RubyGems - oversip - Versions diffs - 0.9.0 - Mend

oversip 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (121) hide show

data/AUTHORS.txt +11 -0
data/LICENSE.txt +22 -0
data/README.md +16 -0
data/Rakefile +55 -0
data/bin/oversip +182 -0
data/ext/common/c_util.h +74 -0
data/ext/common/ruby_c_util.h +88 -0
data/ext/sip_parser/common_headers.h +209 -0
data/ext/sip_parser/ext_help.h +18 -0
data/ext/sip_parser/extconf.rb +3 -0
data/ext/sip_parser/sip_parser.c +29649 -0
data/ext/sip_parser/sip_parser.h +227 -0
data/ext/sip_parser/sip_parser_ruby.c +1292 -0
data/ext/stud/extconf.rb +27 -0
data/ext/stud/stud.tar.gz +0 -0
data/ext/stun/ext_help.h +16 -0
data/ext/stun/extconf.rb +3 -0
data/ext/stun/stun_ruby.c +391 -0
data/ext/utils/ext_help.h +14 -0
data/ext/utils/extconf.rb +3 -0
data/ext/utils/haproxy_protocol.c +6163 -0
data/ext/utils/haproxy_protocol.h +27 -0
data/ext/utils/ip_utils.c +5952 -0
data/ext/utils/ip_utils.h +61 -0
data/ext/utils/outbound_utils.c +3227 -0
data/ext/utils/outbound_utils.h +27 -0
data/ext/utils/utils_ruby.c +384 -0
data/ext/utils/utils_ruby.h +75 -0
data/ext/websocket_framing_utils/ext_help.h +18 -0
data/ext/websocket_framing_utils/extconf.rb +3 -0
data/ext/websocket_framing_utils/ws_framing_utils.h +46 -0
data/ext/websocket_framing_utils/ws_framing_utils_ruby.c +135 -0
data/ext/websocket_http_parser/ext_help.h +18 -0
data/ext/websocket_http_parser/extconf.rb +3 -0
data/ext/websocket_http_parser/ws_http_parser.c +2598 -0
data/ext/websocket_http_parser/ws_http_parser.h +86 -0
data/ext/websocket_http_parser/ws_http_parser_ruby.c +630 -0
data/lib/oversip/config.rb +541 -0
data/lib/oversip/config_validators.rb +126 -0
data/lib/oversip/errors.rb +7 -0
data/lib/oversip/fiber_pool.rb +56 -0
data/lib/oversip/launcher.rb +507 -0
data/lib/oversip/logger.rb +170 -0
data/lib/oversip/master_process.rb +67 -0
data/lib/oversip/posix_mq.rb +121 -0
data/lib/oversip/proxies_config.rb +169 -0
data/lib/oversip/ruby_ext/eventmachine.rb +38 -0
data/lib/oversip/sip/client_transaction.rb +587 -0
data/lib/oversip/sip/constants.rb +87 -0
data/lib/oversip/sip/grammar/name_addr.rb +27 -0
data/lib/oversip/sip/grammar/uri.rb +116 -0
data/lib/oversip/sip/launcher.rb +180 -0
data/lib/oversip/sip/listeners/ipv4_tcp_client.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_tcp_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_tls_client.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_tls_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_tls_tunnel_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_udp_server.rb +20 -0
data/lib/oversip/sip/listeners/ipv6_tcp_client.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_tcp_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_tls_client.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_tls_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_tls_tunnel_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_udp_server.rb +20 -0
data/lib/oversip/sip/listeners/reactor.rb +39 -0
data/lib/oversip/sip/listeners/tcp_client.rb +73 -0
data/lib/oversip/sip/listeners/tcp_reactor.rb +185 -0
data/lib/oversip/sip/listeners/tcp_server.rb +71 -0
data/lib/oversip/sip/listeners/tls_client.rb +117 -0
data/lib/oversip/sip/listeners/tls_server.rb +70 -0
data/lib/oversip/sip/listeners/tls_tunnel_reactor.rb +113 -0
data/lib/oversip/sip/listeners/tls_tunnel_server.rb +61 -0
data/lib/oversip/sip/listeners/udp_reactor.rb +213 -0
data/lib/oversip/sip/listeners.rb +28 -0
data/lib/oversip/sip/logic.rb +14 -0
data/lib/oversip/sip/message.rb +168 -0
data/lib/oversip/sip/message_processor.rb +202 -0
data/lib/oversip/sip/modules/core.rb +200 -0
data/lib/oversip/sip/modules/registrar_without_path.rb +75 -0
data/lib/oversip/sip/modules/user_assertion.rb +123 -0
data/lib/oversip/sip/proxy.rb +460 -0
data/lib/oversip/sip/request.rb +128 -0
data/lib/oversip/sip/response.rb +30 -0
data/lib/oversip/sip/rfc3263.rb +646 -0
data/lib/oversip/sip/server_transaction.rb +295 -0
data/lib/oversip/sip/sip.rb +74 -0
data/lib/oversip/sip/tags.rb +39 -0
data/lib/oversip/sip/timers.rb +55 -0
data/lib/oversip/sip/transport_manager.rb +129 -0
data/lib/oversip/syslogger_process.rb +119 -0
data/lib/oversip/tls.rb +179 -0
data/lib/oversip/utils.rb +25 -0
data/lib/oversip/version.rb +23 -0
data/lib/oversip/websocket/constants.rb +56 -0
data/lib/oversip/websocket/default_policy.rb +19 -0
data/lib/oversip/websocket/http_request.rb +63 -0
data/lib/oversip/websocket/launcher.rb +207 -0
data/lib/oversip/websocket/listeners/ipv4_tcp_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv4_tls_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv4_tls_tunnel_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv6_tcp_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv6_tls_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv6_tls_tunnel_server.rb +15 -0
data/lib/oversip/websocket/listeners/tcp_server.rb +265 -0
data/lib/oversip/websocket/listeners/tls_server.rb +69 -0
data/lib/oversip/websocket/listeners/tls_tunnel_server.rb +100 -0
data/lib/oversip/websocket/listeners.rb +12 -0
data/lib/oversip/websocket/ws_app.rb +75 -0
data/lib/oversip/websocket/ws_apps/ipv4_ws_sip_app.rb +21 -0
data/lib/oversip/websocket/ws_apps/ipv4_wss_sip_app.rb +21 -0
data/lib/oversip/websocket/ws_apps/ipv6_ws_sip_app.rb +21 -0
data/lib/oversip/websocket/ws_apps/ipv6_wss_sip_app.rb +22 -0
data/lib/oversip/websocket/ws_apps/ws_autobahn_app.rb +23 -0
data/lib/oversip/websocket/ws_apps/ws_sip_app.rb +156 -0
data/lib/oversip/websocket/ws_apps.rb +9 -0
data/lib/oversip/websocket/ws_framing.rb +597 -0
data/lib/oversip.rb +59 -0
data/test/oversip_test_helper.rb +20 -0
data/test/test_http_parser.rb +73 -0
data/test/test_sip_parser.rb +139 -0
metadata +256 -0

data/lib/oversip/sip/listeners/tcp_reactor.rb ADDED Viewed

@@ -0,0 +1,185 @@
+module OverSIP::SIP
+  class TcpReactor < Reactor
+    # Max size (bytes) of the buffered data when receiving message headers
+    # (avoid DoS attacks).
+    HEADERS_MAX_SIZE = 16384
+    def receive_data data
+      @state == :ignore and return
+      @buffer << data
+      while (case @state
+        when :init
+          @parser.reset
+          @parser_nbytes = 0
+          @state = :headers
+        when :headers
+          parse_headers
+          # TODO: Add a timer for the case in which an attacker sends us slow headers that never end:
+          #   http://ha.ckers.org/slowloris/.
+        when :body
+          get_body
+        when :finished
+          # Invoke the custom logic for requests.
+          if @msg.request?
+            process_request
+          else
+            process_response
+          end
+          # Set state to :init.
+          @state = :init
+          # Return true to continue processing possible remaining data.
+          true
+        when :ignore
+          false
+        end)
+      end  # while
+    end
+    def parse_headers
+      return false if @buffer.empty?
+      # Parse the currently buffered data. If parsing fails @parser_nbytes gets nil value.
+      unless @parser_nbytes = @parser.execute(@buffer.to_str, @parser_nbytes)
+        # The parsed data is invalid, however some data could be parsed so @parsed.parsed
+        # can be:
+        # - SIP::Request
+        # - SIP::Response
+        # - nil (the message is so wrong that cannot be neither a request or response).
+        if wrong_message = @parser.parsed
+          log_system_warn "parsing error for #{MSG_TYPE[wrong_message.class]}: \"#{@parser.error}\""
+        else
+          log_system_warn "parsing error: \"#{@parser.error}\""
+        end
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+      # Avoid flood attacks in TCP (very long headers).
+      if @parser_nbytes > HEADERS_MAX_SIZE
+        log_system_warn "DoS attack detected: headers size exceedes #{HEADERS_MAX_SIZE} bytes, closing connection with #{remote_desc}"
+        close_connection
+        # After closing client connection some data can still arrrive to "receive_data()"
+        # (explained in EM documentation). By setting @state = :ignore we ensure such
+        # remaining data is not processed.
+        @state = :ignore
+        return false
+      end
+      # If the parsing has not finished, it is correct in TCP so return false and wait for more data under :headers state.
+      return false  unless @parser.finished?
+      # At this point we've got a SIP::Request, SIP::Response or :outbound_keepalive symbol.
+      @msg = @parser.parsed
+      # Clear parsed data from the buffer.
+      @buffer.read(@parser_nbytes)
+      # Received data is a Outbound keealive.
+      if @msg == :outbound_keepalive
+        log_system_debug "Outbound keepalive received, replying single CRLF"  if $oversip_debug
+        # Reply a single CRLF over the same connection.
+        send_data CRLF
+        # If TCP then go back to :init state so possible remaining data would be processed.
+        @state = :init
+        return true
+      end
+      @parser.post_parsing
+      # Here we have received the entire headers of a SIP request or response. Fill some
+      # attributes.
+      @msg.connection = self
+      @msg.transport = self.class.transport
+      @msg.source_ip = @remote_ip
+      @msg.source_port = @remote_port
+      @msg.source_ip_type = @remote_ip_type || self.class.ip_type
+      unless valid_message?
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+      add_via_received_rport if @msg.request?
+      unless check_via_branch
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+      # Examine Content-Length header.
+      # In SIP over TCP Content-Length header is mandatory.
+      if (@body_length = @msg.content_length)
+        # There is body (or should be).
+        if @body_length > 0
+          @state = :body
+          # Return true to continue in get_body() method.
+          return true
+        # No body.
+        else
+          # Set :finished state and return true to process the parsed message.
+          @state = :finished
+          return true
+        end
+      # No Content-Length, invalid message!
+      else
+        # Log it and reply a 400 Bad Request (if it's a request).
+        # Close the connection, set :ignore state and return false to leave
+        # receive_data().
+        if @msg.request?
+          unless @msg.sip_method == :ACK
+            log_system_warn "request body size doesn't match Content-Length => 400"
+            @msg.reply 400, "Body size doesn't match Content-Length"
+          else
+            log_system_warn "ACK body size doesn't match Content-Length, ignoring it"
+          end
+        else
+          log_system_warn "response has not Content-Length header, ignoring it"
+        end
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+    end  # parse_headers
+    def get_body
+      # Return false until the buffer gets all the body.
+      return false if @buffer.size < @body_length
+      ### TODO: Creo que es mejor forzarlo a BINARY y no a UTF-8. Aunque IOBuffer ya lo saca siempre en BINARY.
+      # ¿Por qué lo forcé a UTF-8?
+      # RESPUESTA: Si no lo hago y resulta que el body no es UTF-8 válido, al añadir el body a los headers (que
+      # se generan como un string en UTF-8 (aunque contengan símbolos no UTF-8) fallaría. O todo UTF-8 (aunque
+      # tenga símbolos inválidos) o todo BINARY.
+      @msg.body = @buffer.read(@body_length).force_encoding(::Encoding::UTF_8)
+      @state = :finished
+      return true
+    end
+    # Parameters ip and port are just included because they are needed in UDP, so the API remains equal.
+    def send_sip_msg msg, ip=nil, port=nil
+      if self.error?
+        log_system_notice "SIP message could not be sent, connection is closed"
+        return false
+      end
+      send_data msg
+      true
+    end
+  end
+end

data/lib/oversip/sip/listeners/tcp_server.rb ADDED Viewed

@@ -0,0 +1,71 @@
+module OverSIP::SIP
+  class TcpServer < TcpReactor
+    attr_reader :outbound_flow_token
+    def post_connection
+      begin
+        @remote_port, @remote_ip = ::Socket.unpack_sockaddr_in(get_peername)
+      rescue => e
+        log_system_error "error obtaining remote IP/port (#{e.class}: #{e.message}), closing connection"
+        close_connection
+        @state = :ignore
+        return
+      end
+      log_system_info "connection opened from " << remote_desc
+      @connection_id = ::OverSIP::SIP::TransportManager.add_connection self, self.class, self.class.ip_type, @remote_ip, @remote_port
+      # Create an Outbound (RFC 5626) flow token for this connection.
+      @outbound_flow_token = ::OverSIP::SIP::TransportManager.add_outbound_connection self
+      ### Testing TCP keepalive.
+      # https://github.com/bklang/eventmachine/commit/74c65a56c733bc1b6f092e32a9f0d722501ade46
+      # http://tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/
+      if ::OverSIP::SIP.tcp_keepalive_interval
+        set_sock_opt Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, true
+        set_sock_opt Socket::SOL_TCP, Socket::TCP_KEEPIDLE, ::OverSIP::SIP.tcp_keepalive_interval  # First TCP ping.
+        set_sock_opt Socket::SOL_TCP, Socket::TCP_KEEPINTVL, ::OverSIP::SIP.tcp_keepalive_interval  # Interval between TCP pings.
+      end
+    end
+    def remote_desc force=nil
+      if force
+        @remote_desc = case @remote_ip_type
+          when :ipv4  ; "#{@remote_ip}:#{@remote_port.to_s}"
+          when :ipv6  ; "[#{@remote_ip}]:#{@remote_port.to_s}"
+          end
+      else
+        @remote_desc ||= case self.class.ip_type
+          when :ipv4  ; "#{@remote_ip}:#{@remote_port.to_s}"
+          when :ipv6  ; "[#{@remote_ip}]:#{@remote_port.to_s}"
+          end
+      end
+    end
+    def unbind cause=nil
+      @state = :ignore
+      # Remove the connection.
+      self.class.connections.delete @connection_id
+      # Remove the Outbound token flow.
+      ::OverSIP::SIP::TransportManager.delete_outbound_connection @outbound_flow_token
+      @local_closed = true  if cause == ::Errno::ETIMEDOUT
+      if $oversip_debug
+        log_msg = "connection from #{remote_desc} "
+        log_msg << ( @local_closed ? "locally closed" : "remotely closed" )
+        log_msg << " (cause: #{cause.inspect})"  if cause
+        log_system_debug log_msg
+      end
+    end
+  end
+end

data/lib/oversip/sip/listeners/tls_client.rb ADDED Viewed

@@ -0,0 +1,117 @@
+module OverSIP::SIP
+  class TlsClient < TcpClient
+    TLS_HANDSHAKE_MAX_TIME = 4
+    attr_writer :tls_validation
+    def initialize ip, port
+      super
+      @pending_messages = []
+    end
+    def connection_completed
+      @server_pems = []
+      @server_last_pem = false
+      start_tls({
+        :verify_peer => @tls_validation,
+        :cert_chain_file => ::OverSIP.tls_public_cert,
+        :private_key_file => ::OverSIP.tls_private_cert
+      })
+      # If the remote server does never send us a TLS certificate
+      # after the TCP connection we would leak by storing more and
+      # more messages in @pending_messages array.
+      @timer_tls_handshake = ::EM::Timer.new(TLS_HANDSHAKE_MAX_TIME) do
+        unless @connected
+          log_system_notice "TLS handshake not performed within #{TLS_HANDSHAKE_MAX_TIME} seconds, closing the connection"
+          close_connection
+        end
+      end
+    end
+    # Called for every certificate provided by the peer.
+    # This is just called in case @tls_validation is true.
+    def ssl_verify_peer pem
+      # TODO: Dirty workaround for bug https://github.com/eventmachine/eventmachine/issues/194.
+      return true  if @server_last_pem == pem
+      @server_last_pem = pem
+      @server_pems << pem
+      log_system_debug "received certificate num #{@server_pems.size} from server"  if $oversip_debug
+      # Validation must be done in ssl_handshake_completed after receiving all the certs, so return true.
+      return true
+    end
+    # This is called after all the calls to ssl_verify_peer().
+    def ssl_handshake_completed
+      log_system_info "TLS connection established to " << remote_desc
+      # @connected in TlsClient means "TLS connection" rather than
+      # just "TCP connection".
+      @connected = true
+      @timer_tls_handshake.cancel  if @timer_tls_handshake
+      if @tls_validation
+        validated, cert, tls_error, tls_error_string = ::OverSIP::TLS.validate @server_pems.pop, @server_pems
+        if validated
+          log_system_info "server provides a valid TLS certificate"
+          sip_identities = ::OverSIP::TLS.get_sip_identities(cert)
+          log_system_debug "SIP identities in peer cert: #{sip_identities.keys}"  if $oversip_debug
+        else
+          log_system_notice "server's TLS certificate validation failed (TLS error: #{tls_error.inspect}, description: #{tls_error_string.inspect})"
+          @pending_client_transactions.each do |client_transaction|
+            client_transaction.tls_validation_failed
+          end
+          @pending_client_transactions.clear
+          @pending_messages.clear
+          close_connection
+          @state = :ignore
+          return
+        end
+      end
+      @pending_client_transactions.clear
+      @pending_messages.each do |msg|
+        send_data msg
+      end
+      @pending_messages.clear
+    end
+    def unbind cause=nil
+      super
+      @timer_tls_handshake.cancel  if @timer_tls_handshake
+      @pending_messages.clear
+    end
+    # In TLS client, we must wait until ssl_handshake_completed is
+    # completed before sending data. If not, data will be sent in
+    # plain TCP.
+    #   http://dev.sipdoc.net/issues/457
+    def send_sip_msg msg, ip=nil, port=nil
+      if self.error?
+        log_system_notice "SIP message could not be sent, connection is closed"
+        return false
+      end
+      if @connected
+        send_data msg
+      else
+        log_system_debug "TLS handshake not completed yet, waiting before sending the message"  if $oversip_debug
+        @pending_messages << msg
+      end
+      true
+    end
+  end
+end

data/lib/oversip/sip/listeners/tls_server.rb ADDED Viewed

@@ -0,0 +1,70 @@
+module OverSIP::SIP
+  class TlsServer < TcpServer
+    TLS_HANDSHAKE_MAX_TIME = 8
+    def post_init
+      @client_pems = []
+      @client_last_pem = false
+      start_tls({
+        :verify_peer => true,
+        :cert_chain_file => ::OverSIP.tls_public_cert,
+        :private_key_file => ::OverSIP.tls_private_cert
+      })
+      # If the remote client does never send us a TLS certificate
+      # after the TCP connection we would leak by storing more and
+      # more messages in @pending_messages array.
+      @timer_tls_handshake = ::EM::Timer.new(TLS_HANDSHAKE_MAX_TIME) do
+        unless @connected
+          log_system_notice "TLS handshake not performed within #{TLS_HANDSHAKE_MAX_TIME} seconds, closing the connection"
+          close_connection
+        end
+      end
+    end
+    def ssl_verify_peer pem
+      # TODO: Dirty workaround for bug https://github.com/eventmachine/eventmachine/issues/194.
+      return true  if @client_last_pem == pem
+      @client_last_pem = pem
+      @client_pems << pem
+      log_system_debug "received certificate num #{@client_pems.size} from client"  if $oversip_debug
+      # Validation must be done in ssl_handshake_completed after receiving all the certs, so return true.
+      return true
+    end
+    def ssl_handshake_completed
+      log_system_info "TLS connection established from " << remote_desc
+      # TODO: What to do it falidation fails? always do validation?
+      validated, cert, tls_error, tls_error_string = ::OverSIP::TLS.validate @client_pems.pop, @client_pems
+      if validated
+        log_system_info "client provides a valid TLS certificate"
+      else
+        log_system_notice "client's TLS certificate validation failed (TLS error: #{tls_error.inspect}, description: #{tls_error_string.inspect})"
+      end
+      # @connected in TlsServer means "TLS connection" rather than
+      # just "TCP connection".
+      @connected = true
+      @timer_tls_handshake.cancel  if @timer_tls_handshake
+    end
+    def unbind cause=nil
+      super
+      @timer_tls_handshake.cancel  if @timer_tls_handshake
+    end
+  end
+end

data/lib/oversip/sip/listeners/tls_tunnel_reactor.rb ADDED Viewed

@@ -0,0 +1,113 @@
+module OverSIP::SIP
+  class TlsTunnelReactor < TcpReactor
+    # Max size (bytes) of the buffered data when receiving message headers
+    # (avoid DoS attacks).
+    HEADERS_MAX_SIZE = 16384
+    def receive_data data
+      @state == :ignore and return
+      @buffer << data
+      while (case @state
+        when :init
+          @parser.reset
+          @parser_nbytes = 0
+          # If it's a TCP connection from the TLS tunnel then parse the HAProxy Protocol line
+          # if it's not yet done.
+          unless @haproxy_protocol_parsed
+            @state = :haproxy_protocol
+          else
+            @state = :headers
+          end
+        when :haproxy_protocol
+          parse_haproxy_protocol
+        when :client_pems
+          parse_client_pems
+        when :headers
+          parse_headers
+        when :body
+          get_body
+        when :finished
+          # Invoke the custom logic for requests.
+          if @msg.request?
+            process_request
+          else
+            process_response
+          end
+          # Set state to :init.
+          @state = :init
+          # Return true to continue processing possible remaining data.
+          true
+        when :ignore
+          false
+        end)
+      end  # while
+    end
+    def parse_haproxy_protocol
+      if (haproxy_protocol_data = ::OverSIP::Utils.parse_haproxy_protocol(@buffer.to_str))
+        @haproxy_protocol_parsed = true
+        # Update connection information.
+        @remote_ip_type = haproxy_protocol_data[1]
+        @remote_ip = haproxy_protocol_data[2]
+        @remote_port = haproxy_protocol_data[3]
+        # Add the connection with the client's source data. Note that we pass a TlsServer as class, but
+        # the server instance is a TcpServer.
+        @connection_id = case @remote_ip_type
+          when :ipv4
+            ::OverSIP::SIP::TransportManager.add_connection self, ::OverSIP::SIP::IPv4TlsServer, :ipv4, @remote_ip, @remote_port
+          when :ipv6
+            ::OverSIP::SIP::TransportManager.add_connection self, ::OverSIP::SIP::IPv6TlsServer, :ipv6, @remote_ip, @remote_port
+          end
+        # Update log information.
+        remote_desc true
+        # Remove the HAProxy Protocol line from the received data.
+        @buffer.read haproxy_protocol_data[0]
+        @state = :headers
+      else
+        log_system_error "HAProxy Protocol parsing error, closing connection"
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+    end
+    # TODO: Not terminated yet.
+    def parse_client_pems
+      # TODO: Wrong, it could occur that here the last PEMs byte arries.
+      return false if @buffer.size < 3  # 3 bytes = 0\r\n (minimum data).
+      @pems_str ||= ""
+      @pems_str << @buffer.read(2)
+      # No PEMS.
+      if @pems_str == "\r\n"
+        @state = :headers
+        return true
+      end
+      #@pem_size_str =
+      @state = :headers
+    end
+  end
+end

data/lib/oversip/sip/listeners/tls_tunnel_server.rb ADDED Viewed

@@ -0,0 +1,61 @@
+module OverSIP::SIP
+  class TlsTunnelServer < TlsTunnelReactor
+    attr_reader :outbound_flow_token
+    def post_connection
+      begin
+        # Temporal @remote_ip and @remote_port until the HAProxy protocol line is parsed.
+        @remote_port, @remote_ip = ::Socket.unpack_sockaddr_in(get_peername)
+      rescue => e
+        log_system_error "error obtaining remote IP/port (#{e.class}: #{e.message}), closing connection"
+        close_connection
+        @state = :ignore
+        return
+      end
+      log_system_debug "connection from the TLS tunnel " << remote_desc
+      # Create an Outbound (RFC 5626) flow token for this connection.
+      @outbound_flow_token = ::OverSIP::SIP::TransportManager.add_outbound_connection self
+    end
+    def remote_desc force=nil
+      if force
+        @remote_desc = case @remote_ip_type
+          when :ipv4  ; "#{@remote_ip}:#{@remote_port.to_s}"
+          when :ipv6  ; "[#{@remote_ip}]:#{@remote_port.to_s}"
+          end
+      else
+        @remote_desc ||= case self.class.ip_type
+          when :ipv4  ; "#{@remote_ip}:#{@remote_port.to_s}"
+          when :ipv6  ; "[#{@remote_ip}]:#{@remote_port.to_s}"
+          end
+      end
+    end
+    def unbind cause=nil
+      @state = :ignore
+      # Remove the connection.
+      self.class.connections.delete @connection_id  if @connection_id
+      # Remove the Outbound token flow.
+      ::OverSIP::SIP::TransportManager.delete_outbound_connection @outbound_flow_token
+      @local_closed = true  if cause == ::Errno::ETIMEDOUT
+      if $oversip_debug
+        log_msg = "connection from the TLS tunnel #{remote_desc} "
+        log_msg << ( @local_closed ? "locally closed" : "remotely closed" )
+        log_msg << " (cause: #{cause.inspect})"  if cause
+        log_system_debug log_msg
+      end
+    end
+  end
+end