WsTransport.hxx b/resip/dum/WsCookieAuthManager.hxx
similarity index 55%
copy from resip/stack/WsTransport.hxx
copy to resip/dum/WsCookieAuthManager.hxx
index d97bc4c..1088c03 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/dum/WsCookieAuthManager.hxx
@@ -1,41 +1,59 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#if !defined(RESIP_WSCOOKIEAUTHMANAGER_HXX)
+#define RESIP_WSCOOKIEAUTHMANAGER_HXX
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#include <map>
+#include <set>
+
+#include "resip/stack/SipMessage.hxx"
+#include "DumFeature.hxx"
+#include "resip/stack/Cookie.hxx"
+#include "resip/stack/WsCookieContext.hxx"
namespace resip
{
+class DialogUsageManager;
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+class WsCookieAuthManager : public DumFeature
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
+ enum Result
+ {
+ Authorized,
+ Skipped,
+ Rejected
+ };
+
+ WsCookieAuthManager(DialogUsageManager& dum, TargetCommand::Target& target);
+ virtual ~WsCookieAuthManager();
+
+ virtual ProcessingResult process(Message* msg);
protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
+
+ // can return Authorized, Rejected, Skipped
+ virtual Result handle(SipMessage* sipMsg);
+
+ /// compares URI user and host, allows wildcards in first URI
+ bool cookieUriMatch(const resip::Uri &first, const resip::Uri &second);
+
+ /// should return true if the passed in user is authorized for the provided uri
+ bool authorizedForThisIdentity(const MethodTypes method, const WsCookieContext &wsCookieContext, const resip::Uri &fromUri, const resip::Uri &toUri);
+
+ /// should return true if the request must be challenged
+ /// The default is to challenge all requests - override this class to change this beviour
+ virtual bool requiresAuthorization(const SipMessage& msg);
};
-}
+}
#endif
+
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +85,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/dum/dum_10_0.vcxproj b/resip/dum/dum_10_0.vcxproj
index d56e483..82d8190 100644
--- a/resip/dum/dum_10_0.vcxproj
+++ b/resip/dum/dum_10_0.vcxproj
@@ -374,6 +374,7 @@
<ClCompile Include="TlsPeerAuthManager.cxx" />
<ClCompile Include="UserAuthInfo.cxx" />
<ClCompile Include="UserProfile.cxx" />
+ <ClCompile Include="WsCookieAuthManager.cxx" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="AppDialog.hxx" />
@@ -473,6 +474,7 @@
<ClInclude Include="UsageUseException.hxx" />
<ClInclude Include="UserAuthInfo.hxx" />
<ClInclude Include="UserProfile.hxx" />
+ <ClInclude Include="WsCookieAuthManager.hxx" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\stack\resiprocate_10_0.vcxproj">
diff --git a/resip/dum/dum_10_0.vcxproj.filters b/resip/dum/dum_10_0.vcxproj.filters
index 0bd8480..e51aa92 100644
--- a/resip/dum/dum_10_0.vcxproj.filters
+++ b/resip/dum/dum_10_0.vcxproj.filters
@@ -249,6 +249,9 @@
<ClCompile Include="TlsPeerAuthManager.cxx">
<Filter>Source Files</Filter>
</ClCompile>
+ <ClCompile Include="WsCookieAuthManager.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="AppDialog.hxx">
@@ -542,5 +545,8 @@
<ClInclude Include="TlsPeerAuthManager.hxx">
<Filter>Header Files</Filter>
</ClInclude>
+ <ClInclude Include="WsCookieAuthManager.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
</ItemGroup>
</Project>
\ No newline at end of file
diff --git a/resip/rend/Makefile.am b/resip/rend/Makefile.am
index c1a7a26..74fc304 100644
--- a/resip/rend/Makefile.am
+++ b/resip/rend/Makefile.am
@@ -13,6 +13,7 @@ librend_la_LIBADD = ../../resip/dum/libdum.la
librend_la_LIBADD += ../../resip/stack/libresip.la
librend_la_LIBADD += ../../rutil/librutil.la
librend_la_LIBADD += @LIBSSL_LIBADD@ @LIBPTHREAD_LIBADD@
+librend_la_LIBADD += -lpopt
librend_la_LDFLAGS = @LIBTOOL_VERSION_RELEASE@
librend_la_LDFLAGS += -export-dynamic
diff --git a/resip/rend/Makefile.in b/resip/rend/Makefile.in
index cfafbb4..2262739 100644
--- a/resip/rend/Makefile.in
+++ b/resip/rend/Makefile.in
@@ -314,7 +314,7 @@ AM_CXXFLAGS = -I $(top_srcdir)
lib_LTLIBRARIES = librend.la
librend_la_LIBADD = ../../resip/dum/libdum.la \
../../resip/stack/libresip.la ../../rutil/librutil.la \
- @LIBSSL_LIBADD@ @LIBPTHREAD_LIBADD@ $(am__empty)
+ @LIBSSL_LIBADD@ @LIBPTHREAD_LIBADD@ -lpopt
librend_la_LDFLAGS = @LIBTOOL_VERSION_RELEASE@ -export-dynamic
rendIt_LDADD = librend.la ../../resip/stack/libresip.la \
../../rutil/librutil.la -lpopt
diff --git a/resip/stack/Connection.cxx b/resip/stack/Connection.cxx
index 27eb4b5..32e08f2 100644
--- a/resip/stack/Connection.cxx
+++ b/resip/stack/Connection.cxx
@@ -37,8 +37,8 @@ Connection::Connection(Transport* transport,const Tuple& who, Socket socket,
mWho.mFlowKey=(FlowKey)socket;
InfoLog (<< "Connection::Connection: new connection created to who: " << mWho);
- if(transport && (transport->transport() == WS ||
- transport->transport() == WSS)) {
+ if(transport && isWebSocket(transport->transport()))
+ {
mSendingTransmissionFormat = WebSocketHandshake;
mReceivingTransmissionFormat = WebSocketHandshake;
}
diff --git a/resip/stack/ConnectionBase.cxx b/resip/stack/ConnectionBase.cxx
index 5e145d5..c24f6b2 100644
--- a/resip/stack/ConnectionBase.cxx
+++ b/resip/stack/ConnectionBase.cxx
@@ -4,9 +4,13 @@
#include "rutil/Logger.hxx"
#include "resip/stack/ConnectionBase.hxx"
+#include "resip/stack/WsConnectionBase.hxx"
#include "resip/stack/SipMessage.hxx"
#include "resip/stack/WsDecorator.hxx"
+#include "resip/stack/Cookie.hxx"
+#include "resip/stack/WsCookieContext.hxx"
#include "rutil/WinLeakCheck.hxx"
+#include "rutil/SharedPtr.hxx"
#ifdef USE_SSL
#include "resip/stack/ssl/Security.hxx"
@@ -533,6 +537,49 @@ ConnectionBase::preparseNewBytes(int bytesRead)
return true;
}
+void
+ConnectionBase::wsParseCookies(CookieList& cookieList, const SipMessage* message)
+{
+ Data name;
+ Data value;
+ StringCategories::const_iterator it = message->header(h_Cookies).begin();
+ for (; it != message->header(h_Cookies).end(); ++it)
+ {
+ ParseBuffer pb((*it).value());
+ while(!pb.eof())
+ {
+ const char* anchor = pb.skipWhitespace();
+
+ pb.skipToChar(Symbols::EQUALS[0]);
+ pb.data(name, anchor);
+
+ anchor = pb.skipChar(Symbols::EQUALS[0]);
+ if(*(pb.position()) == Symbols::DOUBLE_QUOTE[0])
+ {
+ anchor = pb.skipChar(Symbols::DOUBLE_QUOTE[0]);
+ pb.skipToChar(Symbols::DOUBLE_QUOTE[0]);
+ pb.data(value, anchor);
+ pb.skipChar(Symbols::DOUBLE_QUOTE[0]);
+ }
+ else
+ {
+ pb.skipToOneOf(Symbols::SEMI_COLON, ParseBuffer::Whitespace);
+ pb.data(value, anchor);
+ }
+
+ cookieList.push_back(Cookie(name, value));
+ DebugLog(<< "Cookie: " << Cookie(name, value));
+
+ if(!pb.eof() && *(pb.position()) == Symbols::SEMI_COLON[0])
+ {
+ pb.skipChar(Symbols::SEMI_COLON[0]);
+ }
+
+ pb.skipWhitespace();
+ }
+ }
+}
+
/*
* Returns true if handshake complete, false if more bytes needed
* Sets dropConnection = true if an error occurs
@@ -562,9 +609,40 @@ ConnectionBase::wsProcessHandshake(int bytesRead, bool &dropConnection)
try
{
+ WsConnectionBase* wsConnectionBase = dynamic_cast<WsConnectionBase*>(this);
+ CookieList cookieList;
+ WsCookieContext wsCookieContext;
+ if(wsConnectionBase)
+ {
+ if (mMessage->exists(h_Cookies))
+ {
+ wsParseCookies(cookieList, mMessage);
+ wsCookieContext = WsCookieContext(cookieList);
+ wsConnectionBase->setCookies(cookieList);
+ wsConnectionBase->setWsCookieContext(wsCookieContext);
+ }
+ SharedPtr<WsConnectionValidator> wsConnectionValidator = wsConnectionBase->connectionValidator();
+ if(wsConnectionValidator && !wsConnectionValidator->validateConnection(wsCookieContext))
+ {
+ ErrLog(<<"WebSocket cookie validation failed, dropping connection");
+ // FIXME: should send back a HTTP error code:
+ // 400 if the cookie was not in the right syntax
+ // 403 if the cookie was well formed but rejected
+ // due to expiry or a bad HMAC
+ delete mMessage;
+ mMessage = 0;
+ mBufferPos = 0;
+ dropConnection = true;
+ return false;
+ }
+ }
+
std::auto_ptr<Data> wsResponsePtr = makeWsHandshakeResponse();
+
if (wsResponsePtr.get())
{
+ DebugLog (<< "WebSocket upgrade accepted, cookie count = " << cookieList.size());
+
mOutstandingSends.push_back(new SendData(
who(),
*wsResponsePtr.get(),
@@ -701,6 +779,13 @@ ConnectionBase::wsProcessData(int bytesRead)
}
#endif
+ WsConnectionBase *wsConnectionBase = dynamic_cast<WsConnectionBase *>(this);
+ if (wsConnectionBase)
+ {
+ mMessage->setWsCookies(wsConnectionBase->getCookies());
+ mMessage->setWsCookieContext(wsConnectionBase->getWsCookieContext());
+ }
+
Data::size_type msg_len = msg->size();
// cast permitted, as it is borrowed:
char *sipBuffer = (char *)msg->data();
diff --git a/resip/stack/ConnectionBase.hxx b/resip/stack/ConnectionBase.hxx
index 1798277..d0781d1 100644
--- a/resip/stack/ConnectionBase.hxx
+++ b/resip/stack/ConnectionBase.hxx
@@ -10,6 +10,7 @@
#include "resip/stack/MsgHeaderScanner.hxx"
#include "resip/stack/SendData.hxx"
#include "resip/stack/WsFrameExtractor.hxx"
+#include "resip/stack/Cookie.hxx"
namespace osc
{
@@ -78,6 +79,7 @@ class ConnectionBase
bool preparseNewBytes(int bytesRead);
bool wsProcessHandshake(int bytesRead, bool &dropConnection);
bool wsProcessData(int bytesRead);
+ void wsParseCookies(CookieList& cookieList, const SipMessage* message);
void decompressNewBytes(int bytesRead);
std::pair<char*, size_t> getWriteBuffer();
std::pair<char*, size_t> getCurrentWriteBuffer();
diff --git a/resip/stack/WsTransport.cxx b/resip/stack/Cookie.cxx
similarity index 60%
copy from resip/stack/WsTransport.cxx
copy to resip/stack/Cookie.cxx
index db3b142..1286248 100644
--- a/resip/stack/WsTransport.cxx
+++ b/resip/stack/Cookie.cxx
@@ -2,53 +2,83 @@
#include "config.h"
#endif
-#include <memory>
-#include "rutil/compat.hxx"
-#include "rutil/Data.hxx"
-#include "rutil/Socket.hxx"
-#include "rutil/Logger.hxx"
-#include "resip/stack/WsTransport.hxx"
-#include "resip/stack/TcpConnection.hxx"
-#include "rutil/WinLeakCheck.hxx"
+#include "resip/stack/Cookie.hxx"
+#include "resip/stack/StringCategory.hxx"
+#include "resip/stack/Symbols.hxx"
+#include "rutil/ParseBuffer.hxx"
-#define RESIPROCATE_SUBSYSTEM Subsystem::TRANSPORT
-
-using namespace std;
using namespace resip;
-WsTransport::WsTransport(Fifo<TransactionMessage>& fifo, int portNum,
- IpVersion version, const Data& pinterface,
- AfterSocketCreationFuncPtr socketFunc,
- Compression &compression,
- unsigned transportFlags)
-: TcpBaseTransport(fifo, portNum, version, pinterface, socketFunc, compression, transportFlags)
+//====================
+// Cookie
+//====================
+Cookie::Cookie() :
+ mName(),
+ mValue()
+{}
+
+Cookie::Cookie(const Data& name, const Data& value) :
+ mName(name.urlDecoded()),
+ mValue(value.urlDecoded())
+{}
+
+Cookie&
+Cookie::operator=(const Cookie& rhs)
{
- mTuple.setType(WS);
+ if (this != &rhs)
+ {
+ mName = rhs.mName;
+ mValue = rhs.mValue;
+ }
+ return *this;
+}
- init();
+bool
+Cookie::operator==(const Cookie& other) const
+{
+ return name() == other.name() && value() == other.value();
+}
- InfoLog (<< "Creating WS transport host=" << pinterface
- << " port=" << mTuple.getPort()
- << " ipv4=" << bool(version==V4) );
+bool Cookie::operator<(const Cookie& rhs) const
+{
+ return name() + value() < rhs.name() + rhs.value();
+}
- mTxFifo.setDescription("WsTransport::mTxFifo");
+EncodeStream&
+resip::operator<<(EncodeStream& strm, const Cookie& c)
+{
+ strm << c.name() << Symbols::EQUALS[0] << c.value();
+ return strm;
}
-WsTransport::~WsTransport()
+const Data&
+Cookie::name() const
{
+ return mName;
}
-Connection*
-WsTransport::createConnection(const Tuple& who, Socket fd, bool server)
+Data&
+Cookie::name()
{
- assert(this);
- Connection* conn = new TcpConnection(this,who, fd, mCompression);
- return conn;
+ return mName;
+}
+
+const Data&
+Cookie::value() const
+{
+ return mValue;
+}
+
+Data&
+Cookie::value()
+{
+ return mValue;
}
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -80,6 +110,4 @@ WsTransport::createConnection(const Tuple& who, Socket fd, bool server)
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/Cookie.hxx
similarity index 67%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/Cookie.hxx
index d97bc4c..1871858 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/Cookie.hxx
@@ -1,41 +1,48 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#if !defined(RESIP_COOKIE_HXX)
+#define RESIP_COOKIE_HXX
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+
+#include "rutil/Data.hxx"
+
+#include <vector>
namespace resip
{
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+class Cookie
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
+ Cookie();
+ Cookie(const Data& name, const Data& value);
+
+ Cookie& operator=(const Cookie&);
+ bool operator==(const Cookie& other) const;
+ bool operator<(const Cookie& rhs) const;
+ friend EncodeStream& operator<<(EncodeStream& strm, const Cookie& c);
+
+ const Data& name() const;
+ Data& name();
+
+ const Data& value() const;
+ Data& value();
+
+ private:
+ Data mName;
+ Data mValue;
};
-}
+typedef std::vector<Cookie> CookieList;
+}
#endif
+
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +74,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/HeaderHash.cxx b/resip/stack/HeaderHash.cxx
index 24bbeb3..4f26f04 100644
--- a/resip/stack/HeaderHash.cxx
+++ b/resip/stack/HeaderHash.cxx
@@ -39,7 +39,7 @@ namespace resip
using namespace std;
#line 10 "HeaderHash.gperf"
struct headers { const char *name; Headers::Type type; };
-/* maximum key range = 478, duplicates = 0 */
+/* maximum key range = 548, duplicates = 0 */
#ifndef GPERF_DOWNCASE
#define GPERF_DOWNCASE 1
@@ -99,32 +99,32 @@ HeaderHash::hash (register const char *str, register unsigned int len)
{
static const unsigned short asso_values[] =
{
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 0, 479, 479, 479, 5,
- 0, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 0, 60, 15, 0, 30,
- 45, 20, 5, 25, 5, 75, 40, 50, 0, 5,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 0, 549, 549, 549, 5,
+ 0, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 0, 60, 15, 0, 30,
+ 45, 20, 5, 25, 10, 110, 40, 50, 0, 5,
0, 0, 10, 35, 0, 5, 70, 0, 55, 20,
- 0, 479, 479, 479, 479, 479, 479, 0, 60, 15,
- 0, 30, 45, 20, 5, 25, 5, 75, 40, 50,
+ 0, 549, 549, 549, 549, 549, 549, 0, 60, 15,
+ 0, 30, 45, 20, 5, 25, 10, 110, 40, 50,
0, 5, 0, 0, 10, 35, 0, 5, 70, 0,
- 55, 20, 0, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479, 479, 479, 479, 479,
- 479, 479, 479, 479, 479, 479
+ 55, 20, 0, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549, 549, 549, 549, 549,
+ 549, 549, 549, 549, 549, 549
};
register int hval = len;
@@ -214,11 +214,11 @@ HeaderHash::in_word_set (register const char *str, register unsigned int len)
{
enum
{
- TOTAL_KEYWORDS = 107,
+ TOTAL_KEYWORDS = 108,
MIN_WORD_LENGTH = 1,
MAX_WORD_LENGTH = 25,
MIN_HASH_VALUE = 1,
- MAX_HASH_VALUE = 478
+ MAX_HASH_VALUE = 548
};
static const struct headers wordlist[] =
@@ -229,7 +229,7 @@ HeaderHash::in_word_set (register const char *str, register unsigned int len)
{"o", Headers::Event},
#line 36 "HeaderHash.gperf"
{"to", Headers::To},
-#line 98 "HeaderHash.gperf"
+#line 99 "HeaderHash.gperf"
{"path", Headers::Path},
#line 22 "HeaderHash.gperf"
{"r", Headers::ReferTo},
@@ -245,15 +245,15 @@ HeaderHash::in_word_set (register const char *str, register unsigned int len)
{"date", Headers::Date},
#line 18 "HeaderHash.gperf"
{"s", Headers::Subject},
-#line 92 "HeaderHash.gperf"
- {"join", Headers::Join},
#line 15 "HeaderHash.gperf"
{"l", Headers::ContentLength},
#line 29 "HeaderHash.gperf"
{"contact", Headers::Contact},
+#line 93 "HeaderHash.gperf"
+ {"join", Headers::Join},
#line 17 "HeaderHash.gperf"
{"f", Headers::From},
-#line 63 "HeaderHash.gperf"
+#line 64 "HeaderHash.gperf"
{"host", Headers::Host},
#line 13 "HeaderHash.gperf"
{"m", Headers::Contact},
@@ -263,171 +263,173 @@ HeaderHash::in_word_set (register const char *str, register unsigned int len)
{"x", Headers::SessionExpires},
#line 23 "HeaderHash.gperf"
{"b", Headers::ReferredBy},
-#line 82 "HeaderHash.gperf"
+#line 83 "HeaderHash.gperf"
{"warning", Headers::Warning},
-#line 89 "HeaderHash.gperf"
+#line 90 "HeaderHash.gperf"
{"hide", Headers::UNKNOWN},
#line 38 "HeaderHash.gperf"
{"accept", Headers::Accept},
#line 21 "HeaderHash.gperf"
{"v", Headers::Via},
-#line 19 "HeaderHash.gperf"
- {"k", Headers::Supported},
-#line 109 "HeaderHash.gperf"
+#line 110 "HeaderHash.gperf"
{"rseq", Headers::RSeq},
#line 27 "HeaderHash.gperf"
{"cseq", Headers::CSeq},
#line 47 "HeaderHash.gperf"
{"content-id", Headers::ContentId},
-#line 102 "HeaderHash.gperf"
+#line 103 "HeaderHash.gperf"
{"reason", Headers::Reason},
#line 43 "HeaderHash.gperf"
{"allow", Headers::Allow},
-#line 62 "HeaderHash.gperf"
+#line 63 "HeaderHash.gperf"
{"origin", Headers::Origin},
-#line 85 "HeaderHash.gperf"
+#line 86 "HeaderHash.gperf"
{"authorization", Headers::Authorization},
-#line 76 "HeaderHash.gperf"
+#line 77 "HeaderHash.gperf"
{"supported", Headers::Supported},
#line 37 "HeaderHash.gperf"
{"via", Headers::Via},
-#line 80 "HeaderHash.gperf"
+#line 81 "HeaderHash.gperf"
{"unsupported", Headers::Unsupported},
#line 57 "HeaderHash.gperf"
{"organization", Headers::Organization},
-#line 64 "HeaderHash.gperf"
+#line 65 "HeaderHash.gperf"
{"priority", Headers::Priority},
-#line 101 "HeaderHash.gperf"
- {"rack", Headers::RAck},
-#line 90 "HeaderHash.gperf"
+#line 91 "HeaderHash.gperf"
{"identity", Headers::Identity},
#line 39 "HeaderHash.gperf"
{"accept-contact", Headers::AcceptContact},
+#line 19 "HeaderHash.gperf"
+ {"k", Headers::Supported},
#line 50 "HeaderHash.gperf"
{"content-type", Headers::ContentType},
-#line 69 "HeaderHash.gperf"
+#line 70 "HeaderHash.gperf"
{"reply-to", Headers::ReplyTo},
#line 32 "HeaderHash.gperf"
{"from", Headers::From},
-#line 87 "HeaderHash.gperf"
+#line 88 "HeaderHash.gperf"
{"encryption", Headers::UNKNOWN},
-#line 70 "HeaderHash.gperf"
+#line 71 "HeaderHash.gperf"
{"require", Headers::Require},
-#line 74 "HeaderHash.gperf"
+#line 75 "HeaderHash.gperf"
{"sip-etag", Headers::SIPETag},
-#line 83 "HeaderHash.gperf"
+#line 84 "HeaderHash.gperf"
{"www-authenticate",Headers::WWWAuthenticate},
#line 28 "HeaderHash.gperf"
{"call-id", Headers::CallID},
-#line 68 "HeaderHash.gperf"
+#line 69 "HeaderHash.gperf"
{"record-route", Headers::RecordRoute},
-#line 88 "HeaderHash.gperf"
+#line 89 "HeaderHash.gperf"
{"event", Headers::Event},
-#line 103 "HeaderHash.gperf"
+#line 104 "HeaderHash.gperf"
{"refer-to",Headers::ReferTo},
-#line 106 "HeaderHash.gperf"
- {"reject-contact", Headers::RejectContact},
-#line 81 "HeaderHash.gperf"
+#line 102 "HeaderHash.gperf"
+ {"rack", Headers::RAck},
+#line 82 "HeaderHash.gperf"
{"user-agent", Headers::UserAgent},
#line 54 "HeaderHash.gperf"
{"in-reply-to", Headers::InReplyTo},
-#line 115 "HeaderHash.gperf"
+#line 107 "HeaderHash.gperf"
+ {"reject-contact", Headers::RejectContact},
+#line 116 "HeaderHash.gperf"
{"min-se", Headers::MinSE},
-#line 100 "HeaderHash.gperf"
+#line 101 "HeaderHash.gperf"
{"privacy", Headers::Privacy},
#line 53 "HeaderHash.gperf"
{"error-info", Headers::ErrorInfo},
-#line 35 "HeaderHash.gperf"
- {"subject", Headers::Subject},
#line 30 "HeaderHash.gperf"
{"content-length", Headers::ContentLength},
#line 48 "HeaderHash.gperf"
{"content-encoding", Headers::ContentEncoding},
-#line 99 "HeaderHash.gperf"
+#line 35 "HeaderHash.gperf"
+ {"subject", Headers::Subject},
+#line 100 "HeaderHash.gperf"
{"target-dialog", Headers::TargetDialog},
#line 42 "HeaderHash.gperf"
{"alert-info",Headers::AlertInfo},
-#line 71 "HeaderHash.gperf"
+#line 72 "HeaderHash.gperf"
{"retry-after", Headers::RetryAfter},
-#line 105 "HeaderHash.gperf"
+#line 106 "HeaderHash.gperf"
{"replaces",Headers::Replaces},
#line 40 "HeaderHash.gperf"
{"accept-encoding", Headers::AcceptEncoding},
-#line 78 "HeaderHash.gperf"
+#line 79 "HeaderHash.gperf"
{"answer-mode", Headers::AnswerMode},
#line 45 "HeaderHash.gperf"
{"call-info", Headers::CallInfo},
#line 49 "HeaderHash.gperf"
{"content-language", Headers::ContentLanguage},
-#line 118 "HeaderHash.gperf"
+#line 119 "HeaderHash.gperf"
{"history-info", Headers::HistoryInfo},
-#line 91 "HeaderHash.gperf"
+#line 92 "HeaderHash.gperf"
{"identity-info", Headers::IdentityInfo},
-#line 66 "HeaderHash.gperf"
+#line 67 "HeaderHash.gperf"
{"proxy-authorization", Headers::ProxyAuthorization},
#line 41 "HeaderHash.gperf"
{"accept-language", Headers::AcceptLanguage},
-#line 73 "HeaderHash.gperf"
+#line 74 "HeaderHash.gperf"
{"server", Headers::Server},
#line 31 "HeaderHash.gperf"
{"expires", Headers::Expires},
-#line 117 "HeaderHash.gperf"
+#line 118 "HeaderHash.gperf"
{"remote-party-id", Headers::RemotePartyId},
-#line 95 "HeaderHash.gperf"
+#line 62 "HeaderHash.gperf"
+ {"cookie", Headers::Cookie},
+#line 96 "HeaderHash.gperf"
{"p-called-party-id", Headers::PCalledPartyId},
-#line 77 "HeaderHash.gperf"
+#line 78 "HeaderHash.gperf"
{"timestamp", Headers::Timestamp},
-#line 94 "HeaderHash.gperf"
+#line 95 "HeaderHash.gperf"
{"p-associated-uri", Headers::PAssociatedUri},
#line 44 "HeaderHash.gperf"
{"authentication-info", Headers::AuthenticationInfo},
-#line 96 "HeaderHash.gperf"
+#line 97 "HeaderHash.gperf"
{"p-media-authorization", Headers::PMediaAuthorization},
-#line 75 "HeaderHash.gperf"
+#line 76 "HeaderHash.gperf"
{"sip-if-match", Headers::SIPIfMatch},
-#line 67 "HeaderHash.gperf"
+#line 68 "HeaderHash.gperf"
{"proxy-require", Headers::ProxyRequire},
-#line 72 "HeaderHash.gperf"
+#line 73 "HeaderHash.gperf"
{"flow-timer", Headers::FlowTimer},
-#line 65 "HeaderHash.gperf"
+#line 66 "HeaderHash.gperf"
{"proxy-authenticate", Headers::ProxyAuthenticate},
#line 33 "HeaderHash.gperf"
{"max-forwards", Headers::MaxForwards},
#line 46 "HeaderHash.gperf"
{"content-disposition", Headers::ContentDisposition},
-#line 116 "HeaderHash.gperf"
+#line 117 "HeaderHash.gperf"
{"refer-sub", Headers::ReferSub},
-#line 104 "HeaderHash.gperf"
+#line 105 "HeaderHash.gperf"
{"referred-by",Headers::ReferredBy},
-#line 93 "HeaderHash.gperf"
+#line 94 "HeaderHash.gperf"
{"p-asserted-identity", Headers::PAssertedIdentity},
-#line 86 "HeaderHash.gperf"
+#line 87 "HeaderHash.gperf"
{"allow-events", Headers::AllowEvents},
-#line 110 "HeaderHash.gperf"
+#line 111 "HeaderHash.gperf"
{"security-client", Headers::SecurityClient},
#line 55 "HeaderHash.gperf"
{"min-expires", Headers::MinExpires},
-#line 113 "HeaderHash.gperf"
+#line 114 "HeaderHash.gperf"
{"service-route", Headers::ServiceRoute},
-#line 79 "HeaderHash.gperf"
+#line 80 "HeaderHash.gperf"
{"priv-answer-mode", Headers::PrivAnswerMode},
#line 108 "HeaderHash.gperf"
- {"response-key", Headers::UNKNOWN},
-#line 107 "HeaderHash.gperf"
{"request-disposition", Headers::RequestDisposition},
-#line 97 "HeaderHash.gperf"
+#line 98 "HeaderHash.gperf"
{"p-preferred-identity", Headers::PPreferredIdentity},
-#line 84 "HeaderHash.gperf"
+#line 85 "HeaderHash.gperf"
{"subscription-state",Headers::SubscriptionState},
#line 51 "HeaderHash.gperf"
{"content-transfer-encoding", Headers::ContentTransferEncoding},
-#line 111 "HeaderHash.gperf"
+#line 109 "HeaderHash.gperf"
+ {"response-key", Headers::UNKNOWN},
+#line 112 "HeaderHash.gperf"
{"security-server", Headers::SecurityServer},
#line 56 "HeaderHash.gperf"
{"mime-version", Headers::MIMEVersion},
-#line 112 "HeaderHash.gperf"
+#line 113 "HeaderHash.gperf"
{"security-verify", Headers::SecurityVerify},
-#line 114 "HeaderHash.gperf"
+#line 115 "HeaderHash.gperf"
{"session-expires", Headers::SessionExpires},
#line 61 "HeaderHash.gperf"
{"sec-websocket-accept", Headers::SecWebSocketAccept},
@@ -444,51 +446,58 @@ HeaderHash::in_word_set (register const char *str, register unsigned int len)
-1, 0, -1, -1, -1, -1, 1, 2, -1, 3,
-1, 4, -1, -1, -1, -1, 5, -1, -1, -1,
-1, 6, -1, -1, -1, -1, 7, -1, -1, -1,
- -1, 8, -1, -1, 9, -1, 10, -1, -1, 11,
- -1, 12, 13, -1, -1, -1, 14, -1, -1, 15,
+ -1, 8, -1, -1, 9, -1, 10, -1, -1, -1,
+ -1, 11, 12, -1, 13, -1, 14, -1, -1, 15,
-1, 16, -1, -1, -1, 17, 18, -1, -1, -1,
-1, 19, 20, -1, 21, -1, 22, -1, -1, -1,
- -1, 23, -1, -1, -1, -1, 24, -1, -1, 25,
- -1, -1, -1, -1, 26, 27, 28, -1, -1, -1,
- 29, 30, -1, 31, 32, -1, -1, -1, 33, -1,
- -1, 34, 35, 36, 37, -1, -1, -1, 38, 39,
- -1, -1, 40, 41, 42, 43, -1, 44, 45, -1,
- -1, -1, -1, -1, -1, -1, 46, 47, -1, -1,
- -1, -1, 48, -1, -1, 49, -1, -1, 50, 51,
- 52, 53, -1, -1, -1, -1, 54, 55, -1, -1,
- 56, -1, -1, -1, -1, -1, -1, 57, -1, 58,
- -1, 59, -1, 60, -1, 61, 62, -1, 63, -1,
+ -1, 23, -1, -1, -1, -1, -1, -1, -1, 24,
+ -1, -1, -1, -1, 25, 26, 27, -1, -1, -1,
+ 28, 29, -1, 30, 31, -1, -1, -1, 32, -1,
+ -1, 33, 34, 35, -1, -1, -1, -1, 36, 37,
+ -1, 38, 39, 40, 41, 42, -1, 43, 44, -1,
+ -1, -1, -1, -1, -1, -1, 45, 46, -1, -1,
+ -1, -1, 47, -1, -1, 48, -1, -1, 49, 50,
+ 51, 52, -1, -1, 53, -1, 54, 55, -1, -1,
+ 56, -1, -1, -1, -1, -1, -1, -1, -1, 57,
+ -1, 58, 59, 60, -1, 61, 62, -1, 63, -1,
64, 65, -1, -1, -1, -1, -1, -1, -1, 66,
-1, 67, -1, -1, -1, -1, -1, 68, 69, 70,
- 71, 72, 73, -1, -1, 74, -1, 75, -1, 76,
- -1, 77, -1, -1, 78, -1, 79, -1, -1, -1,
- -1, -1, 80, 81, -1, 82, -1, -1, 83, -1,
- -1, -1, 84, -1, 85, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, 86, -1, -1, -1, -1, -1,
+ 71, 72, 73, -1, -1, 74, 75, 76, -1, 77,
+ -1, 78, -1, -1, 79, -1, 80, -1, -1, -1,
+ -1, -1, 81, 82, -1, 83, -1, -1, 84, -1,
+ -1, -1, 85, -1, 86, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, 87, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, 87, -1, -1, 88,
- -1, -1, 89, -1, -1, 90, -1, -1, -1, -1,
- -1, 91, -1, -1, -1, -1, -1, -1, 92, -1,
- -1, 93, 94, -1, 95, 96, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, 88, -1, -1, 89,
+ -1, -1, 90, -1, -1, 91, -1, -1, -1, -1,
+ -1, 92, -1, -1, -1, -1, -1, -1, 93, -1,
+ -1, 94, -1, -1, 95, 96, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, 97, -1,
98, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, 99, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- 99, -1, 100, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, 101, -1, -1, -1, -1,
+ 100, -1, 101, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, 102, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, 103, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- 103, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, 104, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, 104, 105, -1, -1, -1, -1, 106
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, 105, 106, -1, -1, -1, -1, 107
};
if (len <= MAX_WORD_LENGTH && len >= MIN_WORD_LENGTH)
@@ -510,6 +519,6 @@ HeaderHash::in_word_set (register const char *str, register unsigned int len)
}
return 0;
}
-#line 119 "HeaderHash.gperf"
+#line 120 "HeaderHash.gperf"
}
diff --git a/resip/stack/HeaderHash.gperf b/resip/stack/HeaderHash.gperf
index 0b4987c..b27caf1 100644
--- a/resip/stack/HeaderHash.gperf
+++ b/resip/stack/HeaderHash.gperf
@@ -59,6 +59,7 @@ sec-websocket-key, Headers::SecWebSocketKey
sec-websocket-key1, Headers::SecWebSocketKey1
sec-websocket-key2, Headers::SecWebSocketKey2
sec-websocket-accept, Headers::SecWebSocketAccept
+cookie, Headers::Cookie
origin, Headers::Origin
host, Headers::Host
priority, Headers::Priority
diff --git a/resip/stack/HeaderTypes.hxx b/resip/stack/HeaderTypes.hxx
index c2fb26f..1eb07a8 100644
--- a/resip/stack/HeaderTypes.hxx
+++ b/resip/stack/HeaderTypes.hxx
@@ -88,6 +88,7 @@ class Headers
defineHeader(Origin, "Origin", StringCategory, "draft-hixie- thewebsocketprotocol-76"),
defineHeader(Host, "Host", StringCategory, "draft-hixie- thewebsocketprotocol-76"),
defineHeader(SecWebSocketAccept, "Sec-WebSocket-Accept", StringCategory, "RFC 6455"),
+ defineMultiHeader(Cookie, "Cookie", StringCategory, "RFC 6265"),
defineHeader(Priority, "Priority", Token, "RFC 3261"),
defineMultiHeader(ProxyAuthorization, "Proxy-Authorization", Auth, "RFC 3261"),
defineHeader(ReplyTo, "Reply-To", NameAddr, "RFC 3261"),
diff --git a/resip/stack/Headers.cxx b/resip/stack/Headers.cxx
index cecee50..870402f 100644
--- a/resip/stack/Headers.cxx
+++ b/resip/stack/Headers.cxx
@@ -234,6 +234,7 @@ defineHeader(SecWebSocketKey2, "Sec-WebSocket-Key2", StringCategory, "draft-hixi
defineHeader(Origin, "Origin", StringCategory, "draft-hixie- thewebsocketprotocol-76");
defineHeader(Host, "Host", StringCategory, "draft-hixie- thewebsocketprotocol-76");
defineHeader(SecWebSocketAccept, "Sec-WebSocket-Accept", StringCategory, "RFC 6455");
+defineMultiHeader(Cookie, "Cookie", StringCategory, "RFC 6265");
defineHeader(Server, "Server", StringCategory, "RFC 3261");
defineHeader(Subject, "Subject", StringCategory, "RFC 3261");
defineHeader(UserAgent, "User-Agent", StringCategory, "RFC 3261");
diff --git a/resip/stack/Headers.hxx b/resip/stack/Headers.hxx
index d860d9b..bfd6343 100644
--- a/resip/stack/Headers.hxx
+++ b/resip/stack/Headers.hxx
@@ -217,6 +217,7 @@ defineHeader(SecWebSocketKey2, "Sec-WebSocket-Key2", StringCategory, "draft-hixi
defineHeader(Origin, "Origin", StringCategory, "draft-hixie- thewebsocketprotocol-76");
defineHeader(Host, "Host", StringCategory, "draft-hixie- thewebsocketprotocol-76");
defineHeader(SecWebSocketAccept, "Sec-WebSocket-Accept", StringCategory, "RFC 6455");
+defineMultiHeader(Cookie, "Cookie", StringCategory, "RFC 6265");
defineHeader(Server, "Server", StringCategory, "RFC 3261");
defineHeader(Subject, "Subject", StringCategory, "RFC 3261");
defineHeader(UserAgent, "User-Agent", StringCategory, "RFC 3261");
diff --git a/resip/stack/Makefile.am b/resip/stack/Makefile.am
index e52db76..57c92de 100644
--- a/resip/stack/Makefile.am
+++ b/resip/stack/Makefile.am
@@ -41,6 +41,7 @@ libresip_la_SOURCES = \
Auth.cxx \
CSeqCategory.cxx \
CallId.cxx \
+ Cookie.cxx \
DateCategory.cxx \
ExpiresCategory.cxx \
GenericUri.cxx \
@@ -158,8 +159,12 @@ libresip_la_SOURCES = \
KeepAliveMessage.cxx \
StatelessHandler.cxx \
InvalidContents.cxx \
+ WsBaseTransport.cxx \
WsFrameExtractor.cxx \
WsTransport.cxx \
+ WsConnection.cxx \
+ WsConnectionBase.cxx \
+ WsCookieContext.cxx \
WsDecorator.cxx
if USE_SSL
@@ -169,7 +174,8 @@ libresip_la_SOURCES += \
ssl/TlsBaseTransport.cxx \
ssl/TlsConnection.cxx \
ssl/TlsTransport.cxx \
- ssl/WssTransport.cxx
+ ssl/WssTransport.cxx \
+ ssl/WssConnection.cxx
endif
SUFFIXES = .gperf .cxx
@@ -198,6 +204,7 @@ nobase_resipinclude_HEADERS = AbandonServerTransaction.hxx \
BasicNonceHelper.hxx \
BranchParameter.hxx \
CallId.hxx \
+ Cookie.hxx \
CancelableTimerQueue.hxx \
CancelClientInviteTransaction.hxx \
Compression.hxx \
@@ -298,6 +305,7 @@ nobase_resipinclude_HEADERS = AbandonServerTransaction.hxx \
ssl/TlsTransport.hxx \
ssl/WinSecurity.hxx \
ssl/WssTransport.hxx \
+ ssl/WssConnection.hxx \
StackThread.hxx \
StartLine.hxx \
StatelessHandler.hxx \
@@ -342,9 +350,14 @@ nobase_resipinclude_HEADERS = AbandonServerTransaction.hxx \
ValueFifo.hxx \
Via.hxx \
WarningCategory.hxx \
- WsDecorator.hxx \
+ WsBaseTransport.hxx \
+ WsDecorator.hxx \
WsFrameExtractor.hxx \
- WsTransport.hxx \
+ WsTransport.hxx \
+ WsConnection.hxx \
+ WsConnectionBase.hxx \
+ WsConnectionValidator.hxx \
+ WsCookieContext.hxx \
X509Contents.hxx \
ZeroOutStatistics.hxx
diff --git a/resip/stack/Makefile.in b/resip/stack/Makefile.in
index c3947b2..bf005c1 100644
--- a/resip/stack/Makefile.in
+++ b/resip/stack/Makefile.in
@@ -60,7 +60,8 @@ host_triplet = @host@
@USE_SSL_TRUE@ ssl/TlsBaseTransport.cxx \
@USE_SSL_TRUE@ ssl/TlsConnection.cxx \
@USE_SSL_TRUE@ ssl/TlsTransport.cxx \
- at USE_SSL_TRUE@ ssl/WssTransport.cxx
+ at USE_SSL_TRUE@ ssl/WssTransport.cxx \
+ at USE_SSL_TRUE@ ssl/WssConnection.cxx
subdir = resip/stack
DIST_COMMON = README $(nobase_resipinclude_HEADERS) \
@@ -108,7 +109,7 @@ am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(resipincludedir)"
LTLIBRARIES = $(lib_LTLIBRARIES)
libresip_la_DEPENDENCIES = ../../rutil/librutil.la
am__libresip_la_SOURCES_DIST = Auth.cxx CSeqCategory.cxx CallId.cxx \
- DateCategory.cxx ExpiresCategory.cxx GenericUri.cxx \
+ Cookie.cxx DateCategory.cxx ExpiresCategory.cxx GenericUri.cxx \
IntegerCategory.cxx InteropHelper.cxx UInt32Category.cxx \
Mime.cxx NameAddr.cxx ParserCategories.cxx RequestLine.cxx \
StatusLine.cxx StringCategory.cxx Token.cxx Via.cxx \
@@ -147,15 +148,17 @@ am__libresip_la_SOURCES_DIST = Auth.cxx CSeqCategory.cxx CallId.cxx \
TransportThread.cxx TransportFailure.cxx TransportSelector.cxx \
TuIM.cxx TuSelector.cxx UdpTransport.cxx UnknownParameter.cxx \
Uri.cxx X509Contents.cxx KeepAliveMessage.cxx \
- StatelessHandler.cxx InvalidContents.cxx WsFrameExtractor.cxx \
- WsTransport.cxx WsDecorator.cxx ssl/DtlsTransport.cxx \
- ssl/Security.cxx ssl/TlsBaseTransport.cxx \
- ssl/TlsConnection.cxx ssl/TlsTransport.cxx \
- ssl/WssTransport.cxx
+ StatelessHandler.cxx InvalidContents.cxx WsBaseTransport.cxx \
+ WsFrameExtractor.cxx WsTransport.cxx WsConnection.cxx \
+ WsConnectionBase.cxx WsCookieContext.cxx WsDecorator.cxx \
+ ssl/DtlsTransport.cxx ssl/Security.cxx \
+ ssl/TlsBaseTransport.cxx ssl/TlsConnection.cxx \
+ ssl/TlsTransport.cxx ssl/WssTransport.cxx \
+ ssl/WssConnection.cxx
@USE_SSL_TRUE at am__objects_1 = DtlsTransport.lo Security.lo \
@USE_SSL_TRUE@ TlsBaseTransport.lo TlsConnection.lo \
- at USE_SSL_TRUE@ TlsTransport.lo WssTransport.lo
-am_libresip_la_OBJECTS = Auth.lo CSeqCategory.lo CallId.lo \
+ at USE_SSL_TRUE@ TlsTransport.lo WssTransport.lo WssConnection.lo
+am_libresip_la_OBJECTS = Auth.lo CSeqCategory.lo CallId.lo Cookie.lo \
DateCategory.lo ExpiresCategory.lo GenericUri.lo \
IntegerCategory.lo InteropHelper.lo UInt32Category.lo Mime.lo \
NameAddr.lo ParserCategories.lo RequestLine.lo StatusLine.lo \
@@ -192,8 +195,9 @@ am_libresip_la_OBJECTS = Auth.lo CSeqCategory.lo CallId.lo \
TransportFailure.lo TransportSelector.lo TuIM.lo TuSelector.lo \
UdpTransport.lo UnknownParameter.lo Uri.lo X509Contents.lo \
KeepAliveMessage.lo StatelessHandler.lo InvalidContents.lo \
- WsFrameExtractor.lo WsTransport.lo WsDecorator.lo \
- $(am__objects_1)
+ WsBaseTransport.lo WsFrameExtractor.lo WsTransport.lo \
+ WsConnection.lo WsConnectionBase.lo WsCookieContext.lo \
+ WsDecorator.lo $(am__objects_1)
libresip_la_OBJECTS = $(am_libresip_la_OBJECTS)
libresip_la_LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CXXLD) $(AM_CXXFLAGS) \
@@ -411,7 +415,7 @@ lib_LTLIBRARIES = libresip.la
libresip_la_LIBADD = ../../rutil/librutil.la @LIBSSL_LIBADD@ \
@LIBSTL_LIBADD@ $(am__empty)
libresip_la_LDFLAGS = @LIBTOOL_VERSION_RELEASE@ -export-dynamic
-libresip_la_SOURCES = Auth.cxx CSeqCategory.cxx CallId.cxx \
+libresip_la_SOURCES = Auth.cxx CSeqCategory.cxx CallId.cxx Cookie.cxx \
DateCategory.cxx ExpiresCategory.cxx GenericUri.cxx \
IntegerCategory.cxx InteropHelper.cxx UInt32Category.cxx \
Mime.cxx NameAddr.cxx ParserCategories.cxx RequestLine.cxx \
@@ -451,8 +455,10 @@ libresip_la_SOURCES = Auth.cxx CSeqCategory.cxx CallId.cxx \
TransportThread.cxx TransportFailure.cxx TransportSelector.cxx \
TuIM.cxx TuSelector.cxx UdpTransport.cxx UnknownParameter.cxx \
Uri.cxx X509Contents.cxx KeepAliveMessage.cxx \
- StatelessHandler.cxx InvalidContents.cxx WsFrameExtractor.cxx \
- WsTransport.cxx WsDecorator.cxx $(am__append_1)
+ StatelessHandler.cxx InvalidContents.cxx WsBaseTransport.cxx \
+ WsFrameExtractor.cxx WsTransport.cxx WsConnection.cxx \
+ WsConnectionBase.cxx WsCookieContext.cxx WsDecorator.cxx \
+ $(am__append_1)
SUFFIXES = .gperf .cxx
GPERFOPTS = -C -D -E -L C++ -t -k '*' --compare-strncmp
resipincludedir = $(includedir)/resip/stack
@@ -466,6 +472,7 @@ nobase_resipinclude_HEADERS = AbandonServerTransaction.hxx \
BasicNonceHelper.hxx \
BranchParameter.hxx \
CallId.hxx \
+ Cookie.hxx \
CancelableTimerQueue.hxx \
CancelClientInviteTransaction.hxx \
Compression.hxx \
@@ -566,6 +573,7 @@ nobase_resipinclude_HEADERS = AbandonServerTransaction.hxx \
ssl/TlsTransport.hxx \
ssl/WinSecurity.hxx \
ssl/WssTransport.hxx \
+ ssl/WssConnection.hxx \
StackThread.hxx \
StartLine.hxx \
StatelessHandler.hxx \
@@ -610,9 +618,14 @@ nobase_resipinclude_HEADERS = AbandonServerTransaction.hxx \
ValueFifo.hxx \
Via.hxx \
WarningCategory.hxx \
- WsDecorator.hxx \
+ WsBaseTransport.hxx \
+ WsDecorator.hxx \
WsFrameExtractor.hxx \
- WsTransport.hxx \
+ WsTransport.hxx \
+ WsConnection.hxx \
+ WsConnectionBase.hxx \
+ WsConnectionValidator.hxx \
+ WsCookieContext.hxx \
X509Contents.hxx \
ZeroOutStatistics.hxx
@@ -705,6 +718,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ConnectionManager.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/Contents.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ContentsFactoryBase.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/Cookie.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/CpimContents.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/DataParameter.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/DateCategory.Plo at am__quote@
@@ -814,9 +828,14 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/Uri.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/Via.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WarningCategory.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WsBaseTransport.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WsConnection.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WsConnectionBase.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WsCookieContext.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WsDecorator.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WsFrameExtractor.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WsTransport.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WssConnection.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/WssTransport.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/X509Contents.Plo at am__quote@
@@ -883,6 +902,13 @@ WssTransport.lo: ssl/WssTransport.cxx
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o WssTransport.lo `test -f 'ssl/WssTransport.cxx' || echo '$(srcdir)/'`ssl/WssTransport.cxx
+WssConnection.lo: ssl/WssConnection.cxx
+ at am__fastdepCXX_TRUE@ $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -MT WssConnection.lo -MD -MP -MF $(DEPDIR)/WssConnection.Tpo -c -o WssConnection.lo `test -f 'ssl/WssConnection.cxx' || echo '$(srcdir)/'`ssl/WssConnection.cxx
+ at am__fastdepCXX_TRUE@ $(am__mv) $(DEPDIR)/WssConnection.Tpo $(DEPDIR)/WssConnection.Plo
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ source='ssl/WssConnection.cxx' object='WssConnection.lo' libtool=yes @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@ $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS) -c -o WssConnection.lo `test -f 'ssl/WssConnection.cxx' || echo '$(srcdir)/'`ssl/WssConnection.cxx
+
mostlyclean-libtool:
-rm -f *.lo
diff --git a/resip/stack/SecurityTypes.hxx b/resip/stack/SecurityTypes.hxx
index d73ccf7..8e75f59 100644
--- a/resip/stack/SecurityTypes.hxx
+++ b/resip/stack/SecurityTypes.hxx
@@ -8,6 +8,7 @@ namespace SecurityTypes
{
typedef enum
{
+ NoSSL = 0,
SSLv23 = 1,
TLSv1 = 2
} SSLType;
diff --git a/resip/stack/SipMessage.cxx b/resip/stack/SipMessage.cxx
index 1726cef..17f4f5d 100644
--- a/resip/stack/SipMessage.cxx
+++ b/resip/stack/SipMessage.cxx
@@ -1513,6 +1513,7 @@ defineHeader(SecWebSocketKey2, "Sec-WebSocket-Key2", StringCategory, "draft-hixi
defineHeader(Origin, "Origin", StringCategory, "draft-hixie- thewebsocketprotocol-76");
defineHeader(Host, "Host", StringCategory, "draft-hixie- thewebsocketprotocol-76");
defineHeader(SecWebSocketAccept, "Sec-WebSocket-Accept", StringCategory, "RFC 6455");
+defineMultiHeader(Cookie, "Cookie", StringCategory, "RFC 6265");
defineHeader(Server, "Server", StringCategory, "RFC 3261");
defineHeader(Subject, "Subject", StringCategory, "RFC 3261");
defineHeader(UserAgent, "User-Agent", StringCategory, "RFC 3261");
diff --git a/resip/stack/SipMessage.hxx b/resip/stack/SipMessage.hxx
index 2f6ca53..e75e29a 100644
--- a/resip/stack/SipMessage.hxx
+++ b/resip/stack/SipMessage.hxx
@@ -17,6 +17,8 @@
#include "resip/stack/Tuple.hxx"
#include "resip/stack/Uri.hxx"
#include "resip/stack/MessageDecorator.hxx"
+#include "resip/stack/Cookie.hxx"
+#include "resip/stack/WsCookieContext.hxx"
#include "rutil/BaseException.hxx"
#include "rutil/Data.hxx"
#include "rutil/DinkyPool.hxx"
@@ -392,6 +394,7 @@ class SipMessage : public TransactionMessage
defineHeader(Origin, "Origin", StringCategory, "draft-hixie- thewebsocketprotocol-76");
defineHeader(Host, "Host", StringCategory, "draft-hixie- thewebsocketprotocol-76");
defineHeader(SecWebSocketAccept, "Sec-WebSocket-Accept", StringCategory, "RFC 6455");
+ defineMultiHeader(Cookie, "Cookie", StringCategory, "RFC 6265");
defineHeader(Server, "Server", StringCategory, "RFC 3261");
defineHeader(Subject, "Subject", StringCategory, "RFC 3261");
defineHeader(UserAgent, "User-Agent", StringCategory, "RFC 3261");
@@ -518,6 +521,12 @@ class SipMessage : public TransactionMessage
const std::list<Data>& getTlsPeerNames() const { return mTlsPeerNames; }
void setTlsPeerNames(const std::list<Data>& tlsPeerNames) { mTlsPeerNames = tlsPeerNames; }
+ const CookieList& getWsCookies() const { return mWsCookies; }
+ void setWsCookies(const CookieList& wsCookies) { mWsCookies = wsCookies; }
+
+ const WsCookieContext& getWsCookieContext() const { return mWsCookieContext; }
+ void setWsCookieContext(const WsCookieContext& wsCookieContext) { mWsCookieContext = wsCookieContext; }
+
Data getCanonicalIdentityString() const;
SipMessage& mergeUri(const Uri& source);
@@ -681,7 +690,13 @@ class SipMessage : public TransactionMessage
Data mTlsDomain;
// peers domain associate with this message (MTLS)
- std::list<Data> mTlsPeerNames;
+ std::list<Data> mTlsPeerNames;
+
+ // cookies associated with this message from the WebSocket Upgrade request
+ CookieList mWsCookies;
+
+ // parsed cookie authentication elements associated with this message from the WebSocket Upgrade request
+ WsCookieContext mWsCookieContext;
std::auto_ptr<SecurityAttributes> mSecurityAttributes;
diff --git a/resip/stack/SipStack.cxx b/resip/stack/SipStack.cxx
index ceb2fe4..bc59ea0 100644
--- a/resip/stack/SipStack.cxx
+++ b/resip/stack/SipStack.cxx
@@ -302,7 +302,8 @@ SipStack::addTransport( TransportType protocol,
SecurityTypes::SSLType sslType,
unsigned transportFlags,
SecurityTypes::TlsClientVerificationMode cvm,
- bool useEmailAsSIP)
+ bool useEmailAsSIP,
+ SharedPtr<WsConnectionValidator> wsConnectionValidator)
{
assert(!mShuttingDown);
@@ -386,7 +387,8 @@ SipStack::addTransport( TransportType protocol,
ipInterface,
mSocketFunc,
*mCompression,
- transportFlags);
+ transportFlags,
+ wsConnectionValidator);
#else
CritLog (<< "WebSockets not supported in this stack. You don't have openssl");
assert(0);
@@ -405,7 +407,8 @@ SipStack::addTransport( TransportType protocol,
*mCompression,
transportFlags,
cvm,
- useEmailAsSIP);
+ useEmailAsSIP,
+ wsConnectionValidator);
#else
CritLog (<< "WSS not supported in this stack. You don't have openssl");
assert(0);
diff --git a/resip/stack/SipStack.hxx b/resip/stack/SipStack.hxx
index 5dfe9a9..89b27e7 100644
--- a/resip/stack/SipStack.hxx
+++ b/resip/stack/SipStack.hxx
@@ -18,7 +18,9 @@
#include "resip/stack/SecurityTypes.hxx"
#include "resip/stack/StatisticsManager.hxx"
#include "resip/stack/TuSelector.hxx"
+#include "resip/stack/WsConnectionValidator.hxx"
#include "rutil/dns/DnsStub.hxx"
+#include "rutil/SharedPtr.hxx"
/**
Let external applications know that this version of the stack
@@ -313,7 +315,8 @@ class SipStack : public FdSetIOObserver
SecurityTypes::SSLType sslType = SecurityTypes::TLSv1,
unsigned transportFlags = 0,
SecurityTypes::TlsClientVerificationMode cvm = SecurityTypes::None,
- bool useEmailAsSIP = false);
+ bool useEmailAsSIP = false,
+ SharedPtr<WsConnectionValidator> = SharedPtr<WsConnectionValidator>());
/**
Used to plug-in custom transports. Adds the transport to the Transport
diff --git a/resip/stack/Symbols.cxx b/resip/stack/Symbols.cxx
index 571517e..05c3708 100644
--- a/resip/stack/Symbols.cxx
+++ b/resip/stack/Symbols.cxx
@@ -51,6 +51,8 @@ const char* Symbols::TCP = "TCP";
const char* Symbols::TLS = "TLS";
const char* Symbols::DTLS = "DTLS";
const char* Symbols::SCTP = "SCTP";
+const char* Symbols::WS = "WS";
+const char* Symbols::WSS = "WSS";
const char* Symbols::SRVUDP = "_udp.";
const char* Symbols::SRVTCP = "_tcp.";
const char* Symbols::SRVTLS = "_tls.";
diff --git a/resip/stack/Symbols.hxx b/resip/stack/Symbols.hxx
index ddceb78..26bcb55 100644
--- a/resip/stack/Symbols.hxx
+++ b/resip/stack/Symbols.hxx
@@ -52,6 +52,8 @@ class Symbols
static const char* TLS;
static const char* DTLS;
static const char* SCTP;
+ static const char* WS;
+ static const char* WSS;
static const char* SRVUDP;
static const char* SRVTCP;
static const char* SRVTLS;
diff --git a/resip/stack/TransportSelector.cxx b/resip/stack/TransportSelector.cxx
index dc5140b..c4e5740 100644
--- a/resip/stack/TransportSelector.cxx
+++ b/resip/stack/TransportSelector.cxx
@@ -480,6 +480,7 @@ TransportSelector::dnsResolve(DnsResult* result,
}
}
+// FIXME: maybe this should move to rutil/TransportType?
bool isDgramTransport (TransportType type)
{
static const bool unknown_transport = false;
@@ -493,6 +494,8 @@ bool isDgramTransport (TransportType type)
case TCP:
case TLS:
+ case WS:
+ case WSS:
return false;
default:
diff --git a/resip/stack/WsTransport.cxx b/resip/stack/WsBaseTransport.cxx
similarity index 68%
copy from resip/stack/WsTransport.cxx
copy to resip/stack/WsBaseTransport.cxx
index db3b142..ce7b9e6 100644
--- a/resip/stack/WsTransport.cxx
+++ b/resip/stack/WsBaseTransport.cxx
@@ -7,8 +7,8 @@
#include "rutil/Data.hxx"
#include "rutil/Socket.hxx"
#include "rutil/Logger.hxx"
-#include "resip/stack/WsTransport.hxx"
-#include "resip/stack/TcpConnection.hxx"
+#include "resip/stack/WsBaseTransport.hxx"
+#include "resip/stack/WsConnection.hxx"
#include "rutil/WinLeakCheck.hxx"
#define RESIPROCATE_SUBSYSTEM Subsystem::TRANSPORT
@@ -16,39 +16,18 @@
using namespace std;
using namespace resip;
-WsTransport::WsTransport(Fifo<TransactionMessage>& fifo, int portNum,
- IpVersion version, const Data& pinterface,
- AfterSocketCreationFuncPtr socketFunc,
- Compression &compression,
- unsigned transportFlags)
-: TcpBaseTransport(fifo, portNum, version, pinterface, socketFunc, compression, transportFlags)
-{
- mTuple.setType(WS);
-
- init();
-
- InfoLog (<< "Creating WS transport host=" << pinterface
- << " port=" << mTuple.getPort()
- << " ipv4=" << bool(version==V4) );
-
- mTxFifo.setDescription("WsTransport::mTxFifo");
-}
-
-WsTransport::~WsTransport()
+WsBaseTransport::WsBaseTransport(SharedPtr<WsConnectionValidator> connectionValidator)
+: mConnectionValidator(connectionValidator)
{
}
-Connection*
-WsTransport::createConnection(const Tuple& who, Socket fd, bool server)
+WsBaseTransport::~WsBaseTransport()
{
- assert(this);
- Connection* conn = new TcpConnection(this,who, fd, mCompression);
- return conn;
}
/* ====================================================================
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright 2013 Daniel Pocock. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/WsBaseTransport.hxx
similarity index 68%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/WsBaseTransport.hxx
index d97bc4c..aebeca4 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/WsBaseTransport.hxx
@@ -1,31 +1,21 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#if !defined(RESIP_WSBASETRANSPORT_HXX)
+#define RESIP_WSBASETRANSPORT_HXX
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#include "resip/stack/WsConnectionValidator.hxx"
+#include "rutil/SharedPtr.hxx"
namespace resip
{
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+class WsBaseTransport
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
+ RESIP_HeapCount(WsBaseTransport);
+ WsBaseTransport(SharedPtr<WsConnectionValidator> = SharedPtr<WsConnectionValidator>());
+ virtual ~WsBaseTransport();
protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
+ SharedPtr<WsConnectionValidator> mConnectionValidator;
};
}
@@ -35,7 +25,7 @@ class WsTransport : public TcpBaseTransport
/* ====================================================================
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright 2013 Daniel Pocock. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/WsConnection.cxx
similarity index 66%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/WsConnection.cxx
index d97bc4c..59c33eb 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/WsConnection.cxx
@@ -1,41 +1,27 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#include "rutil/Logger.hxx"
+#include "rutil/Socket.hxx"
+#include "resip/stack/TcpConnection.hxx"
+#include "resip/stack/WsConnection.hxx"
+#include "resip/stack/Tuple.hxx"
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+using namespace resip;
-namespace resip
-{
-
-class Connection;
-class Message;
-class Security;
+#define RESIPROCATE_SUBSYSTEM Subsystem::TRANSPORT
-class WsTransport : public TcpBaseTransport
+WsConnection::WsConnection(Transport* transport,
+ const Tuple& who, Socket fd,
+ Compression &compression,
+ SharedPtr<WsConnectionValidator> wsConnectionValidator)
+ : TcpConnection(transport,who, fd, compression), WsConnectionBase(wsConnectionValidator)
{
- public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
-
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
-};
-
+ DebugLog (<< "Creating WS connection " << who << " on " << fd);
}
-#endif
-
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +53,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/WsConnection.hxx
similarity index 67%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/WsConnection.hxx
index d97bc4c..355da04 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/WsConnection.hxx
@@ -1,41 +1,38 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#ifndef RESIP_WsConnection_hxx
+#define RESIP_WsConnection_hxx
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#if defined(HAVE_CONFIG_H)
+ #include "config.h"
+#endif
+
+#include "resip/stack/TcpConnection.hxx"
+#include "resip/stack/WsConnectionBase.hxx"
+#include "rutil/SharedPtr.hxx"
namespace resip
{
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+class WsConnection : public TcpConnection, public WsConnectionBase
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
+ WsConnection(Transport* transport,
+ const Tuple& who, Socket fd,
+ Compression &compression,
+ SharedPtr<WsConnectionValidator> wsConnectionValidator);
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
+ private:
+ /// No default c'tor
+ WsConnection();
};
}
-
-
#endif
+
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +64,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/WsConnectionBase.cxx
similarity index 66%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/WsConnectionBase.cxx
index d97bc4c..92e5e23 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/WsConnectionBase.cxx
@@ -1,41 +1,30 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#include "resip/stack/WsConnectionBase.hxx"
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+using namespace resip;
-namespace resip
+WsConnectionBase::WsConnectionBase()
+ : mWsConnectionValidator(SharedPtr<WsConnectionValidator>()) // null pointer
{
+}
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+WsConnectionBase::WsConnectionBase(SharedPtr<WsConnectionValidator> wsConnectionValidator)
+ : mWsConnectionValidator(wsConnectionValidator)
{
- public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
-
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
-};
-
}
+WsConnectionBase::~WsConnectionBase()
+{
+}
-#endif
+SharedPtr<WsConnectionValidator> WsConnectionBase::connectionValidator() const
+{
+ return mWsConnectionValidator;
+}
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +56,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/WsConnectionBase.hxx
similarity index 61%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/WsConnectionBase.hxx
index d97bc4c..8324226 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/WsConnectionBase.hxx
@@ -1,41 +1,44 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#ifndef RESIP_WsConnectionBase_hxx
+#define RESIP_WsConnectionBase_hxx
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#include <resip/stack/WsConnectionValidator.hxx>
+#include <resip/stack/Cookie.hxx>
+#include <resip/stack/WsCookieContext.hxx>
+#include "rutil/Data.hxx"
+#include "rutil/SharedPtr.hxx"
+
+#include <vector>
namespace resip
{
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+class WsConnectionBase
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
+ WsConnectionBase();
+ WsConnectionBase(SharedPtr<WsConnectionValidator> mWsConnectionValidator);
+ virtual ~WsConnectionBase();
+
+ void setCookies(CookieList& cookies) { mCookies = cookies; };
+ const CookieList& getCookies() const { return mCookies; };
+ const WsCookieContext& getWsCookieContext() const { return mWsCookieContext; }
+ void setWsCookieContext(const WsCookieContext& wsCookieContext) { mWsCookieContext = wsCookieContext; }
+ SharedPtr<WsConnectionValidator> connectionValidator() const;
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
+ private:
+ CookieList mCookies;
+ WsCookieContext mWsCookieContext;
+ SharedPtr<WsConnectionValidator> mWsConnectionValidator;
};
}
-
#endif
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +70,5 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/WsConnectionValidator.hxx
similarity index 67%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/WsConnectionValidator.hxx
index d97bc4c..204865c 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/WsConnectionValidator.hxx
@@ -1,41 +1,25 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#ifndef RESIP_WsConnectionValidator_hxx
+#define RESIP_WsConnectionValidator_hxx
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#include "WsCookieContext.hxx"
namespace resip
{
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+class WsConnectionValidator
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
-
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
+ virtual bool validateConnection(const WsCookieContext& wsCookieContext)=0;
};
}
-
#endif
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +51,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/WsCookieContext.cxx b/resip/stack/WsCookieContext.cxx
new file mode 100644
index 0000000..ce58370
--- /dev/null
+++ b/resip/stack/WsCookieContext.cxx
@@ -0,0 +1,115 @@
+#include "resip/stack/WsCookieContext.hxx"
+#include "rutil/Data.hxx"
+
+using namespace resip;
+
+WsCookieContext::WsCookieContext()
+{
+}
+
+WsCookieContext::WsCookieContext(const WsCookieContext& rhs)
+{
+ mWsSessionInfo = rhs.getWsSessionInfo();
+ mWsSessionExtra = rhs.getWsSessionExtra();
+ mWsSessionMAC = rhs.getWsSessionMAC();
+ mWsFromUri = rhs.getWsFromUri();
+ mWsDestUri = rhs.getWsDestUri();
+ mExpiresTime = rhs.getExpiresTime();
+}
+
+
+WsCookieContext& WsCookieContext::operator=(const WsCookieContext& rhs)
+{
+ if(this != &rhs)
+ {
+ mWsSessionInfo = rhs.getWsSessionInfo();
+ mWsSessionExtra = rhs.getWsSessionExtra();
+ mWsSessionMAC = rhs.getWsSessionMAC();
+ mWsFromUri = rhs.getWsFromUri();
+ mWsDestUri = rhs.getWsDestUri();
+ mExpiresTime = rhs.getExpiresTime();
+ }
+ return *this;
+}
+
+WsCookieContext:: WsCookieContext(const CookieList& cookieList)
+{
+ for (CookieList::const_iterator it = cookieList.begin(); it != cookieList.end(); ++it)
+ {
+ if ((*it).name() == "WSSessionInfo")
+ {
+ mWsSessionInfo = (*it).value();
+ }
+ else if ((*it).name() == "WSSessionExtra")
+ {
+ mWsSessionExtra = (*it).value();
+ }
+ else if ((*it).name() == "WSSessionMAC")
+ {
+ mWsSessionMAC = (*it).value();
+ }
+ }
+
+ ParseBuffer pb(mWsSessionInfo);
+ pb.skipToChar(':');
+ pb.skipChar(':');
+ mExpiresTime = (time_t) pb.uInt64();
+
+ const char* anchor;
+ Data uriString;
+
+ pb.skipToChar(':');
+ pb.skipChar(':');
+ anchor = pb.position();
+ pb.skipToChar(':');
+ pb.data(uriString, anchor);
+ mWsFromUri = Uri("sip:" + uriString);
+
+ pb.skipChar(':');
+ anchor = pb.position();
+ pb.skipToChar(':');
+ pb.data(uriString, anchor);
+ mWsDestUri = Uri("sip:" + uriString);
+}
+
+WsCookieContext::~WsCookieContext()
+{
+}
+
+
+/* ====================================================================
+ * BSD License
+ *
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. Neither the name of the author(s) nor the names of any contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * ====================================================================
+ *
+ */
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/WsCookieContext.hxx
similarity index 63%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/WsCookieContext.hxx
index d97bc4c..968173c 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/WsCookieContext.hxx
@@ -1,41 +1,47 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#ifndef RESIP_WsCookieContext_hxx
+#define RESIP_WsCookieContext_hxx
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#include "Cookie.hxx"
+#include "rutil/Data.hxx"
+#include "Uri.hxx"
namespace resip
{
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+class WsCookieContext
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
+ WsCookieContext();
+ WsCookieContext(const CookieList& cookieList);
+ WsCookieContext(const WsCookieContext& rhs);
+ ~WsCookieContext();
+
+ WsCookieContext& operator=(const WsCookieContext& rhs);
+
+ Data getWsSessionInfo() const { return mWsSessionInfo; };
+ Data getWsSessionExtra() const { return mWsSessionExtra; };
+ Data getWsSessionMAC() const { return mWsSessionMAC; };
+ Uri getWsFromUri() const { return mWsFromUri; };
+ Uri getWsDestUri() const { return mWsDestUri; };
+ time_t getExpiresTime() const { return mExpiresTime; };
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
+ private:
+ Data mWsSessionInfo;
+ Data mWsSessionExtra;
+ Data mWsSessionMAC;
+ Uri mWsFromUri;
+ Uri mWsDestUri;
+ time_t mExpiresTime;
};
}
-
#endif
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +73,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/WsTransport.cxx b/resip/stack/WsTransport.cxx
index db3b142..9a1cdcd 100644
--- a/resip/stack/WsTransport.cxx
+++ b/resip/stack/WsTransport.cxx
@@ -8,7 +8,7 @@
#include "rutil/Socket.hxx"
#include "rutil/Logger.hxx"
#include "resip/stack/WsTransport.hxx"
-#include "resip/stack/TcpConnection.hxx"
+#include "resip/stack/WsConnection.hxx"
#include "rutil/WinLeakCheck.hxx"
#define RESIPROCATE_SUBSYSTEM Subsystem::TRANSPORT
@@ -20,8 +20,10 @@ WsTransport::WsTransport(Fifo<TransactionMessage>& fifo, int portNum,
IpVersion version, const Data& pinterface,
AfterSocketCreationFuncPtr socketFunc,
Compression &compression,
- unsigned transportFlags)
-: TcpBaseTransport(fifo, portNum, version, pinterface, socketFunc, compression, transportFlags)
+ unsigned transportFlags,
+ SharedPtr<WsConnectionValidator> connectionValidator)
+: TcpBaseTransport(fifo, portNum, version, pinterface, socketFunc, compression, transportFlags),
+ WsBaseTransport(connectionValidator)
{
mTuple.setType(WS);
@@ -42,7 +44,7 @@ Connection*
WsTransport::createConnection(const Tuple& who, Socket fd, bool server)
{
assert(this);
- Connection* conn = new TcpConnection(this,who, fd, mCompression);
+ Connection* conn = new WsConnection(this,who, fd, mCompression, mConnectionValidator);
return conn;
}
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/WsTransport.hxx
index d97bc4c..b039076 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/WsTransport.hxx
@@ -1,8 +1,11 @@
#if !defined(RESIP_WSTRANSPORT_HXX)
#define RESIP_WSTRANSPORT_HXX
+#include "resip/stack/WsBaseTransport.hxx"
+#include "resip/stack/WsConnectionValidator.hxx"
#include "resip/stack/TcpBaseTransport.hxx"
#include "resip/stack/Compression.hxx"
+#include "rutil/SharedPtr.hxx"
namespace resip
{
@@ -11,7 +14,7 @@ class Connection;
class Message;
class Security;
-class WsTransport : public TcpBaseTransport
+class WsTransport : public TcpBaseTransport, public WsBaseTransport
{
public:
RESIP_HeapCount(WsTransport);
@@ -21,7 +24,8 @@ class WsTransport : public TcpBaseTransport
const Data& interfaceObj,
AfterSocketCreationFuncPtr socketFunc=0,
Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
+ unsigned transportFlags = 0,
+ SharedPtr<WsConnectionValidator> = SharedPtr<WsConnectionValidator>());
virtual ~WsTransport();
protected:
diff --git a/resip/stack/resiprocate_10_0.vcxproj b/resip/stack/resiprocate_10_0.vcxproj
index 31d1624..5fc9e14 100644
--- a/resip/stack/resiprocate_10_0.vcxproj
+++ b/resip/stack/resiprocate_10_0.vcxproj
@@ -340,6 +340,7 @@
<ClCompile Include="ConnectionManager.cxx" />
<ClCompile Include="Contents.cxx" />
<ClCompile Include="ContentsFactoryBase.cxx" />
+ <ClCompile Include="Cookie.cxx" />
<ClCompile Include="CpimContents.cxx" />
<ClCompile Include="CSeqCategory.cxx" />
<ClCompile Include="DataParameter.cxx" />
@@ -422,8 +423,18 @@
<ClCompile Include="SipFrag.cxx" />
<ClCompile Include="SipMessage.cxx" />
<ClCompile Include="SipStack.cxx" />
- <ClCompile Include="ssl\TlsBaseTransport.cxx" />
- <ClCompile Include="ssl\WssTransport.cxx" />
+ <ClCompile Include="ssl\TlsBaseTransport.cxx">
+ <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
+ <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
+ </ClCompile>
+ <ClCompile Include="ssl\WssConnection.cxx">
+ <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
+ <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
+ </ClCompile>
+ <ClCompile Include="ssl\WssTransport.cxx">
+ <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
+ <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
+ </ClCompile>
<ClCompile Include="StackThread.cxx" />
<ClCompile Include="StatelessHandler.cxx" />
<ClCompile Include="StatisticsHandler.cxx" />
@@ -477,6 +488,10 @@
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
</ClCompile>
+ <ClCompile Include="WsBaseTransport.cxx" />
+ <ClCompile Include="WsConnection.cxx" />
+ <ClCompile Include="WsConnectionBase.cxx" />
+ <ClCompile Include="WsCookieContext.cxx" />
<ClCompile Include="WsDecorator.cxx" />
<ClCompile Include="WsFrameExtractor.cxx" />
<ClCompile Include="WsTransport.cxx" />
@@ -502,6 +517,7 @@
<ClInclude Include="Contents.hxx" />
<ClInclude Include="ContentsFactory.hxx" />
<ClInclude Include="ContentsFactoryBase.hxx" />
+ <ClInclude Include="Cookie.hxx" />
<ClInclude Include="CpimContents.hxx" />
<ClInclude Include="CSeqCategory.hxx" />
<ClInclude Include="DataParameter.hxx" />
@@ -585,6 +601,7 @@
<ClInclude Include="SipMessage.hxx" />
<ClInclude Include="SipStack.hxx" />
<ClInclude Include="ssl\TlsBaseTransport.hxx" />
+ <ClInclude Include="ssl\WssConnection.hxx" />
<ClInclude Include="ssl\WssTransport.hxx" />
<ClInclude Include="StackThread.hxx" />
<ClInclude Include="StartLine.hxx" />
@@ -634,6 +651,11 @@
<ClInclude Include="Via.hxx" />
<ClInclude Include="WarningCategory.hxx" />
<ClInclude Include="ssl\WinSecurity.hxx" />
+ <ClInclude Include="WsBaseTransport.hxx" />
+ <ClInclude Include="WsConnection.hxx" />
+ <ClInclude Include="WsConnectionBase.hxx" />
+ <ClInclude Include="WsConnectionValidator.hxx" />
+ <ClInclude Include="WsCookieContext.hxx" />
<ClInclude Include="WsDecorator.hxx" />
<ClInclude Include="WsFrameExtractor.hxx" />
<ClInclude Include="WsTransport.hxx" />
diff --git a/resip/stack/resiprocate_10_0.vcxproj.filters b/resip/stack/resiprocate_10_0.vcxproj.filters
index bf11d66..3d8bfb1 100644
--- a/resip/stack/resiprocate_10_0.vcxproj.filters
+++ b/resip/stack/resiprocate_10_0.vcxproj.filters
@@ -401,6 +401,24 @@
<ClCompile Include="WsFrameExtractor.cxx">
<Filter>Source Files</Filter>
</ClCompile>
+ <ClCompile Include="WsConnection.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ <ClCompile Include="WsConnectionBase.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ <ClCompile Include="WsCookieContext.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ <ClCompile Include="ssl\WssConnection.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ <ClCompile Include="Cookie.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ <ClCompile Include="WsBaseTransport.cxx">
+ <Filter>Source Files</Filter>
+ </ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="Aor.hxx">
@@ -871,6 +889,27 @@
<ClInclude Include="WsFrameExtractor.hxx">
<Filter>Header Files</Filter>
</ClInclude>
+ <ClInclude Include="WsConnection.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ <ClInclude Include="WsConnectionBase.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ <ClInclude Include="WsConnectionValidator.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ <ClInclude Include="WsCookieContext.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ <ClInclude Include="ssl\WssConnection.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ <ClInclude Include="Cookie.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ <ClInclude Include="WsBaseTransport.hxx">
+ <Filter>Header Files</Filter>
+ </ClInclude>
</ItemGroup>
<ItemGroup>
<None Include="HeaderHash.gperf">
diff --git a/resip/stack/ssl/Security.cxx b/resip/stack/ssl/Security.cxx
index e69ef90..a23dac4 100644
--- a/resip/stack/ssl/Security.cxx
+++ b/resip/stack/ssl/Security.cxx
@@ -86,62 +86,6 @@ pemTypePrefixes( Security::PEMType pType )
}
static Data
-readIntoData(const Data& filename)
-{
- DebugLog( << "Trying to read file " << filename );
-
- ifstream is;
- is.open(filename.c_str(), ios::binary );
- if ( !is.is_open() )
- {
- ErrLog( << "Could not open file " << filename << " for read");
- throw BaseSecurity::Exception("Could not read file ",
- __FILE__,__LINE__);
- }
-
- assert(is.is_open());
-
- int length = 0;
-
- // get length of file:
-#if !defined(__MSL_CPP__) || (__MSL_CPP_ >= 0x00012000)
- is.seekg (0, ios::end);
- length = (int)is.tellg();
- is.seekg (0, ios::beg);
-#else
- // this is a work around for a bug in CodeWarrior 9's implementation of seekg.
- // http://groups.google.ca/group/comp.sys.mac.programmer.codewarrior/browse_frm/thread/a4279eb75f3bd55a
- FILE * tmpFile = fopen(filename.c_str(), "r+b");
- assert(tmpFile != NULL);
- fseek(tmpFile, 0, SEEK_END);
- length = ftell(tmpFile);
- fseek(tmpFile, 0, SEEK_SET);
-#endif // __MWERKS__
-
- // tellg/tell will return -1 if the stream is bad
- if (length == -1)
- {
- ErrLog( << "Could not seek into file " << filename);
- throw BaseSecurity::Exception("Could not seek into file ",
- __FILE__,__LINE__);
- }
-
- // !jf! +1 is a workaround for a bug in Data::c_str() that adds the 0 without
- // resizing.
- char* buffer = new char [length+1];
-
- // read data as a block:
- is.read (buffer,length);
-
- Data target(Data::Take, buffer, length);
-
- is.close();
-
- return target;
-}
-
-
-static Data
getAor(const Data& filename, const Security::PEMType &pemType )
{
const Data& prefix = pemTypePrefixes( pemType );
@@ -242,23 +186,23 @@ Security::preload()
{
if (name.prefix(pemTypePrefixes(UserCert)))
{
- addCertPEM( UserCert, getAor(name, UserCert), readIntoData(fileName), false );
+ addCertPEM( UserCert, getAor(name, UserCert), Data::fromFile(fileName), false );
}
else if (name.prefix(pemTypePrefixes(UserPrivateKey)))
{
- addPrivateKeyPEM( UserPrivateKey, getAor(name, UserPrivateKey), readIntoData(fileName), false);
+ addPrivateKeyPEM( UserPrivateKey, getAor(name, UserPrivateKey), Data::fromFile(fileName), false);
}
else if (name.prefix(pemTypePrefixes(DomainCert)))
{
- addCertPEM( DomainCert, getAor(name, DomainCert), readIntoData(fileName), false);
+ addCertPEM( DomainCert, getAor(name, DomainCert), Data::fromFile(fileName), false);
}
else if (name.prefix(pemTypePrefixes(DomainPrivateKey)))
{
- addPrivateKeyPEM( DomainPrivateKey, getAor(name, DomainPrivateKey), readIntoData(fileName), false);
+ addPrivateKeyPEM( DomainPrivateKey, getAor(name, DomainPrivateKey), Data::fromFile(fileName), false);
}
else if (name.prefix(pemTypePrefixes(RootCert)))
{
- addRootCertPEM(readIntoData(fileName));
+ addRootCertPEM(Data::fromFile(fileName));
}
else
{
@@ -303,7 +247,7 @@ Security::preload()
const Data _file = *it_f;
try
{
- addRootCertPEM(readIntoData(_file));
+ addRootCertPEM(Data::fromFile(_file));
InfoLog(<<"Successfully loaded " << _file);
}
catch (Exception& e)
@@ -376,7 +320,7 @@ Security::onReadPEM(const Data& name, PEMType type, Data& buffer) const
InfoLog (<< "Reading PEM file " << filename << " into " << name);
// .dlb. extra copy
- buffer = readIntoData(filename);
+ buffer = Data::fromFile(filename);
}
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/ssl/WssConnection.cxx
similarity index 65%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/ssl/WssConnection.cxx
index d97bc4c..06f2a42 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/ssl/WssConnection.cxx
@@ -1,41 +1,27 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
-
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
-
-namespace resip
-{
-
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+#include "rutil/Logger.hxx"
+#include "rutil/Socket.hxx"
+#include "resip/stack/ssl/TlsConnection.hxx"
+#include "resip/stack/ssl/WssConnection.hxx"
+#include "resip/stack/Tuple.hxx"
+
+using namespace resip;
+
+#define RESIPROCATE_SUBSYSTEM Subsystem::TRANSPORT
+
+WssConnection::WssConnection(Transport* transport, const Tuple& who, Socket fd,
+ Security* security, bool server, Data domain,
+ SecurityTypes::SSLType sslType , Compression &compression,
+ SharedPtr<WsConnectionValidator> wsConnectionValidator)
+ : TlsConnection(transport, who, fd, security, server, domain, sslType, compression),
+ WsConnectionBase(wsConnectionValidator)
{
- public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
-
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
-};
-
+ DebugLog (<< "Creating WSS connection " << who << " on " << fd);
}
-
-#endif
-
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +53,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/WsTransport.hxx b/resip/stack/ssl/WssConnection.hxx
similarity index 67%
copy from resip/stack/WsTransport.hxx
copy to resip/stack/ssl/WssConnection.hxx
index d97bc4c..e06854c 100644
--- a/resip/stack/WsTransport.hxx
+++ b/resip/stack/ssl/WssConnection.hxx
@@ -1,41 +1,37 @@
-#if !defined(RESIP_WSTRANSPORT_HXX)
-#define RESIP_WSTRANSPORT_HXX
+#ifndef RESIP_WssConnection_hxx
+#define RESIP_WssConnection_hxx
-#include "resip/stack/TcpBaseTransport.hxx"
-#include "resip/stack/Compression.hxx"
+#if defined(HAVE_CONFIG_H)
+ #include "config.h"
+#endif
+
+#include "resip/stack/ssl/TlsConnection.hxx"
+#include "resip/stack/WsConnectionBase.hxx"
+#include "rutil/SharedPtr.hxx"
namespace resip
{
-class Connection;
-class Message;
-class Security;
-
-class WsTransport : public TcpBaseTransport
+class WssConnection : public TlsConnection, public WsConnectionBase
{
public:
- RESIP_HeapCount(WsTransport);
- WsTransport(Fifo<TransactionMessage>& fifo,
- int portNum,
- IpVersion version,
- const Data& interfaceObj,
- AfterSocketCreationFuncPtr socketFunc=0,
- Compression &compression = Compression::Disabled,
- unsigned transportFlags = 0);
- virtual ~WsTransport();
+ WssConnection( Transport* transport, const Tuple& who, Socket fd,
+ Security* security, bool server, Data domain,
+ SecurityTypes::SSLType sslType, Compression &compression,
+ SharedPtr<WsConnectionValidator> wsConnectionValidator);
- protected:
- Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
+ private:
+ /// No default c'tor
+ WssConnection();
};
}
-
-
#endif
/* ====================================================================
+ * BSD License
*
- * Copyright 2012 Doubango Telecom. All rights reserved.
+ * Copyright (c) 2013 Catalin Constantin Usurelu All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -67,6 +63,4 @@ class WsTransport : public TcpBaseTransport
*
* ====================================================================
*
- *
*/
-
diff --git a/resip/stack/ssl/WssTransport.cxx b/resip/stack/ssl/WssTransport.cxx
index 4dd4ba3..415a0ed 100644
--- a/resip/stack/ssl/WssTransport.cxx
+++ b/resip/stack/ssl/WssTransport.cxx
@@ -11,7 +11,7 @@
#include "rutil/Socket.hxx"
#include "rutil/Logger.hxx"
#include "resip/stack/ssl/WssTransport.hxx"
-#include "resip/stack/ssl/TlsConnection.hxx"
+#include "resip/stack/ssl/WssConnection.hxx"
#include "resip/stack/ssl/Security.hxx"
#include "rutil/WinLeakCheck.hxx"
@@ -31,8 +31,10 @@ WssTransport::WssTransport(Fifo<TransactionMessage>& fifo,
Compression &compression,
unsigned transportFlags,
SecurityTypes::TlsClientVerificationMode cvm,
- bool useEmailAsSIP):
- TlsBaseTransport(fifo, portNum, version, interfaceObj, security, sipDomain, sslType, WSS, socketFunc, compression, transportFlags, cvm, useEmailAsSIP)
+ bool useEmailAsSIP,
+ SharedPtr<WsConnectionValidator> connectionValidator):
+ TlsBaseTransport(fifo, portNum, version, interfaceObj, security, sipDomain, sslType, WSS, socketFunc, compression, transportFlags, cvm, useEmailAsSIP),
+ WsBaseTransport(connectionValidator)
{
InfoLog (<< "Creating WSS transport for domain "
<< sipDomain << " interface=" << interfaceObj
@@ -46,6 +48,17 @@ WssTransport::~WssTransport()
{
}
+Connection*
+WssTransport::createConnection(const Tuple& who, Socket fd, bool server)
+{
+ assert(this);
+ Connection* conn = new WssConnection(this,who, fd, mSecurity, server,
+ tlsDomain(), mSslType, mCompression,
+ mConnectionValidator);
+ return conn;
+}
+
+
#endif /* USE_SSL */
/* ====================================================================
diff --git a/resip/stack/ssl/WssTransport.hxx b/resip/stack/ssl/WssTransport.hxx
index 1ccfd58..75bab6d 100644
--- a/resip/stack/ssl/WssTransport.hxx
+++ b/resip/stack/ssl/WssTransport.hxx
@@ -5,11 +5,14 @@
#include "config.h"
#endif
+#include "resip/stack/WsBaseTransport.hxx"
+#include "resip/stack/WsConnectionValidator.hxx"
#include "resip/stack/ssl/TlsBaseTransport.hxx"
#include "resip/stack/TcpBaseTransport.hxx"
#include "resip/stack/SecurityTypes.hxx"
#include "rutil/HeapInstanceCounter.hxx"
#include "resip/stack/Compression.hxx"
+#include "rutil/SharedPtr.hxx"
#include <openssl/ssl.h>
@@ -20,7 +23,7 @@ class Connection;
class Message;
class Security;
-class WssTransport : public TlsBaseTransport
+class WssTransport : public TlsBaseTransport, public WsBaseTransport
{
public:
RESIP_HeapCount(WssTransport);
@@ -35,11 +38,15 @@ class WssTransport : public TlsBaseTransport
Compression &compression = Compression::Disabled,
unsigned transportFlags = 0,
SecurityTypes::TlsClientVerificationMode cvm = SecurityTypes::None,
- bool useEmailAsSIP = false);
+ bool useEmailAsSIP = false,
+ SharedPtr<WsConnectionValidator> = SharedPtr<WsConnectionValidator>());
virtual ~WssTransport();
bool isUseEmailAsSIP()
{ return mUseEmailAsSIP; };
+
+ protected:
+ Connection* createConnection(const Tuple& who, Socket fd, bool server=false);
};
}
diff --git a/resiprocate.spec b/resiprocate.spec
index b2bdf2f..ca77bff 100644
--- a/resiprocate.spec
+++ b/resiprocate.spec
@@ -1,5 +1,5 @@
Name: resiprocate
-Version: 1.9.0~beta1
+Version: 1.9.0~beta2
Release: 1%{?dist}
Summary: SIP and TURN stacks, with SIP proxy and TURN server implementations
License: VSL
@@ -117,7 +117,7 @@ such as the repro SIP proxy.
%build
export LDFLAGS="${LDFLAGS} -L%{_libdir}/mysql -L%{_libdir}/libdb4"
-CXXFLAGS="%{optflags} -I%{_includedir}/libdb4" %configure --with-c-ares --with-ssl --with-mysql --with-radius --with-apps --enable-ipv6
+CXXFLAGS="%{optflags} -I%{_includedir}/libdb4" %configure --with-c-ares --with-ssl --with-mysql --with-radius --with-repro --with-apps --enable-ipv6
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
make %{?_smp_mflags}
@@ -305,7 +305,7 @@ fi
%{_sbindir}/presSvr
%changelog
-* Sat Nov 24 2012 Daniel Pocock <daniel at pocock.com.au> - 1.9.0~beta1-1
+* Sat Nov 24 2012 Daniel Pocock <daniel at pocock.com.au> - 1.9.0~beta2-1
- Produce multiple packages for stack/libs, daemons, sipdialer
- Initial build based on autotools
diff --git a/resiprocate.spec.in b/resiprocate.spec.in
index bface8c..d4bf537 100644
--- a/resiprocate.spec.in
+++ b/resiprocate.spec.in
@@ -117,7 +117,7 @@ such as the repro SIP proxy.
%build
export LDFLAGS="${LDFLAGS} -L%{_libdir}/mysql -L%{_libdir}/libdb4"
-CXXFLAGS="%{optflags} -I%{_includedir}/libdb4" %configure --with-c-ares --with-ssl --with-mysql --with-radius --with-apps --enable-ipv6
+CXXFLAGS="%{optflags} -I%{_includedir}/libdb4" %configure --with-c-ares --with-ssl --with-mysql --with-radius --with-repro --with-apps --enable-ipv6
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
make %{?_smp_mflags}
diff --git a/rutil/Data.cxx b/rutil/Data.cxx
index 6dbd8b2..ae43fc6 100644
--- a/rutil/Data.cxx
+++ b/rutil/Data.cxx
@@ -1,6 +1,7 @@
#include <algorithm>
#include <cassert>
#include <ctype.h>
+#include <fstream>
#include <math.h>
#include <limits>
#include <limits.h>
@@ -11,6 +12,7 @@
#endif
#include "rutil/Data.hxx"
+#include "rutil/DataException.hxx"
#include "rutil/ParseBuffer.hxx"
#include "rutil/vmd5.hxx"
#include "rutil/Coders.hxx"
@@ -2233,6 +2235,57 @@ Data::escapeToStream(std::ostream& str,
return str;
}
+Data
+Data::fromFile(const Data& filename)
+{
+ ifstream is;
+ is.open(filename.c_str(), ios::binary );
+ if ( !is.is_open() )
+ {
+ throw DataException("Could not read file ",
+ __FILE__,__LINE__);
+ }
+
+ assert(is.is_open());
+
+ int length = 0;
+
+ // get length of file:
+#if !defined(__MSL_CPP__) || (__MSL_CPP_ >= 0x00012000)
+ is.seekg (0, ios::end);
+ length = (int)is.tellg();
+ is.seekg (0, ios::beg);
+#else
+ // this is a work around for a bug in CodeWarrior 9's implementation of seekg.
+ // http://groups.google.ca/group/comp.sys.mac.programmer.codewarrior/browse_frm/thread/a4279eb75f3bd55a
+ FILE * tmpFile = fopen(filename.c_str(), "r+b");
+ assert(tmpFile != NULL);
+ fseek(tmpFile, 0, SEEK_END);
+ length = ftell(tmpFile);
+ fseek(tmpFile, 0, SEEK_SET);
+#endif // __MWERKS__
+
+ // tellg/tell will return -1 if the stream is bad
+ if (length == -1)
+ {
+ throw DataException("Could not seek into file ",
+ __FILE__,__LINE__);
+ }
+
+ // !jf! +1 is a workaround for a bug in Data::c_str() that adds the 0 without
+ // resizing.
+ char* buffer = new char [length+1];
+
+ // read data as a block:
+ is.read (buffer,length);
+
+ Data target(Data::Take, buffer, length);
+
+ is.close();
+
+ return target;
+}
+
HashValueImp(resip::Data, data.hash());
static signed char base64Lookup[128] =
diff --git a/rutil/Data.hxx b/rutil/Data.hxx
index cb06feb..f7500d1 100644
--- a/rutil/Data.hxx
+++ b/rutil/Data.hxx
@@ -935,6 +935,8 @@ class Data
std::ostream& escapeToStream(std::ostream& str,
const std::bitset<256>& shouldEscape) const;
+ static Data fromFile(const Data& filename);
+
private:
/**
@deprecated use Data(ShareEnum ...)
diff --git a/rutil/FileSystem.cxx b/rutil/FileSystem.cxx
index 5219488..3fc5503 100644
--- a/rutil/FileSystem.cxx
+++ b/rutil/FileSystem.cxx
@@ -30,6 +30,7 @@ FileSystem::Directory::iterator::iterator(const Directory& dir)
assert(!dir.getPath().empty());
//InfoLog(<< "FileSystem::Directory::iterator::iterator: " << dir.getPath());
mPath = dir.getPath();
+ mPath = dir.getPath();
if ((mNixDir = opendir( dir.getPath().c_str() )))
{
errno = 0;
diff --git a/rutil/RADIUSDigestAuthenticator.hxx b/rutil/RADIUSDigestAuthenticator.hxx
index cbf5ff5..f25cb23 100644
--- a/rutil/RADIUSDigestAuthenticator.hxx
+++ b/rutil/RADIUSDigestAuthenticator.hxx
@@ -8,7 +8,12 @@
#ifdef USE_RADIUS_CLIENT
+#ifdef RESIP_HAVE_FREERADIUS_CLIENT
+#include <freeradius-client.h>
+typedef uint32_t UINT4;
+#else
#include <radiusclient-ng.h>
+#endif
#include "rutil/Data.hxx"
#include "rutil/ThreadIf.hxx"
diff --git a/rutil/TransportType.cxx b/rutil/TransportType.cxx
index 4bfea2d..518f087 100644
--- a/rutil/TransportType.cxx
+++ b/rutil/TransportType.cxx
@@ -102,11 +102,26 @@ isSecure(TransportType type)
{
case TLS:
case DTLS:
+ case WSS:
return true;
case UDP:
case TCP:
case DCCP:
case SCTP:
+ case WS:
+ default:
+ return false;
+ }
+}
+
+bool
+isWebSocket(TransportType type)
+{
+ switch(type)
+ {
+ case WS:
+ case WSS:
+ return true;
default:
return false;
}
diff --git a/rutil/TransportType.hxx b/rutil/TransportType.hxx
index 47c17b6..b7420a0 100644
--- a/rutil/TransportType.hxx
+++ b/rutil/TransportType.hxx
@@ -60,6 +60,9 @@ bool isReliable(TransportType type);
/// Returns true if passed in transport type is a secure transport protocol
bool isSecure(TransportType type);
+/// Returns true if passed in transport type is a WebSocket transport protocol
+bool isWebSocket(TransportType type);
+
// Indicate whether or not to run a stun server on a Transport
typedef enum
{
diff --git a/rutil/dns/ares/ares_init.c b/rutil/dns/ares/ares_init.c
index db3c005..401ea29 100644
--- a/rutil/dns/ares/ares_init.c
+++ b/rutil/dns/ares/ares_init.c
@@ -258,22 +258,21 @@ static int init_by_options(ares_channel channel, struct ares_options *options,
for (i = 0; i < options->nservers; i++)
{
#ifdef USE_IPV6
- channel->servers[i].family = options->servers[i].family;
- if (options->servers[i].family == AF_INET6)
- {
- channel->servers[i].addr6 = options->servers[i].addr6;
- }
- else
- {
- assert( channel->servers[i].family == AF_INET );
- channel->servers[i].addr = options->servers[i].addr;
- }
+ channel->servers[i].family = options->servers[i].family;
+ if (options->servers[i].family == AF_INET6)
+ {
+ channel->servers[i].addr6 = options->servers[i].addr6;
+ }
+ else
+ {
+ assert( channel->servers[i].family == AF_INET );
+ channel->servers[i].addr = options->servers[i].addr;
+ }
#else
- channel->servers[i].addr = options->servers[i];
+ channel->servers[i].addr = options->servers[i];
#endif
- // .kw. why is this inside the loop?
- channel->nservers = options->nservers;
}
+ channel->nservers = options->nservers;
}
/* Copy the domains, if given. Keep channel->ndomains consistent so
@@ -489,12 +488,13 @@ static int init_by_defaults(ares_channel channel)
/*
* Way of getting nameservers that should work on all Windows from 98 on.
*/
- FIXED_INFO * FixedInfo;
- ULONG ulOutBufLen;
+ FIXED_INFO * FixedInfo = NULL;
+ ULONG ulOutBufLen = 0;
DWORD dwRetVal;
IP_ADDR_STRING * pIPAddr;
HANDLE hLib;
- int num;
+ int num;
+ int trys = 0;
DWORD (WINAPI *GetNetworkParams)(FIXED_INFO*, DWORD*);
hLib = LoadLibrary(TEXT("iphlpapi.dll"));
@@ -510,20 +510,22 @@ static int init_by_defaults(ares_channel channel)
return ARES_ENOTIMP;
}
//printf("ARES: figuring out DNS servers\n");
- FixedInfo = (FIXED_INFO *) GlobalAlloc( GPTR, sizeof( FIXED_INFO ) );
- ulOutBufLen = sizeof( FIXED_INFO );
-
- if( ERROR_BUFFER_OVERFLOW == (*GetNetworkParams)( FixedInfo, &ulOutBufLen ) )
- {
- GlobalFree( FixedInfo );
+ while(ERROR_BUFFER_OVERFLOW == (dwRetVal = GetNetworkParams( FixedInfo, &ulOutBufLen )) && trys++ < 5)
+ {
+ if(FixedInfo != NULL)
+ {
+ GlobalFree( FixedInfo );
+ }
FixedInfo = (FIXED_INFO *)GlobalAlloc( GPTR, ulOutBufLen );
}
-
- if ( dwRetVal = (*GetNetworkParams)( FixedInfo, &ulOutBufLen ) )
+ if( dwRetVal != 0)
{
- //printf("ARES: couldn't get network params\n");
- GlobalFree( FixedInfo );
- FreeLibrary(hLib);
+ //printf("ARES: couldn't get network params, dwRet=0x%x\n", dwRetVal);
+ if(FixedInfo != NULL)
+ {
+ GlobalFree( FixedInfo );
+ }
+ FreeLibrary(hLib);
return ARES_ENODATA;
}
else
@@ -543,6 +545,14 @@ static int init_by_defaults(ares_channel channel)
num++;
pIPAddr = pIPAddr ->Next;
}
+ //if(num == 0)
+ //{
+ // printf("ARES: no nameservers! size=%d\n", ulOutBufLen);
+ //}
+ //else
+ //{
+ // printf("ARES: num nameservers: %d, size=%d\n", num, ulOutBufLen);
+ //}
if(num>0)
{
channel->servers = malloc( (num) * sizeof(struct server_state));
@@ -1042,6 +1052,7 @@ static int get_physical_address(char *physicalAddr, int physicalAddrBufSz, int*
}
else
{
+ //printf("ARES: couldn't get adapters addresses, dwRet=0x%x\n", dwRet);
rc = ARES_ENODATA;
goto cleanup;
}
@@ -1049,6 +1060,7 @@ static int get_physical_address(char *physicalAddr, int physicalAddrBufSz, int*
dwRet = (*GetAdaptersAddressesProc)(AF_UNSPEC, 0, NULL, pAdapterAddresses, &dwSize);
if (dwRet != ERROR_SUCCESS)
{
+ //printf("ARES: couldn't get adapters addresses (2), dwRet=0x%x\n", dwRet);
rc = ARES_ENODATA;
goto cleanup;
}
diff --git a/rutil/test/testCompat.cxx b/rutil/test/testCompat.cxx
index 47a0ac7..d492195 100644
--- a/rutil/test/testCompat.cxx
+++ b/rutil/test/testCompat.cxx
@@ -21,51 +21,37 @@ main()
}
/* ====================================================================
- * The Vovida Software License, Version 1.0
- *
- * Copyright (c) 2005 Vovida Networks, Inc. All rights reserved.
- *
+ *
+ * Copyright (c) 2013 Daniel Pocock All rights reserved.
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
- *
+ *
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
- *
+ *
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
- *
- * 3. The names "VOCAL", "Vovida Open Communication Application Library",
- * and "Vovida Open Communication Application Library (VOCAL)" must
- * not be used to endorse or promote products derived from this
- * software without prior written permission. For written
- * permission, please contact vocal at vovida.org.
*
- * 4. Products derived from this software may not be called "VOCAL", nor
- * may "VOCAL" appear in their name, without prior written
- * permission of Vovida Networks, Inc.
- *
- * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND
- * NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL VOVIDA
- * NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT DAMAGES
- * IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
- * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
- * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
- * DAMAGE.
- *
+ * 3. Neither the name of the author(s) nor the names of any contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
* ====================================================================
- *
- * This software consists of voluntary contributions made by Vovida
- * Networks, Inc. and many individuals on behalf of Vovida Networks,
- * Inc. For more information on Vovida Networks, Inc., please see
- * <http://www.vovida.org/>.
*
*/
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/resiprocate.git
More information about the Pkg-voip-commits
mailing list