0150c862a2
FS-6854 #comment try this patch
2014-09-30 20:35:19 +05:00
7c89c21153
FS-6860 #resolve this was fixed once but was lost in the last sync
2014-09-26 09:00:09 -05:00
f7de058acd
FS-6854 #resolve
2014-09-25 21:44:02 +05:00
9e72c8477f
fix possible buffer overrun in websocket uri and sync the ws.c between sofia and verto (missing code from last commit)
2014-09-24 01:09:44 +05:00
59e71341db
fix possible buffer overrun in websocket uri and sync the ws.c between sofia and verto
2014-09-23 20:17:20 +05:00
4c9d9301b0
Workaround for Windows limit in su_wait
...
Windows has a 64 descriptor limit in WSAWaitForMultipleEvents system call.
Implemented some custom login in su_wait to work around this limitation.
Changed SU_WAIT_MAX from 64 to 0x7fffffff, like on other plaftorms.
2014-09-23 13:09:57 +02:00
3c32dd3bc9
Return NULL from `sub_alloc` for zero size
...
When zero was passed for the size to `sub_alloc`, we were passing this
size on to `malloc` or `calloc`, which is unusual enough that static
analyzers warn about this (POSIX says that either NULL or a pointer
will be returned).
We'll instead just return NULL right away.
2014-08-22 02:47:04 +00:00
571cf932dc
fix VS2010 build warning
2014-08-16 18:22:41 -05:00
cbe0bc05d0
force sofia rebuild
2014-08-16 01:34:30 +05:00
24413bfa11
copy changes from verto ws.c to sofia
2014-08-16 00:43:25 +05:00
2411550727
add homer capture line to websocket transport
2014-08-11 21:02:25 +05:00
8414c498cf
Fix line endings per .gitattributes
2014-08-08 15:24:42 +00:00
327146cecf
Fix WS Compile on MSVC2012
2014-07-25 11:34:08 -05:00
6c80281ce9
buffer websocket headers and body before sending to avoid fragmentation
2014-07-17 01:07:57 +05:00
b53ba668fa
rebuild
2014-07-12 04:39:56 +05:00
cc75547672
merge ws.c change to sofia
2014-07-12 04:39:41 +05:00
d2a487dce3
date would have done the same thing
2014-06-18 08:58:49 -05:00
fb92ebc8f2
FS-5223 and FS-6603, don't trust docs... sheesh
2014-06-18 08:33:57 -05:00
311889634b
FS-5223 FS-6603 on platforms that have SO_REUSEPORT it also implies SO_REUSEADDR, On platforms that only have SO_REUSEADDR it seems to imply both in the absence of SO_REUSEPORT.
2014-06-17 21:15:02 -05:00
0685027bd8
FS-6574 --resolve
2014-06-09 14:29:08 -04:00
b5a223cd1b
CID:1215201 Explicit null dereferenced
2014-05-22 15:39:59 +00:00
f0aa0fc1d8
seek chain cert from wss.pem just cat together the cert, the key and the chain cert into wss.pem
2014-05-20 23:18:38 +05:00
77bddb9f9c
FS-6538: silence gcc 4.9 throwing incorrect warning
2014-05-20 15:46:46 +00:00
af6c4b00b7
force sofia rebuild
2014-05-20 20:29:17 +05:00
f683ac2165
FS-6533: --resolve fix gcc 4.9 warning due to useless right-hand operand of comma expression
2014-05-19 10:36:02 -05:00
88ce7dae1c
minor tweak to make ws code work in blocking mode properly when used outside sofia
2014-05-07 06:13:27 +05:00
317f4b1442
Fix building with musl libc
...
POSIX says poll.h and signal.h should not be prefixed with sys/ (ie
poll.h instead of sys/poll.h)
limits.h also defines a TZNAME_MAX so we change name of the define for
spandsp.
2014-05-02 11:20:36 -04:00
906467b360
fix log message on sending tport ping over ws to log error in failure cases
2014-05-01 14:20:27 -04:00
cfd8d28bc8
silence clang unused function warnings and get rid of some unused functions
2014-05-01 09:03:19 -04:00
fc25bbc23c
remove unused function
2014-05-01 08:32:23 -04:00
b55ba90def
fix 2 potential use after free errors
2014-05-01 08:30:52 -04:00
2cdae46b19
FS-6476 regression where sock would sometimes drop while reading logical frames
2014-04-29 18:25:05 -04:00
61e22e8b50
FS-6476 --resolve
2014-04-22 23:25:41 +05:00
cbd20d8a05
update
2014-04-17 04:33:02 +05:00
bce51017fb
FS-6462 --resolve
...
I found a problem here but it may not completely match your expectations.
I reviewed the RFC 4028 and checked against the code and I discovered we should not be putting a Min-SE in any response at all besides a 422:
section 5:
The Min-SE header field MUST NOT be used in responses except for
those with a 422 response code. It indicates the minimum value of
the session interval that the server is willing to accept.
I corrected this problem and implemented the 422 response so if you request a value lower than the minimum specified for the profile.
If the value is equal or higher to the minimum, it will be reflected in the Session-Expires header in the response and no Min-SE will be present.
2014-04-17 04:26:43 +05:00
01254eaa5c
force sofia rebuild
2014-04-04 13:42:49 -05:00
180282cd9a
FS-6287
2014-04-04 13:42:13 -05:00
7ea4acaece
FS-6426 --resolve
2014-04-03 23:25:48 +05:00
f50f04be51
FS-6356: --resolve fix assert when you set the time > 15 days in the future during operation while things are in queue to be processeed
2014-03-28 14:33:47 -04:00
74ab9515a4
FS-6294 DragonFly requires this also.
2014-03-21 11:14:15 -05:00
16577339be
FS-6387 don't fail if your openssl package has been compiled without EC support...LOOKING AT YOU GENTOO
2014-03-20 08:07:53 -05:00
c4c0f38aab
FS-6294 FS-6308 NetBSD support should work test and report back please.
2014-03-19 14:34:07 -05:00
c210510c15
FS-6375 bump sofia so it rebuilds
2014-03-18 17:44:05 -05:00
f6d9027282
FS-6375 ifdef for sun in this case
2014-03-18 17:43:46 -05:00
240f5d984f
force sofia rebuild
2014-03-17 16:18:24 -05:00
bd1492e43e
FS-6287 --resolve
2014-03-17 16:16:42 -05:00
1d28639cac
revert revert
2014-03-17 16:15:59 -05:00
be1efcc1fa
Revert 6e818216e2, from FS-6287 as it breaks challenge to invites we don't come back and respond
2014-03-17 15:03:08 -05:00
340b697e1b
FS-6341: --resolve add 3pcc invite w/o sdp support for 100rel/PRACK
2014-03-17 12:27:42 -04:00
19fc943f59
Mitigate the CRIME TLS flaw
...
If an attacker can cause a device to make an authenticated request to
a service via TLS while including a payload of the attacker's choice
in that request, and if TLS compression is enabled, the attacker can
uncover the plaintext authentication information by making a series of
guesses and observing changes in the length of the ciphertext.
This is CVE-2012-4929.
FS-6360 --resolve
Thanks-to: Brian West <brian@freeswitch.org>
2014-03-16 16:24:58 +00:00
6a1d552430
force sofia update
2014-03-14 12:27:25 -05:00
6e818216e2
FS-6287 --resolve When a broken registrar sends a 401 unauth then replies with a subsequent 401 unauth without the stale=true attribute, sofia tries to invalidate the auth handle and get stuck in a state where it cannot recover until the reg handle is destroyed. In this case, the provider in question has a bug on thier end when the nonce count rolls from nc=000000ff to nc=00000100 they start sending several consecitive 401 rather than a 401 with stale=true or a 403. This change will allow it to reset properly and try again with nc=00000001 on the next try.
2014-03-14 12:25:48 -05:00
9fd30a2cd9
FS-6339 --resolve
2014-03-11 18:16:23 -05:00
2513388d8a
clean up some bootstrap warnings
2014-03-07 18:36:26 -05:00
1990d10057
Reword the websocket TLS cipher list
...
This generates an identical list of cipher suites, but this commit
restates the cipher spec to be more similar to the way we state it
elsewhere.
2014-03-05 21:37:30 +00:00
6a3dcc9e0f
Drop null-auth suites from our default TLS cipher list
...
Previously we disallowed anonymous Diffie-Hellman, but there are other
kinds of null-authentication TLS suites. In particular, disallowing
AECDH is important now that we support elliptic-curve Diffie-Hellman.
2014-03-05 21:37:30 +00:00
4cf14bce50
FS-5814
2014-03-06 00:31:10 +05:00
fe2a4bfa53
FS-5814
2014-03-05 13:12:02 -06:00
5dbdbda0e7
force sofia rebuild
2014-03-06 00:03:20 +05:00
7cb91467e0
FS-5814 --resolve
2014-03-06 00:02:40 +05:00
066de4b378
Port commit from gitorious copy of sofia-sip our code now differs but this issue would still be a concern for OS X
...
commit ee51fa4e2993ab71339e29691aec8b924c810c53
Author: Frode Isaksen <frode.isaksen@bewan.com>
Date: Thu Aug 18 16:40:58 2011 +0300
su: fix su_time() on 64-bit OS X
The field tv_sec in struct timeval is 64bits instead of 32bits as in
su_time_t, so you cannot cast su_time_t to struct timeval.
2014-03-05 10:25:39 -06:00
d5760e0d6a
Show TLS cipher suite selected in sofia debug
...
This shows the cipher name, TLS version, the number of cipher bits and
algorithm bits, and a description of the cipher in Sofia's debug
logging output on level 9.
2014-02-28 20:46:34 +00:00
55901ae0f1
FS-6168 --resolve
2014-02-28 23:30:42 +05:00
461f94870f
Merge remote-tracking branch 'origin/master' into moy/tport-log-fix
2014-02-24 19:39:17 -05:00
fdd4974189
bump
2014-02-21 16:38:46 -05:00
2fe0516ac2
Fix missing/duplicate declaration
...
This looks like a copy/paste error.
FS-6037 --resolve
Thanks-to: David Sanders <dsanders@pinger.com>
2014-02-21 21:09:19 +00:00
0cebdf8fc5
fix types for reply to
2014-02-21 16:08:30 -05:00
63aea267bc
change macro name to work around conflict in openbsd
2014-02-21 15:25:50 -05:00
19f9dc12d3
change macro name to work around conflict in openbsd
2014-02-21 15:24:44 -05:00
3449e265a0
Force sofia rebuild
...
The rebuild is needed for commit d3b9aaba60
2014-02-11 17:45:45 +00:00
8b7d58ddf8
Rework handling of Linux TCP keepalives in Sofia
...
This separates out the Linux socket TCP keepalive timeout interval
from Sofia's internal mechanisms. Earlier we tied these together. In
retrospect this seems improper.
These two values can now be set separately.
You might, for example, want to keep the Sofia internal mechanism
disabled completely while enabling the platform-based mechanism if
your platform supports it.
We also here reform the default value of the socket TCP keepalive
parameter to 30 seconds.
This is what commit a0e9639a1f
2014-02-11 06:27:20 +00:00
2b064e6393
Add additional debugging output to keepalive handling
2014-02-11 05:40:41 +00:00
3ae189ca3f
Synchronize Sofia and Linux TCP keepalive timeout units
...
Sofia keeps the TCP keepalive timeout in milliseconds, but Linux
expects the value in seconds. Before this change, it's unlikely the
TCP_KEEPIDLE and TCP_KEEPINTVL calls were having much effect as we
would have been passing them a huge value.
FS-6104
2014-02-11 05:33:25 +00:00
f2d544d559
Rebuild sofia
2014-02-06 15:41:33 +00:00
a96eefe8ee
Add support for EECDH to Sofia-SIP
...
This adds support for the ephemeral elliptic curve Diffie-Hellman key
exchange, which provides for forward secrecy in the event that
long-term keys are compromised.
For the moment, we've hard-coded the curve as prime256v1.
2014-02-06 15:40:35 +00:00
c0101e2ce6
Allow setting TLS cipher suites through Sofia-SIP API
...
Previously there was no way to override the hard-coded cipher suite
specification of "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH".
This commit does leave in place the hardcoded cipher spec for WebRTC
of "HIGH:!DSS:!aNULL@STRENGTH".
2014-02-06 06:04:02 +00:00
e3b353e911
Allow setting enabled TLS versions in Sofia-SIP
...
Previously if the TPTAG_TLS_VERSION was set to a non-zero value we
supported only TLSv1 (but not TLSv1.1 or TLSv1.2), and if was set to
zero we supported all versions of TLS and SSL (including the
ridiculous SSLv2).
Now we take an integer field where various bits can be set indicating
which versions of TLS we would like to support.
2014-02-06 02:17:13 +00:00
b6270f4d70
FS-6030: --resolve fix variable scoping issue for more aggressive optimizer
2014-02-05 08:46:04 -05:00
0a3e18a308
FS-6174 --resolve after updating to this revision, put ca-bundle.crt in /usr/local/freeswitch/certs to get chain cert in place for both dtls and wss
2014-01-31 20:16:54 +05:00
0e14b758fc
FS-6150 --resolve cool find
2014-01-27 06:57:05 +05:00
a0e9639a1f
Handle Linux TCP keepalives better in Sofia
...
Sofia accepts a value for the TCP keepalive timeout interval via
TPTAG_KEEPALIVE, however it fails to use this value for the Linux
keepalive socket options TCP_KEEPIDLE and TCP_KEEPINTVL. In fact, on
Linux it enables the sending of TCP keepalives even if tpp_keepalive
is set to zero which would disable Sofia's internal keepalive
mechanisms. Sofia then uses a hard coded value of 30 seconds for
these keepalive intervals which affects battery life on mobile
devices.
With this commit we harmonize the sending of TCP keepalives on Linux
with other platforms by using the value from TPTAG_KEEPALIVE and not
enabling the sending of TCP keepalives at all if the value of the
parameter is zero.
FS-6104 --resolve
2014-01-18 15:46:56 +00:00
f5b18c0fdd
FS-5642 --resolve add back the ETIMEDOUT check, needed on Mac
2013-12-13 11:46:14 +08:00
bb53175526
FS-6010 --resolve
2013-11-29 22:16:49 -06:00
bbe1fe1a31
FS-6005 --resolve
2013-11-27 10:20:35 -06:00
713ddc4834
Fix tport_stamp in the sofia stack to use localtime for the timestamp
2013-10-29 12:17:55 -04:00
c8be999c34
FS-5911 --resolve
2013-10-25 23:51:43 +05:00
88b2e96516
windows fix compiler errors
2013-10-22 23:23:48 -05:00
20a55d3cc6
update
2013-10-22 16:27:15 -05:00
e2bdd78d55
FS-5896 --resolve
2013-10-22 20:33:13 +05:00
3c2a5db225
add missing protos
2013-10-21 20:11:30 +05:00
bfcd1e07ca
compile failure due to no newline at end of file
2013-10-21 10:54:23 -04:00
0d19abfbdb
FS-5887 --resolve
2013-10-19 00:00:28 +05:00
8aff25e03d
FS-5855 please try lastest HEAD
2013-10-08 12:10:36 -05:00
1aa8464114
FS-5819: don't assigne variable to itself
2013-09-30 13:28:47 -04:00
6b9382290d
FS-5819 fix typo
2013-09-27 22:23:23 -04:00
42d7d86514
FS-5819: fix bounds check on enum type
2013-09-27 21:28:12 -04:00
25001e857f
FS-5819: fix useless assignment in sofia
2013-09-27 12:39:49 -04:00
8493c88f88
fix proto regression from last commit
2013-09-19 19:34:58 -04:00
750847f290
ignore a= lines when m= port is 0
2013-09-19 13:44:20 -05:00
b407732dcd
fix for todays ws.* changes
2013-09-17 23:23:11 -05:00
f1d0357e92
minor fixes in ws.c
2013-09-18 05:13:46 +05:00
50ea67b340
fix connection issue in websocket
2013-09-17 06:24:58 +05:00
378648f2b1
similar fix to 53d17a1312
2013-09-12 16:56:07 -05:00
98df017ae6
FS-5780 --resolve
2013-09-12 00:10:28 +05:00
d7608fad7a
FS-5714 --resolve
2013-09-05 20:55:55 +05:00
9c2a247f72
rebuild
2013-09-05 20:41:45 +05:00
c001840d9d
FS-5714 --resolve That is probably the right place
2013-09-05 20:41:31 +05:00
53d17a1312
override the default 30 minute timeout on tport connections for websockets
2013-09-04 04:24:53 +05:00
b5ac54ecca
FS-5738 --resolve
2013-08-28 23:18:41 +05:00
dbfde499a4
add val to debug message
2013-08-23 04:13:19 +05:00
da148c0dd4
remove call to close
2013-08-22 18:49:35 -04:00
143b1c44eb
rebuild
2013-07-29 16:07:34 -05:00
d00c8a6abf
FS-5641 --resolve
2013-07-29 16:07:03 -05:00
bc851de200
FS-5642 FS-5556 --resolve I have not tested this yet for the connect but I fixed the seg for sure which was an outstanding issue in 5556 reopen 5642 if connect still doesnt work
2013-07-26 11:27:45 -05:00
5dbf2b3cf7
refactor some video code
2013-07-11 17:38:24 -05:00
5fc2bc9993
FS-5588 --resolve windows compiler fixes
2013-07-09 07:53:56 -05:00
94f3b90040
use static buffer and nonblocking socket in websocket client
2013-07-08 08:25:45 -05:00
a52a604fbb
FS-5527 fix compiler error windows
2013-06-28 11:05:27 -05:00
dac93d7936
FS-5527 --resolve
2013-06-28 10:42:06 -05:00
b2e06346d4
some more ws transport tweaks
2013-06-27 14:04:13 -05:00
a26ab6e3e0
fix ssl connect race
2013-06-26 23:10:19 -04:00
afc18668f3
tweak sip ws code to avoid double free
2013-06-26 12:43:54 -04:00
20f3b7d1b7
update
2013-06-25 09:28:55 -05:00
da0c0c0e4a
revert 02c329da33 and put proper fix
2013-06-24 08:31:06 -05:00
02c329da33
fix compiler warning
2013-06-20 14:27:32 -05:00
469bcc562d
fix gcc bug patch
2013-06-20 10:50:33 -05:00
c01fa0e1cf
newer gcc does not like when you use out of bounds array indexes to access other elements in a struct (at least at -O2)
2013-06-20 10:16:35 -05:00
66239f15b0
comment out broken test
2013-06-20 10:16:35 -05:00
a71b199de4
fix ref counting issue in tcp,tls,wss transports
2013-06-19 21:54:58 -05:00
633dcd46b6
yay for bugs
2013-06-19 12:26:45 -05:00
9a87ec6a52
disable dialog matching for subscribe reqs so it always uses a new handle to avoid conflicting with notify transactions
...
Conflicts:
libs/sofia-sip/.update
2013-06-12 23:48:39 -05:00
a55d70ed62
add kirk wireless servers to safe as they do not do rport
2013-05-31 11:54:05 -05:00
442a53ae3c
rebuild
2013-04-26 08:41:49 -05:00
471b3d33fd
add tcp keepalive where possible
2013-04-25 13:33:17 -05:00
fddad1da06
FS-5343 --resolve
2013-04-24 12:09:35 -05:00
43eaa95746
windows compile another step closer
2013-04-03 08:55:03 -05:00
ff9571e1e9
sofia windows compiler warnings
2013-04-02 17:25:10 -05:00
23410558ff
hust compiler warning
2013-04-01 17:24:52 -05:00
cc3e75fc62
omit weak ciphers to prevent hackage
2013-03-31 21:27:27 -05:00
68055eab2b
support tls dir options properly
2013-03-31 21:27:26 -05:00
c4b221c750
trying to get mozilla to work using sipml5, got stun/dtls/rtp flowing and its dead silent. c'mon guys... why do you have to do everything differently?????
2013-03-31 21:27:25 -05:00
a36bd797c6
fix shutdown seg
2013-03-31 21:27:24 -05:00
52e7a63bbf
fix for firefox secure websockets which for some reason writes only 1 byte first on secure ws frame
2013-03-31 21:27:24 -05:00
e00ede7e7d
unreg on sock disconnect
2013-03-31 21:27:22 -05:00
0ce92e4cee
wire in tport error callback to nua_stack_tport_error
2013-03-31 21:27:22 -05:00
24868979f7
more portable type
2013-03-31 21:27:22 -05:00
fa8ccff7c3
polish
2013-03-31 21:27:21 -05:00
2ccc771825
fix cpu race on ws poll
2013-03-31 21:27:21 -05:00
99559a3cd3
add NUTAG_WS_URL and NUTAG_WSS_URL tags
2013-03-31 21:27:21 -05:00
e31c74b638
use cert dir from tls config to find wss certs
2013-03-31 21:27:21 -05:00
Anthony Minessale
Brian West
Stefano Picerno
Travis Cross
Jeff Lenk
Michael Jerris
Natanael Copa
Moises Silva
Seven Du
Chris Rienzo
Ken Rice