sr-dev June 2010

sr-dev@lists.kamailio.org

26 participants
164 discussions

git:andrei/tcp_tls_changes: tls: rpc: tls.list and tls.options update
by Andrei Pelinescu-Onciul 04 Jun '10

04 Jun '10

Module: sip-router Branch: andrei/tcp_tls_changes Commit: 0dbb49bd6e08cfd80bb65da23fe048511d3983b7 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0dbb49b… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Fri Jun 4 18:43:15 2010 +0200 tls: rpc: tls.list and tls.options update - tls.list update/cleanups (more detailed now) - tls.options - print also the new options. - code in tls_rpc.* is iptelorg only => changed (c) and license (BSD-like). --- modules/tls/tls_rpc.c | 121 ++++++++++++++++++++++++++++++++----------------- modules/tls/tls_rpc.h | 23 ++++----- 2 files changed, 89 insertions(+), 55 deletions(-) diff --git a/modules/tls/tls_rpc.c b/modules/tls/tls_rpc.c index 826f12c..650c972 100644 --- a/modules/tls/tls_rpc.c +++ b/modules/tls/tls_rpc.c @@ -4,24 +4,21 @@ * TLS module - management interface * * Copyright (C) 2001-2003 FhG FOKUS - * Copyright (C) 2004,2005 Free Software Foundation, Inc. * Copyright (C) 2005 iptelorg GmbH * * This file is part of sip-router, a free SIP server. * - * sip-router is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. * - * sip-router is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ /** tls module management interface (rpc). * @file tls_rpc.c @@ -102,46 +99,83 @@ extern struct tcp_connection** tcpconn_id_hash; static void tls_list(rpc_t* rpc, void* c) { - static char buf[128]; + char buf[128]; + char src_ip[IP_ADDR_MAX_STR_SIZE]; + char dst_ip[IP_ADDR_MAX_STR_SIZE]; void* handle; char* tls_info; - SSL* ssl; + char* state; + struct tls_extra_data* tls_d; struct tcp_connection* con; int i, len, timeout; - ssl=0; TCPCONN_LOCK; for(i = 0; i < TCP_ID_HASH_SIZE; i++) { - if (tcpconn_id_hash[i] == NULL) continue; - con = tcpconn_id_hash[i]; - while(con) { - if (con->rcv.proto != PROTO_TLS) goto skip; - if (con->extra_data) - ssl = ((struct tls_extra_data*)con->extra_data)->ssl; - if (ssl) { - tls_info = SSL_CIPHER_description(SSL_get_current_cipher(ssl), - buf, 128); - len = strlen(buf); - if (len && buf[len - 1] == '\n') buf[len - 1] = '\0'; - } else { - tls_info = "Unknown"; - } - timeout = con->timeout - get_ticks(); - if (timeout < 0) timeout = 0; + for (con = tcpconn_id_hash[i]; con; con = con->id_next) { + if (con->rcv.proto != PROTO_TLS) continue; + tls_d = con->extra_data; rpc->add(c, "{", &handle); - rpc->struct_add(handle, "ddsdsds", + /* tcp data */ + if (ip_addr2sbuf(&con->rcv.src_ip, src_ip, sizeof(src_ip)) == 0) { + BUG("failed to convert source ip"); + src_ip[0]=0; + } + if (ip_addr2sbuf(&con->rcv.dst_ip, dst_ip, sizeof(dst_ip)) == 0) { + BUG("failed to convert destination ip"); + dst_ip[0]=0; + } + timeout = TICKS_TO_S(con->timeout - get_ticks()); + rpc->struct_add(handle, "ddsdsd", "id", con->id, "timeout", timeout, - "src_ip", ip_addr2a(&con->rcv.src_ip), + "src_ip", src_ip, "src_port", con->rcv.src_port, - "dst_ip", ip_addr2a(&con->rcv.dst_ip), - "dst_port", con->rcv.dst_port, - "tls", tls_info); - skip: - con = con->id_next; + "dst_ip", dst_ip, + "dst_port", con->rcv.dst_port); + if (tls_d) { + tls_info = SSL_CIPHER_description( + SSL_get_current_cipher(tls_d->ssl), + buf, sizeof(buf)); + len = strlen(buf); + if (len && buf[len - 1] == '\n') buf[len - 1] = '\0'; + /* tls data */ + state = "unknown/error"; + lock_get(&con->write_lock); + switch(tls_d->state) { + case S_TLS_NONE: + state = "none/init"; + break; + case S_TLS_ACCEPTING: + state = "tls_accept"; + break; + case S_TLS_CONNECTING: + state = "tls_connect"; + break; + case S_TLS_ESTABLISHED: + state = "established"; + break; + } + rpc->struct_add(handle, "sddds", + "cipher", tls_info, + "ct_wq_size", tls_d->ct_wq? + tls_d->ct_wq->queued:0, + "enc_rd_buf", tls_d->enc_rd_buf? + tls_d->enc_rd_buf->size:0, + "flags", tls_d->flags, + "state", state + ); + lock_release(&con->write_lock); + } else { + rpc->struct_add(handle, "sddds", + "cipher", "unknown", + "ct_wq_size", 0, + "enc_rd_buf", 0, + "flags", 0, + "state", "pre-init" + ); + } } } - TCPCONN_UNLOCK; } @@ -169,7 +203,7 @@ static void tls_options(rpc_t* rpc, void* c) { void* handle; rpc->add(c, "{", &handle); - rpc->struct_add(handle, "dSdddSSSSdSSddddddddd", + rpc->struct_add(handle, "dSdddSSSSdSSdddddddddddd", "force_run", cfg_get(tls, tls_cfg, force_run), "method", &cfg_get(tls, tls_cfg, method), "verify_certificate", cfg_get(tls, tls_cfg, verify_cert), @@ -191,7 +225,10 @@ static void tls_options(rpc_t* rpc, void* c) "ssl_max_send_fragment", cfg_get(tls, tls_cfg, ssl_max_send_fragment), "ssl_read_ahead", cfg_get(tls, tls_cfg, ssl_read_ahead), "low_mem_threshold1", cfg_get(tls, tls_cfg, low_mem_threshold1), - "low_mem_threshold2", cfg_get(tls, tls_cfg, low_mem_threshold2) + "low_mem_threshold2", cfg_get(tls, tls_cfg, low_mem_threshold2), + "ct_wq_max", cfg_get(tls, tls_cfg, ct_wq_max), + "con_ct_wq_max", cfg_get(tls, tls_cfg, con_ct_wq_max), + "ct_wq_blk_size", cfg_get(tls, tls_cfg, ct_wq_blk_size) ); } diff --git a/modules/tls/tls_rpc.h b/modules/tls/tls_rpc.h index b292de1..558bf0d 100644 --- a/modules/tls/tls_rpc.h +++ b/modules/tls/tls_rpc.h @@ -4,24 +4,21 @@ * TLS module - management interface * * Copyright (C) 2001-2003 FhG FOKUS - * Copyright (C) 2004,2005 Free Software Foundation, Inc. * Copyright (C) 2005 iptelorg GmbH * * This file is part of sip-router, a free SIP server. * - * sip-router is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. * - * sip-router is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ /** tls module management interface (rpc). * @file tls_rpc.h

1 0

git:andrei/tcp_tls_changes: tls: config options for the internal queues
by Andrei Pelinescu-Onciul 04 Jun '10

04 Jun '10

Module: sip-router Branch: andrei/tcp_tls_changes Commit: 86cfe85e9ef7cb473c9672bf0e38875852106c52 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=86cfe85… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Fri Jun 4 18:38:50 2010 +0200 tls: config options for the internal queues Added runtime config options for the internal queues used when data has to be queued due to renegotiations or on-going initialization of the connections: ct_wq_max - maximum bytes queued globally for write when write has to wait due to TLS-level renegotiation. con_ct_wq_max - maximum bytes queued for write per connection. ct_wq_blk_size - internal TLS pre-write (clear-text) queue minimum block size (advanced tunning or debugging). --- modules/tls/tls_cfg.c | 20 ++++++++++++++++++-- modules/tls/tls_cfg.h | 3 +++ modules/tls/tls_ct_wrq.c | 14 +++++++------- 3 files changed, 28 insertions(+), 9 deletions(-) diff --git a/modules/tls/tls_cfg.c b/modules/tls/tls_cfg.c index e3d7b00..b255626 100644 --- a/modules/tls/tls_cfg.c +++ b/modules/tls/tls_cfg.c @@ -57,8 +57,11 @@ struct cfg_group_tls default_tls_cfg = { -1, /* ssl_freelist_max (use the default: 32) */ -1, /* ssl_max_send_fragment (use the default: 16k)*/ 1, /* ssl_read_ahead (set, use -1 for the openssl default value)*/ - -1, /* low_mem_treshold1 */ - -1, /* low_mem_treshold2 */ + -1, /* low_mem_threshold1 */ + -1, /* low_mem_threshold2 */ + 10*1024*1024, /* ct_wq_max: 10 Mb by default */ + 64*1024, /* con_ct_wq_max: 64Kb by default */ + 4096 /* ct_wq_blk_size */ }; void* tls_cfg = &default_tls_cfg; @@ -175,6 +178,19 @@ cfg_def_t tls_cfg_def[] = { {"low_mem_threshold2", CFG_VAR_INT | CFG_ATOMIC, -1, 1<<30, 0, 0, "sets the minimum amount of free memory after which no more TLS" " operations will be attempted (even on existing connections)" }, + {"ct_wq_max", CFG_VAR_INT | CFG_ATOMIC, 0, 1<<30, 0, 0, + "maximum bytes queued globally for write when write has to wait due" + " to TLS-level renegotiation (SSL_ERROR_WANT_READ) or initial TLS" + " connection establishment (it is different from tcp.wq_max," + " which works at the TCP connection level)"}, + {"con_ct_wq_max", CFG_VAR_INT | CFG_ATOMIC, 0, 4*1024*1024, 0, 0, + "maximum bytes queued for write per connection when write has to wait" + " due to TLS-level renegotiation (SSL_ERROR_WANT_READ) or initial TLS" + " connection establishment (it is different from tcp.conn_wq_max," + " which works at the TCP connection level)"}, + {"ct_wq_blk_size", CFG_VAR_INT | CFG_ATOMIC, 1, 65536, 0, 0, + "internal TLS pre-write (clear-text) queue minimum block size" + " (advanced tunning or debugging for now)"}, {0, 0, 0, 0, 0, 0} }; diff --git a/modules/tls/tls_cfg.h b/modules/tls/tls_cfg.h index 5dfcec2..41e149c 100644 --- a/modules/tls/tls_cfg.h +++ b/modules/tls/tls_cfg.h @@ -87,6 +87,9 @@ struct cfg_group_tls { int ssl_read_ahead; int low_mem_threshold1; int low_mem_threshold2; + int ct_wq_max; /* maximum overall tls write clear text queued bytes */ + int con_ct_wq_max; /* maximum clear text write queued bytes per con */ + int ct_wq_blk_size; /* minimum block size for the clear text write queue */ }; diff --git a/modules/tls/tls_ct_wrq.c b/modules/tls/tls_ct_wrq.c index e939f51..b3a6e3d 100644 --- a/modules/tls/tls_ct_wrq.c +++ b/modules/tls/tls_ct_wrq.c @@ -29,13 +29,10 @@ */ #include "tls_ct_wrq.h" +#include "tls_cfg.h" #include "../../atomic_ops.h" #include "../../mem/shm_mem.h" -/* FIXME: change to runtime configurable variables */ -#define TLS_CT_WQ_MAX_CON_SZ 4*1024*1024 /* 4 MB max. overall */ -#define TLS_CT_WQ_MAX 262144 /* 256 k max. per connection */ -#define TLS_CT_WQ_BLK_SZ 4096 /* 4k max. block size */ atomic_t* tls_total_ct_wq; /* total clear text bytes queued for a future SSL_write() (due to renegotiations/ @@ -135,10 +132,13 @@ int tls_ct_wq_add(tls_ct_q** ct_q, const void* data, unsigned int size) { int ret; - if (unlikely( (*ct_q && (((*ct_q)->queued + size) > TLS_CT_WQ_MAX_CON_SZ)) - || (atomic_get(tls_total_ct_wq) + size) > TLS_CT_WQ_MAX)) + if (unlikely( (*ct_q && (((*ct_q)->queued + size) > + cfg_get(tls, tls_cfg, con_ct_wq_max))) || + (atomic_get(tls_total_ct_wq) + size) > + cfg_get(tls, tls_cfg, ct_wq_max))) return -2; - ret = tls_ct_q_add(ct_q, data, size, TLS_CT_WQ_BLK_SZ); + ret = tls_ct_q_add(ct_q, data, size, + cfg_get(tls, tls_cfg, ct_wq_blk_size)); if (likely(ret > 0)) atomic_add(tls_total_ct_wq, ret); return ret;

1 0

git:andrei/tcp_tls_changes: tls: fix wrong wbio usage
by Andrei Pelinescu-Onciul 04 Jun '10

04 Jun '10

Module: sip-router Branch: andrei/tcp_tls_changes Commit: 01c803a6c081ab84ca0b4faf9d16575b23de1b20 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=01c803a… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Fri Jun 4 18:30:48 2010 +0200 tls: fix wrong wbio usage The openssl library sometimes (after write operations) sets a buffering bio "over" the wbio that we set. In this case one can no longer rely on the wbio returned by SSL_get_wbio() (it might be the buffering bio). Now the BIOs are set at connection initialization time (and not on their first use) and are stored inside the tls_extra_data structure attached to the tcp connection. This way we are sure we are always controlling our wbio and not something that openssl might have stacked on top of it. --- modules/tls/tls_bio.c | 5 +++-- modules/tls/tls_server.c | 45 ++++++++++++++++++--------------------------- modules/tls/tls_server.h | 3 +++ 3 files changed, 24 insertions(+), 29 deletions(-) diff --git a/modules/tls/tls_bio.c b/modules/tls/tls_bio.c index c82fe64..3581ef0 100644 --- a/modules/tls/tls_bio.c +++ b/modules/tls/tls_bio.c @@ -115,7 +115,7 @@ int tls_BIO_mbuf_set(BIO* b, struct tls_mbuf* rd, struct tls_mbuf* wr) { struct tls_bio_mbuf_data* d; - TLS_BIO_DBG("tls_BIO_muf_set called (%p, %p)\n", rd, wr); + TLS_BIO_DBG("tls_BIO_mbuf_set called (%p => %p, %p)\n", b, rd, wr); if (unlikely(b->ptr == 0)){ BUG("null BIO ptr\n"); return 0; @@ -195,7 +195,8 @@ static int tls_bio_mbuf_read(BIO* b, char* dst, int dst_len) as a shortcut when no data is available => simulate EAGIAN/WANT_READ */ TLS_BIO_DBG("read (%p, %p, %d) called with null read buffer" - " => simulating EAGAIN/WANT_READ\n", b, dst, dst_len); + "(%p->%p) => simulating EAGAIN/WANT_READ\n", + b, dst, dst_len, d, d->rd); BIO_set_retry_read(b); } return -1; diff --git a/modules/tls/tls_server.c b/modules/tls/tls_server.c index c5c36de..981cf41 100644 --- a/modules/tls/tls_server.c +++ b/modules/tls/tls_server.c @@ -126,11 +126,16 @@ static int tls_complete_init(struct tcp_connection* c) } memset(data, '\0', sizeof(struct tls_extra_data)); data->ssl = SSL_new(dom->ctx[process_no]); + data->rwbio = tls_BIO_new_mbuf(0, 0); data->cfg = cfg; data->state = state; - if (data->ssl == 0) { - TLS_ERR("Failed to create SSL structure:"); + if (unlikely(data->ssl == 0 || data->rwbio == 0)) { + TLS_ERR("Failed to create SSL or BIO structure:"); + if (data->ssl) + SSL_free(data->ssl); + if (data->rwbio) + BIO_free(data->rwbio); goto error; } #ifdef TLS_KSSL_WORKARROUND @@ -140,6 +145,7 @@ static int tls_complete_init(struct tcp_connection* c) data->ssl->kssl_ctx=0; } #endif + SSL_set_bio(data->ssl, data->rwbio, data->rwbio); c->extra_data = data; return 0; @@ -182,25 +188,9 @@ static int tls_set_mbufs(struct tcp_connection *c, struct tls_mbuf* rd, struct tls_mbuf* wr) { - SSL *ssl; BIO *rwbio; - /* if (unlikely(tls_fix_connection(c) < 0)) - return -1; - */ - - ssl = ((struct tls_extra_data*)c->extra_data)->ssl; - if (unlikely(((rwbio=SSL_get_rbio(ssl))==0) || - ((rwbio=SSL_get_wbio(ssl))==0))) { - rwbio = tls_BIO_new_mbuf(rd, wr); - if (unlikely(rwbio == 0)) { - ERR("new mbuf BIO creation failure\n"); - return -1; - } - /* use the same bio for both read & write */ - SSL_set_bio(ssl, rwbio, rwbio); - return 0; - } + rwbio = ((struct tls_extra_data*)c->extra_data)->rwbio; if (unlikely(tls_BIO_mbuf_set(rwbio, rd, wr)<=0)) { /* it should be always 1 */ ERR("failed to set mbufs"); @@ -875,7 +865,7 @@ redo_read: */ if (unlikely(tls_c->enc_rd_buf)) { /* use queued data */ - /* safe to use without locks, because only read changes it and + /* safe to use without locks, because only read changes it and there can't be parallel reads on the same connection */ enc_rd_buf = tls_c->enc_rd_buf; tls_c->enc_rd_buf = 0; @@ -980,8 +970,8 @@ ssl_read_skipped: goto error_send; } } - /* quickly catch bugs: segfault if accessed and not set */ - tls_set_mbufs(c, 0, 0); + /* quickly catch bugs: segfault if accessed and not set */ + tls_set_mbufs(c, 0, 0); lock_release(&c->write_lock); switch(ssl_error) { case SSL_ERROR_NONE: @@ -1027,11 +1017,12 @@ ssl_read_skipped: if (unlikely(n < 0)) /* here n should always be >= 0 */ BUG("unexpected value (n = %d)\n", n); - else if (unlikely(n < bytes_free)) - BUG("read buffer not exhausted (rbio still has %d bytes," - "last SSL_read %d / %d)\n", - rd.used - rd.pos, n, bytes_free); - else if (n == bytes_free) { + else { + if (unlikely(n < bytes_free)) + BUG("read buffer not exhausted (rbio still has %d bytes," + "last SSL_read %d / %d)\n", + rd.used - rd.pos, n, bytes_free); + /* n <= bytes_free */ /* queue read data if not fully consumed by SSL_read() * (very unlikely situation) */ diff --git a/modules/tls/tls_server.h b/modules/tls/tls_server.h index 66eb962..2a324bd 100644 --- a/modules/tls/tls_server.h +++ b/modules/tls/tls_server.h @@ -55,6 +55,9 @@ struct tls_rd_buf { struct tls_extra_data { tls_domains_cfg_t* cfg; /* Configuration used for this connection */ SSL* ssl; /* SSL context used for the connection */ + BIO* rwbio; /* bio used for read/write + (openssl code might add buffering BIOs so + it's better to remember our original BIO) */ tls_ct_q* ct_wq; struct tls_rd_buf* enc_rd_buf; unsigned int flags;

1 0

kamailio project presence at linuxtag 2010
by Henning Westerholt 04 Jun '10

04 Jun '10

Hello, the kamailio, sip-router and sems projects will be present next week on the linuxtag 2010 - "the most important place for Linux and open source software in Europe." [1]. We're at booth 106, this is in hall 7.2b. If you're during next week in Berlin and visit the exibition, then we're looking forward to meet you there! The kamailio project will be also present in the conference program, with a talk about building geographical redundant VoIP systems [2]. Best regards, Henning Westerholt [1] http://www.linuxtag.org/2010/en.html [2] http://www.linuxtag.org/2010/en/program/free- conference/wednesday/details.html?talkid=104 -- Henning Westerholt - Technical Leader VoIP backend development 1&1 Internet AG, Ernst-Frey-Str. 9, 76135 Karlsruhe, Germany

1 1

New debian and ubuntu repository for kamailio released!
by Jon Bonilla 04 Jun '10

04 Jun '10

We are proud to announce the release of a Debian and Ubuntu repository for Kamailio. We hope this will make easier installation and update of Kamailio on Debian and Ubuntu servers. Kamailio project's web page hosts the description and instructions: http://www.kamailio.org/dokuwiki/doku.php/packages:debs cheers, Sipdoc Team

3 2

Re: [sr-dev] [SR-Users] check_from and check_to: case sensitive?
by Henning Westerholt 03 Jun '10

03 Jun '10

On Wednesday 02 June 2010, Iñaki Baz Castillo wrote: > >> The problem is that more SIP username related stuff is also case > >> insensitive in Kamailio, i.e. the database columns. For example a user > >> "TEST" with a location entry with username "test" woudl be retrieved > >> because the location.username column is case insensitive. > > > > IIRC that depends on the DB backend: MySQL is by default case > > insensitive, Postgresql is by default case sensitive. > > Yes, this is correct. Then: > > - check_from / check_to should b fixed to use case sensitive comparison. Hi Iñaki, this should be properly documented, as it has the potential of breaking some configurations. > - MySQL database schema should use case sensitive columns for > 'username' in subscriber, location and any other tables containing an > 'username' column. I think we should think a bit more about this step, as it would be a major change in the way most people expect the database to work, which happens to be mostly mysql in our case. Add devel list as CC. Henning

3 4

git:andrei/rve_f_params: core: rval - don' t use static buffer for int conversions
by Andrei Pelinescu-Onciul 02 Jun '10

02 Jun '10

Module: sip-router Branch: andrei/rve_f_params Commit: e5fa2eb3563d532ff88b8c42aa2baa307804b4ee URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=e5fa2eb… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Wed Mar 17 20:09:29 2010 +0100 core: rval - don't use static buffer for int conversions - don't use static buffers for string conversions (rval_get_tmp_str()) - extended rval_cache with enough space to store an int converted to string - switched to signed ints (until now all ints where treated as unsigned) --- rvalue.c | 46 ++++++++++++++++++++++++++++++++-------------- rvalue.h | 6 +++++- 2 files changed, 37 insertions(+), 15 deletions(-) diff --git a/rvalue.c b/rvalue.c index d02b194..921edb4 100644 --- a/rvalue.c +++ b/rvalue.c @@ -1062,12 +1062,14 @@ error: * if rv == undefined select, avp or pvar, return "". * if an error occurs while evaluating a select, avp or pvar, behave as * for the undefined case (and return success). - * The result points either to a temporary string or inside - * new_cache. new_cache must be non zero, initialized previously, - * and it _must_ be rval_cache_clean(...)'ed when done. - * WARNING: it's not intended for general use, it might return a pointer - * to a static buffer (int2str) so use the result a.s.a.p, make a copy. - * or use rval_get_str() instead. + * The result points either inside the passed rv, inside + * new_cache or inside an avp. new_cache must be non zero, + * initialized previously and it _must_ be rval_cache_clean(...)'ed when + * done. + * WARNING: it's not intended for general use. It might return a pointer + * inside rv so the result _must_ be treated as read-only. rv and new_cache + * must not be released/freed until the result is no longer needed. + * For general use see rval_get_str(). * @param h - script context handle * @param msg - sip msg * @param tmpv - str return value (pointer to a str struct that will be @@ -1089,7 +1091,9 @@ int rval_get_tmp_str(struct run_act_ctx* h, struct sip_msg* msg, switch(rv->type){ case RV_INT: - tmpv->s=int2str(rv->v.l, &tmpv->len); + tmpv->s=sint2strbuf(rv->v.l, tmp_cache->i2s, + sizeof(tmp_cache->i2s), &tmpv->len); + tmp_cache->cache_type = RV_CACHE_INT2STR; break; case RV_STR: *tmpv=rv->v.s; @@ -1099,16 +1103,22 @@ int rval_get_tmp_str(struct run_act_ctx* h, struct sip_msg* msg, i=(run_actions(h, rv->v.action, msg)>0); else i=0; - tmpv->s=int2str(i, &tmpv->len); + tmpv->s=sint2strbuf(i, tmp_cache->i2s, + sizeof(tmp_cache->i2s), &tmpv->len); + tmp_cache->cache_type = RV_CACHE_INT2STR; break; case RV_BEXPR: i=eval_expr(h, rv->v.bexpr, msg); if (i==EXPR_DROP){ i=0; /* false */ - tmpv->s=int2str(i, &tmpv->len); + tmpv->s=sint2strbuf(i, tmp_cache->i2s, + sizeof(tmp_cache->i2s), &tmpv->len); + tmp_cache->cache_type = RV_CACHE_INT2STR; return EXPR_DROP; } - tmpv->s=int2str(i, &tmpv->len); + tmpv->s=sint2strbuf(i, tmp_cache->i2s, sizeof(tmp_cache->i2s), + &tmpv->len); + tmp_cache->cache_type = RV_CACHE_INT2STR; break; case RV_SEL: i=run_select(tmpv, &rv->v.sel, msg); @@ -1126,7 +1136,9 @@ int rval_get_tmp_str(struct run_act_ctx* h, struct sip_msg* msg, *tmpv=cache->c.avp_val.s; }else if (cache->val_type==RV_INT){ i=cache->c.avp_val.n; - tmpv->s=int2str(i, &tmpv->len); + tmpv->s=sint2strbuf(i, tmp_cache->i2s, + sizeof(tmp_cache->i2s), &tmpv->len); + tmp_cache->cache_type = RV_CACHE_INT2STR; }else if (cache->val_type==RV_NONE){ goto undef; }else goto error_cache; @@ -1141,7 +1153,9 @@ int rval_get_tmp_str(struct run_act_ctx* h, struct sip_msg* msg, *tmpv=tmp_cache->c.avp_val.s; }else{ i=tmp_cache->c.avp_val.n; - tmpv->s=int2str(i, &tmpv->len); + tmpv->s=sint2strbuf(i, tmp_cache->i2s, + sizeof(tmp_cache->i2s), &tmpv->len); + tmp_cache->cache_type = RV_CACHE_INT2STR; } }else goto undef; } @@ -1152,7 +1166,9 @@ int rval_get_tmp_str(struct run_act_ctx* h, struct sip_msg* msg, *tmpv=cache->c.pval.rs; }else if (cache->val_type==RV_INT){ i=cache->c.pval.ri; - tmpv->s=int2str(i, &tmpv->len); + tmpv->s=sint2strbuf(i, tmp_cache->i2s, + sizeof(tmp_cache->i2s), &tmpv->len); + tmp_cache->cache_type = RV_CACHE_INT2STR; }else if (cache->val_type==RV_NONE){ goto undef; }else goto error_cache; @@ -1170,7 +1186,9 @@ int rval_get_tmp_str(struct run_act_ctx* h, struct sip_msg* msg, }else if (likely(tmp_cache->c.pval.flags & PV_VAL_INT)){ i=tmp_cache->c.pval.ri; pv_value_destroy(&tmp_cache->c.pval); - tmpv->s=int2str(i, &tmpv->len); + tmpv->s=sint2strbuf(i, tmp_cache->i2s, + sizeof(tmp_cache->i2s), &tmpv->len); + tmp_cache->cache_type = RV_CACHE_INT2STR; }else{ /* no PV_VAL_STR and no PV_VAL_INT => undef (PV_VAL_NULL) */ diff --git a/rvalue.h b/rvalue.h index f658c5e..90c02b3 100644 --- a/rvalue.h +++ b/rvalue.h @@ -26,12 +26,14 @@ * 2009-04-28 added string and interger versions for the EQ and DIFF * operators (andrei) * 2009-05-05 casts operator for int & string (andrei) + * 2010-03-16 space for an int2str result inside rval_cache (andrei) */ #ifndef _rvalue_h_ #define _rvalue_h_ #include "str.h" +#include "ut.h" #include "usr_avp.h" #include "select.h" #include "pvar.h" @@ -138,7 +140,8 @@ enum rval_cache_type{ RV_CACHE_EMPTY, RV_CACHE_PVAR, RV_CACHE_AVP, - RV_CACHE_SELECT + RV_CACHE_SELECT, + RV_CACHE_INT2STR }; /** value cache for a rvalue struct. @@ -152,6 +155,7 @@ struct rval_cache{ int_str avp_val; /**< avp value */ pv_value_t pval; /**< pvar value */ }c; + char i2s[INT2STR_MAX_LEN]; /**< space for converting an int to string*/ };

1 0

git:andrei/rve_f_params: core: support for RVEs in fparam fixups
by Andrei Pelinescu-Onciul 02 Jun '10

02 Jun '10

Module: sip-router Branch: andrei/rve_f_params Commit: 8f3db98bf47f9f45cf00d9fc62c14c1af95867fc URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=8f3db98… Author: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Committer: Andrei Pelinescu-Onciul <andrei(a)iptel.org> Date: Wed Jun 2 18:24:05 2010 +0200 core: support for RVEs in fparam fixups Hack to allow using RVEs in "safe" fparam fixups. This way all the module functions using them will automatically have var support (most ser modules that already supported variables as quoted parameter, support now any variable expression, without quotes too). The cleanup is done by the core (this is the "hack" part). E.g.: t_set_fr($v + 2 + $x) should work now (it uses fixup_var_int_1 which is RVE-safe). t_set_fr("$v") is now equivalent with t_set_fr($v). --- action.c | 49 +++++++++++++++++++++++------------- cfg.y | 51 +++++++++++++++++++++---------------- route.c | 76 ++++++++++++++++++++++++++++---------------------------- route_struct.h | 3 +- sr_module.c | 26 +++++++++++++++++++ sr_module.h | 13 +++++++++ 6 files changed, 139 insertions(+), 79 deletions(-) Diff: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=8f3…

1 0

git:kamailio_3.0: PKG Debian: More version support
by Jon Bonilla 01 Jun '10

01 Jun '10

Module: sip-router Branch: kamailio_3.0 Commit: 64db1af36c67e7ecb5bc3451f94a11b69edc1fa6 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=64db1af… Author: Jon Bonilla <manwe(a)aholab.ehu.es> Committer: Jon Bonilla <manwe(a)aholab.ehu.es> Date: Wed Jun 2 00:49:56 2010 +0200 PKG Debian: More version support - debian-squeeze added. Purple excluded from the compile list. Seems that purple module does not work with libpurple 2.7+ - ubuntu-lucid added Universe has to be enabled in sources.list for radius and memcached module dependency matching --- pkg/kamailio/debian-squeeze/changelog | 52 +++++ pkg/kamailio/debian-squeeze/compat | 1 + pkg/kamailio/debian-squeeze/control | 225 ++++++++++++++++++++ pkg/kamailio/debian-squeeze/copyright | 27 +++ pkg/kamailio/debian-squeeze/kamailio.README.Debian | 38 ++++ pkg/kamailio/debian-squeeze/kamailio.default | 24 ++ pkg/kamailio/debian-squeeze/kamailio.dirs | 2 + pkg/kamailio/debian-squeeze/kamailio.examples | 2 + pkg/kamailio/debian-squeeze/kamailio.init | 170 +++++++++++++++ pkg/kamailio/debian-squeeze/kamailio.postinst | 48 ++++ pkg/kamailio/debian-squeeze/rules | 220 +++++++++++++++++++ pkg/kamailio/ubuntu-lucid | 1 + 12 files changed, 810 insertions(+), 0 deletions(-) Diff: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=64d…

1 0

commit policies
by Jon Bonilla 01 Jun '10

01 Jun '10

Hi! A question about development and commit policies. I am going to make different changes in the debian packaging files. I have commited a couple of changes into kamailio_3.0 branch but I am not sure about if that's the right thing to do. Should I create my own branch and merge after the changes? Commit to master? To kamailio branch? Thanks for the wellcome. Happy to be here and help!

3 2

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev June 2010