RubyGems - oversip - Versions diffs - 0.9.0 - Mend

oversip 0.9.0

Files changed (121) hide show

data/AUTHORS.txt +11 -0
data/LICENSE.txt +22 -0
data/README.md +16 -0
data/Rakefile +55 -0
data/bin/oversip +182 -0
data/ext/common/c_util.h +74 -0
data/ext/common/ruby_c_util.h +88 -0
data/ext/sip_parser/common_headers.h +209 -0
data/ext/sip_parser/ext_help.h +18 -0
data/ext/sip_parser/extconf.rb +3 -0
data/ext/sip_parser/sip_parser.c +29649 -0
data/ext/sip_parser/sip_parser.h +227 -0
data/ext/sip_parser/sip_parser_ruby.c +1292 -0
data/ext/stud/extconf.rb +27 -0
data/ext/stud/stud.tar.gz +0 -0
data/ext/stun/ext_help.h +16 -0
data/ext/stun/extconf.rb +3 -0
data/ext/stun/stun_ruby.c +391 -0
data/ext/utils/ext_help.h +14 -0
data/ext/utils/extconf.rb +3 -0
data/ext/utils/haproxy_protocol.c +6163 -0
data/ext/utils/haproxy_protocol.h +27 -0
data/ext/utils/ip_utils.c +5952 -0
data/ext/utils/ip_utils.h +61 -0
data/ext/utils/outbound_utils.c +3227 -0
data/ext/utils/outbound_utils.h +27 -0
data/ext/utils/utils_ruby.c +384 -0
data/ext/utils/utils_ruby.h +75 -0
data/ext/websocket_framing_utils/ext_help.h +18 -0
data/ext/websocket_framing_utils/extconf.rb +3 -0
data/ext/websocket_framing_utils/ws_framing_utils.h +46 -0
data/ext/websocket_framing_utils/ws_framing_utils_ruby.c +135 -0
data/ext/websocket_http_parser/ext_help.h +18 -0
data/ext/websocket_http_parser/extconf.rb +3 -0
data/ext/websocket_http_parser/ws_http_parser.c +2598 -0
data/ext/websocket_http_parser/ws_http_parser.h +86 -0
data/ext/websocket_http_parser/ws_http_parser_ruby.c +630 -0
data/lib/oversip/config.rb +541 -0
data/lib/oversip/config_validators.rb +126 -0
data/lib/oversip/errors.rb +7 -0
data/lib/oversip/fiber_pool.rb +56 -0
data/lib/oversip/launcher.rb +507 -0
data/lib/oversip/logger.rb +170 -0
data/lib/oversip/master_process.rb +67 -0
data/lib/oversip/posix_mq.rb +121 -0
data/lib/oversip/proxies_config.rb +169 -0
data/lib/oversip/ruby_ext/eventmachine.rb +38 -0
data/lib/oversip/sip/client_transaction.rb +587 -0
data/lib/oversip/sip/constants.rb +87 -0
data/lib/oversip/sip/grammar/name_addr.rb +27 -0
data/lib/oversip/sip/grammar/uri.rb +116 -0
data/lib/oversip/sip/launcher.rb +180 -0
data/lib/oversip/sip/listeners/ipv4_tcp_client.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_tcp_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_tls_client.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_tls_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_tls_tunnel_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv4_udp_server.rb +20 -0
data/lib/oversip/sip/listeners/ipv6_tcp_client.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_tcp_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_tls_client.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_tls_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_tls_tunnel_server.rb +21 -0
data/lib/oversip/sip/listeners/ipv6_udp_server.rb +20 -0
data/lib/oversip/sip/listeners/reactor.rb +39 -0
data/lib/oversip/sip/listeners/tcp_client.rb +73 -0
data/lib/oversip/sip/listeners/tcp_reactor.rb +185 -0
data/lib/oversip/sip/listeners/tcp_server.rb +71 -0
data/lib/oversip/sip/listeners/tls_client.rb +117 -0
data/lib/oversip/sip/listeners/tls_server.rb +70 -0
data/lib/oversip/sip/listeners/tls_tunnel_reactor.rb +113 -0
data/lib/oversip/sip/listeners/tls_tunnel_server.rb +61 -0
data/lib/oversip/sip/listeners/udp_reactor.rb +213 -0
data/lib/oversip/sip/listeners.rb +28 -0
data/lib/oversip/sip/logic.rb +14 -0
data/lib/oversip/sip/message.rb +168 -0
data/lib/oversip/sip/message_processor.rb +202 -0
data/lib/oversip/sip/modules/core.rb +200 -0
data/lib/oversip/sip/modules/registrar_without_path.rb +75 -0
data/lib/oversip/sip/modules/user_assertion.rb +123 -0
data/lib/oversip/sip/proxy.rb +460 -0
data/lib/oversip/sip/request.rb +128 -0
data/lib/oversip/sip/response.rb +30 -0
data/lib/oversip/sip/rfc3263.rb +646 -0
data/lib/oversip/sip/server_transaction.rb +295 -0
data/lib/oversip/sip/sip.rb +74 -0
data/lib/oversip/sip/tags.rb +39 -0
data/lib/oversip/sip/timers.rb +55 -0
data/lib/oversip/sip/transport_manager.rb +129 -0
data/lib/oversip/syslogger_process.rb +119 -0
data/lib/oversip/tls.rb +179 -0
data/lib/oversip/utils.rb +25 -0
data/lib/oversip/version.rb +23 -0
data/lib/oversip/websocket/constants.rb +56 -0
data/lib/oversip/websocket/default_policy.rb +19 -0
data/lib/oversip/websocket/http_request.rb +63 -0
data/lib/oversip/websocket/launcher.rb +207 -0
data/lib/oversip/websocket/listeners/ipv4_tcp_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv4_tls_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv4_tls_tunnel_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv6_tcp_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv6_tls_server.rb +15 -0
data/lib/oversip/websocket/listeners/ipv6_tls_tunnel_server.rb +15 -0
data/lib/oversip/websocket/listeners/tcp_server.rb +265 -0
data/lib/oversip/websocket/listeners/tls_server.rb +69 -0
data/lib/oversip/websocket/listeners/tls_tunnel_server.rb +100 -0
data/lib/oversip/websocket/listeners.rb +12 -0
data/lib/oversip/websocket/ws_app.rb +75 -0
data/lib/oversip/websocket/ws_apps/ipv4_ws_sip_app.rb +21 -0
data/lib/oversip/websocket/ws_apps/ipv4_wss_sip_app.rb +21 -0
data/lib/oversip/websocket/ws_apps/ipv6_ws_sip_app.rb +21 -0
data/lib/oversip/websocket/ws_apps/ipv6_wss_sip_app.rb +22 -0
data/lib/oversip/websocket/ws_apps/ws_autobahn_app.rb +23 -0
data/lib/oversip/websocket/ws_apps/ws_sip_app.rb +156 -0
data/lib/oversip/websocket/ws_apps.rb +9 -0
data/lib/oversip/websocket/ws_framing.rb +597 -0
data/lib/oversip.rb +59 -0
data/test/oversip_test_helper.rb +20 -0
data/test/test_http_parser.rb +73 -0
data/test/test_sip_parser.rb +139 -0
metadata +256 -0

data/lib/oversip/sip/listeners/tcp_reactor.rb ADDED Viewed

@@ -0,0 +1,185 @@
+module OverSIP::SIP
+  class TcpReactor < Reactor
+    # Max size (bytes) of the buffered data when receiving message headers
+    # (avoid DoS attacks).
+    HEADERS_MAX_SIZE = 16384
+    def receive_data data
+      @state == :ignore and return
+      @buffer << data
+      while (case @state
+        when :init
+          @parser.reset
+          @parser_nbytes = 0
+          @state = :headers
+        when :headers
+          parse_headers
+          # TODO: Add a timer for the case in which an attacker sends us slow headers that never end:
+          #   http://ha.ckers.org/slowloris/.
+        when :body
+          get_body
+        when :finished
+          # Invoke the custom logic for requests.
+          if @msg.request?
+            process_request
+          else
+            process_response
+          end
+          # Set state to :init.
+          @state = :init
+          # Return true to continue processing possible remaining data.
+          true
+        when :ignore
+          false
+        end)
+      end  # while
+    end
+    def parse_headers
+      return false if @buffer.empty?
+      # Parse the currently buffered data. If parsing fails @parser_nbytes gets nil value.
+      unless @parser_nbytes = @parser.execute(@buffer.to_str, @parser_nbytes)
+        # The parsed data is invalid, however some data could be parsed so @parsed.parsed
+        # can be:
+        # - SIP::Request
+        # - SIP::Response
+        # - nil (the message is so wrong that cannot be neither a request or response).
+        if wrong_message = @parser.parsed
+          log_system_warn "parsing error for #{MSG_TYPE[wrong_message.class]}: \"#{@parser.error}\""
+        else
+          log_system_warn "parsing error: \"#{@parser.error}\""
+        end
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+      # Avoid flood attacks in TCP (very long headers).
+      if @parser_nbytes > HEADERS_MAX_SIZE
+        log_system_warn "DoS attack detected: headers size exceedes #{HEADERS_MAX_SIZE} bytes, closing connection with #{remote_desc}"
+        close_connection
+        # After closing client connection some data can still arrrive to "receive_data()"
+        # (explained in EM documentation). By setting @state = :ignore we ensure such
+        # remaining data is not processed.
+        @state = :ignore
+        return false
+      end
+      # If the parsing has not finished, it is correct in TCP so return false and wait for more data under :headers state.
+      return false  unless @parser.finished?
+      # At this point we've got a SIP::Request, SIP::Response or :outbound_keepalive symbol.
+      @msg = @parser.parsed
+      # Clear parsed data from the buffer.
+      @buffer.read(@parser_nbytes)
+      # Received data is a Outbound keealive.
+      if @msg == :outbound_keepalive
+        log_system_debug "Outbound keepalive received, replying single CRLF"  if $oversip_debug
+        # Reply a single CRLF over the same connection.
+        send_data CRLF
+        # If TCP then go back to :init state so possible remaining data would be processed.
+        @state = :init
+        return true
+      end
+      @parser.post_parsing
+      # Here we have received the entire headers of a SIP request or response. Fill some
+      # attributes.
+      @msg.connection = self
+      @msg.transport = self.class.transport
+      @msg.source_ip = @remote_ip
+      @msg.source_port = @remote_port
+      @msg.source_ip_type = @remote_ip_type || self.class.ip_type
+      unless valid_message?
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+      add_via_received_rport if @msg.request?
+      unless check_via_branch
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+      # Examine Content-Length header.
+      # In SIP over TCP Content-Length header is mandatory.
+      if (@body_length = @msg.content_length)
+        # There is body (or should be).
+        if @body_length > 0
+          @state = :body
+          # Return true to continue in get_body() method.
+          return true
+        # No body.
+        else
+          # Set :finished state and return true to process the parsed message.
+          @state = :finished
+          return true
+        end
+      # No Content-Length, invalid message!
+      else
+        # Log it and reply a 400 Bad Request (if it's a request).
+        # Close the connection, set :ignore state and return false to leave
+        # receive_data().
+        if @msg.request?
+          unless @msg.sip_method == :ACK
+            log_system_warn "request body size doesn't match Content-Length => 400"
+            @msg.reply 400, "Body size doesn't match Content-Length"
+          else
+            log_system_warn "ACK body size doesn't match Content-Length, ignoring it"
+          end
+        else
+          log_system_warn "response has not Content-Length header, ignoring it"
+        end
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+    end  # parse_headers
+    def get_body
+      # Return false until the buffer gets all the body.
+      return false if @buffer.size < @body_length
+      ### TODO: Creo que es mejor forzarlo a BINARY y no a UTF-8. Aunque IOBuffer ya lo saca siempre en BINARY.
+      # ¿Por qué lo forcé a UTF-8?
+      # RESPUESTA: Si no lo hago y resulta que el body no es UTF-8 válido, al añadir el body a los headers (que
+      # se generan como un string en UTF-8 (aunque contengan símbolos no UTF-8) fallaría. O todo UTF-8 (aunque
+      # tenga símbolos inválidos) o todo BINARY.
+      @msg.body = @buffer.read(@body_length).force_encoding(::Encoding::UTF_8)
+      @state = :finished
+      return true
+    end
+    # Parameters ip and port are just included because they are needed in UDP, so the API remains equal.
+    def send_sip_msg msg, ip=nil, port=nil
+      if self.error?
+        log_system_notice "SIP message could not be sent, connection is closed"
+        return false
+      end
+      send_data msg
+      true
+    end
+  end
+end

data/lib/oversip/sip/listeners/tcp_server.rb ADDED Viewed

@@ -0,0 +1,71 @@
+module OverSIP::SIP
+  class TcpServer < TcpReactor
+    attr_reader :outbound_flow_token
+    def post_connection
+      begin
+        @remote_port, @remote_ip = ::Socket.unpack_sockaddr_in(get_peername)
+      rescue => e
+        log_system_error "error obtaining remote IP/port (#{e.class}: #{e.message}), closing connection"
+        close_connection
+        @state = :ignore
+        return
+      end
+      log_system_info "connection opened from " << remote_desc
+      @connection_id = ::OverSIP::SIP::TransportManager.add_connection self, self.class, self.class.ip_type, @remote_ip, @remote_port
+      # Create an Outbound (RFC 5626) flow token for this connection.
+      @outbound_flow_token = ::OverSIP::SIP::TransportManager.add_outbound_connection self
+      ### Testing TCP keepalive.
+      # https://github.com/bklang/eventmachine/commit/74c65a56c733bc1b6f092e32a9f0d722501ade46
+      # http://tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/
+      if ::OverSIP::SIP.tcp_keepalive_interval
+        set_sock_opt Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, true
+        set_sock_opt Socket::SOL_TCP, Socket::TCP_KEEPIDLE, ::OverSIP::SIP.tcp_keepalive_interval  # First TCP ping.
+        set_sock_opt Socket::SOL_TCP, Socket::TCP_KEEPINTVL, ::OverSIP::SIP.tcp_keepalive_interval  # Interval between TCP pings.
+      end
+    end
+    def remote_desc force=nil
+      if force
+        @remote_desc = case @remote_ip_type
+          when :ipv4  ; "#{@remote_ip}:#{@remote_port.to_s}"
+          when :ipv6  ; "[#{@remote_ip}]:#{@remote_port.to_s}"
+          end
+      else
+        @remote_desc ||= case self.class.ip_type
+          when :ipv4  ; "#{@remote_ip}:#{@remote_port.to_s}"
+          when :ipv6  ; "[#{@remote_ip}]:#{@remote_port.to_s}"
+          end
+      end
+    end
+    def unbind cause=nil
+      @state = :ignore
+      # Remove the connection.
+      self.class.connections.delete @connection_id
+      # Remove the Outbound token flow.
+      ::OverSIP::SIP::TransportManager.delete_outbound_connection @outbound_flow_token
+      @local_closed = true  if cause == ::Errno::ETIMEDOUT
+      if $oversip_debug
+        log_msg = "connection from #{remote_desc} "
+        log_msg << ( @local_closed ? "locally closed" : "remotely closed" )
+        log_msg << " (cause: #{cause.inspect})"  if cause
+        log_system_debug log_msg
+      end
+    end
+  end
+end

data/lib/oversip/sip/listeners/tls_client.rb ADDED Viewed

@@ -0,0 +1,117 @@
+module OverSIP::SIP
+  class TlsClient < TcpClient
+    TLS_HANDSHAKE_MAX_TIME = 4
+    attr_writer :tls_validation
+    def initialize ip, port
+      super
+      @pending_messages = []
+    end
+    def connection_completed
+      @server_pems = []
+      @server_last_pem = false
+      start_tls({
+        :verify_peer => @tls_validation,
+        :cert_chain_file => ::OverSIP.tls_public_cert,
+        :private_key_file => ::OverSIP.tls_private_cert
+      })
+      # If the remote server does never send us a TLS certificate
+      # after the TCP connection we would leak by storing more and
+      # more messages in @pending_messages array.
+      @timer_tls_handshake = ::EM::Timer.new(TLS_HANDSHAKE_MAX_TIME) do
+        unless @connected
+          log_system_notice "TLS handshake not performed within #{TLS_HANDSHAKE_MAX_TIME} seconds, closing the connection"
+          close_connection
+        end
+      end
+    end
+    # Called for every certificate provided by the peer.
+    # This is just called in case @tls_validation is true.
+    def ssl_verify_peer pem
+      # TODO: Dirty workaround for bug https://github.com/eventmachine/eventmachine/issues/194.
+      return true  if @server_last_pem == pem
+      @server_last_pem = pem
+      @server_pems << pem
+      log_system_debug "received certificate num #{@server_pems.size} from server"  if $oversip_debug
+      # Validation must be done in ssl_handshake_completed after receiving all the certs, so return true.
+      return true
+    end
+    # This is called after all the calls to ssl_verify_peer().
+    def ssl_handshake_completed
+      log_system_info "TLS connection established to " << remote_desc
+      # @connected in TlsClient means "TLS connection" rather than
+      # just "TCP connection".
+      @connected = true
+      @timer_tls_handshake.cancel  if @timer_tls_handshake
+      if @tls_validation
+        validated, cert, tls_error, tls_error_string = ::OverSIP::TLS.validate @server_pems.pop, @server_pems
+        if validated
+          log_system_info "server provides a valid TLS certificate"
+          sip_identities = ::OverSIP::TLS.get_sip_identities(cert)
+          log_system_debug "SIP identities in peer cert: #{sip_identities.keys}"  if $oversip_debug
+        else
+          log_system_notice "server's TLS certificate validation failed (TLS error: #{tls_error.inspect}, description: #{tls_error_string.inspect})"
+          @pending_client_transactions.each do |client_transaction|
+            client_transaction.tls_validation_failed
+          end
+          @pending_client_transactions.clear
+          @pending_messages.clear
+          close_connection
+          @state = :ignore
+          return
+        end
+      end
+      @pending_client_transactions.clear
+      @pending_messages.each do |msg|
+        send_data msg
+      end
+      @pending_messages.clear
+    end
+    def unbind cause=nil
+      super
+      @timer_tls_handshake.cancel  if @timer_tls_handshake
+      @pending_messages.clear
+    end
+    # In TLS client, we must wait until ssl_handshake_completed is
+    # completed before sending data. If not, data will be sent in
+    # plain TCP.
+    #   http://dev.sipdoc.net/issues/457
+    def send_sip_msg msg, ip=nil, port=nil
+      if self.error?
+        log_system_notice "SIP message could not be sent, connection is closed"
+        return false
+      end
+      if @connected
+        send_data msg
+      else
+        log_system_debug "TLS handshake not completed yet, waiting before sending the message"  if $oversip_debug
+        @pending_messages << msg
+      end
+      true
+    end
+  end
+end

data/lib/oversip/sip/listeners/tls_server.rb ADDED Viewed

@@ -0,0 +1,70 @@
+module OverSIP::SIP
+  class TlsServer < TcpServer
+    TLS_HANDSHAKE_MAX_TIME = 8
+    def post_init
+      @client_pems = []
+      @client_last_pem = false
+      start_tls({
+        :verify_peer => true,
+        :cert_chain_file => ::OverSIP.tls_public_cert,
+        :private_key_file => ::OverSIP.tls_private_cert
+      })
+      # If the remote client does never send us a TLS certificate
+      # after the TCP connection we would leak by storing more and
+      # more messages in @pending_messages array.
+      @timer_tls_handshake = ::EM::Timer.new(TLS_HANDSHAKE_MAX_TIME) do
+        unless @connected
+          log_system_notice "TLS handshake not performed within #{TLS_HANDSHAKE_MAX_TIME} seconds, closing the connection"
+          close_connection
+        end
+      end
+    end
+    def ssl_verify_peer pem
+      # TODO: Dirty workaround for bug https://github.com/eventmachine/eventmachine/issues/194.
+      return true  if @client_last_pem == pem
+      @client_last_pem = pem
+      @client_pems << pem
+      log_system_debug "received certificate num #{@client_pems.size} from client"  if $oversip_debug
+      # Validation must be done in ssl_handshake_completed after receiving all the certs, so return true.
+      return true
+    end
+    def ssl_handshake_completed
+      log_system_info "TLS connection established from " << remote_desc
+      # TODO: What to do it falidation fails? always do validation?
+      validated, cert, tls_error, tls_error_string = ::OverSIP::TLS.validate @client_pems.pop, @client_pems
+      if validated
+        log_system_info "client provides a valid TLS certificate"
+      else
+        log_system_notice "client's TLS certificate validation failed (TLS error: #{tls_error.inspect}, description: #{tls_error_string.inspect})"
+      end
+      # @connected in TlsServer means "TLS connection" rather than
+      # just "TCP connection".
+      @connected = true
+      @timer_tls_handshake.cancel  if @timer_tls_handshake
+    end
+    def unbind cause=nil
+      super
+      @timer_tls_handshake.cancel  if @timer_tls_handshake
+    end
+  end
+end

data/lib/oversip/sip/listeners/tls_tunnel_reactor.rb ADDED Viewed

@@ -0,0 +1,113 @@
+module OverSIP::SIP
+  class TlsTunnelReactor < TcpReactor
+    # Max size (bytes) of the buffered data when receiving message headers
+    # (avoid DoS attacks).
+    HEADERS_MAX_SIZE = 16384
+    def receive_data data
+      @state == :ignore and return
+      @buffer << data
+      while (case @state
+        when :init
+          @parser.reset
+          @parser_nbytes = 0
+          # If it's a TCP connection from the TLS tunnel then parse the HAProxy Protocol line
+          # if it's not yet done.
+          unless @haproxy_protocol_parsed
+            @state = :haproxy_protocol
+          else
+            @state = :headers
+          end
+        when :haproxy_protocol
+          parse_haproxy_protocol
+        when :client_pems
+          parse_client_pems
+        when :headers
+          parse_headers
+        when :body
+          get_body
+        when :finished
+          # Invoke the custom logic for requests.
+          if @msg.request?
+            process_request
+          else
+            process_response
+          end
+          # Set state to :init.
+          @state = :init
+          # Return true to continue processing possible remaining data.
+          true
+        when :ignore
+          false
+        end)
+      end  # while
+    end
+    def parse_haproxy_protocol
+      if (haproxy_protocol_data = ::OverSIP::Utils.parse_haproxy_protocol(@buffer.to_str))
+        @haproxy_protocol_parsed = true
+        # Update connection information.
+        @remote_ip_type = haproxy_protocol_data[1]
+        @remote_ip = haproxy_protocol_data[2]
+        @remote_port = haproxy_protocol_data[3]
+        # Add the connection with the client's source data. Note that we pass a TlsServer as class, but
+        # the server instance is a TcpServer.
+        @connection_id = case @remote_ip_type
+          when :ipv4
+            ::OverSIP::SIP::TransportManager.add_connection self, ::OverSIP::SIP::IPv4TlsServer, :ipv4, @remote_ip, @remote_port
+          when :ipv6
+            ::OverSIP::SIP::TransportManager.add_connection self, ::OverSIP::SIP::IPv6TlsServer, :ipv6, @remote_ip, @remote_port
+          end
+        # Update log information.
+        remote_desc true
+        # Remove the HAProxy Protocol line from the received data.
+        @buffer.read haproxy_protocol_data[0]
+        @state = :headers
+      else
+        log_system_error "HAProxy Protocol parsing error, closing connection"
+        close_connection_after_writing
+        @state = :ignore
+        return false
+      end
+    end
+    # TODO: Not terminated yet.
+    def parse_client_pems
+      # TODO: Wrong, it could occur that here the last PEMs byte arries.
+      return false if @buffer.size < 3  # 3 bytes = 0\r\n (minimum data).
+      @pems_str ||= ""
+      @pems_str << @buffer.read(2)
+      # No PEMS.
+      if @pems_str == "\r\n"
+        @state = :headers
+        return true
+      end
+      #@pem_size_str =
+      @state = :headers
+    end
+  end
+end

data/lib/oversip/sip/listeners/tls_tunnel_server.rb ADDED Viewed

@@ -0,0 +1,61 @@
+module OverSIP::SIP
+  class TlsTunnelServer < TlsTunnelReactor
+    attr_reader :outbound_flow_token
+    def post_connection
+      begin
+        # Temporal @remote_ip and @remote_port until the HAProxy protocol line is parsed.
+        @remote_port, @remote_ip = ::Socket.unpack_sockaddr_in(get_peername)
+      rescue => e
+        log_system_error "error obtaining remote IP/port (#{e.class}: #{e.message}), closing connection"
+        close_connection
+        @state = :ignore
+        return
+      end
+      log_system_debug "connection from the TLS tunnel " << remote_desc
+      # Create an Outbound (RFC 5626) flow token for this connection.
+      @outbound_flow_token = ::OverSIP::SIP::TransportManager.add_outbound_connection self
+    end
+    def remote_desc force=nil
+      if force
+        @remote_desc = case @remote_ip_type
+          when :ipv4  ; "#{@remote_ip}:#{@remote_port.to_s}"
+          when :ipv6  ; "[#{@remote_ip}]:#{@remote_port.to_s}"
+          end
+      else
+        @remote_desc ||= case self.class.ip_type
+          when :ipv4  ; "#{@remote_ip}:#{@remote_port.to_s}"
+          when :ipv6  ; "[#{@remote_ip}]:#{@remote_port.to_s}"
+          end
+      end
+    end
+    def unbind cause=nil
+      @state = :ignore
+      # Remove the connection.
+      self.class.connections.delete @connection_id  if @connection_id
+      # Remove the Outbound token flow.
+      ::OverSIP::SIP::TransportManager.delete_outbound_connection @outbound_flow_token
+      @local_closed = true  if cause == ::Errno::ETIMEDOUT
+      if $oversip_debug
+        log_msg = "connection from the TLS tunnel #{remote_desc} "
+        log_msg << ( @local_closed ? "locally closed" : "remotely closed" )
+        log_msg << " (cause: #{cause.inspect})"  if cause
+        log_system_debug log_msg
+      end
+    end
+  end
+end