/*
* This is the public API to create, initialize, register, and start the
* TLS listener.
*/
PJ_DEF(pj_status_t) pjsip_tls_transport_start (pjsip_endpoint *endpt,
const pjsip_tls_setting *opt,
const pj_sockaddr_in *local,
const pjsip_host_port *a_name,
unsigned async_cnt,
pjsip_tpfactory **p_factory)
{
pj_pool_t *pool;
struct tls_listener *listener;
pj_ssl_sock_param ssock_param;
pj_sockaddr_in *listener_addr;
pj_bool_t has_listener;
pj_status_t status;
/* Sanity check */
PJ_ASSERT_RETURN(endpt && async_cnt, PJ_EINVAL);
/* Verify that address given in a_name (if any) is valid */
if (a_name && a_name->host.slen) {
pj_sockaddr_in tmp;
status = pj_sockaddr_in_init(&tmp, &a_name->host,
(pj_uint16_t)a_name->port);
if (status != PJ_SUCCESS || tmp.sin_addr.s_addr == PJ_INADDR_ANY ||
tmp.sin_addr.s_addr == PJ_INADDR_NONE)
{
/* Invalid address */
return PJ_EINVAL;
}
}
pool = pjsip_endpt_create_pool(endpt, "tlslis", POOL_LIS_INIT,
POOL_LIS_INC);
PJ_ASSERT_RETURN(pool, PJ_ENOMEM);
listener = PJ_POOL_ZALLOC_T(pool, struct tls_listener);
listener->factory.pool = pool;
listener->factory.type = PJSIP_TRANSPORT_TLS;
listener->factory.type_name = "tls";
listener->factory.flag =
pjsip_transport_get_flag_from_type(PJSIP_TRANSPORT_TLS);
pj_ansi_strcpy(listener->factory.obj_name, "tlslis");
if (opt)
pjsip_tls_setting_copy(pool, &listener->tls_setting, opt);
else
pjsip_tls_setting_default(&listener->tls_setting);
status = pj_lock_create_recursive_mutex(pool, "tlslis",
&listener->factory.lock);
if (status != PJ_SUCCESS)
goto on_error;
if (async_cnt > MAX_ASYNC_CNT)
async_cnt = MAX_ASYNC_CNT;
/* Build SSL socket param */
pj_ssl_sock_param_default(&ssock_param);
ssock_param.cb.on_accept_complete = &on_accept_complete;
ssock_param.cb.on_data_read = &on_data_read;
ssock_param.cb.on_data_sent = &on_data_sent;
ssock_param.async_cnt = async_cnt;
ssock_param.ioqueue = pjsip_endpt_get_ioqueue(endpt);
ssock_param.require_client_cert = listener->tls_setting.require_client_cert;
ssock_param.timeout = listener->tls_setting.timeout;
ssock_param.user_data = listener;
ssock_param.verify_peer = PJ_FALSE; /* avoid SSL socket closing the socket
* due to verification error */
if (ssock_param.send_buffer_size < PJSIP_MAX_PKT_LEN)
ssock_param.send_buffer_size = PJSIP_MAX_PKT_LEN;
if (ssock_param.read_buffer_size < PJSIP_MAX_PKT_LEN)
ssock_param.read_buffer_size = PJSIP_MAX_PKT_LEN;
ssock_param.ciphers_num = listener->tls_setting.ciphers_num;
ssock_param.ciphers = listener->tls_setting.ciphers;
ssock_param.qos_type = listener->tls_setting.qos_type;
ssock_param.qos_ignore_error = listener->tls_setting.qos_ignore_error;
pj_memcpy(&ssock_param.qos_params, &listener->tls_setting.qos_params,
sizeof(ssock_param.qos_params));
has_listener = PJ_FALSE;
switch(listener->tls_setting.method) {
case PJSIP_TLSV1_METHOD:
ssock_param.proto = PJ_SSL_SOCK_PROTO_TLS1;
break;
case PJSIP_SSLV2_METHOD:
ssock_param.proto = PJ_SSL_SOCK_PROTO_SSL2;
break;
case PJSIP_SSLV3_METHOD:
ssock_param.proto = PJ_SSL_SOCK_PROTO_SSL3;
break;
case PJSIP_SSLV23_METHOD:
ssock_param.proto = PJ_SSL_SOCK_PROTO_SSL23;
break;
default:
ssock_param.proto = PJ_SSL_SOCK_PROTO_DEFAULT;
break;
}
/* Create SSL socket */
status = pj_ssl_sock_create(pool, &ssock_param, &listener->ssock);
if (status != PJ_SUCCESS)
goto on_error;
listener_addr = (pj_sockaddr_in*)&listener->factory.local_addr;
if (local) {
pj_sockaddr_cp((pj_sockaddr_t*)listener_addr,
(const pj_sockaddr_t*)local);
} else {
pj_sockaddr_in_init(listener_addr, NULL, 0);
}
/* Check if certificate/CA list for SSL socket is set */
if (listener->tls_setting.cert_file.slen ||
listener->tls_setting.ca_list_file.slen)
{
status = pj_ssl_cert_load_from_files(pool,
&listener->tls_setting.ca_list_file,
&listener->tls_setting.cert_file,
&listener->tls_setting.privkey_file,
&listener->tls_setting.password,
&listener->cert);
if (status != PJ_SUCCESS)
goto on_error;
status = pj_ssl_sock_set_certificate(listener->ssock, pool,
listener->cert);
if (status != PJ_SUCCESS)
goto on_error;
}
/* Start accepting incoming connections. Note that some TLS/SSL backends
* may not support for SSL socket server.
*/
has_listener = PJ_FALSE;
status = pj_ssl_sock_start_accept(listener->ssock, pool,
(pj_sockaddr_t*)listener_addr,
pj_sockaddr_get_len((pj_sockaddr_t*)listener_addr));
if (status == PJ_SUCCESS || status == PJ_EPENDING) {
pj_ssl_sock_info info;
has_listener = PJ_TRUE;
/* Retrieve the bound address */
status = pj_ssl_sock_get_info(listener->ssock, &info);
if (status == PJ_SUCCESS)
pj_sockaddr_cp(listener_addr, (pj_sockaddr_t*)&info.local_addr);
} else if (status != PJ_ENOTSUP) {
goto on_error;
}
/* If published host/IP is specified, then use that address as the
* listener advertised address.
*/
if (a_name && a_name->host.slen) {
/* Copy the address */
listener->factory.addr_name = *a_name;
pj_strdup(listener->factory.pool, &listener->factory.addr_name.host,
&a_name->host);
listener->factory.addr_name.port = a_name->port;
} else {
/* No published address is given, use the bound address */
/* If the address returns 0.0.0.0, use the default
* interface address as the transport's address.
*/
if (listener_addr->sin_addr.s_addr == 0) {
pj_sockaddr hostip;
status = pj_gethostip(pj_AF_INET(), &hostip);
if (status != PJ_SUCCESS)
goto on_error;
listener_addr->sin_addr.s_addr = hostip.ipv4.sin_addr.s_addr;
}
/* Save the address name */
sockaddr_to_host_port(listener->factory.pool,
&listener->factory.addr_name, listener_addr);
}
/* If port is zero, get the bound port */
if (listener->factory.addr_name.port == 0) {
listener->factory.addr_name.port = pj_ntohs(listener_addr->sin_port);
}
pj_ansi_snprintf(listener->factory.obj_name,
sizeof(listener->factory.obj_name),
"tlslis:%d", listener->factory.addr_name.port);
/* Register to transport manager */
listener->endpt = endpt;
listener->tpmgr = pjsip_endpt_get_tpmgr(endpt);
listener->factory.create_transport2 = lis_create_transport;
listener->factory.destroy = lis_destroy;
listener->is_registered = PJ_TRUE;
status = pjsip_tpmgr_register_tpfactory(listener->tpmgr,
&listener->factory);
if (status != PJ_SUCCESS) {
listener->is_registered = PJ_FALSE;
goto on_error;
}
if (has_listener) {
PJ_LOG(4,(listener->factory.obj_name,
"SIP TLS listener is ready for incoming connections "
"at %.*s:%d",
(int)listener->factory.addr_name.host.slen,
listener->factory.addr_name.host.ptr,
listener->factory.addr_name.port));
} else {
PJ_LOG(4,(listener->factory.obj_name, "SIP TLS is ready "
"(client only)"));
}
/* Return the pointer to user */
if (p_factory) *p_factory = &listener->factory;
return PJ_SUCCESS;
on_error:
lis_destroy(&listener->factory);
return status;
}
/*
* This is the public API to create, initialize, register, and start the
* TCP listener.
*/
PJ_DEF(pj_status_t) pjsip_tcp_transport_start3(
pjsip_endpoint *endpt,
const pjsip_tcp_transport_cfg *cfg,
pjsip_tpfactory **p_factory
)
{
pj_pool_t *pool;
pj_sock_t sock = PJ_INVALID_SOCKET;
struct tcp_listener *listener;
pj_activesock_cfg asock_cfg;
pj_activesock_cb listener_cb;
pj_sockaddr *listener_addr;
int addr_len;
pj_bool_t has_listener = PJ_FALSE;
pj_status_t status;
/* Sanity check */
PJ_ASSERT_RETURN(endpt && cfg->async_cnt, PJ_EINVAL);
/* Verify that address given in a_name (if any) is valid */
if (cfg->addr_name.host.slen) {
pj_sockaddr tmp;
status = pj_sockaddr_init(cfg->af, &tmp, &cfg->addr_name.host,
(pj_uint16_t)cfg->addr_name.port);
if (status != PJ_SUCCESS || !pj_sockaddr_has_addr(&tmp) ||
(cfg->af==pj_AF_INET() &&
tmp.ipv4.sin_addr.s_addr==PJ_INADDR_NONE))
{
/* Invalid address */
return PJ_EINVAL;
}
}
pool = pjsip_endpt_create_pool(endpt, "tcptp", POOL_LIS_INIT,
POOL_LIS_INC);
PJ_ASSERT_RETURN(pool, PJ_ENOMEM);
listener = PJ_POOL_ZALLOC_T(pool, struct tcp_listener);
listener->factory.pool = pool;
listener->factory.type = cfg->af==pj_AF_INET() ? PJSIP_TRANSPORT_TCP :
PJSIP_TRANSPORT_TCP6;
listener->factory.type_name = (char*)
pjsip_transport_get_type_name(listener->factory.type);
listener->factory.flag =
pjsip_transport_get_flag_from_type(listener->factory.type);
listener->qos_type = cfg->qos_type;
pj_memcpy(&listener->qos_params, &cfg->qos_params,
sizeof(cfg->qos_params));
pj_memcpy(&listener->sockopt_params, &cfg->sockopt_params,
sizeof(cfg->sockopt_params));
pj_ansi_strcpy(listener->factory.obj_name, "tcptp");
if (listener->factory.type==PJSIP_TRANSPORT_TCP6)
pj_ansi_strcat(listener->factory.obj_name, "6");
status = pj_lock_create_recursive_mutex(pool, listener->factory.obj_name,
&listener->factory.lock);
if (status != PJ_SUCCESS)
goto on_error;
#if !(defined(PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER) && \
PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER != 0)
/* Create socket */
status = pj_sock_socket(cfg->af, pj_SOCK_STREAM(), 0, &sock);
if (status != PJ_SUCCESS)
goto on_error;
/* Apply QoS, if specified */
status = pj_sock_apply_qos2(sock, cfg->qos_type, &cfg->qos_params,
2, listener->factory.obj_name,
"SIP TCP listener socket");
/* Apply SO_REUSEADDR */
if (cfg->reuse_addr) {
int enabled = 1;
status = pj_sock_setsockopt(sock, pj_SOL_SOCKET(), pj_SO_REUSEADDR(),
&enabled, sizeof(enabled));
if (status != PJ_SUCCESS) {
PJ_PERROR(4,(listener->factory.obj_name, status,
"Warning: error applying SO_REUSEADDR"));
}
}
/* Apply socket options, if specified */
if (cfg->sockopt_params.cnt)
status = pj_sock_setsockopt_params(sock, &cfg->sockopt_params);
#else
PJ_UNUSED_ARG(addr_len);
#endif
/* Bind address may be different than factory.local_addr because
* factory.local_addr will be resolved below.
*/
pj_sockaddr_cp(&listener->bound_addr, &cfg->bind_addr);
/* Bind socket */
listener_addr = &listener->factory.local_addr;
pj_sockaddr_cp(listener_addr, &cfg->bind_addr);
#if !(defined(PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER) && \
PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER != 0)
status = pj_sock_bind(sock, listener_addr,
pj_sockaddr_get_len(listener_addr));
if (status != PJ_SUCCESS)
goto on_error;
/* Retrieve the bound address */
addr_len = pj_sockaddr_get_len(listener_addr);
status = pj_sock_getsockname(sock, listener_addr, &addr_len);
if (status != PJ_SUCCESS)
goto on_error;
#endif
/* If published host/IP is specified, then use that address as the
* listener advertised address.
*/
if (cfg->addr_name.host.slen) {
/* Copy the address */
listener->factory.addr_name = cfg->addr_name;
pj_strdup(listener->factory.pool, &listener->factory.addr_name.host,
&cfg->addr_name.host);
listener->factory.addr_name.port = cfg->addr_name.port;
} else {
/* No published address is given, use the bound address */
/* If the address returns 0.0.0.0, use the default
* interface address as the transport's address.
*/
if (!pj_sockaddr_has_addr(listener_addr)) {
pj_sockaddr hostip;
status = pj_gethostip(listener->bound_addr.addr.sa_family,
&hostip);
if (status != PJ_SUCCESS)
goto on_error;
pj_sockaddr_copy_addr(listener_addr, &hostip);
}
/* Save the address name */
sockaddr_to_host_port(listener->factory.pool,
&listener->factory.addr_name,
listener_addr);
}
/* If port is zero, get the bound port */
if (listener->factory.addr_name.port == 0) {
listener->factory.addr_name.port = pj_sockaddr_get_port(listener_addr);
}
pj_ansi_snprintf(listener->factory.obj_name,
sizeof(listener->factory.obj_name),
"tcptp:%d", listener->factory.addr_name.port);
#if !(defined(PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER) && \
PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER != 0)
/* Start listening to the address */
status = pj_sock_listen(sock, PJSIP_TCP_TRANSPORT_BACKLOG);
if (status != PJ_SUCCESS)
goto on_error;
/* Create active socket */
pj_activesock_cfg_default(&asock_cfg);
if (cfg->async_cnt > MAX_ASYNC_CNT)
asock_cfg.async_cnt = MAX_ASYNC_CNT;
else
asock_cfg.async_cnt = cfg->async_cnt;
#endif
/* Create group lock */
status = pj_grp_lock_create(pool, NULL, &listener->grp_lock);
if (status != PJ_SUCCESS)
return status;
pj_grp_lock_add_ref(listener->grp_lock);
pj_grp_lock_add_handler(listener->grp_lock, pool, listener,
&lis_on_destroy);
asock_cfg.grp_lock = listener->grp_lock;
pj_bzero(&listener_cb, sizeof(listener_cb));
listener_cb.on_accept_complete = &on_accept_complete;
#if !(defined(PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER) && \
PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER != 0)
status = pj_activesock_create(pool, sock, pj_SOCK_STREAM(), &asock_cfg,
pjsip_endpt_get_ioqueue(endpt),
&listener_cb, listener,
&listener->asock);
#endif
/* Register to transport manager */
listener->endpt = endpt;
listener->tpmgr = pjsip_endpt_get_tpmgr(endpt);
listener->factory.create_transport = lis_create_transport;
listener->factory.destroy = lis_destroy;
listener->is_registered = PJ_TRUE;
status = pjsip_tpmgr_register_tpfactory(listener->tpmgr,
&listener->factory);
if (status != PJ_SUCCESS) {
listener->is_registered = PJ_FALSE;
goto on_error;
}
#if !(defined(PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER) && \
PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER != 0)
/* Start pending accept() operations */
status = pj_activesock_start_accept(listener->asock, pool);
if (status != PJ_SUCCESS)
goto on_error;
has_listener = PJ_TRUE;
#endif
if (has_listener) {
PJ_LOG(4,(listener->factory.obj_name,
"SIP TCP listener ready for incoming connections at %.*s:%d",
(int)listener->factory.addr_name.host.slen,
listener->factory.addr_name.host.ptr,
listener->factory.addr_name.port));
} else {
PJ_LOG(4,(listener->factory.obj_name, "SIP TCP is ready "
"(client only)"));
}
/* Return the pointer to user */
if (p_factory) *p_factory = &listener->factory;
return PJ_SUCCESS;
on_error:
if (listener->asock==NULL && sock!=PJ_INVALID_SOCKET)
pj_sock_close(sock);
lis_destroy(&listener->factory);
return status;
}
