AST-2018-005: res_pjsip_transport_management: Move to core

Since res_pjsip_transport_management provides several attack mitigation features, its functionality moved to res_pjsip and this module has been removed. This way the features will always be available if res_pjsip is loaded. ASTERISK-27618 Reported By: Sandro Gauci Change-Id: I21a2d33d9dda001452ea040d350d7a075f9acf0d
7 years ago · bca7b85182
parent 3a585794e1
commit bca7b85182
5 changed files with 56 additions and 27 deletions
--- a/11
+++ b/11
@ -8,6 +8,17 @@
 ===
 ==============================================================================

+------------------------------------------------------------------------------
+--- Functionality changes from Asterisk 14.7.5 to Asterisk 14.7.6 ------------
+------------------------------------------------------------------------------
+
+res_pjsip_transport_management
+------------------
+ * Since res_pjsip_transport_management provides several attack
+   mitigation features, its functionality moved to res_pjsip and
+   this module has been removed.  This way the features will always
+   be available if res_pjsip is loaded.
+
 ------------------------------------------------------------------------------
 --- Functionality changes from Asterisk 14.6.0 to Asterisk 14.7.0 ------------
 ------------------------------------------------------------------------------
--- a/UPGRADE.txt
+++ b/UPGRADE.txt
@ -22,6 +22,14 @@
 === UPGRADE-13.txt  -- Upgrade info for 12 to 13
 ===========================================================

+From 14.7.5 to 14.7.6:
+
+res_pjsip_transport_management:
+ - Since res_pjsip_transport_management provides several attack
+   mitigation features, its functionality moved to res_pjsip and
+   this module has been removed.  This way the features will always
+   be available if res_pjsip is loaded.
+
 From 14.6.0 to 14.7.0:

 Core:
--- a/res/res_pjsip.c
+++ b/res/res_pjsip.c
@ -4674,6 +4674,7 @@ static int unload_pjsip(void *data)
 		ast_res_pjsip_cleanup_options_handling();
 		ast_res_pjsip_cleanup_message_filter();
 		ast_sip_destroy_distributor();
+		ast_sip_destroy_transport_management();
 		ast_res_pjsip_destroy_configuration();
 		ast_sip_destroy_system();
 		ast_sip_destroy_global_headers();
@ -4839,6 +4840,11 @@ static int load_module(void)
 	ast_sip_initialize_resolver();
 	ast_sip_initialize_dns();

+	if (ast_sip_initialize_transport_management()) {
+		ast_log(LOG_ERROR, "Failed to initialize SIP transport management. Aborting load\n");
+		goto error;
+	}
+
 	if (ast_sip_initialize_distributor()) {
 		ast_log(LOG_ERROR, "Failed to register distributor module. Aborting load\n");
 		goto error;
--- a/res/res_pjsip/include/res_pjsip_private.h
+++ b/res/res_pjsip/include/res_pjsip_private.h
@ -395,4 +395,32 @@ int ast_sip_initialize_scheduler(void);
 */
 int ast_sip_destroy_scheduler(void);

+/*!
+ * \internal
+ * \brief Initialize the transport management module
+ * \since 13.20.0
+ *
+ * The transport management module is responsible for 3 things...
+ * 1.  It automatically destroys any reliable transport that does not
+ * receive a valid request within system/timer_b milliseconds of the
+ * connection being opened. (Attack mitigation)
+ * 2.  Since it increments the reliable transport's reference count
+ * for that period of time, it also prevents issues if the transport
+ * disconnects while we're still trying to process a response.
+ *  (Attack mitigation)
+ * 3.  If enabled by global/keep_alive_interval, it sends '\r\n'
+ * keepalives on reliable transports at the interval specified.
+ *
+ * \retval -1 Failure
+ * \retval 0 Success
+ */
+int ast_sip_initialize_transport_management(void);
+
+/*!
+ * \internal
+ * \brief Destruct the transport management module.
+ * \since 13.20.0
+ */
+void ast_sip_destroy_transport_management(void);
+
 #endif /* RES_PJSIP_PRIVATE_H_ */
--- a/res/res_pjsip/pjsip_transport_management.c
+++ b/res/res_pjsip/pjsip_transport_management.c
@ -16,12 +16,6 @@
 * at the top of the source tree.
 */

-/*** MODULEINFO
-	<depend>pjproject</depend>
-	<depend>res_pjsip</depend>
-	<support_level>core</support_level>
- ***/
-
 #include "asterisk.h"

 #include <signal.h>
@ -32,6 +26,7 @@
 #include "asterisk/res_pjsip.h"
 #include "asterisk/module.h"
 #include "asterisk/astobj2.h"
+#include "include/res_pjsip_private.h"

 /*! \brief Number of buckets for monitored transports */
 #define TRANSPORTS_BUCKETS 127
@ -319,12 +314,10 @@ static pjsip_module idle_monitor_module = {
 	.on_rx_request = idle_monitor_on_rx_request,
 };

-static int load_module(void)
+int ast_sip_initialize_transport_management(void)
 {
 	struct ao2_container *transports;

-	CHECK_PJSIP_MODULE_LOADED();
-
 	transports = ao2_container_alloc(TRANSPORTS_BUCKETS, monitored_transport_hash_fn,
 		monitored_transport_cmp_fn);
 	if (!transports) {
@ -356,11 +349,10 @@ static int load_module(void)
 	ast_sorcery_observer_add(ast_sip_get_sorcery(), "global", &keepalive_global_observer);
 	ast_sorcery_reload_object(ast_sip_get_sorcery(), "global");

-	ast_module_shutdown_ref(ast_module_info->self);
 	return AST_MODULE_LOAD_SUCCESS;
 }

-static int unload_module(void)
+void ast_sip_destroy_transport_management(void)
 {
 	if (keepalive_interval) {
 		keepalive_interval = 0;
@ -381,20 +373,4 @@ static int unload_module(void)
 	sched = NULL;

 	ao2_global_obj_release(monitored_transports);
-
-	return 0;
-}
-
-static int reload_module(void)
-{
-	ast_sorcery_reload_object(ast_sip_get_sorcery(), "global");
-	return 0;
 }
-
-AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "PJSIP Reliable Transport Management",
-	.support_level = AST_MODULE_SUPPORT_CORE,
-	.load = load_module,
-	.reload = reload_module,
-	.unload = unload_module,
-	.load_pri = AST_MODPRI_CHANNEL_DEPEND - 4,
-);