mirror of https://github.com/asterisk/asterisk
* Removed all 2.5.5 functional patches. * Updated usages of pj_release_pool to be "safe". * Updated configure options to disable webrtc. * Updated config_site.h to disable webrtc in pjmedia. * Added Richard Mudgett's recent resolver patches. Change-Id: Ib400cc4dfca68b3d07ce14d314e829bfddc252c7changes/75/5075/2
George Joseph
8 years ago
parent
25688ab797
commit
a537dae6d0
@ -1,58 +0,0 @@
|
||||
This patch updates array limit checks and docs
|
||||
in pjsip_evsub_register_pkg() and pjsip_endpt_add_capability().
|
||||
|
||||
Index: pjsip/include/pjsip/sip_endpoint.h
|
||||
===================================================================
|
||||
--- a/pjsip/include/pjsip/sip_endpoint.h (revision 5396)
|
||||
+++ b/pjsip/include/pjsip/sip_endpoint.h (revision 5397)
|
||||
@@ -583,7 +583,8 @@
|
||||
* @param hname If htype specifies PJSIP_H_OTHER, then the header name
|
||||
* must be supplied in this argument. Otherwise the value
|
||||
* must be set to NULL.
|
||||
- * @param count The number of tags in the array.
|
||||
+ * @param count The number of tags in the array. The value must not
|
||||
+ * be greater than PJSIP_GENERIC_ARRAY_MAX_COUNT.
|
||||
* @param tags Array of tags describing the capabilities or extensions
|
||||
* to be added to the appropriate header.
|
||||
*
|
||||
Index: pjsip/include/pjsip-simple/evsub.h
|
||||
===================================================================
|
||||
--- a/pjsip/include/pjsip-simple/evsub.h (revision 5396)
|
||||
+++ b/pjsip/include/pjsip-simple/evsub.h (revision 5397)
|
||||
@@ -246,7 +246,8 @@
|
||||
* registered.
|
||||
* @param event_name Event package identification.
|
||||
* @param expires Default subscription expiration time, in seconds.
|
||||
- * @param accept_cnt Number of strings in Accept array.
|
||||
+ * @param accept_cnt Number of strings in Accept array. The value must
|
||||
+ * not be greater than PJSIP_GENERIC_ARRAY_MAX_COUNT.
|
||||
* @param accept Array of Accept value.
|
||||
*
|
||||
* @return PJ_SUCCESS on success.
|
||||
Index: pjsip/src/pjsip/sip_endpoint.c
|
||||
===================================================================
|
||||
--- a/pjsip/src/pjsip/sip_endpoint.c (revision 5396)
|
||||
+++ b/pjsip/src/pjsip/sip_endpoint.c (revision 5397)
|
||||
@@ -371,6 +371,7 @@
|
||||
|
||||
/* Check arguments. */
|
||||
PJ_ASSERT_RETURN(endpt!=NULL && count>0 && tags, PJ_EINVAL);
|
||||
+ PJ_ASSERT_RETURN(count <= PJSIP_GENERIC_ARRAY_MAX_COUNT, PJ_ETOOMANY);
|
||||
PJ_ASSERT_RETURN(htype==PJSIP_H_ACCEPT ||
|
||||
htype==PJSIP_H_ALLOW ||
|
||||
htype==PJSIP_H_SUPPORTED,
|
||||
Index: pjsip/src/pjsip-simple/evsub.c
|
||||
===================================================================
|
||||
--- a/pjsip/src/pjsip-simple/evsub.c (revision 5396)
|
||||
+++ b/pjsip/src/pjsip-simple/evsub.c (revision 5397)
|
||||
@@ -412,7 +412,9 @@
|
||||
unsigned i;
|
||||
|
||||
PJ_ASSERT_RETURN(pkg_mod && event_name, PJ_EINVAL);
|
||||
- PJ_ASSERT_RETURN(accept_cnt < PJ_ARRAY_SIZE(pkg->pkg_accept->values),
|
||||
+
|
||||
+ /* Make sure accept_cnt < PJ_ARRAY_SIZE(pkg->pkg_accept->values) */
|
||||
+ PJ_ASSERT_RETURN(accept_cnt <= PJSIP_GENERIC_ARRAY_MAX_COUNT,
|
||||
PJ_ETOOMANY);
|
||||
|
||||
/* Make sure evsub module has been initialized */
|
||||
@ -1,24 +0,0 @@
|
||||
This patch fixes the issue in pjsip_tx_data_dec_ref()
|
||||
when tx_data_destroy can be called more than once,
|
||||
and checks if invalid value (e.g. NULL) is passed to.
|
||||
|
||||
Index: pjsip/src/pjsip/sip_transport.c
|
||||
===================================================================
|
||||
--- a/pjsip/src/pjsip/sip_transport.c (revision 5399)
|
||||
+++ b/pjsip/src/pjsip/sip_transport.c (revision 5400)
|
||||
@@ -491,8 +491,13 @@
|
||||
*/
|
||||
PJ_DEF(pj_status_t) pjsip_tx_data_dec_ref( pjsip_tx_data *tdata )
|
||||
{
|
||||
- pj_assert( pj_atomic_get(tdata->ref_cnt) > 0);
|
||||
- if (pj_atomic_dec_and_get(tdata->ref_cnt) <= 0) {
|
||||
+ pj_atomic_value_t ref_cnt;
|
||||
+
|
||||
+ PJ_ASSERT_RETURN(tdata && tdata->ref_cnt, PJ_EINVAL);
|
||||
+
|
||||
+ ref_cnt = pj_atomic_dec_and_get(tdata->ref_cnt);
|
||||
+ pj_assert( ref_cnt >= 0);
|
||||
+ if (ref_cnt == 0) {
|
||||
tx_data_destroy(tdata);
|
||||
return PJSIP_EBUFDESTROYED;
|
||||
} else {
|
||||
@ -1,56 +0,0 @@
|
||||
From 33fd755e819dc85a96718abc0ae26a9b46f14800 Mon Sep 17 00:00:00 2001
|
||||
From: nanang <nanang@localhost>
|
||||
Date: Thu, 28 Jul 2016 08:21:45 +0000
|
||||
Subject: [PATCH 2/3] Fix #1946: Avoid deinitialization of uninitialized client
|
||||
auth session.
|
||||
|
||||
---
|
||||
pjsip/src/pjsip/sip_dialog.c | 18 ++++++------------
|
||||
1 file changed, 6 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/pjsip/src/pjsip/sip_dialog.c b/pjsip/src/pjsip/sip_dialog.c
|
||||
index f03885d..421ddc4 100644
|
||||
--- a/pjsip/src/pjsip/sip_dialog.c
|
||||
+++ b/pjsip/src/pjsip/sip_dialog.c
|
||||
@@ -92,6 +92,12 @@ static pj_status_t create_dialog( pjsip_user_agent *ua,
|
||||
pj_list_init(&dlg->inv_hdr);
|
||||
pj_list_init(&dlg->rem_cap_hdr);
|
||||
|
||||
+ /* Init client authentication session. */
|
||||
+ status = pjsip_auth_clt_init(&dlg->auth_sess, dlg->endpt,
|
||||
+ dlg->pool, 0);
|
||||
+ if (status != PJ_SUCCESS)
|
||||
+ goto on_error;
|
||||
+
|
||||
status = pj_mutex_create_recursive(pool, dlg->obj_name, &dlg->mutex_);
|
||||
if (status != PJ_SUCCESS)
|
||||
goto on_error;
|
||||
@@ -283,12 +289,6 @@ PJ_DEF(pj_status_t) pjsip_dlg_create_uac( pjsip_user_agent *ua,
|
||||
/* Initial route set is empty. */
|
||||
pj_list_init(&dlg->route_set);
|
||||
|
||||
- /* Init client authentication session. */
|
||||
- status = pjsip_auth_clt_init(&dlg->auth_sess, dlg->endpt,
|
||||
- dlg->pool, 0);
|
||||
- if (status != PJ_SUCCESS)
|
||||
- goto on_error;
|
||||
-
|
||||
/* Register this dialog to user agent. */
|
||||
status = pjsip_ua_register_dlg( ua, dlg );
|
||||
if (status != PJ_SUCCESS)
|
||||
@@ -506,12 +506,6 @@ pj_status_t create_uas_dialog( pjsip_user_agent *ua,
|
||||
}
|
||||
dlg->route_set_frozen = PJ_TRUE;
|
||||
|
||||
- /* Init client authentication session. */
|
||||
- status = pjsip_auth_clt_init(&dlg->auth_sess, dlg->endpt,
|
||||
- dlg->pool, 0);
|
||||
- if (status != PJ_SUCCESS)
|
||||
- goto on_error;
|
||||
-
|
||||
/* Increment the dialog's lock since tsx may cause the dialog to be
|
||||
* destroyed prematurely (such as in case of transport error).
|
||||
*/
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@ -1,212 +0,0 @@
|
||||
When a transport error occured on an INVITE session
|
||||
the stack calls on_tsx_state_changed with new state
|
||||
PJSIP_INV_STATE_DISCONNECTED and immediately destroys
|
||||
the INVITE session.
|
||||
At the same time this INVITE session could being processed
|
||||
on another thread. This thread could use the session's
|
||||
memory pools which were already freed, so we get segfault.
|
||||
|
||||
This patch adds a reference counter and new functions:
|
||||
pjsip_inv_add_ref and pjsip_inv_dec_ref.
|
||||
The INVITE session is destroyed only when the reference
|
||||
counter has reached zero.
|
||||
|
||||
To avoid race condition an application should call
|
||||
pjsip_inv_add_ref/pjsip_inv_dec_ref.
|
||||
|
||||
Index: pjsip/include/pjsip-ua/sip_inv.h
|
||||
===================================================================
|
||||
--- a/pjsip/include/pjsip-ua/sip_inv.h (revision 5434)
|
||||
+++ b/pjsip/include/pjsip-ua/sip_inv.h (revision 5435)
|
||||
@@ -383,6 +383,11 @@
|
||||
* Other applications that want to use these pools must understand
|
||||
* that the flip-flop pool's lifetimes are synchronized to the
|
||||
* SDP offer-answer negotiation.
|
||||
+ *
|
||||
+ * The lifetime of this session is controlled by the reference counter in this
|
||||
+ * structure, which is manipulated by calling #pjsip_inv_add_ref and
|
||||
+ * #pjsip_inv_dec_ref. When the reference counter has reached zero, then
|
||||
+ * this session will be destroyed.
|
||||
*/
|
||||
struct pjsip_inv_session
|
||||
{
|
||||
@@ -412,6 +417,7 @@
|
||||
struct pjsip_timer *timer; /**< Session Timers. */
|
||||
pj_bool_t following_fork; /**< Internal, following
|
||||
forked media? */
|
||||
+ pj_atomic_t *ref_cnt; /**< Reference counter. */
|
||||
};
|
||||
|
||||
|
||||
@@ -631,6 +637,30 @@
|
||||
|
||||
|
||||
/**
|
||||
+ * Add reference counter to the INVITE session. The reference counter controls
|
||||
+ * the life time of the session, ie. when the counter reaches zero, then it
|
||||
+ * will be destroyed.
|
||||
+ *
|
||||
+ * @param inv The INVITE session.
|
||||
+ * @return PJ_SUCCESS if the INVITE session reference counter
|
||||
+ * was increased.
|
||||
+ */
|
||||
+PJ_DECL(pj_status_t) pjsip_inv_add_ref( pjsip_inv_session *inv );
|
||||
+
|
||||
+/**
|
||||
+ * Decrement reference counter of the INVITE session.
|
||||
+ * When the session is no longer used, it will be destroyed and
|
||||
+ * caller is informed with PJ_EGONE return status.
|
||||
+ *
|
||||
+ * @param inv The INVITE session.
|
||||
+ * @return PJ_SUCCESS if the INVITE session reference counter
|
||||
+ * was decreased. A status PJ_EGONE will be returned to
|
||||
+ * inform that session is destroyed.
|
||||
+ */
|
||||
+PJ_DECL(pj_status_t) pjsip_inv_dec_ref( pjsip_inv_session *inv );
|
||||
+
|
||||
+
|
||||
+/**
|
||||
* Forcefully terminate and destroy INVITE session, regardless of
|
||||
* the state of the session. Note that this function should only be used
|
||||
* when there is failure in the INVITE session creation. After the
|
||||
Index: pjsip/src/pjsip-ua/sip_inv.c
|
||||
===================================================================
|
||||
--- a/pjsip/src/pjsip-ua/sip_inv.c (revision 5434)
|
||||
+++ b/pjsip/src/pjsip-ua/sip_inv.c (revision 5435)
|
||||
@@ -195,6 +195,65 @@
|
||||
}
|
||||
|
||||
/*
|
||||
+ * Add reference to INVITE session.
|
||||
+ */
|
||||
+PJ_DEF(pj_status_t) pjsip_inv_add_ref( pjsip_inv_session *inv )
|
||||
+{
|
||||
+ PJ_ASSERT_RETURN(inv && inv->ref_cnt, PJ_EINVAL);
|
||||
+
|
||||
+ pj_atomic_inc(inv->ref_cnt);
|
||||
+
|
||||
+ return PJ_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+static void inv_session_destroy(pjsip_inv_session *inv)
|
||||
+{
|
||||
+ if (inv->last_ack) {
|
||||
+ pjsip_tx_data_dec_ref(inv->last_ack);
|
||||
+ inv->last_ack = NULL;
|
||||
+ }
|
||||
+ if (inv->invite_req) {
|
||||
+ pjsip_tx_data_dec_ref(inv->invite_req);
|
||||
+ inv->invite_req = NULL;
|
||||
+ }
|
||||
+ if (inv->pending_bye) {
|
||||
+ pjsip_tx_data_dec_ref(inv->pending_bye);
|
||||
+ inv->pending_bye = NULL;
|
||||
+ }
|
||||
+ pjsip_100rel_end_session(inv);
|
||||
+ pjsip_timer_end_session(inv);
|
||||
+ pjsip_dlg_dec_session(inv->dlg, &mod_inv.mod);
|
||||
+
|
||||
+ /* Release the flip-flop pools */
|
||||
+ pj_pool_release(inv->pool_prov);
|
||||
+ inv->pool_prov = NULL;
|
||||
+ pj_pool_release(inv->pool_active);
|
||||
+ inv->pool_active = NULL;
|
||||
+
|
||||
+ pj_atomic_destroy(inv->ref_cnt);
|
||||
+ inv->ref_cnt = NULL;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * Decrease INVITE session reference, destroy it when the reference count
|
||||
+ * reaches zero.
|
||||
+ */
|
||||
+PJ_DEF(pj_status_t) pjsip_inv_dec_ref( pjsip_inv_session *inv )
|
||||
+{
|
||||
+ pj_atomic_value_t ref_cnt;
|
||||
+
|
||||
+ PJ_ASSERT_RETURN(inv && inv->ref_cnt, PJ_EINVAL);
|
||||
+
|
||||
+ ref_cnt = pj_atomic_dec_and_get(inv->ref_cnt);
|
||||
+ pj_assert( ref_cnt >= 0);
|
||||
+ if (ref_cnt == 0) {
|
||||
+ inv_session_destroy(inv);
|
||||
+ return PJ_EGONE;
|
||||
+ }
|
||||
+ return PJ_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
* Set session state.
|
||||
*/
|
||||
static void inv_set_state(pjsip_inv_session *inv, pjsip_inv_state state,
|
||||
@@ -261,27 +320,7 @@
|
||||
if (inv->state == PJSIP_INV_STATE_DISCONNECTED &&
|
||||
prev_state != PJSIP_INV_STATE_DISCONNECTED)
|
||||
{
|
||||
- if (inv->last_ack) {
|
||||
- pjsip_tx_data_dec_ref(inv->last_ack);
|
||||
- inv->last_ack = NULL;
|
||||
- }
|
||||
- if (inv->invite_req) {
|
||||
- pjsip_tx_data_dec_ref(inv->invite_req);
|
||||
- inv->invite_req = NULL;
|
||||
- }
|
||||
- if (inv->pending_bye) {
|
||||
- pjsip_tx_data_dec_ref(inv->pending_bye);
|
||||
- inv->pending_bye = NULL;
|
||||
- }
|
||||
- pjsip_100rel_end_session(inv);
|
||||
- pjsip_timer_end_session(inv);
|
||||
- pjsip_dlg_dec_session(inv->dlg, &mod_inv.mod);
|
||||
-
|
||||
- /* Release the flip-flop pools */
|
||||
- pj_pool_release(inv->pool_prov);
|
||||
- inv->pool_prov = NULL;
|
||||
- pj_pool_release(inv->pool_active);
|
||||
- inv->pool_active = NULL;
|
||||
+ pjsip_inv_dec_ref(inv);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -838,6 +877,12 @@
|
||||
inv = PJ_POOL_ZALLOC_T(dlg->pool, pjsip_inv_session);
|
||||
pj_assert(inv != NULL);
|
||||
|
||||
+ status = pj_atomic_create(dlg->pool, 0, &inv->ref_cnt);
|
||||
+ if (status != PJ_SUCCESS) {
|
||||
+ pjsip_dlg_dec_lock(dlg);
|
||||
+ return status;
|
||||
+ }
|
||||
+
|
||||
inv->pool = dlg->pool;
|
||||
inv->role = PJSIP_ROLE_UAC;
|
||||
inv->state = PJSIP_INV_STATE_NULL;
|
||||
@@ -881,6 +926,7 @@
|
||||
pjsip_100rel_attach(inv);
|
||||
|
||||
/* Done */
|
||||
+ pjsip_inv_add_ref(inv);
|
||||
*p_inv = inv;
|
||||
|
||||
pjsip_dlg_dec_lock(dlg);
|
||||
@@ -1471,6 +1517,12 @@
|
||||
inv = PJ_POOL_ZALLOC_T(dlg->pool, pjsip_inv_session);
|
||||
pj_assert(inv != NULL);
|
||||
|
||||
+ status = pj_atomic_create(dlg->pool, 0, &inv->ref_cnt);
|
||||
+ if (status != PJ_SUCCESS) {
|
||||
+ pjsip_dlg_dec_lock(dlg);
|
||||
+ return status;
|
||||
+ }
|
||||
+
|
||||
inv->pool = dlg->pool;
|
||||
inv->role = PJSIP_ROLE_UAS;
|
||||
inv->state = PJSIP_INV_STATE_NULL;
|
||||
@@ -1540,6 +1592,7 @@
|
||||
}
|
||||
|
||||
/* Done */
|
||||
+ pjsip_inv_add_ref(inv);
|
||||
pjsip_dlg_dec_lock(dlg);
|
||||
*p_inv = inv;
|
||||
|
||||
@ -1,13 +0,0 @@
|
||||
--- a/pjlib/src/pj/sock_bsd.c
|
||||
+++ b/pjlib/src/pj/sock_bsd.c
|
||||
@@ -539,6 +539,10 @@
|
||||
pj_sock_setsockopt(*sock, pj_SOL_SOCKET(), pj_SO_NOSIGPIPE(),
|
||||
&val, sizeof(val));
|
||||
}
|
||||
+ if (af != PJ_AF_INET) { /* Linux Kernel 2.4.21; June 2003 */
|
||||
+ pj_sock_setsockopt(*sock, PJ_SOL_IPV6, IPV6_V6ONLY,
|
||||
+ &val, sizeof(val));
|
||||
+ }
|
||||
#if defined(PJ_IPHONE_OS_HAS_MULTITASKING_SUPPORT) && \
|
||||
PJ_IPHONE_OS_HAS_MULTITASKING_SUPPORT!=0
|
||||
if (type == pj_SOCK_DGRAM()) {
|
||||
@ -1,48 +0,0 @@
|
||||
From a5efddbe9151e9ad99279e59566c86f8bc27d3a9 Mon Sep 17 00:00:00 2001
|
||||
From: George Joseph <gjoseph@digium.com>
|
||||
Date: Wed, 7 Sep 2016 13:10:57 -0600
|
||||
Subject: [PATCH] resolver.c: Prevent SERVFAIL from marking name server bad
|
||||
|
||||
A name server that returns "Server Failure" is indicating only that
|
||||
the server couldn't process that particular request. We should NOT
|
||||
assume that the name server is incapable of serving other requests.
|
||||
|
||||
Here's the scenario we've been encountering...
|
||||
|
||||
* 2 local name servers configured in resolv.conf.
|
||||
* An OPTIONS request causes a request for A and AAAA records to go out
|
||||
to both nameservers.
|
||||
* The A responses both come back successfully resolved.
|
||||
* Because of an issue at some upstream nameserver, the AAAA responses
|
||||
for that particular query come back as "SERVFAIL" from both local
|
||||
name servers.
|
||||
* Both local servers are marked as bad and no further queries can be
|
||||
sent until the 60 second ttl expires. Only previously cached results
|
||||
can be used.
|
||||
* In this case, 60 seconds is just enough time for another OPTIONS
|
||||
request to go out to the same host so the cycle repeats.
|
||||
|
||||
We could set the bad ttl really low but that also affects REFUSED and
|
||||
NOTAUTH which probably DO signal a real server issue. Besides, even
|
||||
a really low bad ttl would be an issue on a pbx.
|
||||
---
|
||||
pjlib-util/src/pjlib-util/resolver.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
diff --git a/pjlib-util/src/pjlib-util/resolver.c b/pjlib-util/src/pjlib-util/resolver.c
|
||||
index d277e4f..540f88f 100644
|
||||
--- a/pjlib-util/src/pjlib-util/resolver.c
|
||||
+++ b/pjlib-util/src/pjlib-util/resolver.c
|
||||
@@ -1384,8 +1384,7 @@ static void report_nameserver_status(pj_dns_resolver *resolver,
|
||||
q_id = (pj_uint32_t)-1;
|
||||
}
|
||||
|
||||
- if (!pkt || rcode == PJ_DNS_RCODE_SERVFAIL ||
|
||||
- rcode == PJ_DNS_RCODE_REFUSED ||
|
||||
+ if (!pkt || rcode == PJ_DNS_RCODE_REFUSED ||
|
||||
rcode == PJ_DNS_RCODE_NOTAUTH)
|
||||
{
|
||||
is_good = PJ_FALSE;
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@ -1,164 +0,0 @@
|
||||
From 9e67e0d5c3fdc747530a956038b374fca4748b76 Mon Sep 17 00:00:00 2001
|
||||
From: riza <riza@localhost>
|
||||
Date: Thu, 13 Oct 2016 09:02:50 +0000
|
||||
Subject: [PATCH 1/4] Re #1969: Fix crash on using an already destroyed SSL
|
||||
socket.
|
||||
|
||||
---
|
||||
pjlib/src/pj/ssl_sock_ossl.c | 66 ++++++++++++++++++++++++++++----------------
|
||||
1 file changed, 42 insertions(+), 24 deletions(-)
|
||||
|
||||
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
index fa0db2d..ceab67a 100644
|
||||
--- a/pjlib/src/pj/ssl_sock_ossl.c
|
||||
+++ b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
@@ -822,7 +822,10 @@ static void close_sockets(pj_ssl_sock_t *ssock)
|
||||
pj_lock_acquire(ssock->write_mutex);
|
||||
asock = ssock->asock;
|
||||
if (asock) {
|
||||
- ssock->asock = NULL;
|
||||
+ // Don't set ssock->asock to NULL, as it may trigger assertion in
|
||||
+ // send operation. This should be safe as active socket will simply
|
||||
+ // return PJ_EINVALIDOP on any operation if it is already closed.
|
||||
+ //ssock->asock = NULL;
|
||||
ssock->sock = PJ_INVALID_SOCKET;
|
||||
}
|
||||
sock = ssock->sock;
|
||||
@@ -841,9 +844,9 @@ static void close_sockets(pj_ssl_sock_t *ssock)
|
||||
/* Reset SSL socket state */
|
||||
static void reset_ssl_sock_state(pj_ssl_sock_t *ssock)
|
||||
{
|
||||
+ pj_lock_acquire(ssock->write_mutex);
|
||||
ssock->ssl_state = SSL_STATE_NULL;
|
||||
-
|
||||
- destroy_ssl(ssock);
|
||||
+ pj_lock_release(ssock->write_mutex);
|
||||
|
||||
close_sockets(ssock);
|
||||
|
||||
@@ -1612,6 +1615,21 @@ static pj_status_t do_handshake(pj_ssl_sock_t *ssock)
|
||||
return PJ_EPENDING;
|
||||
}
|
||||
|
||||
+static void ssl_on_destroy(void *arg)
|
||||
+{
|
||||
+ pj_pool_t *pool = NULL;
|
||||
+ pj_ssl_sock_t *ssock = (pj_ssl_sock_t*)arg;
|
||||
+
|
||||
+ destroy_ssl(ssock);
|
||||
+
|
||||
+ pj_lock_destroy(ssock->write_mutex);
|
||||
+
|
||||
+ pool = ssock->pool;
|
||||
+ ssock->pool = NULL;
|
||||
+ if (pool)
|
||||
+ pj_pool_release(pool);
|
||||
+}
|
||||
+
|
||||
|
||||
/*
|
||||
*******************************************************************
|
||||
@@ -1830,7 +1848,7 @@ static pj_bool_t asock_on_accept_complete (pj_activesock_t *asock,
|
||||
|
||||
/* Create new SSL socket instance */
|
||||
status = pj_ssl_sock_create(ssock_parent->pool,
|
||||
- &ssock_parent->newsock_param, &ssock);
|
||||
+ &ssock_parent->newsock_param, &ssock);
|
||||
if (status != PJ_SUCCESS)
|
||||
goto on_return;
|
||||
|
||||
@@ -1906,12 +1924,10 @@ static pj_bool_t asock_on_accept_complete (pj_activesock_t *asock,
|
||||
if (status != PJ_SUCCESS)
|
||||
goto on_return;
|
||||
|
||||
- /* Temporarily add ref the group lock until active socket creation,
|
||||
- * to make sure that group lock is destroyed if the active socket
|
||||
- * creation fails.
|
||||
- */
|
||||
pj_grp_lock_add_ref(glock);
|
||||
asock_cfg.grp_lock = ssock->param.grp_lock = glock;
|
||||
+ pj_grp_lock_add_handler(ssock->param.grp_lock, ssock->pool, ssock,
|
||||
+ ssl_on_destroy);
|
||||
}
|
||||
|
||||
pj_bzero(&asock_cb, sizeof(asock_cb));
|
||||
@@ -1927,11 +1943,6 @@ static pj_bool_t asock_on_accept_complete (pj_activesock_t *asock,
|
||||
ssock,
|
||||
&ssock->asock);
|
||||
|
||||
- /* This will destroy the group lock if active socket creation fails */
|
||||
- if (asock_cfg.grp_lock) {
|
||||
- pj_grp_lock_dec_ref(asock_cfg.grp_lock);
|
||||
- }
|
||||
-
|
||||
if (status != PJ_SUCCESS)
|
||||
goto on_return;
|
||||
|
||||
@@ -2251,17 +2262,26 @@ PJ_DEF(pj_status_t) pj_ssl_sock_create (pj_pool_t *pool,
|
||||
/* Create secure socket mutex */
|
||||
status = pj_lock_create_recursive_mutex(pool, pool->obj_name,
|
||||
&ssock->write_mutex);
|
||||
- if (status != PJ_SUCCESS)
|
||||
+ if (status != PJ_SUCCESS) {
|
||||
+ pj_pool_release(pool);
|
||||
return status;
|
||||
+ }
|
||||
|
||||
/* Init secure socket param */
|
||||
pj_ssl_sock_param_copy(pool, &ssock->param, param);
|
||||
+
|
||||
+ if (ssock->param.grp_lock) {
|
||||
+ pj_grp_lock_add_ref(ssock->param.grp_lock);
|
||||
+ pj_grp_lock_add_handler(ssock->param.grp_lock, pool, ssock,
|
||||
+ ssl_on_destroy);
|
||||
+ }
|
||||
+
|
||||
ssock->param.read_buffer_size = ((ssock->param.read_buffer_size+7)>>3)<<3;
|
||||
if (!ssock->param.timer_heap) {
|
||||
PJ_LOG(3,(ssock->pool->obj_name, "Warning: timer heap is not "
|
||||
"available. It is recommended to supply one to avoid "
|
||||
- "a race condition if more than one worker threads "
|
||||
- "are used."));
|
||||
+ "a race condition if more than one worker threads "
|
||||
+ "are used."));
|
||||
}
|
||||
|
||||
/* Finally */
|
||||
@@ -2277,8 +2297,6 @@ PJ_DEF(pj_status_t) pj_ssl_sock_create (pj_pool_t *pool,
|
||||
*/
|
||||
PJ_DEF(pj_status_t) pj_ssl_sock_close(pj_ssl_sock_t *ssock)
|
||||
{
|
||||
- pj_pool_t *pool;
|
||||
-
|
||||
PJ_ASSERT_RETURN(ssock, PJ_EINVAL);
|
||||
|
||||
if (!ssock->pool)
|
||||
@@ -2290,12 +2308,11 @@ PJ_DEF(pj_status_t) pj_ssl_sock_close(pj_ssl_sock_t *ssock)
|
||||
}
|
||||
|
||||
reset_ssl_sock_state(ssock);
|
||||
- pj_lock_destroy(ssock->write_mutex);
|
||||
-
|
||||
- pool = ssock->pool;
|
||||
- ssock->pool = NULL;
|
||||
- if (pool)
|
||||
- pj_pool_release(pool);
|
||||
+ if (ssock->param.grp_lock) {
|
||||
+ pj_grp_lock_dec_ref(ssock->param.grp_lock);
|
||||
+ } else {
|
||||
+ ssl_on_destroy(ssock);
|
||||
+ }
|
||||
|
||||
return PJ_SUCCESS;
|
||||
}
|
||||
@@ -2782,6 +2799,7 @@ pj_ssl_sock_start_accept2(pj_ssl_sock_t *ssock,
|
||||
|
||||
/* Start accepting */
|
||||
pj_ssl_sock_param_copy(pool, &ssock->newsock_param, newsock_param);
|
||||
+ ssock->newsock_param.grp_lock = NULL;
|
||||
status = pj_activesock_start_accept(ssock->asock, pool);
|
||||
if (status != PJ_SUCCESS)
|
||||
goto on_error;
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@ -1,134 +0,0 @@
|
||||
From 2ab7a9f67caf73be3f2215473f72882cfaef4972 Mon Sep 17 00:00:00 2001
|
||||
From: Richard Mudgett <rmudgett@digium.com>
|
||||
Date: Fri, 28 Oct 2016 12:11:30 -0500
|
||||
Subject: [PATCH 1/3] r5471 svn backport Various fixes for DNS IPv6
|
||||
|
||||
Fixed #1974: Various fixes for DNS IPv6
|
||||
---
|
||||
pjlib-util/src/pjlib-util/resolver.c | 11 +++++------
|
||||
pjlib-util/src/pjlib-util/srv_resolver.c | 17 +++++++++++++++--
|
||||
pjsip/src/pjsip/sip_resolve.c | 14 +++++++-------
|
||||
3 files changed, 27 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/pjlib-util/src/pjlib-util/resolver.c b/pjlib-util/src/pjlib-util/resolver.c
|
||||
index e5e1bed..d24ef9d 100644
|
||||
--- a/pjlib-util/src/pjlib-util/resolver.c
|
||||
+++ b/pjlib-util/src/pjlib-util/resolver.c
|
||||
@@ -835,7 +835,7 @@ PJ_DEF(pj_status_t) pj_dns_resolver_start_query( pj_dns_resolver *resolver,
|
||||
pj_time_val now;
|
||||
struct res_key key;
|
||||
struct cached_res *cache;
|
||||
- pj_dns_async_query *q;
|
||||
+ pj_dns_async_query *q, *p_q = NULL;
|
||||
pj_uint32_t hval;
|
||||
pj_status_t status = PJ_SUCCESS;
|
||||
|
||||
@@ -849,9 +849,6 @@ PJ_DEF(pj_status_t) pj_dns_resolver_start_query( pj_dns_resolver *resolver,
|
||||
/* Check type */
|
||||
PJ_ASSERT_RETURN(type > 0 && type < 0xFFFF, PJ_EINVAL);
|
||||
|
||||
- if (p_query)
|
||||
- *p_query = NULL;
|
||||
-
|
||||
/* Build resource key for looking up hash tables */
|
||||
init_res_key(&key, type, name);
|
||||
|
||||
@@ -970,10 +967,12 @@ PJ_DEF(pj_status_t) pj_dns_resolver_start_query( pj_dns_resolver *resolver,
|
||||
pj_hash_set_np(resolver->hquerybyres, &q->key, sizeof(q->key),
|
||||
0, q->hbufkey, q);
|
||||
|
||||
- if (p_query)
|
||||
- *p_query = q;
|
||||
+ p_q = q;
|
||||
|
||||
on_return:
|
||||
+ if (p_query)
|
||||
+ *p_query = p_q;
|
||||
+
|
||||
pj_mutex_unlock(resolver->mutex);
|
||||
return status;
|
||||
}
|
||||
diff --git a/pjlib-util/src/pjlib-util/srv_resolver.c b/pjlib-util/src/pjlib-util/srv_resolver.c
|
||||
index 02672aa..ff9c979 100644
|
||||
--- a/pjlib-util/src/pjlib-util/srv_resolver.c
|
||||
+++ b/pjlib-util/src/pjlib-util/srv_resolver.c
|
||||
@@ -187,9 +187,12 @@ PJ_DEF(pj_status_t) pj_dns_srv_cancel_query(pj_dns_srv_async_query *query,
|
||||
has_pending = PJ_TRUE;
|
||||
}
|
||||
if (srv->q_aaaa) {
|
||||
- pj_dns_resolver_cancel_query(srv->q_aaaa, PJ_FALSE);
|
||||
+ /* Check if it is a dummy query. */
|
||||
+ if (srv->q_aaaa != (pj_dns_async_query*)0x1) {
|
||||
+ pj_dns_resolver_cancel_query(srv->q_aaaa, PJ_FALSE);
|
||||
+ has_pending = PJ_TRUE;
|
||||
+ }
|
||||
srv->q_aaaa = NULL;
|
||||
- has_pending = PJ_TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -485,12 +488,22 @@ static pj_status_t resolve_hostnames(pj_dns_srv_async_query *query_job)
|
||||
srv->common.type = PJ_DNS_TYPE_A;
|
||||
srv->common_aaaa.type = PJ_DNS_TYPE_AAAA;
|
||||
srv->parent = query_job;
|
||||
+ srv->q_a = NULL;
|
||||
+ srv->q_aaaa = NULL;
|
||||
|
||||
status = PJ_SUCCESS;
|
||||
|
||||
/* Start DNA A record query */
|
||||
if ((query_job->option & PJ_DNS_SRV_RESOLVE_AAAA_ONLY) == 0)
|
||||
{
|
||||
+ if ((query_job->option & PJ_DNS_SRV_RESOLVE_AAAA) != 0) {
|
||||
+ /* If there will be DNS AAAA query too, let's setup
|
||||
+ * a dummy one here, otherwise app callback may be called
|
||||
+ * immediately (before DNS AAAA query is sent) when
|
||||
+ * DNS A record is available in the cache.
|
||||
+ */
|
||||
+ srv->q_aaaa = (pj_dns_async_query*)0x1;
|
||||
+ }
|
||||
status = pj_dns_resolver_start_query(query_job->resolver,
|
||||
&srv->target_name,
|
||||
PJ_DNS_TYPE_A, 0,
|
||||
diff --git a/pjsip/src/pjsip/sip_resolve.c b/pjsip/src/pjsip/sip_resolve.c
|
||||
index ed326ba..3f3654d 100644
|
||||
--- a/pjsip/src/pjsip/sip_resolve.c
|
||||
+++ b/pjsip/src/pjsip/sip_resolve.c
|
||||
@@ -452,7 +452,7 @@ PJ_DEF(void) pjsip_resolve( pjsip_resolver_t *resolver,
|
||||
}
|
||||
|
||||
/* Resolve DNS AAAA record if address family is not fixed to IPv4 */
|
||||
- if (af != pj_AF_INET()) {
|
||||
+ if (af != pj_AF_INET() && status == PJ_SUCCESS) {
|
||||
status = pj_dns_resolver_start_query(resolver->res,
|
||||
&query->naptr[0].name,
|
||||
PJ_DNS_TYPE_AAAA, 0,
|
||||
@@ -530,9 +530,9 @@ static void dns_a_callback(void *user_data,
|
||||
|
||||
++srv->count;
|
||||
}
|
||||
-
|
||||
- } else {
|
||||
-
|
||||
+ }
|
||||
+
|
||||
+ if (status != PJ_SUCCESS) {
|
||||
char errmsg[PJ_ERR_MSG_SIZE];
|
||||
|
||||
/* Log error */
|
||||
@@ -593,9 +593,9 @@ static void dns_aaaa_callback(void *user_data,
|
||||
|
||||
++srv->count;
|
||||
}
|
||||
-
|
||||
- } else {
|
||||
-
|
||||
+ }
|
||||
+
|
||||
+ if (status != PJ_SUCCESS) {
|
||||
char errmsg[PJ_ERR_MSG_SIZE];
|
||||
|
||||
/* Log error */
|
||||
--
|
||||
1.7.9.5
|
||||
|
||||
@ -1,28 +0,0 @@
|
||||
From 509d4339747f11cfbde3a0acc447ef5d521eea93 Mon Sep 17 00:00:00 2001
|
||||
From: Richard Mudgett <rmudgett@digium.com>
|
||||
Date: Fri, 28 Oct 2016 12:12:28 -0500
|
||||
Subject: [PATCH 2/3] r5473 svn backport Fix pending query
|
||||
|
||||
Re #1974:
|
||||
If there is a pending query, set the return value to that query (instead of NULL)
|
||||
|
||||
Thanks to Richard Mudgett for the patch.
|
||||
---
|
||||
pjlib-util/src/pjlib-util/resolver.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/pjlib-util/src/pjlib-util/resolver.c b/pjlib-util/src/pjlib-util/resolver.c
|
||||
index d24ef9d..fe687b7 100644
|
||||
--- a/pjlib-util/src/pjlib-util/resolver.c
|
||||
+++ b/pjlib-util/src/pjlib-util/resolver.c
|
||||
@@ -940,6 +940,7 @@ PJ_DEF(pj_status_t) pj_dns_resolver_start_query( pj_dns_resolver *resolver,
|
||||
/* Done. This child query will be notified once the "parent"
|
||||
* query completes.
|
||||
*/
|
||||
+ p_q = nq;
|
||||
status = PJ_SUCCESS;
|
||||
goto on_return;
|
||||
}
|
||||
--
|
||||
1.7.9.5
|
||||
|
||||
@ -1,70 +0,0 @@
|
||||
From 46e1cfa18853a38b7fcdebad782710c5db676657 Mon Sep 17 00:00:00 2001
|
||||
From: Richard Mudgett <rmudgett@digium.com>
|
||||
Date: Fri, 28 Oct 2016 12:15:44 -0500
|
||||
Subject: [PATCH 3/3] r5475 svn backport Remove DNS cache entry
|
||||
|
||||
Re #1974: Remove DNS cache entry from resolver's hash table when app callback has a reference.
|
||||
|
||||
Thanks to Richard Mudgett for the patch.
|
||||
---
|
||||
pjlib-util/src/pjlib-util/resolver.c | 29 +++++++++++++++--------------
|
||||
1 file changed, 15 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/pjlib-util/src/pjlib-util/resolver.c b/pjlib-util/src/pjlib-util/resolver.c
|
||||
index fe687b7..52b7655 100644
|
||||
--- a/pjlib-util/src/pjlib-util/resolver.c
|
||||
+++ b/pjlib-util/src/pjlib-util/resolver.c
|
||||
@@ -1444,10 +1444,12 @@ static void update_res_cache(pj_dns_resolver *resolver,
|
||||
if (ttl > resolver->settings.cache_max_ttl)
|
||||
ttl = resolver->settings.cache_max_ttl;
|
||||
|
||||
+ /* Get a cache response entry */
|
||||
+ cache = (struct cached_res *) pj_hash_get(resolver->hrescache, key,
|
||||
+ sizeof(*key), &hval);
|
||||
+
|
||||
/* If TTL is zero, clear the same entry in the hash table */
|
||||
if (ttl == 0) {
|
||||
- cache = (struct cached_res *) pj_hash_get(resolver->hrescache, key,
|
||||
- sizeof(*key), &hval);
|
||||
/* Remove the entry before releasing its pool (see ticket #1710) */
|
||||
pj_hash_set(NULL, resolver->hrescache, key, sizeof(*key), hval, NULL);
|
||||
|
||||
@@ -1457,24 +1459,23 @@ static void update_res_cache(pj_dns_resolver *resolver,
|
||||
return;
|
||||
}
|
||||
|
||||
- /* Get a cache response entry */
|
||||
- cache = (struct cached_res *) pj_hash_get(resolver->hrescache, key,
|
||||
- sizeof(*key), &hval);
|
||||
if (cache == NULL) {
|
||||
cache = alloc_entry(resolver);
|
||||
- } else if (cache->ref_cnt > 1) {
|
||||
- /* When cache entry is being used by callback (to app), just decrement
|
||||
- * ref_cnt so it will be freed after the callback returns and allocate
|
||||
- * new entry.
|
||||
- */
|
||||
- cache->ref_cnt--;
|
||||
- cache = alloc_entry(resolver);
|
||||
} else {
|
||||
/* Remove the entry before resetting its pool (see ticket #1710) */
|
||||
pj_hash_set(NULL, resolver->hrescache, key, sizeof(*key), hval, NULL);
|
||||
|
||||
- /* Reset cache to avoid bloated cache pool */
|
||||
- reset_entry(&cache);
|
||||
+ if (cache->ref_cnt > 1) {
|
||||
+ /* When cache entry is being used by callback (to app),
|
||||
+ * just decrement ref_cnt so it will be freed after
|
||||
+ * the callback returns and allocate new entry.
|
||||
+ */
|
||||
+ cache->ref_cnt--;
|
||||
+ cache = alloc_entry(resolver);
|
||||
+ } else {
|
||||
+ /* Reset cache to avoid bloated cache pool */
|
||||
+ reset_entry(&cache);
|
||||
+ }
|
||||
}
|
||||
|
||||
/* Duplicate the packet.
|
||||
--
|
||||
1.7.9.5
|
||||
|
||||
@ -1,33 +0,0 @@
|
||||
From 732a997010d60fe93a7453e809672386749b0afc Mon Sep 17 00:00:00 2001
|
||||
From: Richard Mudgett <rmudgett@digium.com>
|
||||
Date: Tue, 1 Nov 2016 12:55:31 -0500
|
||||
Subject: [PATCH] r5477 svn backport Fix DNS write on freed memory.
|
||||
|
||||
Re #1974: Fix DNS write on freed memory.
|
||||
Thanks to Richard Mudgett for the patch.
|
||||
---
|
||||
pjlib-util/src/pjlib-util/resolver.c | 8 +++++++-
|
||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/pjlib-util/src/pjlib-util/resolver.c b/pjlib-util/src/pjlib-util/resolver.c
|
||||
index 52b7655..365772e 100644
|
||||
--- a/pjlib-util/src/pjlib-util/resolver.c
|
||||
+++ b/pjlib-util/src/pjlib-util/resolver.c
|
||||
@@ -908,7 +908,13 @@ PJ_DEF(pj_status_t) pj_dns_resolver_start_query( pj_dns_resolver *resolver,
|
||||
/* Must return PJ_SUCCESS */
|
||||
status = PJ_SUCCESS;
|
||||
|
||||
- goto on_return;
|
||||
+ /*
|
||||
+ * We cannot write to *p_query after calling cb because what
|
||||
+ * p_query points to may have been freed by cb.
|
||||
+ * Refer to ticket #1974.
|
||||
+ */
|
||||
+ pj_mutex_unlock(resolver->mutex);
|
||||
+ return status;
|
||||
}
|
||||
|
||||
/* At this point, we have a cached entry, but this entry has expired.
|
||||
--
|
||||
1.7.9.5
|
||||
|
||||
@ -1,59 +0,0 @@
|
||||
From 783de8956190c47a70ffefed56a1a2b21a62b235 Mon Sep 17 00:00:00 2001
|
||||
From: Riza Sulistyo <riza@teluu.com>
|
||||
Date: Mon, 23 Jan 2017 01:34:12 +0000
|
||||
Subject: [PATCH 2/5] Re #1945 (misc): Don't trigger SRV complete callback when
|
||||
there is a parse error.
|
||||
|
||||
git-svn-id: https://svn.pjsip.org/repos/pjproject/trunk@5536 74dad513-b988-da41-8d7b-12977e46ad98
|
||||
---
|
||||
pjlib-util/src/pjlib-util/srv_resolver.c | 24 ++++++++++++++++++------
|
||||
1 file changed, 18 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/pjlib-util/src/pjlib-util/srv_resolver.c b/pjlib-util/src/pjlib-util/srv_resolver.c
|
||||
index 8a4a599..8a2f7e1 100644
|
||||
--- a/pjlib-util/src/pjlib-util/srv_resolver.c
|
||||
+++ b/pjlib-util/src/pjlib-util/srv_resolver.c
|
||||
@@ -652,6 +652,7 @@ static void dns_callback(void *user_data,
|
||||
|
||||
} else if (query_job->dns_state == PJ_DNS_TYPE_A) {
|
||||
pj_bool_t is_type_a, srv_completed;
|
||||
+ pj_dns_addr_record rec;
|
||||
|
||||
/* Clear outstanding job */
|
||||
if (common->type == PJ_DNS_TYPE_A) {
|
||||
@@ -668,15 +669,26 @@ static void dns_callback(void *user_data,
|
||||
|
||||
is_type_a = (common->type == PJ_DNS_TYPE_A);
|
||||
|
||||
+ /* Parse response */
|
||||
+ if (status==PJ_SUCCESS && pkt->hdr.anscount != 0) {
|
||||
+ status = pj_dns_parse_addr_response(pkt, &rec);
|
||||
+ if (status!=PJ_SUCCESS) {
|
||||
+ char errmsg[PJ_ERR_MSG_SIZE];
|
||||
+
|
||||
+ PJ_LOG(4,(query_job->objname,
|
||||
+ "DNS %s record parse error for '%.*s'."
|
||||
+ " Err=%d (%s)",
|
||||
+ (is_type_a ? "A" : "AAAA"),
|
||||
+ (int)query_job->domain_part.slen,
|
||||
+ query_job->domain_part.ptr,
|
||||
+ status,
|
||||
+ pj_strerror(status,errmsg,sizeof(errmsg)).ptr));
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
/* Check that we really have answer */
|
||||
if (status==PJ_SUCCESS && pkt->hdr.anscount != 0) {
|
||||
char addr[PJ_INET6_ADDRSTRLEN];
|
||||
- pj_dns_addr_record rec;
|
||||
-
|
||||
- /* Parse response */
|
||||
- status = pj_dns_parse_addr_response(pkt, &rec);
|
||||
- if (status != PJ_SUCCESS)
|
||||
- goto on_error;
|
||||
|
||||
pj_assert(rec.addr_count != 0);
|
||||
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@ -0,0 +1,7 @@
|
||||
The 0000-* patches in this directory should not be removed or
|
||||
reordered when upgrading to a new version of pjproject. They
|
||||
MAY need to be updated to apply cleanly however.
|
||||
|
||||
New patches should be numbered in ascending order with no
|
||||
duplicates. Leave 10 slots open after the last patch to
|
||||
allow others to be inserted.
|
||||
@ -1,2 +1,2 @@
|
||||
|
||||
PJPROJECT_VERSION = 2.5.5
|
||||
PJPROJECT_VERSION = 2.6
|
||||
|
||||
Loading…
Reference in new issue