[sr-dev] git:master: tls: execute event_route[tls:connection-out]

Daniel-Constantin Mierla miconda at gmail.com
Mon May 26 14:54:45 CEST 2014 

Module: sip-router
Branch: master
Commit: 1d6d5cd5d4ff7cd488edfaea5600f02b7d3612fa
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=1d6d5cd5d4ff7cd488edfaea5600f02b7d3612fa

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date:   Mon May 26 14:17:43 2014 +0200

tls: execute event_route[tls:connection-out]

- done when a new outgoing tls connection is opened
- ongoing work, to allow an option to drop the connection based on
  config decision

---

 modules/tls/tls_mod.c    |    1 +
 modules/tls/tls_select.c |   10 ++++++++++
 modules/tls/tls_select.h |    3 +++
 modules/tls/tls_server.c |   45 +++++++++++++++++++++++++++++++++++++++++++++
 modules/tls/tls_server.h |    2 ++
 5 files changed, 61 insertions(+), 0 deletions(-)

diff --git a/modules/tls/tls_mod.c b/modules/tls/tls_mod.c
index 97175e3..eb40b04 100644
--- a/modules/tls/tls_mod.c
+++ b/modules/tls/tls_mod.c
@@ -348,6 +348,7 @@ static int mod_init(void)
 #ifndef OPENSSL_NO_DH
 	LM_INFO("With Diffie Hellman\n");
 #endif
+	tls_lookup_event_routes();
 	return 0;
 error:
 	destroy_tls_h();
diff --git a/modules/tls/tls_select.c b/modules/tls/tls_select.c
index 6305448..5e70d13 100644
--- a/modules/tls/tls_select.c
+++ b/modules/tls/tls_select.c
@@ -101,11 +101,21 @@ enum {
 
 
 
+static struct tcp_connection* _tls_pv_con = 0;
 
 
+void tls_set_pv_con(struct tcp_connection *c)
+{
+	_tls_pv_con = c;
+}
+
 struct tcp_connection* get_cur_connection(struct sip_msg* msg)
 {
 	struct tcp_connection* c;
+
+	if(_tls_pv_con != 0)
+		return _tls_pv_con;
+
 	if (msg->rcv.proto != PROTO_TLS) {
 		ERR("Transport protocol is not TLS (bug in config)\n");
 		return 0;
diff --git a/modules/tls/tls_select.h b/modules/tls/tls_select.h
index 3d5b8d0..5d40cc1 100644
--- a/modules/tls/tls_select.h
+++ b/modules/tls/tls_select.h
@@ -43,9 +43,12 @@
 
 #include "../../select.h"
 #include "../../pvar.h"
+#include "../../tcp_conn.h"
 
 extern select_row_t tls_sel[];
 
 extern pv_export_t tls_pv[];
 
+void tls_set_pv_con(struct tcp_connection *c);
+
 #endif /* _TLS_SELECT_H */
diff --git a/modules/tls/tls_server.c b/modules/tls/tls_server.c
index cfd09c4..ad80400 100644
--- a/modules/tls/tls_server.c
+++ b/modules/tls/tls_server.c
@@ -46,6 +46,9 @@
 #include "../../tcp_int_send.h"
 #include "../../tcp_read.h"
 #include "../../cfg/cfg.h"
+#include "../../route.h"
+#include "../../forward.h"
+#include "../../onsend.h"
 
 #include "tls_init.h"
 #include "tls_domain.h"
@@ -56,6 +59,8 @@
 #include "tls_dump_vf.h"
 #include "tls_cfg.h"
 
+int tls_run_event_routes(struct tcp_connection *c);
+
 /* low memory treshold for openssl bug #1491 workaround */
 #define LOW_MEM_NEW_CONNECTION_TEST() \
 	(cfg_get(tls, tls_cfg, low_mem_threshold1) && \
@@ -435,6 +440,7 @@ int tls_connect(struct tcp_connection *c, int* error)
 			LOG(tls_log, "tls_connect: server did not "
 							"present a certificate\n");
 		}
+		tls_run_event_routes(c);
 	} else { /* 0 or < 0 */
 		*error = SSL_get_error(ssl, ret);
 	}
@@ -1343,3 +1349,42 @@ bug:
 					c, flags, ssl_read, *flags);
 	return -1;
 }
+
+
+static int _tls_evrt_connection_out = -1; /* default disabled */
+
+/*!
+ * lookup tls event routes
+ */
+void tls_lookup_event_routes(void)
+{
+	_tls_evrt_connection_out=route_lookup(&event_rt, "tls:connection-out");
+	if (_tls_evrt_connection_out>=0 && event_rt.rlist[_tls_evrt_connection_out]==0)
+		_tls_evrt_connection_out=-1; /* disable */
+	if(_tls_evrt_connection_out!=-1)
+		forward_set_send_info(1);
+}
+
+/**
+ *
+ */
+int tls_run_event_routes(struct tcp_connection *c)
+{
+	int backup_rt;
+	struct run_act_ctx ctx;
+	sip_msg_t tmsg;
+
+	if(_tls_evrt_connection_out<0)
+		return 0;
+	if(p_onsend==0 || p_onsend->msg==0)
+		return 0;
+
+	backup_rt = get_route_type();
+	set_route_type(LOCAL_ROUTE);
+	init_run_actions_ctx(&ctx);
+	tls_set_pv_con(c);
+	run_top_route(event_rt.rlist[_tls_evrt_connection_out], &tmsg, 0);
+	tls_set_pv_con(0);
+	set_route_type(backup_rt);
+	return 0;
+}
diff --git a/modules/tls/tls_server.h b/modules/tls/tls_server.h
index d564425..abb3b13 100644
--- a/modules/tls/tls_server.h
+++ b/modules/tls/tls_server.h
@@ -93,4 +93,6 @@ int tls_h_fix_read_conn(struct tcp_connection *c);
 
 int tls_connect(struct tcp_connection *c, int* error);
 int tls_accept(struct tcp_connection *c, int* error);
+
+void tls_lookup_event_routes(void);
 #endif /* _TLS_SERVER_H */

More information about the sr-dev mailing list