sipwise
/
rtpengine
mirror of https://github.com/sipwise/rtpengine.git
1
0
Fork 0
Code Issues Releases Wiki Activity

make "trust address" the default behaviour

Browse Source 
adds CLI option --sip-source to restore old default, and adds
new flag "SIP source address" to achieve the same on a per-call
basis
pull/53/head
Richard Fuchs 11 years ago
parent 97b472bfdb
commit f826d01c29
6 changed files with 61 additions and 13 deletions
Show Stats Download Patch File Download Diff File

28
README.md
Unescape View File

@ -179,6 +179,7 @@ option and which are reproduced below:
-E, --log-stderr Log on stderr instead of syslog -E, --log-stderr Log on stderr instead of syslog
-x, --xmlrpc-format=INT XMLRPC timeout request format to use. 0: SEMS DI, 1: call-id only -x, --xmlrpc-format=INT XMLRPC timeout request format to use. 0: SEMS DI, 1: call-id only
--num-threads=INT Number of worker threads to create --num-threads=INT Number of worker threads to create
--sip-source Use SIP source address by default
Most of these options are indeed optional, with two exceptions. It's mandatory to specify at least one local Most of these options are indeed optional, with two exceptions. It's mandatory to specify at least one local
IP address through `--interface`, and at least one of the `--listen-...` options must be given. IP address through `--interface`, and at least one of the `--listen-...` options must be given.
@ -322,6 +323,13 @@ The options are described in more detail below.
as there are CPU cores available. If the number of CPU cores cannot be determined, the default is as there are CPU cores available. If the number of CPU cores cannot be determined, the default is
four. four.
* --sip-source
The original *rtpproxy* as well as older version of *rtpengine* by default didn't honour IP
addresses given in the SDP body, and instead used the source address of the received SIP
message as default endpoint address. Newer versions of *rtpengine* reverse this behaviour and
honour the addresses given in the SDP body by default. This option restores the old behaviour.
* -r, --redis, -R, --redis-db, -b, --b2b-url * -r, --redis, -R, --redis-db, -b, --b2b-url
NGCP-specific options NGCP-specific options
@ -579,12 +587,21 @@ Optionally included keys are:
* `flags` * `flags`
The value of the `flags` key is a list. The list contains zero or more of the following strings: The value of the `flags` key is a list. The list contains zero or more of the following strings.
Spaces in each string my be replaced by hyphens.
- `SIP source address`
Ignore any IP addresses given in the SDP body and use the source address of the received
SIP message (given in `received from`) as default endpoint address. This was the default
behaviour of older versions of *rtpengine* and can still be made the default behaviour
through the `--sip-source` CLI switch.
Can be overridden through the `media address` key.
- `trust address` - `trust address`
If given, the media addresses from the SDP body are trusted as correct endpoints. Otherwise, the The opposite of `SIP source address`. This is the default behaviour unless the CLI switch
address is taken from the `received from` key. Corresponds to the *rtpproxy* `r` flag. `--sip-source` is active. Corresponds to the *rtpproxy* `r` flag.
Can be overridden through the `media address` key. Can be overridden through the `media address` key.
- `symmetric` - `symmetric`
@ -626,7 +643,7 @@ Optionally included keys are:
Replace the address found in the *origin* (o=) line of the SDP body. Corresponds Replace the address found in the *origin* (o=) line of the SDP body. Corresponds
to *rtpproxy* `o` flag. to *rtpproxy* `o` flag.
- `session connection` - `session connection` or `session-connection`
Replace the address found in the *session-level connection* (c=) line of the SDP body. Replace the address found in the *session-level connection* (c=) line of the SDP body.
Corresponds to *rtpproxy* `c` flag. Corresponds to *rtpproxy* `c` flag.
@ -655,7 +672,8 @@ Optionally included keys are:
Contains a list of exactly two elements. The first element denotes the address family and the second Contains a list of exactly two elements. The first element denotes the address family and the second
element is the SIP message's source address itself. The address family can be one of `IP4` or `IP6`. element is the SIP message's source address itself. The address family can be one of `IP4` or `IP6`.
Used if neither the `trust address` flag nor the `media address` key is present. Used if SDP addresses are neither trusted (through `SIP source address` or `--sip-source`) nor the
`media address` key is present.
* `ICE` * `ICE`

24
daemon/call_interfaces.c
Unescape View File

@ -19,6 +19,10 @@
int trust_address_def;
static int call_stream_address_gstring(GString *o, struct packet_stream *ps, enum stream_address_format format) { static int call_stream_address_gstring(GString *o, struct packet_stream *ps, enum stream_address_format format) {
int len, ret; int len, ret;
@ -454,11 +458,16 @@ INLINE void call_bencode_hold_ref(struct call *c, bencode_item_t *bi) {
} }
INLINE void str_hyphenate(bencode_item_t *it) { INLINE void str_hyphenate(bencode_item_t *it) {
char *p; str s;
p = memchr(it->iov[1].iov_base, ' ', it->iov[1].iov_len); if (!bencode_get_str(it, &s))
if (!p)
return; return;
*p = '-'; while (s.len) {
str_chr_str(&s, &s, ' ');
if (!s.s || !s.len)
break;
*s.s = '-';
str_shift(&s, 1);
}
} }
INLINE char *bencode_get_alt(bencode_item_t *i, const char *one, const char *two, str *out) { INLINE char *bencode_get_alt(bencode_item_t *i, const char *one, const char *two, str *out) {
char *o; char *o;
@ -474,11 +483,15 @@ static void call_ng_process_flags(struct sdp_ng_flags *out, bencode_item_t *inpu
ZERO(*out); ZERO(*out);
out->trust_address = trust_address_def;
if ((list = bencode_dictionary_get_expect(input, "flags", BENCODE_LIST))) { if ((list = bencode_dictionary_get_expect(input, "flags", BENCODE_LIST))) {
for (it = list->child; it; it = it->sibling) { for (it = list->child; it; it = it->sibling) {
str_hyphenate(it); str_hyphenate(it);
if (!bencode_strcmp(it, "trust-address")) if (!bencode_strcmp(it, "trust-address"))
out->trust_address = 1; out->trust_address = 1;
else if (!bencode_strcmp(it, "SIP-source-address"))
out->trust_address = 0;
else if (!bencode_strcmp(it, "asymmetric")) else if (!bencode_strcmp(it, "asymmetric"))
out->asymmetric = 1; out->asymmetric = 1;
else if (!bencode_strcmp(it, "strict-source")) else if (!bencode_strcmp(it, "strict-source"))
@ -523,7 +536,8 @@ static void call_ng_process_flags(struct sdp_ng_flags *out, bencode_item_t *inpu
out->ice_remove = 1; out->ice_remove = 1;
else if (!str_cmp(&s, "force")) else if (!str_cmp(&s, "force"))
out->ice_force = 1; out->ice_force = 1;
else if (!str_cmp(&s, "force_relay") || !str_cmp(&s, "force-relay")) else if (!str_cmp(&s, "force_relay") || !str_cmp(&s, "force-relay")
|| !str_cmp(&s, "force relay"))
out->ice_force_relay = 1; out->ice_force_relay = 1;
else else
ilog(LOG_WARN, "Unknown 'ICE' flag encountered: '"STR_FORMAT"'", ilog(LOG_WARN, "Unknown 'ICE' flag encountered: '"STR_FORMAT"'",

3
daemon/call_interfaces.h
Unescape View File

@ -15,6 +15,9 @@ struct callmaster;
struct control_stream; struct control_stream;
extern int trust_address_def;
str *call_request_tcp(char **, struct callmaster *); str *call_request_tcp(char **, struct callmaster *);
str *call_lookup_tcp(char **, struct callmaster *); str *call_lookup_tcp(char **, struct callmaster *);
void call_delete_tcp(char **, struct callmaster *); void call_delete_tcp(char **, struct callmaster *);

6
daemon/main.c
Unescape View File

@ -24,6 +24,7 @@
#include "redis.h" #include "redis.h"
#include "sdp.h" #include "sdp.h"
#include "dtls.h" #include "dtls.h"
#include "call_interfaces.h"
@ -310,6 +311,7 @@ static void options(int *argc, char ***argv) {
char *redisps = NULL; char *redisps = NULL;
char *log_facility_s = NULL; char *log_facility_s = NULL;
int version = 0; int version = 0;
int sip_source = 0;
GOptionEntry e[] = { GOptionEntry e[] = {
{ "version", 'v', 0, G_OPTION_ARG_NONE, &version, "Print build time and exit", NULL }, { "version", 'v', 0, G_OPTION_ARG_NONE, &version, "Print build time and exit", NULL },
@ -334,6 +336,7 @@ static void options(int *argc, char ***argv) {
{ "log-stderr", 'E', 0, G_OPTION_ARG_NONE, &_log_stderr, "Log on stderr instead of syslog", NULL }, { "log-stderr", 'E', 0, G_OPTION_ARG_NONE, &_log_stderr, "Log on stderr instead of syslog", NULL },
{ "xmlrpc-format",'x', 0, G_OPTION_ARG_INT, &xmlrpc_fmt, "XMLRPC timeout request format to use. 0: SEMS DI, 1: call-id only", "INT" }, { "xmlrpc-format",'x', 0, G_OPTION_ARG_INT, &xmlrpc_fmt, "XMLRPC timeout request format to use. 0: SEMS DI, 1: call-id only", "INT" },
{ "num-threads", 0, 0, G_OPTION_ARG_INT, &num_threads, "Number of worker threads to create", "INT" }, { "num-threads", 0, 0, G_OPTION_ARG_INT, &num_threads, "Number of worker threads to create", "INT" },
{ "sip-source", 0, 0, G_OPTION_ARG_NONE, &sip_source, "Use SIP source address by default", NULL },
{ NULL, } { NULL, }
}; };
@ -406,6 +409,9 @@ static void options(int *argc, char ***argv) {
write_log = log_to_stderr; write_log = log_to_stderr;
max_log_line_length = 0; max_log_line_length = 0;
} }
if (!sip_source)
trust_address_def = 1;
} }

10
daemon/str.h
Unescape View File

@ -94,8 +94,14 @@ INLINE char *str_chr(const str *s, int c) {
return memchr(s->s, c, s->len); return memchr(s->s, c, s->len);
} }
INLINE str *str_chr_str(str *out, const str *s, int c) { INLINE str *str_chr_str(str *out, const str *s, int c) {
out->s = str_chr(s, c); char *p;
out->len = out->s ? (s->len - (out->s - s->s)) : 0; p = str_chr(s, c);
if (!p) {
*out = STR_NULL;
return out;
}
*out = *s;
str_shift(out, p - out->s);
return out; return out;
} }
INLINE int str_cmp_len(const str *a, const char *b, int l) { INLINE int str_cmp_len(const str *a, const char *b, int l) {

3
utils/ng-client
Unescape View File

@ -21,6 +21,7 @@ GetOptions(
'call-id=s' => \$options{'call-id'}, 'call-id=s' => \$options{'call-id'},
'protocol=s' => \$options{'transport protocol'}, 'protocol=s' => \$options{'transport protocol'},
'trust-address' => \$options{'trust address'}, 'trust-address' => \$options{'trust address'},
'sip-source-address' => \$options{'sip source address'},
'symmetric' => \$options{'symmetric'}, 'symmetric' => \$options{'symmetric'},
'asymmetric' => \$options{'asymmetric'}, 'asymmetric' => \$options{'asymmetric'},
'replace-origin' => \$options{'replace-origin'}, 'replace-origin' => \$options{'replace-origin'},
@ -50,7 +51,7 @@ my %packet = (command => $cmd);
for my $x (split(',', 'from-tag,to-tag,call-id,transport protocol,media address,ICE,address family,TOS,DTLS')) { for my $x (split(',', 'from-tag,to-tag,call-id,transport protocol,media address,ICE,address family,TOS,DTLS')) {
defined($options{$x}) and $packet{$x} = $options{$x}; defined($options{$x}) and $packet{$x} = $options{$x};
} }
for my $x (split(',', 'trust address,symmetric,asymmetric,force,strict source,media handover')) { for my $x (split(',', 'trust address,symmetric,asymmetric,force,strict source,media handover,sip source address')) {
defined($options{$x}) and push(@{$packet{flags}}, $x); defined($options{$x}) and push(@{$packet{flags}}, $x);
} }
for my $x (split(',', 'origin,session connection')) { for my $x (split(',', 'origin,session connection')) {

Write Preview
Loading…
Cancel
Save