RubyGems - oversip - Versions diffs - 1.1.0.beta5 → 1.1.0 - Mend

oversip 1.1.0.beta5 → 1.1.0

Files changed (71) hide show

data/etc/oversip.conf +16 -4
data/etc/proxies.conf +8 -9
data/etc/server.rb +59 -0
data/ext/sip_parser/sip_parser.c +12066 -11975
data/ext/sip_parser/sip_parser.h +1 -0
data/ext/sip_parser/sip_parser_ruby.c +15 -4
data/ext/utils/haproxy_protocol.c +4 -1
data/ext/websocket_framing_utils/ws_framing_utils_ruby.c +2 -2
data/lib/oversip/config.rb +50 -38
data/lib/oversip/default_server.rb +12 -0
data/lib/oversip/launcher.rb +10 -35
data/lib/oversip/master_process.rb +2 -2
data/lib/oversip/proxies_config.rb +2 -2
data/lib/oversip/sip/client_transaction.rb +1 -7
data/lib/oversip/sip/grammar/uri.rb +23 -1
data/lib/oversip/sip/listeners/{reactor.rb → connection.rb} +16 -2
data/lib/oversip/sip/listeners/ipv4_udp_server.rb +1 -1
data/lib/oversip/sip/listeners/ipv6_udp_server.rb +1 -1
data/lib/oversip/sip/listeners/tcp_client.rb +2 -3
data/lib/oversip/sip/listeners/{tcp_reactor.rb → tcp_connection.rb} +14 -2
data/lib/oversip/sip/listeners/tcp_server.rb +2 -5
data/lib/oversip/sip/listeners/tls_client.rb +15 -12
data/lib/oversip/sip/listeners/tls_server.rb +11 -11
data/lib/oversip/sip/listeners/{tls_tunnel_reactor.rb → tls_tunnel_connection.rb} +20 -20
data/lib/oversip/sip/listeners/tls_tunnel_server.rb +2 -5
data/lib/oversip/sip/listeners/{udp_reactor.rb → udp_connection.rb} +4 -4
data/lib/oversip/sip/listeners.rb +6 -10
data/lib/oversip/sip/message.rb +4 -3
data/lib/oversip/sip/message_processor.rb +17 -17
data/lib/oversip/sip/modules/core.rb +18 -13
data/lib/oversip/sip/modules/user_assertion.rb +7 -53
data/lib/oversip/sip/proxy.rb +3 -3
data/lib/oversip/sip/request.rb +2 -0
data/lib/oversip/sip/rfc3263.rb +3 -3
data/lib/oversip/sip/sip.rb +6 -0
data/lib/oversip/sip/transport_manager.rb +8 -8
data/lib/oversip/tls.rb +18 -22
data/lib/oversip/version.rb +1 -1
data/lib/oversip/websocket/constants.rb +0 -1
data/lib/oversip/websocket/http_request.rb +4 -8
data/lib/oversip/websocket/launcher.rb +83 -139
data/lib/oversip/websocket/listeners/connection.rb +47 -0
data/lib/oversip/websocket/{ws_apps/ipv4_ws_sip_app.rb → listeners/ipv4_ws_server.rb} +3 -3
data/lib/oversip/websocket/{ws_apps/ipv4_wss_sip_app.rb → listeners/ipv4_wss_server.rb} +2 -2
data/lib/oversip/websocket/listeners/ipv4_wss_tunnel_server.rb +21 -0
data/lib/oversip/websocket/{ws_apps/ipv6_ws_sip_app.rb → listeners/ipv6_ws_server.rb} +3 -3
data/lib/oversip/websocket/{ws_apps/ipv6_wss_sip_app.rb → listeners/ipv6_wss_server.rb} +2 -3
data/lib/oversip/websocket/listeners/ipv6_wss_tunnel_server.rb +21 -0
data/lib/oversip/websocket/listeners/{tcp_server.rb → ws_server.rb} +63 -43
data/lib/oversip/websocket/listeners/{tls_server.rb → wss_server.rb} +14 -13
data/lib/oversip/websocket/listeners/{tls_tunnel_server.rb → wss_tunnel_server.rb} +36 -10
data/lib/oversip/websocket/listeners.rb +10 -9
data/lib/oversip/websocket/websocket.rb +13 -0
data/lib/oversip/websocket/ws_framing.rb +35 -97
data/lib/oversip/websocket/ws_sip_app.rb +120 -0
data/lib/oversip.rb +1 -1
data/test/oversip_test_helper.rb +2 -2
data/test/test_http_parser.rb +2 -2
data/test/test_sip_parser.rb +18 -3
data/test/test_uri.rb +44 -0
metadata +39 -42
data/lib/oversip/websocket/listeners/ipv4_tcp_server.rb +0 -15
data/lib/oversip/websocket/listeners/ipv4_tls_server.rb +0 -15
data/lib/oversip/websocket/listeners/ipv4_tls_tunnel_server.rb +0 -15
data/lib/oversip/websocket/listeners/ipv6_tcp_server.rb +0 -15
data/lib/oversip/websocket/listeners/ipv6_tls_server.rb +0 -15
data/lib/oversip/websocket/listeners/ipv6_tls_tunnel_server.rb +0 -15
data/lib/oversip/websocket/ws_app.rb +0 -77
data/lib/oversip/websocket/ws_apps/ws_autobahn_app.rb +0 -23
data/lib/oversip/websocket/ws_apps/ws_sip_app.rb +0 -156
data/lib/oversip/websocket/ws_apps.rb +0 -9

data/etc/oversip.conf CHANGED Viewed

@@ -46,7 +46,7 @@ sip:
   #
   sip_tls: yes
-  # Enable or dissable IPv4. By default _yes_.
+  # Enable or disable IPv4. By default _yes_.
   #
   enable_ipv4: yes
@@ -58,7 +58,7 @@ sip:
   #
   listen_ipv4: null
-  # Enable or dissable IPv6. By default _yes_.
+  # Enable or disable IPv6. By default _yes_.
   #
   enable_ipv6: yes
@@ -93,6 +93,12 @@ sip:
   #
   listen_port_tls_tunnel: 5062
+  # Call the OverSIP::SipEvents.on_client_tls_handshake() callback when a SIP
+  # client attemps a TLS handshake with OverSIP.
+  # By default _yes_.
+  #
+  callback_on_client_tls_handshake: yes
   # Local domains OverSIP is responsible for.  Value can be:
   # - A domain.
   # - An array of domains.
@@ -138,7 +144,7 @@ websocket:
   #
   sip_wss: yes
-  # Enable or dissable IPv4. By default _yes_.
+  # Enable or disable IPv4. By default _yes_.
   #
   enable_ipv4: yes
@@ -150,7 +156,7 @@ websocket:
   #
   listen_ipv4: null
-  # Enable or dissable IPv6. By default _yes_.
+  # Enable or disable IPv6. By default _yes_.
   #
   enable_ipv6: yes
@@ -185,6 +191,12 @@ websocket:
   #
   listen_port_tls_tunnel: 10444
+  # Call the OverSIP::WebSocketEvents.on_client_tls_handshake() callback when a WebSocket
+  # client attemps a TLS handshake with OverSIP.
+  # By default _yes_.
+  #
+  callback_on_client_tls_handshake: yes
   # WebSocket message max size (bytes). By default 65536.
   #
   max_ws_message_size: 65536

data/etc/proxies.conf CHANGED Viewed

@@ -65,8 +65,9 @@ default_proxy:
   ip_type_preference: ["ipv4", "ipv6"]
   # DNS failover on received 503.
-  # RFC 3261 section 16.7 "Response Processing" states that a proxy receiving a 503 MUST
-  # convert it into a 500 (unless certain cases). We make it optional.
+  # If a DNS query retrieves more than a single destinations and the first attempt
+  # receives a 503 response, then OverSIP tries the next destination (when this parameter
+  # is set) or replies a 500 error upstream (when not set).
   # Default value is _yes_.
   #
   dns_failover_on_503: yes
@@ -92,13 +93,11 @@ default_proxy:
   #
   timer_F: 32
-  # Validate TLS certificate from the contacted server (just when using TLS transport).
-  # If set to _yes_, the contacted server MUST present a valid certificate. The connection
-  # will be inmediately closed otherwise and a 500 error locally generated.
-  # NOTE: This does not match the SIP request destination host against the hosts asserted by
-  # the certificate. This just performs TLS certificate pure validation.
-  # Default value is _no_.
-  tls_validation: no
+  # Call the OverSIP::SIP.on_server_tls_handshake() callback when
+  # establishing an outbound SIP TLS connection with a remote SIP peer.
+  # By default _yes_.
+  #
+  callback_on_server_tls_handshake: yes
 # Proxy configuration for routing in-dialog requests.

data/etc/server.rb CHANGED Viewed

@@ -171,6 +171,10 @@ def (OverSIP::SipEvents).on_request request
       log_notice "on_error: #{status} '#{reason}'"
     end
+    proxy.on_invite_timeout do
+      log_notice "INVITE timeout, no final response before Timer C expires."
+    end
     proxy.route request
     return
@@ -215,6 +219,43 @@ def (OverSIP::SipEvents).on_request request
     return
   end
+end
+# This callback is called when a client initiates a SIP TLS handshake.
+def (OverSIP::SipEvents).on_client_tls_handshake connection, pems
+  log_info "validating TLS connection from IP #{connection.remote_ip} and port #{connection.remote_port}"
+  cert, validated, tls_error, tls_error_string = ::OverSIP::TLS.validate pems
+  identities = ::OverSIP::TLS.get_sip_identities cert
+  if validated
+    log_info "client provides a valid TLS certificate with SIP identities #{identities}"
+  else
+    log_notice "client provides an invalid TLS certificate with SIP identities #{identities} (TLS error: #{tls_error.inspect}, description: #{tls_error_string.inspect})"
+    #connection.close
+  end
+end
+# This callback is called when conntacting a SIP TLS server and the TLS handshake takes place.
+def (OverSIP::SipEvents).on_server_tls_handshake connection, pems
+  log_info "validating TLS connection to IP #{connection.remote_ip} and port #{connection.remote_port}"
+  cert, validated, tls_error, tls_error_string = ::OverSIP::TLS.validate pems
+  identities = ::OverSIP::TLS.get_sip_identities cert
+  if validated
+    log_info "server provides a valid TLS certificate with SIP identities #{identities}"
+  else
+    log_notice "server provides an invalid TLS certificate with SIP identities #{identities} (TLS error: #{tls_error.inspect}, description: #{tls_error_string.inspect})"
+    #connection.close
+  end
 end
@@ -245,3 +286,21 @@ end
 # def (OverSIP::WebSocketEvents).on_disconnection connection, client_closed
 #   [...]
 # end
+# This callback is called when a client initiates a WebSocket TLS handshake.
+def (OverSIP::WebSocketEvents).on_client_tls_handshake connection, pems
+  log_info "validating TLS connection from IP #{connection.remote_ip} and port #{connection.remote_port}"
+  cert, validated, tls_error, tls_error_string = ::OverSIP::TLS.validate pems
+  identities = ::OverSIP::TLS.get_sip_identities cert
+  if validated
+    log_info "client provides a valid TLS certificate with SIP identities #{identities}"
+  else
+    log_notice "client provides an invalid TLS certificate with SIP identities #{identities} (TLS error: #{tls_error.inspect}, description: #{tls_error_string.inspect})"
+    #connection.close
+  end
+end