[#2722] Update TLS setting before acquiring new transport on registration

2025-08-12 22:09:25 +08:00 · 2010-02-02 16:12:41 -05:00
parent ead41826cf
commit 15c6d2079c
5 changed files with 53 additions and 16 deletions
--- a/sflphone-common/libs/pjproject/pjsip/include/pjsip/sip_transport_tls.h
+++ b/sflphone-common/libs/pjproject/pjsip/include/pjsip/sip_transport_tls.h
@ -188,12 +188,6 @@ typedef struct pjsip_tls_setting
    pj_bool_t qos_ignore_error;


-    /**
-     * An optional callback for TLS verify which can be left to NULL;
-     * 
-     */ 
-    int(* on_tls_verify)()
-
 } pjsip_tls_setting;


@ -229,6 +223,11 @@ PJ_INLINE(void) pjsip_tls_setting_copy(pj_pool_t *pool,
    pj_strdup_with_null(pool, &dst->ciphers, &src->ciphers);
 }

+PJ_DEF(pj_status_t) pjsip_tls_listener_update_settings(pjsip_endpoint *endpt,
+						       pj_pool_t *pool,
+						       pjsip_tpmgr *mgr,
+						       pjsip_tpfactory *factory,
+						       const pjsip_tls_setting *opt);

 /**
 * Register support for SIP TLS transport by creating TLS listener on
--- a/sflphone-common/libs/pjproject/pjsip/src/pjsip/sip_transport_tls.c
+++ b/sflphone-common/libs/pjproject/pjsip/src/pjsip/sip_transport_tls.c
@ -30,6 +30,8 @@
 #include <pj/pool.h>
 #include <pj/string.h>

+#include <stdio.h>
+
 #if defined(PJSIP_HAS_TLS_TRANSPORT) && PJSIP_HAS_TLS_TRANSPORT!=0

 #define THIS_FILE	"sip_transport_tls.c"
@ -174,6 +176,28 @@ static void sockaddr_to_host_port( pj_pool_t *pool,
 * The TLS listener/transport factory.
 */

+PJ_DEF(pj_status_t) pjsip_tls_listener_update_settings(pjsip_endpoint *endpt,
+						       pj_pool_t *pool,
+						       pjsip_tpmgr *mgr,
+						       pjsip_tpfactory *factory,
+						       const pjsip_tls_setting *opt) {
+
+    struct tls_listener *listener;
+    pjsip_transport_type_e type = PJSIP_TRANSPORT_TLS;
+
+    /*
+     * Find the tls factory.
+     */
+    listener = (struct tls_listener*)factory;
+    listener->tls_setting;
+
+    pjsip_tls_setting_copy(pool, &(listener->tls_setting), opt);
+
+    return PJ_SUCCESS;
+}
+
+
+
 /*
 * This is the public API to create, initialize, register, and start the
 * TLS listener.
--- a/sflphone-common/src/sip/sipaccount.h
+++ b/sflphone-common/src/sip/sipaccount.h
@ -135,7 +135,7 @@ class SIPAccount : public Account
         * an alternate UDP transport.
         */
        inline pj_str_t getStunServerName(void) { return _stunServerName; }
-		inline void setStunServerName (pj_str_t srv) { _stunServerName = srv; }
+	inline void setStunServerName (pj_str_t srv) { _stunServerName = srv; }

 		/**
         * @return pj_uint8_t structure, filled from the configuration
@ -143,7 +143,7 @@ class SIPAccount : public Account
         * an alternate UDP transport.
         */
        inline pj_uint16_t getStunPort (void) { return _stunPort; }
-		inline void setStunPort (pj_uint16_t port) { _stunPort = port; }
+	inline void setStunPort (pj_uint16_t port) { _stunPort = port; }
        
        /**
         * @return bool Tells if current transport for that 
--- a/sflphone-common/src/sip/sipvoiplink.cpp
+++ b/sflphone-common/src/sip/sipvoiplink.cpp
@ -80,6 +80,7 @@ struct result {
 };

 pjsip_transport *_localUDPTransport;
+pjsip_tpfactory *_localTlsListener;

 const pj_str_t STR_USER_AGENT = { (char*) "User-Agent", 10 };

@ -492,6 +493,7 @@ int SIPVoIPLink::sendRegister (AccountID id)
        }
    }

+
    // Create SIP transport or get existent SIP transport from internal map 
    // according to account settings, if the transport could not be created but
    // one is already set in account, use this one (most likely this is the 
@ -1713,7 +1715,6 @@ bool get_dns_server_addresses (std::vector<std::string> *servers)

    struct  sockaddr_in current_server;
    in_addr address;
-
    // Read configuration files

    if (res_init () != 0) {
@ -2004,6 +2005,7 @@ bool SIPVoIPLink::acquireTransport(const AccountID& accountID) {
    if(!account)
        return false;

+
    // If an account is already bound to this account, decrease its reference 
    // as it is going to change. If the same transport is selected, reference 
    // counter will be increased
@ -2018,7 +2020,6 @@ bool SIPVoIPLink::acquireTransport(const AccountID& accountID) {
    // If TLS is enabled, TLS connection is automatically handled when sending account registration
    // However, for any other sip transaction, we must create TLS connection 
    if(createSipTransport(accountID)) {
-
        return true;
    }
    // A transport is already created on this port, use it
@ -2168,7 +2169,10 @@ void SIPVoIPLink::createDefaultSipTlsListener()
    if (status != PJ_SUCCESS) {
        _debug ("UserAgent: Error creating SIP TLS listener (%d)", status);
    }
-
+    else {
+        _localTlsListener = tls;
+    }
+    
    // return PJ_SUCCESS;
    
 }
@ -2186,9 +2190,15 @@ bool SIPVoIPLink::createSipTransport(AccountID id)

    if (account->isTlsEnabled()) {

+        // Parse remote address to establish connection 
+        std::string remoteSipUri = account->getServerUri();
+        int sips = remoteSipUri.find("<sips:") + 6;
+	int trns = remoteSipUri.find(";transport");
+	std::string remoteAddr = remoteSipUri.substr(sips, trns-sips);
+
        // Nothing to do, TLS listener already created at pjsip's startup and TLS connection\
        // is automatically handled in pjsip when sending registration messages.
-	// status = createTlsTransport(id, );
+        status = createTlsTransport(id, remoteAddr);
        return true;
    }
    else {
@ -2546,9 +2556,8 @@ int SIPVoIPLink::findLocalPortFromUri (const std::string& uri, pjsip_transport *
 }


-pj_status_t SIPVoIPLink::createTlsTransport(const AccountID& accountID, std::string& remoteAddr)
+pj_status_t SIPVoIPLink::createTlsTransport(const AccountID& accountID, std::string remoteAddr)
 {
-    
    // Retrieve the account information
    SIPAccount * account = dynamic_cast<SIPAccount *> (Manager::instance().getAccount (accountID));

@ -2565,10 +2574,15 @@ pj_status_t SIPVoIPLink::createTlsTransport(const AccountID& accountID, std::str

    pj_sockaddr_in_init(&rem_addr, &remote, (pj_uint16_t)5061);

+    // Update TLS settings for account registration using the default listeners
+    // Pjsip does not allow to create multiple listener
+    pjsip_tpmgr *mgr = pjsip_endpt_get_tpmgr(_endpt);
+    pjsip_tls_listener_update_settings(_endpt, _pool, mgr, _localTlsListener, account->getTlsSetting());
+
    // Create a new TLS connection from TLS listener
    pjsip_transport *tls;
    pjsip_endpt_acquire_transport(_endpt, PJSIP_TRANSPORT_TLS, &rem_addr, sizeof(rem_addr),
-	    				  NULL, &tls);
+              			  NULL, &tls);

    account->setAccountTransport(tls);

--- a/sflphone-common/src/sip/sipvoiplink.h
+++ b/sflphone-common/src/sip/sipvoiplink.h
@ -438,7 +438,7 @@ class SIPVoIPLink : public VoIPLink
         * be created.
         * @return pj_status_t PJ_SUCCESS on success 
         */
-        pj_status_t createTlsTransport(const AccountID& id,  std::string& remoteAddr);
+        pj_status_t createTlsTransport(const AccountID& id,  std::string remoteAddr);

 	/**
         * Create a UDP transport using stun server to resove public address