/** Log TLS error(s).
*
* Log the TLS error specified by the error code @a e and all the errors in
* the queue. The error code @a e implies no error, and it is not logged.
*/
static
void tls_log_errors(unsigned level, char const *s, unsigned long e)
{
if (e == 0)
e = ERR_get_error();
if (!tport_log->log_init)
su_log_init(tport_log);
if (s == NULL) s = "tls";
for (; e != 0; e = ERR_get_error()) {
if (level <= tport_log->log_level) {
const char *error = ERR_lib_error_string(e);
const char *func = ERR_func_error_string(e);
const char *reason = ERR_reason_error_string(e);
su_llog(tport_log, level, "%s: %08lx:%s:%s:%s\n",
s, e, error, func, reason);
}
}
}
static int process_response_to_keepalive_options(outbound_t *ob,
nta_outgoing_t *orq,
sip_t const *sip,
int status,
char const *phrase)
{
int binding_check;
int challenged = 0, credentials = 0;
msg_t *_reqmsg = nta_outgoing_getrequest(orq);
sip_t *request = sip_object(_reqmsg); msg_destroy(_reqmsg);
if (sip == NULL) {
SU_DEBUG_3(("outbound(%p): keepalive %u %s\n", (void *)ob->ob_owner,
status, phrase));
ob->ob_oo->oo_keepalive_error(ob->ob_owner, ob, status, phrase, TAG_END());
return 0;
}
if (status == 401 || status == 407) {
if (sip->sip_www_authenticate)
challenged += auc_challenge(ob->ob_keepalive.auc,
ob->ob_home,
sip->sip_www_authenticate,
sip_authorization_class) > 0;
if (sip->sip_proxy_authenticate)
challenged += auc_challenge(ob->ob_keepalive.auc,
ob->ob_home,
sip->sip_proxy_authenticate,
sip_proxy_authorization_class) > 0;
if (ob->ob_oo->oo_credentials)
credentials = ob->ob_oo->oo_credentials(ob->ob_owner,
ob->ob_keepalive.auc);
}
binding_check = outbound_nat_detect(ob, request, sip);
if (binding_check > 1) {
/* Bindings have changed */
if (outbound_contacts_from_via(ob, sip->sip_via) == 0) {
/* XXX - Destroy old keepalive template message */
/* re-REGISTER */
ob->ob_oo->oo_refresh(ob->ob_owner, ob);
return 0;
}
}
if (binding_check <= 1 && ob->ob_registered && ob->ob_keepalive.validating) {
int failed = 0;
unsigned loglevel = 3;
if (challenged > 0 && credentials > 0) {
keepalive_options_with_registration_probe(ob);
return 0;
}
if (status < 300 && ob->ob_keepalive.validated) {
loglevel = 5;
if (ob->ob_validated)
loglevel = 99; /* only once */
ob->ob_validated = ob->ob_once_validated = 1;
}
else if (status == 401 || status == 407 || status == 403)
loglevel = 5, failed = 1;
else
loglevel = 3, failed = 1;
if (loglevel >= SU_LOG->log_level) {
sip_contact_t const *m = ob->ob_rcontact;
if (m)
su_llog(SU_LOG, loglevel,
"outbound(%p): %s <" URL_PRINT_FORMAT ">\n",
(void *)ob->ob_owner,
failed ? "FAILED to validate" : "validated",
URL_PRINT_ARGS(m->m_url));
else
su_llog(SU_LOG, loglevel,
"outbound(%p): %s registration\n",
(void *)ob->ob_owner,
failed ? "FAILED to validate" : "validated");
if (failed)
su_llog(SU_LOG, loglevel, "outbound(%p): FAILED with %u %s\n",
(void *)ob->ob_owner, status, phrase);
}
if (failed)
ob->ob_oo->oo_probe_error(ob->ob_owner, ob, status, phrase, TAG_END());
}
else if (status == 408) {
SU_DEBUG_3(("outbound(%p): keepalive timeout\n", (void *)ob->ob_owner));
ob->ob_oo->oo_keepalive_error(ob->ob_owner, ob, status, phrase, TAG_END());
return 0;
}
ob->ob_keepalive.validating = 0;
if (ob->ob_keepalive.timer)
su_timer_set(ob->ob_keepalive.timer, keepalive_timer, ob);
return 0;
}
