sr-dev April 2020

sr-dev@lists.kamailio.org

33 participants
420 discussions

git:5.2:b6f40ec3: http_async_client: do not set global avp lists from t on async callback

by Federico Cabiddu

Module: kamailio Branch: 5.2 Commit: b6f40ec3016961d9e2f97b40bc6a05c752780b4f URL: https://github.com/kamailio/kamailio/commit/b6f40ec3016961d9e2f97b40bc6a05c… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Federico Cabiddu <federico.cabiddu(a)gmail.com> Date: 2020-04-20T09:51:59+02:00 http_async_client: do not set global avp lists from t on async callback - they are done by fake_env() used inside t_continue() - they were set without reset, living in the process context, resulting in invalid access when async callback was executed with faked_msg - related to #2286 (cherry picked from commit 1bc3bbd010705ee247345c1ed9b36210bb8d9ed1) --- Modified: src/modules/http_async_client/async_http.c --- Diff: https://github.com/kamailio/kamailio/commit/b6f40ec3016961d9e2f97b40bc6a05c… Patch: https://github.com/kamailio/kamailio/commit/b6f40ec3016961d9e2f97b40bc6a05c… --- diff --git a/src/modules/http_async_client/async_http.c b/src/modules/http_async_client/async_http.c index c459d564a8..2aa6681a7d 100644 --- a/src/modules/http_async_client/async_http.c +++ b/src/modules/http_async_client/async_http.c @@ -212,7 +212,7 @@ void async_http_cb(struct http_m_reply *reply, void *param) } strncpy(q_id, aq->id, strlen(aq->id)); - + q_id[strlen(aq->id)] = '\0'; cfg_update(); @@ -227,16 +227,10 @@ void async_http_cb(struct http_m_reply *reply, void *param) free_async_query(aq); return; } - // we bring the list of AVPs of the transaction to the current context - set_avp_list(AVP_TRACK_FROM | AVP_CLASS_URI, &t->uri_avps_from); - set_avp_list(AVP_TRACK_TO | AVP_CLASS_URI, &t->uri_avps_to); - set_avp_list(AVP_TRACK_FROM | AVP_CLASS_USER, &t->user_avps_from); - set_avp_list(AVP_TRACK_TO | AVP_CLASS_USER, &t->user_avps_to); - set_avp_list(AVP_TRACK_FROM | AVP_CLASS_DOMAIN, &t->domain_avps_from); - set_avp_list(AVP_TRACK_TO | AVP_CLASS_DOMAIN, &t->domain_avps_to); - - if (t) + + if (t) { tmb.unref_cell(t); + } LM_DBG("resuming transaction (%d:%d)\n", tindex, tlabel);

4 years, 7 months

git:5.3:ff48cc53: http_async_client: do not set global avp lists from t on async callback

by Federico Cabiddu

Module: kamailio Branch: 5.3 Commit: ff48cc5311d55176118ad57cf2d4417a2d229766 URL: https://github.com/kamailio/kamailio/commit/ff48cc5311d55176118ad57cf2d4417… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Federico Cabiddu <federico.cabiddu(a)gmail.com> Date: 2020-04-20T09:51:42+02:00 http_async_client: do not set global avp lists from t on async callback - they are done by fake_env() used inside t_continue() - they were set without reset, living in the process context, resulting in invalid access when async callback was executed with faked_msg - related to #2286 (cherry picked from commit 1bc3bbd010705ee247345c1ed9b36210bb8d9ed1) --- Modified: src/modules/http_async_client/async_http.c --- Diff: https://github.com/kamailio/kamailio/commit/ff48cc5311d55176118ad57cf2d4417… Patch: https://github.com/kamailio/kamailio/commit/ff48cc5311d55176118ad57cf2d4417… --- diff --git a/src/modules/http_async_client/async_http.c b/src/modules/http_async_client/async_http.c index e468a955dc..5edf67ee5d 100644 --- a/src/modules/http_async_client/async_http.c +++ b/src/modules/http_async_client/async_http.c @@ -212,7 +212,7 @@ void async_http_cb(struct http_m_reply *reply, void *param) } strncpy(q_id, aq->id, strlen(aq->id)); - + q_id[strlen(aq->id)] = '\0'; cfg_update(); @@ -227,16 +227,10 @@ void async_http_cb(struct http_m_reply *reply, void *param) free_async_query(aq); return; } - // we bring the list of AVPs of the transaction to the current context - set_avp_list(AVP_TRACK_FROM | AVP_CLASS_URI, &t->uri_avps_from); - set_avp_list(AVP_TRACK_TO | AVP_CLASS_URI, &t->uri_avps_to); - set_avp_list(AVP_TRACK_FROM | AVP_CLASS_USER, &t->user_avps_from); - set_avp_list(AVP_TRACK_TO | AVP_CLASS_USER, &t->user_avps_to); - set_avp_list(AVP_TRACK_FROM | AVP_CLASS_DOMAIN, &t->domain_avps_from); - set_avp_list(AVP_TRACK_TO | AVP_CLASS_DOMAIN, &t->domain_avps_to); - - if (t) + + if (t) { tmb.unref_cell(t); + } LM_DBG("resuming transaction (%d:%d)\n", tindex, tlabel);

4 years, 7 months

[kamailio/kamailio] tls: add sel for tls verified cert chain (requires OpenSSL 1.1+) (#2289)

by Armen Babikyan

* New Feature * Changes Tested Locally This sel variable allows a kam script to get access to not just the peer certificate (at index 0), but when a certificate is successfully verified, the entire chain of certificates that were used to verify the peer certificate (at index 1, 2, 3, etc). This functionality is provided by OpenSSL's SSL_get0_verified_chain() function, which is only available in OpenSSL 1.1.0+ (which is why there is an #if for this feature) This is important when a server trusts many CAs - without this addition, I don't think that it is definitively possible to tell which CA signed the verified certificate, leading to security issues if one of the trusted CAs was compromised and was used to sign certificates that look like they were signed by another issuing CA. You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/2289 -- Commit Summary -- * tls: add sel for tls verified cert chain (requires OpenSSL 1.1+) -- File Changes -- M src/modules/tls/tls_select.c (121) -- Patch Links -- https://github.com/kamailio/kamailio/pull/2289.patch https://github.com/kamailio/kamailio/pull/2289.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/2289

4 years, 7 months

git:master:94942eb7: tls: add sel for tls verified cert chain (requires OpenSSL 1.1+) (#2289)

by GitHub

Module: kamailio Branch: master Commit: 94942eb788872f00c2d77e7373fbb416af667a2b URL: https://github.com/kamailio/kamailio/commit/94942eb788872f00c2d77e7373fbb41… Author: Armen Babikyan <armenb(a)mit.edu> Committer: GitHub <noreply(a)github.com> Date: 2020-04-20T09:51:26+02:00 tls: add sel for tls verified cert chain (requires OpenSSL 1.1+) (#2289) * tls: add sel for tls verified cert chain (requires OpenSSL 1.1+) * remove extra tcpconn_put() call Co-authored-by: Armen Babikyan <armen(a)firespotter.com> --- Modified: src/modules/tls/tls_select.c --- Diff: https://github.com/kamailio/kamailio/commit/94942eb788872f00c2d77e7373fbb41… Patch: https://github.com/kamailio/kamailio/commit/94942eb788872f00c2d77e7373fbb41…

4 years, 7 months

git:master:ff174bb6: presence: init and destroy full presentity caching table

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: ff174bb6432b3bb971f8b291c9420545c858ef19 URL: https://github.com/kamailio/kamailio/commit/ff174bb6432b3bb971f8b291c942054… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2020-04-20T09:12:24+02:00 presence: init and destroy full presentity caching table --- Modified: src/modules/presence/presence.c --- Diff: https://github.com/kamailio/kamailio/commit/ff174bb6432b3bb971f8b291c942054… Patch: https://github.com/kamailio/kamailio/commit/ff174bb6432b3bb971f8b291c942054… --- diff --git a/src/modules/presence/presence.c b/src/modules/presence/presence.c index 779a6016fd..4100de87a1 100644 --- a/src/modules/presence/presence.c +++ b/src/modules/presence/presence.c @@ -406,12 +406,14 @@ static int mod_init(void) } } - if(publ_cache_mode==PS_PCACHE_HYBRID) { + if(publ_cache_mode==PS_PCACHE_HYBRID || publ_cache_mode==PS_PCACHE_RECORD) { if(phtable_size < 1) phtable_size = 256; else phtable_size = 1 << phtable_size; + } + if(publ_cache_mode==PS_PCACHE_HYBRID) { pres_htable = new_phtable(); if(pres_htable == NULL) { LM_ERR("initializing presentity hash table\n"); @@ -422,6 +424,10 @@ static int mod_init(void) LM_ERR("filling in presentity hash table from database\n"); goto dberror; } + } else if(publ_cache_mode==PS_PCACHE_RECORD) { + if(ps_ptable_init(phtable_size) < 0) { + goto dberror; + } } pres_startup_time = (int)time(NULL); @@ -594,19 +600,25 @@ static void destroy(void) timer_db_update(0, 0); } - if(subs_htable) + if(subs_htable) { destroy_shtable(subs_htable, shtable_size); + } - if(pres_htable) + if(pres_htable) { destroy_phtable(); + } - if(pa_db && pa_dbf.close) + if(pa_db && pa_dbf.close) { pa_dbf.close(pa_db); + } - if(pres_notifier_id != NULL) + if(pres_notifier_id != NULL) { shm_free(pres_notifier_id); + } destroy_evlist(); + + ps_ptable_destroy(); } static int fixup_presence(void **param, int param_no)

4 years, 7 months

git:master:f2c65b4c: presence: define modes for publ_cache parameter

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: f2c65b4cc919fe066e11e08b4739b786177557d7 URL: https://github.com/kamailio/kamailio/commit/f2c65b4cc919fe066e11e08b4739b78… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2020-04-20T09:12:24+02:00 presence: define modes for publ_cache parameter --- Modified: src/modules/presence/notify.c Modified: src/modules/presence/presence.c Modified: src/modules/presence/presence.h Modified: src/modules/presence/presentity.c Modified: src/modules/presence/publish.c --- Diff: https://github.com/kamailio/kamailio/commit/f2c65b4cc919fe066e11e08b4739b78… Patch: https://github.com/kamailio/kamailio/commit/f2c65b4cc919fe066e11e08b4739b78…

4 years, 7 months

git:master:4b6d4fc2: presence: in-memory presentity update function

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 4b6d4fc2d733032391dc8575b594c3e29d06b93e URL: https://github.com/kamailio/kamailio/commit/4b6d4fc2d733032391dc8575b594c3e… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2020-04-20T09:12:24+02:00 presence: in-memory presentity update function - more functions exposed in the header file --- Modified: src/modules/presence/hash.c Modified: src/modules/presence/hash.h --- Diff: https://github.com/kamailio/kamailio/commit/4b6d4fc2d733032391dc8575b594c3e… Patch: https://github.com/kamailio/kamailio/commit/4b6d4fc2d733032391dc8575b594c3e… --- diff --git a/src/modules/presence/hash.c b/src/modules/presence/hash.c index 01313a002e..43fcf05eee 100644 --- a/src/modules/presence/hash.c +++ b/src/modules/presence/hash.c @@ -1001,6 +1001,56 @@ int ps_ptable_insert(ps_presentity_t *pt) */ int ps_ptable_update(ps_presentity_t *pt) { + ps_presentity_t ptc; + ps_presentity_t *ptn = NULL; + int idx = 0; + + /* copy struct to fill in missing fields */ + memcpy(&ptc, pt, sizeof(ps_presentity_t)); + + ptc.hashid = core_case_hash(&pt->user, &pt->domain, 0); + + if(ptc.ruid.s == NULL) { + if(sruid_next(&pres_sruid) < 0) { + return -1; + } + ptc.ruid = pres_sruid.uid; + } + + idx = ptn->hashid % _ps_ptable->ssize; + + lock_get(&_ps_ptable->slots[idx].lock); + ptn = _ps_ptable->slots[idx].plist; + while(ptn!=NULL) { + if(ps_presentity_match(ptn, &ptc, 0)==1) { + if(ptn->next) { + ptn->next->prev = ptn->prev; + } + if(ptn->prev) { + ptn->prev->next = ptn->next; + } else { + _ps_ptable->slots[idx].plist = ptn->next; + } + break; + } + ptn = ptn->next; + } + + ptn = ps_presentity_new(&ptc, 0); + if(ptn==NULL) { + lock_release(&_ps_ptable->slots[idx].lock); + return -1; + } + + if(_ps_ptable->slots[idx].plist == NULL) { + _ps_ptable->slots[idx].plist = ptn; + } else { + _ps_ptable->slots[idx].plist->prev = ptn; + ptn->next = _ps_ptable->slots[idx].plist; + _ps_ptable->slots[idx].plist = ptn; + } + lock_release(&_ps_ptable->slots[idx].lock); + return 0; } diff --git a/src/modules/presence/hash.h b/src/modules/presence/hash.h index 26514af276..29753e6228 100644 --- a/src/modules/presence/hash.h +++ b/src/modules/presence/hash.h @@ -167,6 +167,10 @@ typedef struct ps_ptable { ps_pslot_t *slots; } ps_ptable_t; +ps_presentity_t *ps_presentity_new(ps_presentity_t *pt, int mtype); +void ps_presentity_free(ps_presentity_t *pt, int mtype); +void ps_presentity_list_free(ps_presentity_t *pt, int mtype); +int ps_presentity_match(ps_presentity_t *pta, ps_presentity_t *ptb, int mmode); int ps_ptable_init(int ssize); void ps_ptable_destroy(void); int ps_ptable_insert(ps_presentity_t *pt);

4 years, 7 months

[kamailio/kamailio] tls: fix raw vs urlencoded behavior in sel_ssl_cert() (#2291)

by Armen Babikyan

* Small bugfix * Changes Tested locally In addressing Daniel's comments on https://github.com/kamailio/kamailio/pull/2268#issuecomment-609935161, I realized that I misunderstood how select variables get resolved to data structures. This patch fixes the sel_ssl_cert() implementation so that $sel((a)tls.my.raw_cert), $sel((a)tls.my.urlencoded_cert), $sel((a)tls.peer.raw_cert), and $sel((a)tls.peer.urlencoded_cert) all evaluate to expected outputs. You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/2291 -- Commit Summary -- * tls: fix raw vs urlencoded behavior in sel_ssl_cert() -- File Changes -- M src/modules/tls/tls_select.c (28) -- Patch Links -- https://github.com/kamailio/kamailio/pull/2291.patch https://github.com/kamailio/kamailio/pull/2291.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/2291

4 years, 7 months

git:master:e5d2ac2c: tls: fix raw vs urlencoded behavior in sel_ssl_cert()

by Henning Westerholt

Module: kamailio Branch: master Commit: e5d2ac2c925757b37fd0a8e25839b7d5bd5299b0 URL: https://github.com/kamailio/kamailio/commit/e5d2ac2c925757b37fd0a8e25839b7d… Author: Armen Babikyan <armen(a)firespotter.com> Committer: Henning Westerholt <hw(a)skalatan.de> Date: 2020-04-19T12:36:56+02:00 tls: fix raw vs urlencoded behavior in sel_ssl_cert() --- Modified: src/modules/tls/tls_select.c --- Diff: https://github.com/kamailio/kamailio/commit/e5d2ac2c925757b37fd0a8e25839b7d… Patch: https://github.com/kamailio/kamailio/commit/e5d2ac2c925757b37fd0a8e25839b7d… --- diff --git a/src/modules/tls/tls_select.c b/src/modules/tls/tls_select.c index d7bd9002ed..f899bef370 100644 --- a/src/modules/tls/tls_select.c +++ b/src/modules/tls/tls_select.c @@ -756,16 +756,18 @@ static int get_ssl_cert(str* res, int local, int urlencoded, sip_msg_t* msg) static int sel_ssl_cert(str* res, select_t* s, sip_msg_t* msg) { - int local=0, urlencoded=0; + int i, local = 0, urlencoded = 0; - switch(s->params[s->n - 2].v.i) { - case CERT_PEER: local = 0; break; - case CERT_LOCAL: local = 1; break; - case CERT_RAW: urlencoded = 0; break; - case CERT_URLENCODED: urlencoded = 1; break; - default: - BUG("Bug in call to sel_ssl_cert\n"); - return -1; + for(i = 1; i <= s->n - 1; i++) { + switch(s->params[i].v.i) { + case CERT_PEER: local = 0; break; + case CERT_LOCAL: local = 1; break; + case CERT_RAW: urlencoded = 0; break; + case CERT_URLENCODED: urlencoded = 1; break; + default: + BUG("Bug in call to sel_ssl_cert\n"); + return -1; + } } return get_ssl_cert(res, local, urlencoded, msg); @@ -1201,10 +1203,10 @@ select_row_t tls_sel[] = { { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("version"), sel_cert_version, 0}, - { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("rawCert"), sel_ssl_cert, CERT_RAW}, - { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("raw_cert"), sel_ssl_cert, CERT_RAW}, - { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("URLEncodedCert"), sel_ssl_cert, CERT_URLENCODED}, - { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("urlencoded_cert"), sel_ssl_cert, CERT_URLENCODED}, + { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("rawCert"), sel_ssl_cert, DIVERSION | CERT_RAW}, + { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("raw_cert"), sel_ssl_cert, DIVERSION | CERT_RAW}, + { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("URLEncodedCert"), sel_ssl_cert, DIVERSION | CERT_URLENCODED}, + { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("urlencoded_cert"), sel_ssl_cert, DIVERSION | CERT_URLENCODED}, { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("sn"), sel_sn, 0}, { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("serialNumber"), sel_sn, 0},

4 years, 7 months

Re: [sr-dev] [kamailio/kamailio] presence: functions to keep presentity records in memory (f917318)

by Emmanuel Schmidbauer

This is cool! much needed improvement. As always, great work @miconda ! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/commit/f917318c1e5fefa4106eaaf46123506…

4 years, 7 months

← Newer
1
...
19
20
21
22
23
24
25
...
42
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev April 2020