Luigi Rizzo [Sun, 22 Oct 2006 19:09:25 +0000 (19:09 +0000)]
Fix a few issues in the previous (disabled) HTTPS code,
and support linux as well (using fopencookie(), which should
be available in glibc).
Update configure.ac to check for funopen (BSD) and fopencookie(glibc),
and while we are at it also for gethostbyname_r
(the generated files need to be updated, or you need
to run bootstrap.sh yourself).
Document the new options in http.conf.sample
(names are only tentative, better ones are welcome).
At this point we can safely enable the option.
Anyone willing to try this on Sun and Apple platforms ?
Luigi Rizzo [Sun, 22 Oct 2006 12:02:35 +0000 (12:02 +0000)]
Implement https support.
The changes are not large. Most of the diff comes from putting the
global variables describing an accept session into a structure, so
we can reuse the existing code for running multiple accept threads
on different ports.
Once this is done, and if your system has the funopen() library
function (and ssl, of course), it is just a matter of calling
the appropriate functions to set up the ssl connection on the
existing socket, and everything works on the secure channel now.
At the moment, the code is disabled because i have not implemented yet
the autoconf code to detect the presence of funopen(), and add -lssl
to main/Makefile if ssl libraries are present. And a bit of documentation
on the http.conf arguments, too.
If you want to manually enable https support, that is very simple
(step 0 1 2 will be eventually detected by ./configure, the
rest is something you will have to do anyways).
0. make sure your system has funopen(3). FreeBSD does, linux probably
does too, not sure about other systems.
1. uncomment the following line in main/http.c
// #define DO_SSL /* comment in/out if you want to support ssl */
2. add -lssl to AST_LIBS in main/Makefile
3. add the following options to http.conf
sslenable=yes
sslbindport=4433 ; pick one you like
sslcert=/tmp/foo.pem ; path to your certificate file.
4. generate a suitable certificate e.g. (example from mini_httpd's Makefile:
Luigi Rizzo [Sun, 22 Oct 2006 08:28:16 +0000 (08:28 +0000)]
it is useless and possibly wrong to use ast_cli() to send the
reply back to http clients.
Use fprintf/fwrite instead, since we are already using a FILE *
to read the input.
If you wonder why, this is because it makes it trivial to
implement https support (as long as your system has funopen()).
And this is what i am going to put in with the next few commits...
Joshua Colp [Sun, 22 Oct 2006 04:44:43 +0000 (04:44 +0000)]
Let's have build.h created a bit earlier so that func_version can use it and not stop the build on a fresh machine that has never had Asterisk installed on it before...
Don't use promotion on Darwin because it doesn't seem to work quite right in all cases, this should solve the unresolved symbol issue people have been seeing.
Luigi Rizzo [Fri, 20 Oct 2006 20:59:06 +0000 (20:59 +0000)]
introduce sip_pvt_lock() and sip_pvt_unlock() wrappers to
lock these data structures.
This improve readability, and also hides the underlying
locking mechanism so it is a lot easier to add diagnostic
code, or move the object locks somewhere else, etc.
On passing, rename the lock field in sip_pvt to pvt_lock,
also for ease of readability.
Luigi Rizzo [Fri, 20 Oct 2006 11:24:43 +0000 (11:24 +0000)]
minor comment changes, code rearrangement and field renaming
to minimize diffs with future modifications.
The current implementation is problematic for the following reasons:
+ all insertions are O(N) because the event list does not have a tail
pointer;
+ there is only a single lock protecting both session and users queues.
+ the implementation of the queue itself is not documented.
I think i have figured it out, more or less, but am unclear on
whether there is proper locking in place
The rewrite (which i have working locally) uses a tailq so insertions
are O(1), separate locks for the event and session queues, and has
a documented implementation so hopefully we can figure out if/where
bug exist.
Steve Murphy [Thu, 19 Oct 2006 22:06:27 +0000 (22:06 +0000)]
This new function, VERSION(), created via bug report 8176, may help dialplan programmers in the future. In the meantime, they can use the algorithm I outline on the bug report notes; If anyone invents something better, I'd hope they post it
Luigi Rizzo [Thu, 19 Oct 2006 07:43:43 +0000 (07:43 +0000)]
more documentation of data structure and functions.
Of interest:
+ ast_get_manager_by_name_locked() is now without the ast_
prefix as it is a local function;
+ unuse_eventqent() renamed to unref_event(), and returns
the pointer to the next entry.
+ marked with XXX a couple of usages of unref_event()
because i suspect we are addressing the wrong entry.
Kevin P. Fleming [Thu, 19 Oct 2006 02:16:34 +0000 (02:16 +0000)]
restore freeing of threadstorage objects without custom cleanup functions
allow custom threadstorage init functions to return failure
use a custom init function for chan_sip's temp_pvt, to improve performance a bit
Russell Bryant [Thu, 19 Oct 2006 01:00:57 +0000 (01:00 +0000)]
Extend the thread storage API such that a custom initialization function can
be called for each thread specific object after they are allocated. Note that
there was already the ability to define a custom cleanup function. Also, if
the custom cleanup function is used, it *MUST* call free on the thread
specific object at the end. There is no way to have this magically done that
I can think of because the cleanup function registered with the pthread
implementation will only call the function back with a pointer to the
thread specific object, not the parent ast_threadstorage object.
Joshua Colp [Wed, 18 Oct 2006 22:19:57 +0000 (22:19 +0000)]
Just for Nicholson - here's an option, C, to Meetme that will allow it to continue in the dialplan if the person is kicked out. (issue #7994 reported by mnicholson with mods by myself)
Luigi Rizzo [Wed, 18 Oct 2006 21:30:21 +0000 (21:30 +0000)]
+ move output_format variables in the http section of the file;
+ more comments on struct mansession and global variables;
+ small improvements to the session matching code so it supports
multiple sessions from the same IP
Luigi Rizzo [Wed, 18 Oct 2006 17:45:50 +0000 (17:45 +0000)]
despite the large changes, this commit only moves functions
around so that functions belonging to the same group are
close to each other.
At the beginning of each group i have added a bit of documentation
to explain what the group does and what is the typical flow - basically,
all i have learned by code inspection over the past few days should
be documented for you to read.
I have not put many doxygen annotations just because i am not
sure what are the proper ones. Hopefully some doxygen experts will jump in.
Next on the plate: try to figure out how "struct eventqent"
are supposed to work.
Luigi Rizzo [Wed, 18 Oct 2006 15:49:40 +0000 (15:49 +0000)]
comment and cleanup the main thread.
On passing, fix a bug: close the socket if the allocation
of a structure for the new session fails.
(the bugfix is a candidate for 1.4)
Luigi Rizzo [Wed, 18 Oct 2006 14:21:15 +0000 (14:21 +0000)]
create a new (internal, for the time being) function astman_start_ack()
to start manager responses that need further lines.
This removes a lot of duplicate code from the various handlers
that at the moment build an ActionID string themselves.
Once settled, the function should move to manager.h so
it can be used by other files (chan_agent, chan_iax2, chan_sip,
chan_zap, res_jabber and app_queue).
I am not totally clear if there is a preferred position for
the ActionID: line in a message. Some instances put it at
the end, but one would argue that it is preferable to have
it at the beginning.
Luigi Rizzo [Wed, 18 Oct 2006 13:23:22 +0000 (13:23 +0000)]
create proper handlers for "Challenge" and "Login" actions,
rather than use inline code for them.
Things are more readable this way, and also error processing
is more consistent.
Luigi Rizzo [Wed, 18 Oct 2006 06:28:34 +0000 (06:28 +0000)]
+ move the enum declaration for output formats near the head
of the file, so it can be used from more places;
+ make the declaration of contenttype[] more robust;
+ remove the wrappers around __xml_translate(), since they were
used only in one place, and rename to xml_translate().
This allows for a bit of simplifications.
+ document the output produced by the above function.
Luigi Rizzo [Wed, 18 Oct 2006 05:31:54 +0000 (05:31 +0000)]
merge xml_translate() and html_translate() into one function since
they do similar things.
Add a small form on top of the html output so request like
http://foo:8088/asterisk/manager will suggest you what to do.
Note: i suspect there is still a bug somewhere in the session matching
code, as sometimes you have to login twice in order for the following
commands to be recognised.
Apart from this, the cli now is basically usable from a web form!
Luigi Rizzo [Wed, 18 Oct 2006 04:05:56 +0000 (04:05 +0000)]
various code simplifications to reduce nesting depth,
minor optimizations to avoid extra calls of strlen(),
and some variable localization.
One feature worth backporting is the move of ast_variables_destroy()
to a different place in handle_uri() to avoid leaking memory
in case a uri is not found.
Russell Bryant [Wed, 18 Oct 2006 02:46:39 +0000 (02:46 +0000)]
Merged revisions 45441 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r45441 | russell | 2006-10-17 22:41:36 -0400 (Tue, 17 Oct 2006) | 7 lines
Don't attempt to access private data members of the pthread_mutex_t object,
because this does not work on all linux systems. Instead, just access
the reentrancy field in the ast_mutex_info struct when DEBUG_THREADS is
enabled. If DEBUG_CHANNEL_LOCKS is enabled, the developer probably has
DEBUG_THREADS on as well.
(issue #8139, me)
optimize the 'quick response' code a bit more... no more malloc() or memset() for each response
expand stringfields API a bit to allow reusing the stringfield pool on a structure when needed, and remove some unnecessary code when the structure was being freed
Don't create a "real" pvt structure for requests that shouldn't be able to create one. Instead use a temporary pvt and fill it with enough information so we can send a reply.
Don't create a "real" pvt structure for requests that shouldn't be able to create one. Instead use a temporary pvt and fill it with enough information so we can send a reply.
Luigi Rizzo [Tue, 17 Oct 2006 17:51:34 +0000 (17:51 +0000)]
Improve the XML formatting of responses coming from web interface.
Normal responses are sequences of lines of the form "Name: value",
with \r\n as line terminators and an empty line as a response
terminator.
Generi CLI commands, however, do not have such a clean formatting,
and the existing code failed to generate valid XML for them.
Obviously we can only use heuristics here, and we do the following:
- accept either \r or \n as a line terminator, trimming trailing whitespace;
- if a line does not have a ":" in it, assume that from this point on
we have unformatted data, and use "Opaque-data:" as a name;
- if a line does have a ":" in it, the Name field is not always
a legal identifier, so replace non-alphanum characters with underscores;
All the above is to be refined as we improve the formatting of
responses from the CLI.
And, all the above ought to go as a comment in the code rather than
just in a commit message...
Luigi Rizzo [Tue, 17 Oct 2006 17:19:31 +0000 (17:19 +0000)]
document xml_copy_escape() and add an extra function, namely
replace non-alphanum chars with underscore.
This is useful when building field names in xml formatting.
Joshua Colp [Mon, 16 Oct 2006 20:26:56 +0000 (20:26 +0000)]
In the course of a data this has been turned into an option to ignore replies, then ignore responses and finally I'm just getting rid of the option altogether and making it the default no matter what. C'est la vie!
Joshua Colp [Mon, 16 Oct 2006 16:26:23 +0000 (16:26 +0000)]
It's new directed pickup! This now features a more sane way of finding the channel to pick up (I snuck it into the tree on Friday... bet you didn't know I'd actually use it eh?). PICKUPMARK now also works in a different way, you should prefix it with _ when setting it so it gets inherited onto the channel(s) created in app_dial as directed pickup will now look for it on the target channel, not the originating channel. (BE-85)
Olle Johansson [Mon, 16 Oct 2006 13:20:21 +0000 (13:20 +0000)]
When adding new functions, please add a forward declaration.
I *know* it is not required, but it makes navigation easier and will help
when splitting up this large source code file.
Luigi Rizzo [Mon, 16 Oct 2006 11:29:22 +0000 (11:29 +0000)]
+ comment some unclear requirements for master_eventq
+ remove the need for an snprintf in astman_get_header()
+ fix comment for manager list eventq
+ localize one variable and minor code simplifications.
Luigi Rizzo [Mon, 16 Oct 2006 09:33:00 +0000 (09:33 +0000)]
protect access to first_action with actionlock.
Mark with XXX one place (during command execution) where
navigation should be protected with actionlock, but is not
because it would block requests for a long time.
To solve this properly we need to put reference counts in
the struct manager_action.
A suboptimal fix is to copy the record on a search and then
unlock the list while we work on the copy.
projects / thirdparty / asterisk.git / log
