Luigi Rizzo [Tue, 24 Oct 2006 17:14:12 +0000 (17:14 +0000)]
i really think it is safe to commit this version, that
simplifies the manager queue handling as described in
the comment, and will make a lot easier to make further
work on this code.
Russell Bryant [Tue, 24 Oct 2006 01:28:45 +0000 (01:28 +0000)]
Merged revisions 46067 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r46067 | russell | 2006-10-23 21:27:42 -0400 (Mon, 23 Oct 2006) | 7 lines
In muted.c, check the return value of strdup. In ael_main.c, check the return
value of calloc. (issue #8157)
In passing fix a few minor bugs in ael_main.c. The last argument to strncpy()
was a hard-coded 100, where it should have been 99. I changed this to use
sizeof() - 1.
Luigi Rizzo [Mon, 23 Oct 2006 21:46:15 +0000 (21:46 +0000)]
Unlike ast_strdup(), ast_strdupa() does not take a NULL pointer as argument,
so fix the places where this might happen.
This is also a fix that ought to go into 1.4
[The difference between the two functions is a bit confusing,
and in asterisk i believe all string handling functions
should be able to handl a NULL string as argument,
but changing the API in trunk and not in 1.4 would make
backporting harder.]
Luigi Rizzo [Mon, 23 Oct 2006 17:41:03 +0000 (17:41 +0000)]
another use for parse_uri().
On passing, remove a wrong comment (that probably I wrote
myself!) and introduce a temporary variable to avoid a
misleading cast.
Luigi Rizzo [Mon, 23 Oct 2006 15:45:36 +0000 (15:45 +0000)]
+ make sure parse_uri never returns NULL pointers - this
simplifies its usage.
+ add another client for parse_uri, in handling Contact: strings
(on passing, document the content of the "fullcontact" field);
+ in register_verify(), mark with XXX what i believe is another
misinterpretation on the URI format when '@' is missing.
No code changed here, so no fixes applied.
Luigi Rizzo [Mon, 23 Oct 2006 15:08:40 +0000 (15:08 +0000)]
After reading better the SIP RFC on sip URI (19.1.1)
fix parse_uri() to interpret a missing userinfo
section as a domain-only URI, and comment a wrong
interpretation of the above in check_user_full().
The function has been patched to preserve the existing
behaviour (in what admittedly is a corner case, but
could be received under attacks).
Hopefully the From: based matching will go away soon!
Luigi Rizzo [Mon, 23 Oct 2006 14:35:37 +0000 (14:35 +0000)]
in function get_also_info(), move argument stripping
before splitting around the @, otherwise the refer_to_domain
might contain arguments as well, causing failures.
I think this is a true bug that ought to be fixed in 1.4 as well.
Luigi Rizzo [Mon, 23 Oct 2006 11:08:47 +0000 (11:08 +0000)]
More cleanup of check_user_full with no functional change
apart from a small (but disabled by default) new option.
In detail:
+ introduce a new value for enum check_auth_result, AUTH_DONT_KNOW,
used (read below) when a function does not have a conclusive response.
Possibly this is the same as AUTH_NOT_FOUND, but need to check further.
+ move the large blocks (checking in the users list and in the peers
list, respectively) from check_user_full() to separate functions.
They return AUTH_DONT_KNOW in case they don't find a match, so
the caller know that it has to try the next method.
There is still some duplication of code here, but i
have not tried yet to remove it.
+ [new option] a new option in sip.conf, match_auth_username,
has been introduced, and disabled by default.
If set, and the incoming request carries authentication info,
the username to match in the users list is taken from there
rather than from the From: field.
This change is easy to identify, being made of
- one line to declare the variable match_auth_username
- a block of 15 lines in check_user_full()
- one line in sip list settings
- two lines for parsing the config file.
check_user_full() is now a lot cleaner - basically a sequence of
checks that are applied to the request. This will help future
work with new matching schemes.
Luigi Rizzo [Sun, 22 Oct 2006 19:09:25 +0000 (19:09 +0000)]
Fix a few issues in the previous (disabled) HTTPS code,
and support linux as well (using fopencookie(), which should
be available in glibc).
Update configure.ac to check for funopen (BSD) and fopencookie(glibc),
and while we are at it also for gethostbyname_r
(the generated files need to be updated, or you need
to run bootstrap.sh yourself).
Document the new options in http.conf.sample
(names are only tentative, better ones are welcome).
At this point we can safely enable the option.
Anyone willing to try this on Sun and Apple platforms ?
Luigi Rizzo [Sun, 22 Oct 2006 12:02:35 +0000 (12:02 +0000)]
Implement https support.
The changes are not large. Most of the diff comes from putting the
global variables describing an accept session into a structure, so
we can reuse the existing code for running multiple accept threads
on different ports.
Once this is done, and if your system has the funopen() library
function (and ssl, of course), it is just a matter of calling
the appropriate functions to set up the ssl connection on the
existing socket, and everything works on the secure channel now.
At the moment, the code is disabled because i have not implemented yet
the autoconf code to detect the presence of funopen(), and add -lssl
to main/Makefile if ssl libraries are present. And a bit of documentation
on the http.conf arguments, too.
If you want to manually enable https support, that is very simple
(step 0 1 2 will be eventually detected by ./configure, the
rest is something you will have to do anyways).
0. make sure your system has funopen(3). FreeBSD does, linux probably
does too, not sure about other systems.
1. uncomment the following line in main/http.c
// #define DO_SSL /* comment in/out if you want to support ssl */
2. add -lssl to AST_LIBS in main/Makefile
3. add the following options to http.conf
sslenable=yes
sslbindport=4433 ; pick one you like
sslcert=/tmp/foo.pem ; path to your certificate file.
4. generate a suitable certificate e.g. (example from mini_httpd's Makefile:
Luigi Rizzo [Sun, 22 Oct 2006 08:28:16 +0000 (08:28 +0000)]
it is useless and possibly wrong to use ast_cli() to send the
reply back to http clients.
Use fprintf/fwrite instead, since we are already using a FILE *
to read the input.
If you wonder why, this is because it makes it trivial to
implement https support (as long as your system has funopen()).
And this is what i am going to put in with the next few commits...
Joshua Colp [Sun, 22 Oct 2006 04:44:43 +0000 (04:44 +0000)]
Let's have build.h created a bit earlier so that func_version can use it and not stop the build on a fresh machine that has never had Asterisk installed on it before...
Don't use promotion on Darwin because it doesn't seem to work quite right in all cases, this should solve the unresolved symbol issue people have been seeing.
Luigi Rizzo [Fri, 20 Oct 2006 20:59:06 +0000 (20:59 +0000)]
introduce sip_pvt_lock() and sip_pvt_unlock() wrappers to
lock these data structures.
This improve readability, and also hides the underlying
locking mechanism so it is a lot easier to add diagnostic
code, or move the object locks somewhere else, etc.
On passing, rename the lock field in sip_pvt to pvt_lock,
also for ease of readability.
Luigi Rizzo [Fri, 20 Oct 2006 11:24:43 +0000 (11:24 +0000)]
minor comment changes, code rearrangement and field renaming
to minimize diffs with future modifications.
The current implementation is problematic for the following reasons:
+ all insertions are O(N) because the event list does not have a tail
pointer;
+ there is only a single lock protecting both session and users queues.
+ the implementation of the queue itself is not documented.
I think i have figured it out, more or less, but am unclear on
whether there is proper locking in place
The rewrite (which i have working locally) uses a tailq so insertions
are O(1), separate locks for the event and session queues, and has
a documented implementation so hopefully we can figure out if/where
bug exist.
Steve Murphy [Thu, 19 Oct 2006 22:06:27 +0000 (22:06 +0000)]
This new function, VERSION(), created via bug report 8176, may help dialplan programmers in the future. In the meantime, they can use the algorithm I outline on the bug report notes; If anyone invents something better, I'd hope they post it
Luigi Rizzo [Thu, 19 Oct 2006 07:43:43 +0000 (07:43 +0000)]
more documentation of data structure and functions.
Of interest:
+ ast_get_manager_by_name_locked() is now without the ast_
prefix as it is a local function;
+ unuse_eventqent() renamed to unref_event(), and returns
the pointer to the next entry.
+ marked with XXX a couple of usages of unref_event()
because i suspect we are addressing the wrong entry.
Kevin P. Fleming [Thu, 19 Oct 2006 02:16:34 +0000 (02:16 +0000)]
restore freeing of threadstorage objects without custom cleanup functions
allow custom threadstorage init functions to return failure
use a custom init function for chan_sip's temp_pvt, to improve performance a bit
Russell Bryant [Thu, 19 Oct 2006 01:00:57 +0000 (01:00 +0000)]
Extend the thread storage API such that a custom initialization function can
be called for each thread specific object after they are allocated. Note that
there was already the ability to define a custom cleanup function. Also, if
the custom cleanup function is used, it *MUST* call free on the thread
specific object at the end. There is no way to have this magically done that
I can think of because the cleanup function registered with the pthread
implementation will only call the function back with a pointer to the
thread specific object, not the parent ast_threadstorage object.
Joshua Colp [Wed, 18 Oct 2006 22:19:57 +0000 (22:19 +0000)]
Just for Nicholson - here's an option, C, to Meetme that will allow it to continue in the dialplan if the person is kicked out. (issue #7994 reported by mnicholson with mods by myself)
Luigi Rizzo [Wed, 18 Oct 2006 21:30:21 +0000 (21:30 +0000)]
+ move output_format variables in the http section of the file;
+ more comments on struct mansession and global variables;
+ small improvements to the session matching code so it supports
multiple sessions from the same IP
Luigi Rizzo [Wed, 18 Oct 2006 17:45:50 +0000 (17:45 +0000)]
despite the large changes, this commit only moves functions
around so that functions belonging to the same group are
close to each other.
At the beginning of each group i have added a bit of documentation
to explain what the group does and what is the typical flow - basically,
all i have learned by code inspection over the past few days should
be documented for you to read.
I have not put many doxygen annotations just because i am not
sure what are the proper ones. Hopefully some doxygen experts will jump in.
Next on the plate: try to figure out how "struct eventqent"
are supposed to work.
Luigi Rizzo [Wed, 18 Oct 2006 15:49:40 +0000 (15:49 +0000)]
comment and cleanup the main thread.
On passing, fix a bug: close the socket if the allocation
of a structure for the new session fails.
(the bugfix is a candidate for 1.4)
Luigi Rizzo [Wed, 18 Oct 2006 14:21:15 +0000 (14:21 +0000)]
create a new (internal, for the time being) function astman_start_ack()
to start manager responses that need further lines.
This removes a lot of duplicate code from the various handlers
that at the moment build an ActionID string themselves.
Once settled, the function should move to manager.h so
it can be used by other files (chan_agent, chan_iax2, chan_sip,
chan_zap, res_jabber and app_queue).
I am not totally clear if there is a preferred position for
the ActionID: line in a message. Some instances put it at
the end, but one would argue that it is preferable to have
it at the beginning.
Luigi Rizzo [Wed, 18 Oct 2006 13:23:22 +0000 (13:23 +0000)]
create proper handlers for "Challenge" and "Login" actions,
rather than use inline code for them.
Things are more readable this way, and also error processing
is more consistent.
Luigi Rizzo [Wed, 18 Oct 2006 06:28:34 +0000 (06:28 +0000)]
+ move the enum declaration for output formats near the head
of the file, so it can be used from more places;
+ make the declaration of contenttype[] more robust;
+ remove the wrappers around __xml_translate(), since they were
used only in one place, and rename to xml_translate().
This allows for a bit of simplifications.
+ document the output produced by the above function.
Luigi Rizzo [Wed, 18 Oct 2006 05:31:54 +0000 (05:31 +0000)]
merge xml_translate() and html_translate() into one function since
they do similar things.
Add a small form on top of the html output so request like
http://foo:8088/asterisk/manager will suggest you what to do.
Note: i suspect there is still a bug somewhere in the session matching
code, as sometimes you have to login twice in order for the following
commands to be recognised.
Apart from this, the cli now is basically usable from a web form!
Luigi Rizzo [Wed, 18 Oct 2006 04:05:56 +0000 (04:05 +0000)]
various code simplifications to reduce nesting depth,
minor optimizations to avoid extra calls of strlen(),
and some variable localization.
One feature worth backporting is the move of ast_variables_destroy()
to a different place in handle_uri() to avoid leaking memory
in case a uri is not found.
Russell Bryant [Wed, 18 Oct 2006 02:46:39 +0000 (02:46 +0000)]
Merged revisions 45441 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r45441 | russell | 2006-10-17 22:41:36 -0400 (Tue, 17 Oct 2006) | 7 lines
Don't attempt to access private data members of the pthread_mutex_t object,
because this does not work on all linux systems. Instead, just access
the reentrancy field in the ast_mutex_info struct when DEBUG_THREADS is
enabled. If DEBUG_CHANNEL_LOCKS is enabled, the developer probably has
DEBUG_THREADS on as well.
(issue #8139, me)
optimize the 'quick response' code a bit more... no more malloc() or memset() for each response
expand stringfields API a bit to allow reusing the stringfield pool on a structure when needed, and remove some unnecessary code when the structure was being freed
Don't create a "real" pvt structure for requests that shouldn't be able to create one. Instead use a temporary pvt and fill it with enough information so we can send a reply.
Don't create a "real" pvt structure for requests that shouldn't be able to create one. Instead use a temporary pvt and fill it with enough information so we can send a reply.
projects / thirdparty / asterisk.git / log
