• file
• revisions
• annotate
• diff
• comparison
• raw

opensips/opensips.patch@0bc1d0d1fe3a (annotated)

opensips/opensips.patch

Fri, 30 Mar 2012 18:55:41 +0200

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Fri, 30 Mar 2012 18:55:41 +0200

changeset 416

0bc1d0d1fe3a

parent 410

b1bf69b8f573

child 547

1c75a8bb0fec

permissions

-rw-r--r--

Patch TLS domain logic to allow certless outgoing (UAC) connections.

michael@377	1	Index: main.c
michael@377	2	diff -Nau main.c.orig main.c
michael@410	3	--- main.c.orig 2012-03-21.orig 10:29:31.458420799 +0100
michael@410	4	+++ main.c 2012-03-21 10:30:52.034994020 +0100
michael@410	5	@@ -1025,6 +1025,10 @@
michael@377	6	ret=-1;
michael@377	7	my_argc=argc; my_argv=argv;
michael@377	8
michael@377	9	+ /* if (!log_stderr), that's not usable yet! '/
michael@377	10	+ /* ...so unconditionally log to syslog for now */
michael@377	11	+ openlog(argv[0], LOG_PID|LOG_CONS, log_facility);
michael@377	12	+
michael@377	13	/*init pkg mallocs (before parsing cfg or cmd line !)*/
michael@377	14	if (init_pkg_mallocs()==-1)
michael@377	15	goto error00;
michael@410	16	@@ -1357,6 +1361,11 @@
michael@377	17
michael@377	18	/* init_daemon? */
michael@377	19	if (!dont_fork){
michael@377	20	+ /* shortly after main() we called openlog(3) to log */
michael@377	21	+ /* the initialization, but since daemonize() has its */
michael@377	22	+ /* own syslog(3) handling, we need to close the log first */
michael@377	23	+ closelog(); /* close the initialization logging logic */
michael@377	24	+
michael@377	25	if ( daemonize((log_name==0)?argv[0]:log_name, &own_pgid) <0 )
michael@377	26	goto error;
michael@377	27	}
michael@376	28	Index: Makefile.defs
michael@377	29	diff -Nau Makefile.defs.orig Makefile.defs
michael@410	30	--- Makefile.defs.orig 2012-03-21.orig 10:29:31.252995930 +0100
michael@410	31	+++ Makefile.defs 2012-03-21 10:30:52.038327356 +0100
michael@397	32	@@ -220,7 +220,7 @@
michael@377	33	else
michael@377	34	doc-dir = doc/$(MAIN_NAME)/
michael@377	35	man-dir = man/
michael@377	36	- data-dir = $(MAIN_NAME)/
michael@377	37	+ data-dir = share/$(MAIN_NAME)/
michael@377	38	LOCALBASE ?= $(SYSBASE)/local
michael@377	39	endif
michael@377	40	endif
michael@397	41	@@ -1432,6 +1432,10 @@
michael@377	42	LIBS+= -lsctp
michael@377	43	endif
michael@376	44
michael@377	45	+#conditionally add libfsl
michael@376	46	+LDFLAGS += -L$(prefix)/lib
michael@376	47	+LIBS += -lfsl
michael@377	48	+
michael@377	49	ifneq ($(found_lock_method), yes)
michael@377	50	$(warning No locking method found so far, trying SYS V sems)
michael@377	51	DEFS+= -DUSE_SYSV_SEM # try sys v sems
michael@377	52	Index: scripts/opensipsctl.8
michael@377	53	diff -Nau scripts/opensipsctl.8.orig scripts/opensipsctl.8
michael@410	54	--- scripts/opensipsctl.8.orig 2012-03-21.orig 10:29:31.357825870 +0100
michael@410	55	+++ scripts/opensipsctl.8 2012-03-21 10:30:52.039349015 +0100
michael@377	56	@@ -20,8 +20,6 @@
michael@376	57
michael@377	58	.SH FILES
michael@377	59	.PD 0
michael@377	60	-.I /etc/opensips/.opensipsctlrc
michael@377	61	-.br
michael@377	62	.I /usr/local/etc/opensips/.opensipsctlrc
michael@377	63	.br
michael@377	64	.I ~/.opensipsctlrc
michael@377	65	Index: scripts/osipsconsole
michael@377	66	diff -Nau scripts/osipsconsole.orig scripts/osipsconsole
michael@410	67	--- scripts/osipsconsole.orig 2012-03-21.orig 10:29:31.335460757 +0100
michael@410	68	+++ scripts/osipsconsole 2012-03-21 10:30:52.050666821 +0100
michael@377	69	@@ -30,7 +30,6 @@
michael@377	70	use Term::ReadLine;
michael@377	71	use DBI;
michael@377	72	use POSIX;
michael@377	73	-use Frontier::RPC2;
michael@377	74	use IO::Socket;
michael@377	75	use Socket;
michael@377	76	#use Net::IP;
michael@397	77	@@ -378,6 +377,12 @@
michael@377	78	}
michael@377	79	}
michael@376	80
michael@377	81	+ if ( $MD5 eq "" ) {
michael@377	82	+ if ( $arr[0] =~ /^\s*MD5/ ) {
michael@377	83	+ $MD5 = $arr[1];
michael@377	84	+ }
michael@377	85	+ }
michael@377	86	+
michael@377	87	if ( $AWK eq "" ) {
michael@377	88	if ( $arr[0] =~ /^\s*AWK/ ) {
michael@377	89	$AWK = $arr[1];
michael@376	90	Index: modules/permissions/parse_config.c
michael@377	91	diff -Nau modules/permissions/parse_config.c.orig modules/permissions/parse_config.c
michael@410	92	--- modules/permissions/parse_config.c.orig 2012-03-21.orig 10:29:32.047580003 +0100
michael@410	93	+++ modules/permissions/parse_config.c 2012-03-21 10:30:52.052696686 +0100
michael@376	94	@@ -114,8 +114,11 @@
michael@376	95	except = strstr(str, " EXCEPT ");
michael@376	96	if (except) {
michael@376	97	/* exception found */
michael@376	98	- strncpy(str2, str, except-str);
michael@376	99	- str2[except-str] = '\0';
michael@376	100	+ int l = except - str;
michael@376	101	+ if (l > sizeof(str2) - 1)
michael@376	102	+ l = sizeof(str2) - 1;
michael@376	103	+ strncpy(str2, str, l);
michael@376	104	+ str2[l] = '\0';
michael@376	105	/* except+8 points to the exception */
michael@376	106	if (parse_expression_list(except+8, e_exceptions)) {
michael@376	107	/* error */
michael@376	108	@@ -124,7 +127,8 @@
michael@376	109	}
michael@376	110	} else {
michael@376	111	/* no exception */
michael@376	112	- strcpy(str2, str);
michael@376	113	+ strncpy(str2, str, sizeof(str2)-1);
michael@376	114	+ str2[sizeof(str2)-1] = '\0';
michael@376	115	*e_exceptions = NULL;
michael@376	116	}
michael@376	117
michael@410	118	Index: parser/sdp/sdp_helpr_funcs.c
michael@410	119	diff -Nau parser/sdp/sdp_helpr_funcs.c.orig parser/sdp/sdp_helpr_funcs.c
michael@410	120	--- parser/sdp/sdp_helpr_funcs.c.orig 2012-03-21.orig 10:29:31.444187545 +0100
michael@410	121	+++ parser/sdp/sdp_helpr_funcs.c 2012-03-21 10:30:52.057616045 +0100
michael@410	122	@@ -396,7 +396,7 @@
michael@410	123
michael@410	124	cp1 = NULL;
michael@410	125	for (cp = body->s; (len = body->s + body->len - cp) > 0;) {
michael@410	126	- cp1 = (char*)ser_memmem(cp, line, len, 2);
michael@410	127	+ cp1 = (char*)ser_memmem(cp, line, len, strlen(line));
michael@410	128	if (cp1 == NULL || cp1[-1] == '\n' || cp1[-1] == '\r')
michael@410	129	break;
michael@410	130	cp = cp1 + 2;
michael@377	131	Index: modules/nathelper/nathelper.c
michael@377	132	diff -Nau modules/nathelper/nathelper.c.orig modules/nathelper/nathelper.c
michael@410	133	--- modules/nathelper/nathelper.c.orig 2012-03-21.orig 10:29:31.795178267 +0100
michael@410	134	+++ modules/nathelper/nathelper.c 2012-03-21 10:30:52.055610362 +0100
michael@410	135	@@ -289,6 +289,9 @@
michael@397	136	return 0;
michael@397	137	}
michael@376	138
michael@377	139	+/* MSvB macros */
michael@377	140	+#define OPENSIPS_NOOP ((void)0)
michael@377	141	+
michael@377	142
michael@377	143
michael@397	144
michael@410	145	@@ -813,6 +816,7 @@
michael@377	146	#define FIX_MEDIP 0x02
michael@377	147	#define ADD_ANORTPPROXY 0x04
michael@377	148	#define FIX_ORGIP 0x08
michael@377	149	+#define FIX_RTCPIP 0x10
michael@377	150
michael@377	151	#define ADIRECTION "a=direction:active"
michael@377	152	#define ADIRECTION_LEN (sizeof(ADIRECTION) - 1)
michael@410	153	@@ -829,7 +833,9 @@
michael@377	154	{
michael@377	155	char *buf;
michael@377	156	int offset;
michael@377	157	+ int binlump;
michael@377	158	struct lump* anchor;
michael@377	159	+ struct lump* templump;
michael@377	160	str omip, nip, oip;
michael@377	161
michael@377	162	/* check that updating mediaip is really necessary */
michael@410	163	@@ -860,7 +866,19 @@
michael@377	164	memcpy(buf, CRLF, CRLF_LEN);
michael@377	165	memcpy(buf + CRLF_LEN, omip.s, omip.len);
michael@377	166	memcpy(buf + CRLF_LEN + omip.len, oldip->s, oldip->len);
michael@377	167	- if (insert_new_lump_after(anchor, buf,
michael@377	168	+
michael@397	169	+ /* if the oldmediaip string is already */
michael@397	170	+ /* in the body then don't add it again */
michael@377	171	+ binlump = 0;
michael@377	172	+ for (templump = msg->body_lumps; templump; templump = templump->next)
michael@377	173	+ if (templump->op == LUMP_ADD && strstr(templump->u.value, buf))
michael@377	174	+ binlump = 1;
michael@377	175	+ for (templump = msg->add_rm; templump; templump = templump->next)
michael@377	176	+ if (templump->op == LUMP_ADD && strstr(templump->u.value, buf))
michael@377	177	+ binlump = 1;
michael@377	178	+ if (strstr(body->s, buf) || binlump)
michael@377	179	+ pkg_free(buf);
michael@377	180	+ else if (insert_new_lump_after(anchor, buf,
michael@377	181	omip.len + oldip->len + CRLF_LEN, 0) == NULL) {
michael@377	182	LM_ERR("insert_new_lump_after failed\n");
michael@377	183	pkg_free(buf);
michael@410	184	@@ -1046,6 +1064,12 @@
michael@397	185	p= p->next;
michael@397	186	}
michael@397	187
michael@397	188	+ if (level & FIX_RTCPIP) {
michael@397	189	+ /* Iterate all a=rtcp: and replace ips in them. */
michael@397	190	+ if (replace_sdp_ip(msg, &body, "a=rtcp:", str2?&ip:0)==-1)
michael@397	191	+ return -1;
michael@397	192	+ }
michael@397	193	+
michael@397	194	return 1;
michael@397	195	}
michael@397	196
michael@416	197	Index: tls/tls_init.c
michael@416	198	diff -Nau tls/tls_init.c.orig tls/tls_init.c
michael@416	199	--- tls/tls_init.c.orig 2012-01-17 13:16:02.000000000 +0100
michael@416	200	+++ tls/tls_init.c 2012-03-30 18:34:08.540354386 +0200
michael@416	201	@@ -617,7 +617,7 @@
michael@416	202	d->cert_file = tls_cert_file;
michael@416	203	}
michael@416	204	if (load_certificate(d->ctx, d->cert_file) < 0)
michael@416	205	- return -1;
michael@416	206	+ LM_WARN("tls[%s:%d] proceeding with no certificate at all!\n", ip_addr2a(&d->addr), d->port);
michael@416	207
michael@416	208	/*
michael@416	209	* load ca
michael@416	210	@@ -629,7 +629,7 @@
michael@416	211	d->ca_file = tls_ca_file;
michael@416	212	}
michael@416	213	if (d->ca_file && load_ca(d->ctx, d->ca_file) < 0)
michael@416	214	- return -1;
michael@416	215	+ LM_WARN("tls[%s:%d] proceeding with no CA at all!\n", ip_addr2a(&d->addr), d->port);
michael@416	216	d = d->next;
michael@416	217	}
michael@416	218
michael@416	219	@@ -644,7 +644,7 @@
michael@416	220	d->pkey_file = tls_pkey_file;
michael@416	221	}
michael@416	222	if (load_private_key(d->ctx, d->pkey_file) < 0)
michael@416	223	- return -1;
michael@416	224	+ LM_WARN("tls[%s:%d] proceeding with no key at all!\n", ip_addr2a(&d->addr), d->port);
michael@416	225	d = d->next;
michael@416	226	}
michael@416	227	return 0;