<!-- Kamailio Pull Request Template -->
<!--
IMPORTANT:
- for detailed contributing guidelines, read:
https://github.com/kamailio/kamailio/blob/master/.github/CONTRIBUTING.md
- pull requests must be done to master branch, unless they are backports
of fixes from master branch to a stable branch
- backports to stable branches must be done with 'git cherry-pick -x ...'
- code is contributed under BSD for core and main components (tm, sl, auth, tls)
- code is contributed GPLv2 or a compatible license for the other components
- GPL code is contributed with OpenSSL licensing exception
-->
#### Pre-Submission Checklist
<!-- Go over all points below, and after creating the PR, tick all the checkboxes that apply -->
<!-- All points should be verified, otherwise, read the CONTRIBUTING guidelines from above-->
<!-- If you're unsure about any of these, don't hesitate to ask on sr-dev mailing list -->
- [x] Commit message has the format required by CONTRIBUTING guide
- [x] Commits are split per component (core, individual modules, libs, utils, ...)
- [x] Each component has a single commit (if not, squash them into one commit)
- [x] No commits to README files for modules (changes must be done to docbook files
in `doc/` subfolder, the README file is autogenerated)
#### Type Of Change
- [x] Small bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds new functionality)
- [ ] Breaking change (fix or feature that would change existing functionality)
#### Checklist:
<!-- Go over all points below, and after creating the PR, tick the checkboxes that apply -->
- [x] PR should be backported to stable branches
- [x] Tested changes locally
- [ ] Related to issue #XXXX (replace XXXX with an open issue number)
#### Description
I faced an issue with memory leak in case drop NOTIFY messages in the "local-request" event route in `mem_copy_subs` and `build_uac_req`
analysis of mem leak:
kamcmd corex.shm_summary
<code>...
Mar 23 12:00:28 pbx kamailio[72308]: NOTICE: fm_status: fm_sums(): count= 11 size= 7520 bytes from presence: hash.c: mem_copy_subs(141)<br>
Mar 23 12:00:28 pbx kamailio[72308]: NOTICE: fm_status: fm_sums(): count= 23 size= 22536 bytes from tm: t_msgbuilder.c: build_uac_req(1618)
...</code>
a lot of dropped messages in local-request event route
<code>...
Mar 23 12:01:09 pbx kamailio[72308]: NOTICE: fm_status: fm_sums(): count= 83 size= 51256 bytes from presence: hash.c: mem_copy_subs(141)
Mar 23 12:01:09 pbx kamailio[72308]: NOTICE: fm_status: fm_sums(): count= 98 size= 116864 bytes from tm: t_msgbuilder.c: build_uac_req(1618)
...</code>
no messages, no activities
<code>...
Mar 23 12:02:34 pbx kamailio[72308]: NOTICE: fm_status: fm_sums(): count= 83 size= 51256 bytes from presence: hash.c: mem_copy_subs(141)
Mar 23 12:02:34 pbx kamailio[72308]: NOTICE: fm_status: fm_sums(): count= 96 size= 115432 bytes from tm: t_msgbuilder.c: build_uac_req(1618)
...</code>
In the code, we have a comment like "never free cbp here because if t_uac_prepare fails, cbp is not freed and thus caller has no chance to discover if it is freed or not", but we'll free the cbp in two cases:
1. in case of error, but we have if (ret == E_DROP) then ret = 0; (so, no error result)
2. in case call insert_tmcb for cbp, but we don't do it for E_DROP
You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/3403
-- Commit Summary --
* tm: memory leak in case dropping messages in local-request event route
-- File Changes --
M src/modules/tm/uac.c (8)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/3403.patchhttps://github.com/kamailio/kamailio/pull/3403.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/3403
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/pull/3403(a)github.com>
<!-- Kamailio Pull Request Template -->
<!--
IMPORTANT:
- for detailed contributing guidelines, read:
https://github.com/kamailio/kamailio/blob/master/.github/CONTRIBUTING.md
- pull requests must be done to master branch, unless they are backports
of fixes from master branch to a stable branch
- backports to stable branches must be done with 'git cherry-pick -x ...'
- code is contributed under BSD for core and main components (tm, sl, auth, tls)
- code is contributed GPLv2 or a compatible license for the other components
- GPL code is contributed with OpenSSL licensing exception
-->
#### Pre-Submission Checklist
<!-- Go over all points below, and after creating the PR, tick all the checkboxes that apply -->
<!-- All points should be verified, otherwise, read the CONTRIBUTING guidelines from above-->
<!-- If you're unsure about any of these, don't hesitate to ask on sr-dev mailing list -->
- [x] Commit message has the format required by CONTRIBUTING guide
- [x] Commits are split per component (core, individual modules, libs, utils, ...)
- [ ] Each component has a single commit (if not, squash them into one commit)
- [x] No commits to README files for modules (changes must be done to docbook files
in `doc/` subfolder, the README file is autogenerated)
#### Type Of Change
- [x] Small bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds new functionality)
- [x] Breaking change (fix or feature that would change existing functionality)
#### Checklist:
<!-- Go over all points below, and after creating the PR, tick the checkboxes that apply -->
- [x] PR should be backported to stable branches
- [x] Tested changes locally
- [x] Related to issue [reported in lists](https://lists.kamailio.org/mailman3/hyperkitty/list/sr-users@lists.k…
#### Description
<!-- Describe your changes in detail -->
This PR aims to fix a bug/security issue where data that was supposed to be encrypted and transferred through TLS, were transferred instead with TCP protocol.
More information and how to replicate can be found in the above [issue](https://lists.kamailio.org/mailman3/hyperkitty/list/sr-users@lists.k… in list.
This PR suggests using also the protocol to match if a TCP connection exists, and when doing connection lookups, otherwise, it might return a wrong connection, ie a TCP one when we are asking for a TLS one (a case when source ip/port and dest IP are same but dest port is set 0 (wildcard) ).
`tcpconn_get` was left unchanged due to being used by some modules and not wanting to break them. Please advise whether it should be beneficial to also change it.
In some cases like, `tcpconn_add_alias` and `tcpconn_get` we used the `PROTO_NONE` which preserves the original behavior. `tcpconn_add_alias` we do have the protocol available, should it be also used?
`tcpconn_get` does not have the protocol available unless we pass it as an argument.
You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/3810
-- Commit Summary --
* tcp_main: Add protocol argument for searching tcp/tls connections
* tcp_main: Add proto argument to tcpconn_exists function
* tcp_main: Update comment docs
* core/forward: Match protocol when forwarding
* tcp_main: Match wss protocol
-- File Changes --
M src/core/forward.h (3)
M src/core/tcp_conn.h (3)
M src/core/tcp_main.c (43)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/3810.patchhttps://github.com/kamailio/kamailio/pull/3810.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/3810
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/pull/3810(a)github.com>
Module: kamailio
Branch: master
Commit: 0a28a93c6e060081267dc686e342d45ef03358e7
URL: https://github.com/kamailio/kamailio/commit/0a28a93c6e060081267dc686e342d45…
Author: Xenofon Karamanos <22965395+xkaraman(a)users.noreply.github.com>
Committer: Henning Westerholt <hw(a)gilawa.com>
Date: 2024-04-16T14:42:20+02:00
tcp_main: Update comment docs
---
Modified: src/core/tcp_main.c
---
Diff: https://github.com/kamailio/kamailio/commit/0a28a93c6e060081267dc686e342d45…
Patch: https://github.com/kamailio/kamailio/commit/0a28a93c6e060081267dc686e342d45…
---
diff --git a/src/core/tcp_main.c b/src/core/tcp_main.c
index 0ea1b541ea6..e3323736cc0 100644
--- a/src/core/tcp_main.c
+++ b/src/core/tcp_main.c
@@ -1697,8 +1697,8 @@ void tcpconn_rm(struct tcp_connection *c)
/* finds a connection, if id=0 uses the ip addr, port, local_ip and local port
* (host byte order) and tries to find the connection that matches all of
- * them. Wild cards can be used for local_ip and local_port (a 0 filled
- * ip address and/or a 0 local port).
+ * them. Wild cards can be used for local_ip, local_port and proto (a 0 filled
+ * ip address and/or a 0 local port and/or PROTO_NONE).
* WARNING: unprotected (locks) use tcpconn_get unless you really
* know what you are doing */
struct tcp_connection *_tcpconn_find(int id, struct ip_addr *ip, int port,
@@ -1754,7 +1754,7 @@ struct tcp_connection *_tcpconn_find(int id, struct ip_addr *ip, int port,
/**
- * find if a tcp connection exits by id or remote+local address/port
+ * find if a tcp connection exits by id or remote+local address/port and protocol
* - return: 1 if found; 0 if not found
*/
int tcpconn_exists(int conn_id, ip_addr_t *peer_ip, int peer_port,
@@ -1774,6 +1774,7 @@ int tcpconn_exists(int conn_id, ip_addr_t *peer_ip, int peer_port,
/* TCP connection find with locks and timeout
* - local_addr contains the desired local ip:port. If null any local address
* will be used. IN*ADDR_ANY or 0 port are wild cards.
+ * - proto is the protocol to match (PROTO_NONE for any)
* - try_local_port makes the search use it first, instead of port from local_addr
* If found, the connection's reference counter will be incremented, you might
* want to decrement it after use.
<!-- Kamailio Pull Request Template -->
<!--
IMPORTANT:
- for detailed contributing guidelines, read:
https://github.com/kamailio/kamailio/blob/master/.github/CONTRIBUTING.md
- pull requests must be done to master branch, unless they are backports
of fixes from master branch to a stable branch
- backports to stable branches must be done with 'git cherry-pick -x ...'
- code is contributed under BSD for core and main components (tm, sl, auth, tls)
- code is contributed GPLv2 or a compatible license for the other components
- GPL code is contributed with OpenSSL licensing exception
-->
#### Pre-Submission Checklist
<!-- Go over all points below, and after creating the PR, tick all the checkboxes that apply -->
<!-- All points should be verified, otherwise, read the CONTRIBUTING guidelines from above-->
<!-- If you're unsure about any of these, don't hesitate to ask on sr-dev mailing list -->
- [X] Commit message has the format required by CONTRIBUTING guide
- [X] Commits are split per component (core, individual modules, libs, utils, ...)
- [X] Each component has a single commit (if not, squash them into one commit)
- [X] No commits to README files for modules (changes must be done to docbook files
in `doc/` subfolder, the README file is autogenerated)
#### Type Of Change
- [X] Small bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds new functionality)
- [ ] Breaking change (fix or feature that would change existing functionality)
#### Checklist:
<!-- Go over all points below, and after creating the PR, tick the checkboxes that apply -->
- [X] PR should be backported to stable branches
- [X] Tested changes locally
- [ ] Related to issue #XXXX (replace XXXX with an open issue number)
#### Description
We noticed that configuration option tcp_accept_iplimit was included in newer kamailio versions (most notably 5.7.4), and it was a breaking change for us. Added sample configuration value in /etc/kamailio.cfg file - already tested in our production deployment.
You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/3792
-- Commit Summary --
* tcp/docs: Added tcp_accept_iplimit config sample
-- File Changes --
M etc/kamailio.cfg (3)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/3792.patchhttps://github.com/kamailio/kamailio/pull/3792.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/3792
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/pull/3792(a)github.com>
#### Pre-Submission Checklist
<!-- Go over all points below, and after creating the PR, tick all the checkboxes that apply -->
<!-- All points should be verified, otherwise, read the CONTRIBUTING guidelines from above-->
<!-- If you're unsure about any of these, don't hesitate to ask on sr-dev mailing list -->
- [x] Commit message has the format required by CONTRIBUTING guide
- [x] Commits are split per component (core, individual modules, libs, utils, ...)
- [x] Each component has a single commit (if not, squash them into one commit)
- [x] No commits to README files for modules (changes must be done to docbook files
in `doc/` subfolder, the README file is autogenerated)
#### Type Of Change
- [x] Small bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds new functionality)
- [ ] Breaking change (fix or feature that would change existing functionality)
#### Checklist:
<!-- Go over all points below, and after creating the PR, tick the checkboxes that apply -->
- [x] PR should be backported to stable branches
- [x] Tested changes locally
- [x] Related to issue #3777
#### Description
<!-- Describe your changes in detail -->
- freed request.s after sending request to websocket in send_rtpp_command method.
You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/3813
-- Commit Summary --
* rtpengine: fix pkg mem leak in send_rtpp_command()
-- File Changes --
M src/modules/rtpengine/rtpengine.c (1)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/3813.patchhttps://github.com/kamailio/kamailio/pull/3813.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/3813
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/pull/3813(a)github.com>