diff -Nru resiprocate-1.9.6/ChangeLog resiprocate-1.9.7/ChangeLog --- resiprocate-1.9.6/ChangeLog 2014-04-10 09:51:33.000000000 +0200 +++ resiprocate-1.9.7/ChangeLog 2014-05-31 12:47:51.000000000 +0200 @@ -1,4 +1,24 @@ = Release Notes v 1.9 = +==1.9.7 Changes== +rpm: Indicate that b2bua package is obsolete +resip/stack: TlsConnection: correctly handle OpenSSL error queue after SSL_read +resip/stack: fix for forced target routing in TransactionState - thanks to John Gregg for this +rutil: enhance command line parsing exceptions with additional details - thanks to John Gregg for initial contribution +rutil: if a v6 address is passed to the GenericIPAddress sockaddr constructor, ensure the entire v6 address is copied over properly. Note: sockaddr is smaller than sockaddr_in6 - Thanks to Bjorn A for this fix +rutil: accept case insensitive log level strings +resip/dum: fix obscure bug in basicClient where if we don't use a threaded stack processing does not function correctly - required PollGrp to be passed to SipStack constructor +resip/stack: fix for a use-after-free bug when adding multi-headers to a list that has been copied, and then one of the headers is accessed (but not necessarily parsed) - thanks to Byron Campen for this fix! +resip/stack: Added accessor for TransactionUser FIFO so to obtain stats +resip/stack: additional OpenSSL cleanup fn - reordered functions to match order used in this post: http://openssl.6102.n7.nabble.com/Cleanup-procedure-missing-some-calls-td37441.html +reTurn: modified asio and boost include file ordering to avoid multiply defined symbol errors on linking +resip/recon: remove extra sleep definitions +resip/stack: fix a bug with Keepalive processing that causes transaction state leakage and potential traps +rutil: syslog: use LOG_PID, avoid sending redundant data in log string. + +==1.9.6 Changes== +*resip/recon: fixes a bug that makes it impossible to use codecs with RTP clock rates other than 8000, makes Opus support possible +*autotools: minor tweaks to reduce warnings during build/linking + ==1.9.5 Changes== *resip/recon: do not send DTMF as inband audio, can be troublesome as sipXtapi echoes it back to caller (note: requires latest sipXtapi code with startChannelTone patch) *resip/recon: SipXHelper: map log entries from sipXtapi to reSIProcate logger diff -Nru resiprocate-1.9.6/configure resiprocate-1.9.7/configure diff -Nru resiprocate-1.9.6/configure.ac resiprocate-1.9.7/configure.ac --- resiprocate-1.9.6/configure.ac 2014-04-10 09:51:33.000000000 +0200 +++ resiprocate-1.9.7/configure.ac 2014-05-31 12:47:51.000000000 +0200 @@ -1,5 +1,5 @@ -AC_INIT(resiprocate,1.9.6) +AC_INIT(resiprocate,1.9.7) AC_CONFIG_SRCDIR(repro/repro.cxx) SO_RELEASE=`echo $PACKAGE_VERSION | cut -f1,2 -d.` diff -Nru resiprocate-1.9.6/debian/changelog resiprocate-1.9.7/debian/changelog --- resiprocate-1.9.6/debian/changelog 2014-04-10 10:04:58.000000000 +0200 +++ resiprocate-1.9.7/debian/changelog 2014-12-10 07:28:30.000000000 +0100 @@ -1,3 +1,16 @@ +resiprocate (1:1.9.7-4) unstable; urgency=medium + + * Use SSLv23_method instead of TLSv1_method and + avoid TLS 1.2 when acting as client. (Closes: #772632) + + -- Daniel Pocock Tue, 09 Dec 2014 11:34:48 +0100 + +resiprocate (1.9.7-1) unstable; urgency=medium + + * New upstream release. + + -- Daniel Pocock Sat, 31 May 2014 12:51:05 +0200 + resiprocate (1.9.6-1) unstable; urgency=medium * New upstream release. diff -Nru resiprocate-1.9.6/debian/patches/0001-use-SSLv23_method.patch resiprocate-1.9.7/debian/patches/0001-use-SSLv23_method.patch --- resiprocate-1.9.6/debian/patches/0001-use-SSLv23_method.patch 1970-01-01 01:00:00.000000000 +0100 +++ resiprocate-1.9.7/debian/patches/0001-use-SSLv23_method.patch 2014-12-09 11:30:51.000000000 +0100 @@ -0,0 +1,50 @@ +diff --git a/repro/ReproRunner.cxx b/repro/ReproRunner.cxx +index 929392b..a2f09de 100644 +--- a/repro/ReproRunner.cxx ++++ b/repro/ReproRunner.cxx +@@ -1338,6 +1338,7 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute) + wsCookieContextFactory.reset(new BasicWsCookieContextFactory(infoCookieName, extraCookieName, macCookieName)); + } + ++ SecurityTypes::SSLType defaultSSLType = SecurityTypes::SSLv23; + try + { + // Check if advanced transport settings are provided +@@ -1448,7 +1449,7 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute) + ipAddr, // interface to bind to + tlsDomain, + Data::Empty, // private key passphrase - not currently used +- SecurityTypes::TLSv1, // sslType ++ defaultSSLType, // sslType + 0, // transport flags + tlsCertificate, tlsPrivateKey, + cvm, // tls client verification mode +@@ -1576,8 +1577,8 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute) + } + if (tlsPort) + { +- if (mUseV4) mSipStack->addTransport(TLS, tlsPort, V4, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, tlsCertificate, tlsPrivateKey, cvm, useEmailAsSIP); +- if (mUseV6) mSipStack->addTransport(TLS, tlsPort, V6, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, tlsCertificate, tlsPrivateKey, cvm, useEmailAsSIP); ++ if (mUseV4) mSipStack->addTransport(TLS, tlsPort, V4, StunEnabled, Data::Empty, tlsDomain, Data::Empty, defaultSSLType, 0, tlsCertificate, tlsPrivateKey, cvm, useEmailAsSIP); ++ if (mUseV6) mSipStack->addTransport(TLS, tlsPort, V6, StunEnabled, Data::Empty, tlsDomain, Data::Empty, defaultSSLType, 0, tlsCertificate, tlsPrivateKey, cvm, useEmailAsSIP); + } + if (wsPort) + { +@@ -1586,13 +1587,13 @@ ReproRunner::addTransports(bool& allTransportsSpecifyRecordRoute) + } + if (wssPort) + { +- if (mUseV4) mSipStack->addTransport(WSS, wssPort, V4, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, tlsCertificate, tlsPrivateKey, cvm, useEmailAsSIP, basicWsConnectionValidator, wsCookieContextFactory); +- if (mUseV6) mSipStack->addTransport(WSS, wssPort, V6, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, tlsCertificate, tlsPrivateKey, cvm, useEmailAsSIP, basicWsConnectionValidator, wsCookieContextFactory); ++ if (mUseV4) mSipStack->addTransport(WSS, wssPort, V4, StunEnabled, Data::Empty, tlsDomain, Data::Empty, defaultSSLType, 0, tlsCertificate, tlsPrivateKey, cvm, useEmailAsSIP, basicWsConnectionValidator, wsCookieContextFactory); ++ if (mUseV6) mSipStack->addTransport(WSS, wssPort, V6, StunEnabled, Data::Empty, tlsDomain, Data::Empty, defaultSSLType, 0, tlsCertificate, tlsPrivateKey, cvm, useEmailAsSIP, basicWsConnectionValidator, wsCookieContextFactory); + } + if (dtlsPort) + { +- if (mUseV4) mSipStack->addTransport(DTLS, dtlsPort, V4, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, tlsCertificate, tlsPrivateKey); +- if (mUseV6) mSipStack->addTransport(DTLS, dtlsPort, V6, StunEnabled, Data::Empty, tlsDomain, Data::Empty, SecurityTypes::TLSv1, 0, tlsCertificate, tlsPrivateKey); ++ if (mUseV4) mSipStack->addTransport(DTLS, dtlsPort, V4, StunEnabled, Data::Empty, tlsDomain, Data::Empty, defaultSSLType, 0, tlsCertificate, tlsPrivateKey); ++ if (mUseV6) mSipStack->addTransport(DTLS, dtlsPort, V6, StunEnabled, Data::Empty, tlsDomain, Data::Empty, defaultSSLType, 0, tlsCertificate, tlsPrivateKey); + } + } + } diff -Nru resiprocate-1.9.6/debian/patches/0002-client-avoid-TLSv1_2.patch resiprocate-1.9.7/debian/patches/0002-client-avoid-TLSv1_2.patch --- resiprocate-1.9.6/debian/patches/0002-client-avoid-TLSv1_2.patch 1970-01-01 01:00:00.000000000 +0100 +++ resiprocate-1.9.7/debian/patches/0002-client-avoid-TLSv1_2.patch 2014-12-09 11:33:41.000000000 +0100 @@ -0,0 +1,16 @@ +diff --git a/resip/stack/ssl/TlsConnection.cxx b/resip/stack/ssl/TlsConnection.cxx +index c3537aa..145d089 100644 +--- a/resip/stack/ssl/TlsConnection.cxx ++++ b/resip/stack/ssl/TlsConnection.cxx +@@ -122,6 +122,11 @@ TlsConnection::TlsConnection( Transport* transport, const Tuple& tuple, + } + SSL_set_verify(mSsl, verify_mode, 0); + } ++ else ++ { ++ // some TLS v1.2 servers have been troublesome ++ SSL_set_options(mSsl, SSL_OP_NO_TLSv1_2); ++ } + + mBio = BIO_new_socket((int)fd,0/*close flag*/); + assert( mBio ); diff -Nru resiprocate-1.9.6/debian/patches/series resiprocate-1.9.7/debian/patches/series --- resiprocate-1.9.6/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ resiprocate-1.9.7/debian/patches/series 2014-12-09 11:33:48.000000000 +0100 @@ -0,0 +1,2 @@ +0001-use-SSLv23_method.patch +0002-client-avoid-TLSv1_2.patch diff -Nru resiprocate-1.9.6/debian/rules resiprocate-1.9.7/debian/rules --- resiprocate-1.9.6/debian/rules 2014-03-24 15:57:27.000000000 +0100 +++ resiprocate-1.9.7/debian/rules 2014-12-07 17:54:58.000000000 +0100 @@ -21,6 +21,7 @@ # with librecon: CPPFLAGS += -D__pingtel_on_posix__ -D_linux_ -D_REENTRANT -D_FILE_OFFS CPPFLAGS += -DDEFAULT_BRIDGE_MAX_IN_OUTPUTS=20 +CPPFLAGS += -D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS CXXFLAGS += -fpermissive LDFLAGS += -lcares diff -Nru resiprocate-1.9.6/reflow/Flow.cxx resiprocate-1.9.7/reflow/Flow.cxx --- resiprocate-1.9.6/reflow/Flow.cxx 2014-04-10 09:49:37.000000000 +0200 +++ resiprocate-1.9.7/reflow/Flow.cxx 2014-05-31 12:47:46.000000000 +0200 @@ -3,7 +3,11 @@ #endif #include +#ifdef USE_SSL +#include +#endif #include + #include #include #include diff -Nru resiprocate-1.9.6/reflow/FlowDtlsSocketContext.cxx resiprocate-1.9.7/reflow/FlowDtlsSocketContext.cxx --- resiprocate-1.9.6/reflow/FlowDtlsSocketContext.cxx 2014-04-10 09:49:37.000000000 +0200 +++ resiprocate-1.9.7/reflow/FlowDtlsSocketContext.cxx 2014-05-31 12:47:46.000000000 +0200 @@ -3,14 +3,15 @@ #endif #ifdef USE_SSL -#include -#include -#include - #include +#include #include #include +#include +#include +#include + #include "FlowDtlsSocketContext.hxx" #include "FlowManagerSubsystem.hxx" diff -Nru resiprocate-1.9.6/reflow/FlowDtlsSocketContext.hxx resiprocate-1.9.7/reflow/FlowDtlsSocketContext.hxx --- resiprocate-1.9.6/reflow/FlowDtlsSocketContext.hxx 2014-04-10 09:49:37.000000000 +0200 +++ resiprocate-1.9.7/reflow/FlowDtlsSocketContext.hxx 2014-05-31 12:47:46.000000000 +0200 @@ -6,6 +6,9 @@ #define FlowDtlsSocketContext_hxx #include +#ifdef USE_SSL +#include +#endif #ifdef WIN32 #include #else diff -Nru resiprocate-1.9.6/reflow/FlowDtlsTimerContext.hxx resiprocate-1.9.7/reflow/FlowDtlsTimerContext.hxx --- resiprocate-1.9.6/reflow/FlowDtlsTimerContext.hxx 2014-04-10 09:49:37.000000000 +0200 +++ resiprocate-1.9.7/reflow/FlowDtlsTimerContext.hxx 2014-05-31 12:47:46.000000000 +0200 @@ -2,6 +2,10 @@ #define FlowDtlsTimerContext_hxx #include +#ifdef USE_SSL +#include +#endif + #include #include "dtls_wrapper/DtlsTimer.hxx" diff -Nru resiprocate-1.9.6/reflow/FlowManager.cxx resiprocate-1.9.7/reflow/FlowManager.cxx --- resiprocate-1.9.6/reflow/FlowManager.cxx 2014-04-10 09:49:37.000000000 +0200 +++ resiprocate-1.9.7/reflow/FlowManager.cxx 2014-05-31 12:47:46.000000000 +0200 @@ -2,6 +2,13 @@ #include "config.h" #endif +#include +#ifdef USE_SSL +#include +#endif +#include +#include + #include #include #include @@ -9,10 +16,6 @@ #include #include -#include -#include -#include - #ifdef WIN32 #include #else diff -Nru resiprocate-1.9.6/reflow/MediaStream.cxx resiprocate-1.9.7/reflow/MediaStream.cxx --- resiprocate-1.9.6/reflow/MediaStream.cxx 2014-04-10 09:49:37.000000000 +0200 +++ resiprocate-1.9.7/reflow/MediaStream.cxx 2014-05-31 12:47:46.000000000 +0200 @@ -2,13 +2,16 @@ #include "config.h" #endif +#include + #include #include #include +#include "MediaStream.hxx" #include "FlowManagerSubsystem.hxx" #include "FlowManager.hxx" -#include "MediaStream.hxx" + using namespace flowmanager; #ifdef USE_SSL diff -Nru resiprocate-1.9.6/reflow/MediaStream.hxx resiprocate-1.9.7/reflow/MediaStream.hxx --- resiprocate-1.9.6/reflow/MediaStream.hxx 2014-04-10 09:49:37.000000000 +0200 +++ resiprocate-1.9.7/reflow/MediaStream.hxx 2014-05-31 12:47:46.000000000 +0200 @@ -6,7 +6,9 @@ #endif #include +#ifdef USE_SSL #include +#endif #ifdef WIN32 #include #else diff -Nru resiprocate-1.9.6/resip/dum/test/basicClientUserAgent.cxx resiprocate-1.9.7/resip/dum/test/basicClientUserAgent.cxx --- resiprocate-1.9.6/resip/dum/test/basicClientUserAgent.cxx 2014-04-10 09:49:48.000000000 +0200 +++ resiprocate-1.9.7/resip/dum/test/basicClientUserAgent.cxx 2014-05-31 12:45:55.000000000 +0200 @@ -121,7 +121,7 @@ #endif mPollGrp(FdPollGrp::create()), // Will create EPoll implementation if available, otherwise FdPoll mInterruptor(new EventThreadInterruptor(*mPollGrp)), - mStack(new SipStack(mSecurity, DnsStub::EmptyNameserverList, mInterruptor)), + mStack(new SipStack(mSecurity, DnsStub::EmptyNameserverList, mInterruptor, false, 0, 0, mPollGrp)), mStackThread(new EventStackThread(*mStack, *mInterruptor, *mPollGrp)), mDum(new DialogUsageManager(*mStack)), mDumShutdownRequested(false), diff -Nru resiprocate-1.9.6/resip/recon/ConversationManager.hxx resiprocate-1.9.7/resip/recon/ConversationManager.hxx --- resiprocate-1.9.6/resip/recon/ConversationManager.hxx 2014-04-10 09:50:09.000000000 +0200 +++ resiprocate-1.9.7/resip/recon/ConversationManager.hxx 2014-05-31 12:46:19.000000000 +0200 @@ -1,11 +1,7 @@ #if !defined(ConversationManager_hxx) #define ConversationManager_hxx -#ifdef WIN32 -#define BOOST__STDC_CONSTANT_MACROS_DEFINED // elminate duplicate define warnings under windows -#include // Use Visual Studio's stdint.h -#define _MSC_STDINT_H_ // This define will ensure that stdint.h in sipXport tree is not used -#endif +#include #include "BridgeMixer.hxx" diff -Nru resiprocate-1.9.6/resip/recon/FlowManagerSipXSocket.cxx resiprocate-1.9.7/resip/recon/FlowManagerSipXSocket.cxx --- resiprocate-1.9.6/resip/recon/FlowManagerSipXSocket.cxx 2014-04-10 09:50:09.000000000 +0200 +++ resiprocate-1.9.7/resip/recon/FlowManagerSipXSocket.cxx 2014-05-31 12:46:19.000000000 +0200 @@ -1,4 +1,7 @@ #include +#ifdef USE_SSL +#include +#endif #include #include diff -Nru resiprocate-1.9.6/resip/recon/readme.txt resiprocate-1.9.7/resip/recon/readme.txt --- resiprocate-1.9.6/resip/recon/readme.txt 2014-04-10 09:50:09.000000000 +0200 +++ resiprocate-1.9.7/resip/recon/readme.txt 2014-05-31 12:46:19.000000000 +0200 @@ -103,7 +103,7 @@ /resip/ <- https://svn.resiprocate.org/rep/resiprocate/main /resip/contrib/openssl <- OpenSSL 1.0.1 or above -/resip/contrib/boost <- BOOST 1.34.1 (required in this location for Windows builds only) +/resip/contrib/boost <- BOOST 1.34.1 or above (required in this location for Windows builds only) /sipXtapi <- https://scm.sipfoundry.org/rep/sipX/branches/sipXtapi Building recon on Windows diff -Nru resiprocate-1.9.6/resip/recon/RemoteParticipantDialogSet.cxx resiprocate-1.9.7/resip/recon/RemoteParticipantDialogSet.cxx --- resiprocate-1.9.6/resip/recon/RemoteParticipantDialogSet.cxx 2014-04-10 09:50:09.000000000 +0200 +++ resiprocate-1.9.7/resip/recon/RemoteParticipantDialogSet.cxx 2014-05-31 12:46:19.000000000 +0200 @@ -37,12 +37,6 @@ //#define DISABLE_FLOWMANAGER_IF_NO_NAT_TRAVERSAL #include -#ifdef WIN32 - #define sleepMs(t) Sleep(t) -#else - #define sleepMs(t) usleep(t*1000) -#endif - using namespace recon; using namespace resip; using namespace std; diff -Nru resiprocate-1.9.6/resip/recon/UserAgent.hxx resiprocate-1.9.7/resip/recon/UserAgent.hxx --- resiprocate-1.9.6/resip/recon/UserAgent.hxx 2014-04-10 09:50:09.000000000 +0200 +++ resiprocate-1.9.7/resip/recon/UserAgent.hxx 2014-05-31 12:46:19.000000000 +0200 @@ -1,6 +1,8 @@ #if !defined(UserAgent_hxx) #define UserAgent_hxx +#include + #include "ConversationManager.hxx" #include "ConversationProfile.hxx" #include "UserAgentMasterProfile.hxx" @@ -17,12 +19,6 @@ #include #include -#ifdef WIN32 - #define sleepMs(t) Sleep(t) -#else - #define sleepMs(t) usleep(t*1000) -#endif - namespace recon { diff -Nru resiprocate-1.9.6/resip/stack/HeaderFieldValue.cxx resiprocate-1.9.7/resip/stack/HeaderFieldValue.cxx --- resiprocate-1.9.6/resip/stack/HeaderFieldValue.cxx 2014-04-10 09:50:02.000000000 +0200 +++ resiprocate-1.9.7/resip/stack/HeaderFieldValue.cxx 2014-05-31 12:46:13.000000000 +0200 @@ -105,6 +105,18 @@ // ?bwc? assert(!hfv.mMine); ? } +HeaderFieldValue& +HeaderFieldValue::swap(HeaderFieldValue& orig) +{ + if (this != &orig) + { + std::swap(mField, orig.mField); + std::swap(mFieldLength, orig.mFieldLength); + std::swap(mMine, orig.mMine); + } + return *this; +} + HeaderFieldValue::~HeaderFieldValue() { if (mMine) diff -Nru resiprocate-1.9.6/resip/stack/HeaderFieldValue.hxx resiprocate-1.9.7/resip/stack/HeaderFieldValue.hxx --- resiprocate-1.9.6/resip/stack/HeaderFieldValue.hxx 2014-04-10 09:50:01.000000000 +0200 +++ resiprocate-1.9.7/resip/stack/HeaderFieldValue.hxx 2014-05-31 12:46:12.000000000 +0200 @@ -43,6 +43,7 @@ HeaderFieldValue(const HeaderFieldValue& hfv, NoOwnershipEnum); HeaderFieldValue& operator=(const HeaderFieldValue&); HeaderFieldValue& copyWithPadding(const HeaderFieldValue& rhs); + HeaderFieldValue& swap(HeaderFieldValue& orig); ~HeaderFieldValue(); diff -Nru resiprocate-1.9.6/resip/stack/ParserContainerBase.cxx resiprocate-1.9.7/resip/stack/ParserContainerBase.cxx --- resiprocate-1.9.6/resip/stack/ParserContainerBase.cxx 2014-04-10 09:50:03.000000000 +0200 +++ resiprocate-1.9.7/resip/stack/ParserContainerBase.cxx 2014-05-31 12:46:13.000000000 +0200 @@ -154,11 +154,18 @@ mParsers.reserve(mParsers.size() + parsers.size()); for(Parsers::const_iterator p=parsers.begin(); p!=parsers.end(); ++p) { - mParsers.push_back(*p); + // Copy c'tor and assignment operator for HeaderKit are actually poor + // man's move semantics, so we have to implement real copy semantics here. + mParsers.push_back(HeaderKit::Empty); + HeaderKit& kit(mParsers.back()); - if(kit.pc) + if(p->pc) { - kit.pc = makeParser(*kit.pc); + kit.pc = makeParser(*(p->pc)); + } + else + { + kit.hfv = p->hfv; } } } diff -Nru resiprocate-1.9.6/resip/stack/ParserContainerBase.hxx resiprocate-1.9.7/resip/stack/ParserContainerBase.hxx --- resiprocate-1.9.6/resip/stack/ParserContainerBase.hxx 2014-04-10 09:50:02.000000000 +0200 +++ resiprocate-1.9.7/resip/stack/ParserContainerBase.hxx 2014-05-31 12:46:12.000000000 +0200 @@ -133,17 +133,25 @@ static const HeaderKit Empty; HeaderKit(): pc(0){} + + // Poor man's move c'tor, watch out! HeaderKit(const HeaderKit& orig) : pc(orig.pc), hfv(orig.hfv) - {} - + { + HeaderKit& nc_orig = const_cast(orig); + std::swap(nc_orig.pc, pc); + hfv.swap(nc_orig.hfv); + } + + // Poor man's move semantics, watch out! HeaderKit& operator=(const HeaderKit& rhs) { if(this!=&rhs) { - pc=rhs.pc; - hfv=rhs.hfv; + HeaderKit& nc_orig = const_cast(rhs); + std::swap(nc_orig.pc, pc); + hfv.swap(nc_orig.hfv); } return *this; } diff -Nru resiprocate-1.9.6/resip/stack/ssl/TlsConnection.cxx resiprocate-1.9.7/resip/stack/ssl/TlsConnection.cxx --- resiprocate-1.9.6/resip/stack/ssl/TlsConnection.cxx 2014-04-10 09:49:55.000000000 +0200 +++ resiprocate-1.9.7/resip/stack/ssl/TlsConnection.cxx 2014-05-31 12:46:11.000000000 +0200 @@ -25,6 +25,34 @@ #define RESIPROCATE_SUBSYSTEM Subsystem::TRANSPORT +inline bool handleOpenSSLErrorQueue(int ret, unsigned long err, const char* op) +{ + bool hadReason = false; + while (true) + { + const char* file; + int line; + + unsigned long code = ERR_get_error_line(&file,&line); + if ( code == 0 ) + { + break; + } + + char buf[256]; + ERR_error_string_n(code,buf,sizeof(buf)); + ErrLog( << buf ); + DebugLog( << "Error code = " << code << " file=" << file << " line=" << line ); + hadReason = true; + } + ErrLog( << "Got TLS " << op << " error=" << err << " ret=" << ret ); + if(!hadReason) + { + WarningLog(<<"no reason found with ERR_get_error_line"); + } + return hadReason; +} + TlsConnection::TlsConnection( Transport* transport, const Tuple& tuple, Socket fd, Security* security, bool server, Data domain, SecurityTypes::SSLType sslType , @@ -109,7 +137,27 @@ TlsConnection::~TlsConnection() { #if defined(USE_SSL) - SSL_shutdown(mSsl); + ERR_clear_error(); + int ret = SSL_shutdown(mSsl); + if(ret < 0) + { + int err = SSL_get_error(mSsl, ret); + switch (err) + { + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_WRITE: + case SSL_ERROR_NONE: + { + // WANT_READ or WANT_WRITE can arise for bi-directional shutdown on + // non-blocking sockets, safe to ignore + StackLog( << "Got TLS shutdown error condition of " << err ); + } + break; + default: + ErrLog(<<"Unexpected error in SSL_shutdown"); + handleOpenSSLErrorQueue(ret, err, "SSL_shutdown"); + } + } SSL_free(mSsl); #endif // USE_SSL } @@ -267,29 +315,7 @@ DebugLog(<<"unrecognised/unhandled SSL_get_error result: " << err); } ErrLog( << "TLS handshake failed "); - bool hadReason = false; - while (true) - { - const char* file; - int line; - - unsigned long code = ERR_get_error_line(&file,&line); - if ( code == 0 ) - { - break; - } - - char buf[256]; - ERR_error_string_n(code,buf,sizeof(buf)); - ErrLog( << buf ); - ErrLog( << "Error code = " - << code << " file=" << file << " line=" << line ); - hadReason = true; - } - if(!hadReason) - { - WarningLog(<<"no reason found with ERR_get_error_line"); - } + handleOpenSSLErrorQueue(ok, err, "SSL_do_handshake"); mBio = NULL; mTlsState = Broken; return mTlsState; @@ -372,29 +398,37 @@ int bytesRead = SSL_read(mSsl,buf,count); StackLog(<< "SSL_read returned " << bytesRead << " bytes [" << Data(Data::Borrow, buf, (bytesRead > 0)?(bytesRead):(0)) << "]"); - int bytesPending = SSL_pending(mSsl); - - if ((bytesRead > 0) && (bytesPending > 0)) + if (bytesRead > 0) { - char* buffer = getWriteBufferForExtraBytes(bytesPending); - if (buffer) + int bytesPending = SSL_pending(mSsl); + if (bytesPending > 0) { - StackLog(<< "reading remaining buffered bytes"); - bytesPending = SSL_read(mSsl, buffer, bytesPending); - StackLog(<< "SSL_read returned " << bytesPending << " bytes [" << Data(Data::Borrow, buffer, (bytesPending > 0)?(bytesPending):(0)) << "]"); - - if (bytesPending > 0) + char* buffer = getWriteBufferForExtraBytes(bytesPending); + if (buffer) { - bytesRead += bytesPending; + StackLog(<< "reading remaining buffered bytes"); + bytesPending = SSL_read(mSsl, buffer, bytesPending); + StackLog(<< "SSL_read returned " << bytesPending << " bytes [" << Data(Data::Borrow, buffer, (bytesPending > 0)?(bytesPending):(0)) << "]"); + + if (bytesPending > 0) + { + bytesRead += bytesPending; + } + else + { + bytesRead = bytesPending; + } } else { - bytesRead = bytesPending; + assert(0); } } - else + else if (bytesPending < 0) { - assert(0); + int err = SSL_get_error(mSsl, bytesPending); + handleOpenSSLErrorQueue(bytesPending, err, "SSL_pending"); + return -1; } } @@ -413,9 +447,11 @@ break; default: { - char buf[256]; - ERR_error_string_n(err,buf,sizeof(buf)); - ErrLog( << "Got TLS read ret=" << bytesRead << " error=" << err << " " << buf << (err==5?" - intermediate certificates may be missing from local PEM file" : "") ); + handleOpenSSLErrorQueue(bytesRead, err, "SSL_read"); + if(err == 5) + { + WarningLog(<<"err=5 sometimes indicates that intermediate certificates may be missing from local PEM file"); + } return -1; } break; @@ -498,23 +534,7 @@ break; default: { - while (true) - { - const char* file; - int line; - - unsigned long code = ERR_get_error_line(&file,&line); - if ( code == 0 ) - { - break; - } - - char buf[256]; - ERR_error_string_n(code,buf,sizeof(buf)); - ErrLog( << buf ); - DebugLog( << "Error code = " << code << " file=" << file << " line=" << line ); - } - ErrLog( << "Got TLS write error=" << err << " ret=" << ret ); + handleOpenSSLErrorQueue(ret, err, "SSL_write"); return -1; } break; @@ -563,6 +583,13 @@ } int mode = SSL_get_shutdown(mSsl); + if ( mode < 0 ) + { + int err = SSL_get_error(mSsl, mode); + handleOpenSSLErrorQueue(mode, err, "SSL_get_shutdown"); + return false; + } + if ( mode != 0 ) { return false; diff -Nru resiprocate-1.9.6/resip/stack/test/testSipMessage.cxx resiprocate-1.9.7/resip/stack/test/testSipMessage.cxx --- resiprocate-1.9.6/resip/stack/test/testSipMessage.cxx 2014-04-10 09:49:59.000000000 +0200 +++ resiprocate-1.9.7/resip/stack/test/testSipMessage.cxx 2014-05-31 12:46:05.000000000 +0200 @@ -28,6 +28,42 @@ main(int argc, char** argv) { Log::initialize(Log::Cout, Log::Debug, argv[0]); + initNetwork(); + + { + // This test excercises a now fixed use-after-free bug when adding multi-headers to a list that has been copied, and then + // one of the headers is accessed (but not necessarily parsed). + Data txt("INVITE sip:192.168.2.92:5100;q=1 SIP/2.0\r\n" + "Record-Route: \r\n" + "To: \r\n" + "From: Jason Fischl;tag=ba1aee2d\r\n" + "Via: SIP/2.0/UDP 192.168.2.220:5060;branch=z9hG4bK-c87542-da4d3e6a.0-1--c87542-;rport=5060;received=192.168.2.220;stid=579667358\r\n" + "Via: SIP/2.0/UDP 192.168.2.15:5100;branch=z9hG4bK-c87542-579667358-1--c87542-;rport=5100;received=192.168.2.15\r\n" + "Call-ID: 6c64b42fce01b007\r\n" + "CSeq: 2 INVITE\r\n" + "Route: \r\n" + "Contact: \r\n" + "Content-Length: 0\r\n" + "\r\n"); + + auto_ptr msg(SipMessage::make(txt, true /* isExternal */)); + + SipMessage response; + Helper::makeResponse(response, *msg, 200); + + // Trigger a parse of Record-Route + NameAddr rr("sip:test@rr.com"); + if(!(response.header(h_RecordRoutes).front() == rr)) + { + // + } + // Now push a new Record-Route + response.header(h_RecordRoutes).push_front(rr); + assert(response.header(h_RecordRoutes).back().uri().user() == "rruser"); + + //InfoLog(<< response); + } + static ExtensionParameter p_tag_ext("tag"); { Data txt( @@ -44,7 +80,6 @@ "Content-Length: 0\r\n" "\r\n" ); - initNetwork(); auto_ptr msg(TestSupport::makeMessage(txt)); assert(msg.get()); diff -Nru resiprocate-1.9.6/resip/stack/TransactionState.cxx resiprocate-1.9.7/resip/stack/TransactionState.cxx --- resiprocate-1.9.6/resip/stack/TransactionState.cxx 2014-04-10 09:50:02.000000000 +0200 +++ resiprocate-1.9.7/resip/stack/TransactionState.cxx 2014-05-31 12:46:12.000000000 +0200 @@ -397,17 +397,18 @@ void TransactionState::process(TransactionController& controller, TransactionMessage* message) -{ - { - KeepAliveMessage* keepAlive = dynamic_cast(message); - if (keepAlive) - { - StackLog ( << "Sending keep alive to: " << keepAlive->getDestination()); - controller.mTransportSelector.transmit(keepAlive, keepAlive->getDestination()); - delete keepAlive; - return; - } +{ + // Note: KeepAliveMessage is a special SipMessage - check for it first + KeepAliveMessage* keepAlive = dynamic_cast(message); + if (keepAlive) + { + StackLog ( << "Sending keep alive to: " << keepAlive->getDestination()); + controller.mTransportSelector.transmit(keepAlive, keepAlive->getDestination()); + delete keepAlive; + return; + } + { ConnectionTerminated* term = dynamic_cast(message); if (term) { @@ -2548,7 +2549,7 @@ StackLog(<<"!ah! response with force target going to : "<registerFifo(&mFifo); } } + + const TimeLimitFifo* getFifo() { return(&mFifo); } const virtual UInt16 getExpectedWait() const { diff -Nru resiprocate-1.9.6/resiprocate.spec resiprocate-1.9.7/resiprocate.spec diff -Nru resiprocate-1.9.6/resiprocate.spec.in resiprocate-1.9.7/resiprocate.spec.in diff -Nru resiprocate-1.9.6/reTurn/AsyncSocketBase.cxx resiprocate-1.9.7/reTurn/AsyncSocketBase.cxx --- resiprocate-1.9.6/reTurn/AsyncSocketBase.cxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/AsyncSocketBase.cxx 2014-05-31 12:45:52.000000000 +0200 @@ -1,6 +1,5 @@ #include "AsyncSocketBase.hxx" #include "AsyncSocketBaseHandler.hxx" -#include #include #include #include "ReTurnSubsystem.hxx" diff -Nru resiprocate-1.9.6/reTurn/AsyncSocketBase.hxx resiprocate-1.9.7/reTurn/AsyncSocketBase.hxx --- resiprocate-1.9.6/reTurn/AsyncSocketBase.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/AsyncSocketBase.hxx 2014-05-31 12:45:53.000000000 +0200 @@ -1,12 +1,16 @@ #ifndef ASYNC_SOCKET_BASE_HXX #define ASYNC_SOCKET_BASE_HXX -#include #include -#include +#ifdef USE_SSL +#include +#endif #include +#include #include +#include + #include "DataBuffer.hxx" #include "StunTuple.hxx" diff -Nru resiprocate-1.9.6/reTurn/AsyncTcpSocketBase.hxx resiprocate-1.9.7/reTurn/AsyncTcpSocketBase.hxx --- resiprocate-1.9.6/reTurn/AsyncTcpSocketBase.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/AsyncTcpSocketBase.hxx 2014-05-31 12:45:53.000000000 +0200 @@ -2,6 +2,9 @@ #define ASYNC_TCP_SOCKET_BASE_HXX #include +#ifdef USE_SSL +#include +#endif #include #include "AsyncSocketBase.hxx" diff -Nru resiprocate-1.9.6/reTurn/AsyncUdpSocketBase.hxx resiprocate-1.9.7/reTurn/AsyncUdpSocketBase.hxx --- resiprocate-1.9.6/reTurn/AsyncUdpSocketBase.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/AsyncUdpSocketBase.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,9 @@ #define ASYNC_UDP_SOCKET_BASE_HXX #include +#ifdef USE_SSL +#include +#endif #include #include "AsyncSocketBase.hxx" diff -Nru resiprocate-1.9.6/reTurn/ChannelManager.hxx resiprocate-1.9.7/reTurn/ChannelManager.hxx --- resiprocate-1.9.6/reTurn/ChannelManager.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/ChannelManager.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,9 @@ #define CHANNELMANAGER_HXX #include +#ifdef USE_SSL +#include +#endif #include "RemotePeer.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncSocket.cxx resiprocate-1.9.7/reTurn/client/TurnAsyncSocket.cxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncSocket.cxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncSocket.cxx 2014-05-31 12:45:51.000000000 +0200 @@ -1,7 +1,6 @@ #include "TurnAsyncSocket.hxx" #include "../AsyncSocketBase.hxx" #include "ErrorCode.hxx" -#include #include #include #include "../ReTurnSubsystem.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncSocketHandler.hxx resiprocate-1.9.7/reTurn/client/TurnAsyncSocketHandler.hxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncSocketHandler.hxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncSocketHandler.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -3,6 +3,9 @@ #include #include +#ifdef USE_SSL +#include +#endif #include "reTurn/AsyncSocketBaseHandler.hxx" #include "reTurn/DataBuffer.hxx" #include "reTurn/StunTuple.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncSocket.hxx resiprocate-1.9.7/reTurn/client/TurnAsyncSocket.hxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncSocket.hxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncSocket.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -7,12 +7,18 @@ #error You must define ASIO_ENABLE_CANCELIO in your build settings. #endif -#include -#include #include +#ifdef USE_SSL +#include +#endif +#include +#include + #include #include -#include + +#include +#include #include "reTurn/StunTuple.hxx" #include "reTurn/StunMessage.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncTcpSocket.cxx resiprocate-1.9.7/reTurn/client/TurnAsyncTcpSocket.cxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncTcpSocket.cxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncTcpSocket.cxx 2014-05-31 12:45:52.000000000 +0200 @@ -1,5 +1,4 @@ #include "TurnAsyncTcpSocket.hxx" -#include // Remove warning about 'this' use in initiator list - pointer is only stored #if defined(WIN32) && !defined(__GNUC__) diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncTcpSocket.hxx resiprocate-1.9.7/reTurn/client/TurnAsyncTcpSocket.hxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncTcpSocket.hxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncTcpSocket.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,10 @@ #define TURNASYNCTCPSOCKET_HXX #include +#ifdef USE_SSL +#include +#endif +#include #include "TurnAsyncSocket.hxx" #include "reTurn/AsyncTcpSocketBase.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncTlsSocket.cxx resiprocate-1.9.7/reTurn/client/TurnAsyncTlsSocket.cxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncTlsSocket.cxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncTlsSocket.cxx 2014-05-31 12:45:51.000000000 +0200 @@ -5,7 +5,6 @@ #ifdef USE_SSL #include "TurnAsyncTlsSocket.hxx" -#include using namespace std; diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncTlsSocket.hxx resiprocate-1.9.7/reTurn/client/TurnAsyncTlsSocket.hxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncTlsSocket.hxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncTlsSocket.hxx 2014-05-31 12:45:51.000000000 +0200 @@ -9,6 +9,7 @@ #include #include +#include #include "TurnAsyncTcpSocket.hxx" #include "reTurn/AsyncTlsSocketBase.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncUdpSocket.cxx resiprocate-1.9.7/reTurn/client/TurnAsyncUdpSocket.cxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncUdpSocket.cxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncUdpSocket.cxx 2014-05-31 12:45:52.000000000 +0200 @@ -1,5 +1,4 @@ #include "TurnAsyncUdpSocket.hxx" -#include // Remove warning about 'this' use in initiator list - pointer is only stored #if defined(WIN32) && !defined(__GNUC__) diff -Nru resiprocate-1.9.6/reTurn/client/TurnAsyncUdpSocket.hxx resiprocate-1.9.7/reTurn/client/TurnAsyncUdpSocket.hxx --- resiprocate-1.9.6/reTurn/client/TurnAsyncUdpSocket.hxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnAsyncUdpSocket.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,10 @@ #define TURNASYNCUDPSOCKET_HXX #include +#ifdef USE_SSL +#include +#endif +#include #include "TurnAsyncSocket.hxx" #include "reTurn/AsyncUdpSocketBase.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnSocket.cxx resiprocate-1.9.7/reTurn/client/TurnSocket.cxx --- resiprocate-1.9.6/reTurn/client/TurnSocket.cxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnSocket.cxx 2014-05-31 12:45:52.000000000 +0200 @@ -1,6 +1,5 @@ #include "TurnSocket.hxx" #include "ErrorCode.hxx" -#include #include #include #include diff -Nru resiprocate-1.9.6/reTurn/client/TurnSocket.hxx resiprocate-1.9.7/reTurn/client/TurnSocket.hxx --- resiprocate-1.9.6/reTurn/client/TurnSocket.hxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnSocket.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -7,8 +7,14 @@ #error You must define ASIO_ENABLE_CANCELIO in your build settings. #endif -#include #include +#ifdef USE_SSL +#include +#endif +#include + +#include + #include #include diff -Nru resiprocate-1.9.6/reTurn/client/TurnTcpSocket.cxx resiprocate-1.9.7/reTurn/client/TurnTcpSocket.cxx --- resiprocate-1.9.6/reTurn/client/TurnTcpSocket.cxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnTcpSocket.cxx 2014-05-31 12:45:52.000000000 +0200 @@ -3,7 +3,6 @@ #endif #include "TurnTcpSocket.hxx" -#include #include #include "../ReTurnSubsystem.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnTcpSocket.hxx resiprocate-1.9.7/reTurn/client/TurnTcpSocket.hxx --- resiprocate-1.9.6/reTurn/client/TurnTcpSocket.hxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnTcpSocket.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,10 @@ #define TURNTCPSOCKET_HXX #include +#ifdef USE_SSL +#include +#endif +#include #include "TurnSocket.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnTlsSocket.cxx resiprocate-1.9.7/reTurn/client/TurnTlsSocket.cxx --- resiprocate-1.9.6/reTurn/client/TurnTlsSocket.cxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnTlsSocket.cxx 2014-05-31 12:45:51.000000000 +0200 @@ -4,10 +4,11 @@ #endif #ifdef USE_SSL +#include + #include "TurnTlsSocket.hxx" #include #include -#include #include #include "../ReTurnSubsystem.hxx" diff -Nru resiprocate-1.9.6/reTurn/client/TurnUdpSocket.cxx resiprocate-1.9.7/reTurn/client/TurnUdpSocket.cxx --- resiprocate-1.9.6/reTurn/client/TurnUdpSocket.cxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnUdpSocket.cxx 2014-05-31 12:45:52.000000000 +0200 @@ -3,7 +3,6 @@ #endif #include "TurnUdpSocket.hxx" -#include using namespace std; diff -Nru resiprocate-1.9.6/reTurn/client/TurnUdpSocket.hxx resiprocate-1.9.7/reTurn/client/TurnUdpSocket.hxx --- resiprocate-1.9.6/reTurn/client/TurnUdpSocket.hxx 2014-04-10 09:49:42.000000000 +0200 +++ resiprocate-1.9.7/reTurn/client/TurnUdpSocket.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,10 @@ #define TURNUDPSOCKET_HXX #include +#ifdef USE_SSL +#include +#endif +#include #include "TurnSocket.hxx" diff -Nru resiprocate-1.9.6/reTurn/RemotePeer.hxx resiprocate-1.9.7/reTurn/RemotePeer.hxx --- resiprocate-1.9.6/reTurn/RemotePeer.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/RemotePeer.hxx 2014-05-31 12:45:53.000000000 +0200 @@ -2,6 +2,9 @@ #define REMOTEPEER_HXX #include +#ifdef USE_SSL +#include +#endif #include "StunTuple.hxx" diff -Nru resiprocate-1.9.6/reTurn/ReTurnConfig.hxx resiprocate-1.9.7/reTurn/ReTurnConfig.hxx --- resiprocate-1.9.6/reTurn/ReTurnConfig.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/ReTurnConfig.hxx 2014-05-31 12:45:53.000000000 +0200 @@ -3,6 +3,9 @@ #include #include +#ifdef USE_SSL +#include +#endif #include #include #include diff -Nru resiprocate-1.9.6/reTurn/reTurnServer.cxx resiprocate-1.9.7/reTurn/reTurnServer.cxx --- resiprocate-1.9.6/reTurn/reTurnServer.cxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/reTurnServer.cxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,9 @@ #include #include #include +#ifdef USE_SSL +#include +#endif #include #include #include diff -Nru resiprocate-1.9.6/reTurn/StunMessage.cxx resiprocate-1.9.7/reTurn/StunMessage.cxx --- resiprocate-1.9.6/reTurn/StunMessage.cxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/StunMessage.cxx 2014-05-31 12:45:52.000000000 +0200 @@ -3,6 +3,8 @@ #include "config.h" #endif +#include + #include "StunMessage.hxx" #include @@ -10,7 +12,6 @@ #include #include #include -#include #include #include #include "ReTurnSubsystem.hxx" diff -Nru resiprocate-1.9.6/reTurn/StunMessage.hxx resiprocate-1.9.7/reTurn/StunMessage.hxx --- resiprocate-1.9.6/reTurn/StunMessage.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/StunMessage.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -5,6 +5,9 @@ #include #include #include +#ifdef USE_SSL +#include +#endif #include "StunTuple.hxx" diff -Nru resiprocate-1.9.6/reTurn/StunTuple.hxx resiprocate-1.9.7/reTurn/StunTuple.hxx --- resiprocate-1.9.6/reTurn/StunTuple.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/StunTuple.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,9 @@ #define STUNTUPLE_HXX #include +#ifdef USE_SSL +#include +#endif #include namespace reTurn { diff -Nru resiprocate-1.9.6/reTurn/TcpConnection.hxx resiprocate-1.9.7/reTurn/TcpConnection.hxx --- resiprocate-1.9.6/reTurn/TcpConnection.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/TcpConnection.hxx 2014-05-31 12:45:53.000000000 +0200 @@ -2,6 +2,9 @@ #define TCP_CONNECTION_HXX #include +#ifdef USE_SSL +#include +#endif #include #include #include diff -Nru resiprocate-1.9.6/reTurn/TcpServer.hxx resiprocate-1.9.7/reTurn/TcpServer.hxx --- resiprocate-1.9.6/reTurn/TcpServer.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/TcpServer.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,9 @@ #define TCP_SERVER_HXX #include +#ifdef USE_SSL +#include +#endif #include #include #include "TcpConnection.hxx" diff -Nru resiprocate-1.9.6/reTurn/TurnAllocation.hxx resiprocate-1.9.7/reTurn/TurnAllocation.hxx --- resiprocate-1.9.6/reTurn/TurnAllocation.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/TurnAllocation.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -4,6 +4,9 @@ #include #include #include +#ifdef USE_SSL +#include +#endif #include "StunTuple.hxx" #include "StunAuth.hxx" diff -Nru resiprocate-1.9.6/reTurn/TurnAllocationManager.hxx resiprocate-1.9.7/reTurn/TurnAllocationManager.hxx --- resiprocate-1.9.6/reTurn/TurnAllocationManager.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/TurnAllocationManager.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -3,6 +3,9 @@ #include #include +#ifdef USE_SSL +#include +#endif #include "TurnAllocationKey.hxx" #include "ReTurnConfig.hxx" #include "StunTuple.hxx" diff -Nru resiprocate-1.9.6/reTurn/TurnManager.hxx resiprocate-1.9.7/reTurn/TurnManager.hxx --- resiprocate-1.9.6/reTurn/TurnManager.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/TurnManager.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -3,6 +3,9 @@ #include #include +#ifdef USE_SSL +#include +#endif #include "ReTurnConfig.hxx" #include "StunTuple.hxx" diff -Nru resiprocate-1.9.6/reTurn/TurnPermission.hxx resiprocate-1.9.7/reTurn/TurnPermission.hxx --- resiprocate-1.9.6/reTurn/TurnPermission.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/TurnPermission.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,9 @@ #define TURNPERMISSION_HXX #include +#ifdef USE_SSL +#include +#endif #include "StunTuple.hxx" diff -Nru resiprocate-1.9.6/reTurn/UdpRelayServer.hxx resiprocate-1.9.7/reTurn/UdpRelayServer.hxx --- resiprocate-1.9.6/reTurn/UdpRelayServer.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/UdpRelayServer.hxx 2014-05-31 12:45:53.000000000 +0200 @@ -2,6 +2,9 @@ #define UDP_REALY_SERVER_HXX #include +#ifdef USE_SSL +#include +#endif #include #include #include "RequestHandler.hxx" diff -Nru resiprocate-1.9.6/reTurn/UdpServer.hxx resiprocate-1.9.7/reTurn/UdpServer.hxx --- resiprocate-1.9.6/reTurn/UdpServer.hxx 2014-04-10 09:49:43.000000000 +0200 +++ resiprocate-1.9.7/reTurn/UdpServer.hxx 2014-05-31 12:45:52.000000000 +0200 @@ -2,6 +2,9 @@ #define UDP_SERVER_HXX #include +#ifdef USE_SSL +#include +#endif #include #include #include "RequestHandler.hxx" diff -Nru resiprocate-1.9.6/rutil/ConfigParse.cxx resiprocate-1.9.7/rutil/ConfigParse.cxx --- resiprocate-1.9.6/rutil/ConfigParse.cxx 2014-04-10 09:50:15.000000000 +0200 +++ resiprocate-1.9.7/rutil/ConfigParse.cxx 2014-05-31 12:46:25.000000000 +0200 @@ -117,13 +117,16 @@ { cerr << "Invalid command line parameters:" << endl; cerr << " Name/Value pairs must contain an = or a : between the name and the value" << endl; - throw Exception("Name/Value pairs must contain an = or a : between the name and the value", __FILE__, __LINE__); + cerr << " Bad argument: " << argData << endl; + Data exceptionString("Name/Value pairs must contain an = or a : between the name and the value (Bad argument: " + argData + ")"); + throw Exception(exceptionString, __FILE__, __LINE__); } } catch(BaseException& ex) { cerr << "Invalid command line parameters:" << endl; cerr << " Exception parsing Name/Value pairs: " << ex << endl; + cerr << " Bad argument: " << argData << endl; throw; } } @@ -131,7 +134,9 @@ { cerr << "Invalid command line parameters:" << endl; cerr << " Name/Value pairs must be prefixed with either a -, --, or a /" << endl; - throw Exception("Name/Value pairs must be prefixed with either a -, --, or a /", __FILE__, __LINE__); + cerr << " Bad argument: " << argData << endl; + Data exceptionString("Name/Value pairs must be prefixed with either a -, --, or a / (Bad argument: " + argData + ")"); + throw Exception(exceptionString, __FILE__, __LINE__); } } } @@ -153,7 +158,8 @@ if(!configFile) { - throw Exception("Error opening/reading configuration file", __FILE__, __LINE__); + Data exceptionString("Error opening/reading configuration file: " + filename); + throw Exception(exceptionString, __FILE__, __LINE__); } string sline; diff -Nru resiprocate-1.9.6/rutil/GenericIPAddress.hxx resiprocate-1.9.7/rutil/GenericIPAddress.hxx --- resiprocate-1.9.6/rutil/GenericIPAddress.hxx 2014-04-10 09:50:14.000000000 +0200 +++ resiprocate-1.9.7/rutil/GenericIPAddress.hxx 2014-05-31 12:46:26.000000000 +0200 @@ -28,6 +28,16 @@ GenericIPAddress(const sockaddr& addr) : address(addr) { +#ifdef IPPROTO_IPV6 + if (addr.sa_family == AF_INET6) + { + v6Address = reinterpret_cast(addr); + } + else +#endif + { + v4Address = reinterpret_cast(addr); + } } GenericIPAddress(const sockaddr_in& v4) : v4Address(v4) diff -Nru resiprocate-1.9.6/rutil/Log.cxx resiprocate-1.9.7/rutil/Log.cxx --- resiprocate-1.9.6/rutil/Log.cxx 2014-04-10 09:50:14.000000000 +0200 +++ resiprocate-1.9.7/rutil/Log.cxx 2014-05-31 12:46:25.000000000 +0200 @@ -300,7 +300,7 @@ int i=0; while (strlen(mDescriptions[i])) { - if (strcmp(pri.c_str(), mDescriptions[i]) == 0) + if (isEqualNoCase(pri, Data(mDescriptions[i]))) { return Level(i-1); } @@ -368,12 +368,12 @@ #else // #if defined( WIN32 ) || defined( __APPLE__ ) if(resip::Log::getLoggerData().type() == Syslog) { - strm << mDescriptions[level+1] << Log::delim - << timestamp(ts) << Log::delim + strm // << mDescriptions[level+1] << Log::delim + // << timestamp(ts) << Log::delim // << mHostname << Log::delim - << mAppName << Log::delim + // << mAppName << Log::delim << subsystem << Log::delim - << mPid << Log::delim + // << mPid << Log::delim << pthread_self() << Log::delim << pfile << ":" << line; } diff -Nru resiprocate-1.9.6/rutil/ssl/OpenSSLInit.cxx resiprocate-1.9.7/rutil/ssl/OpenSSLInit.cxx --- resiprocate-1.9.6/rutil/ssl/OpenSSLInit.cxx 2014-04-10 09:50:14.000000000 +0200 +++ resiprocate-1.9.7/rutil/ssl/OpenSSLInit.cxx 2014-05-31 12:46:21.000000000 +0200 @@ -71,13 +71,12 @@ OpenSSLInit::~OpenSSLInit() { mInitialized = false; - ERR_free_strings();// Clean up data allocated during SSL_load_error_strings - ERR_remove_state(0);// free thread error queue - CRYPTO_cleanup_all_ex_data(); - EVP_cleanup();// Clean up data allocated during OpenSSL_add_all_algorithms + ERR_remove_state(0);// free thread error queue + EVP_cleanup();// Clean up data allocated during OpenSSL_add_all_algorithms + CRYPTO_cleanup_all_ex_data(); + ERR_free_strings();// Clean up data allocated during SSL_load_error_strings + sk_SSL_COMP_free (SSL_COMP_get_compression_methods()); - //!dcm! We know we have a leak; see BaseSecurity::~BaseSecurity for - //!details. // CRYPTO_mem_leaks_fp(stderr); delete [] mMutexes; diff -Nru resiprocate-1.9.6/rutil/SysLogBuf.cxx resiprocate-1.9.7/rutil/SysLogBuf.cxx --- resiprocate-1.9.6/rutil/SysLogBuf.cxx 2014-04-10 09:50:15.000000000 +0200 +++ resiprocate-1.9.7/rutil/SysLogBuf.cxx 2014-05-31 12:46:26.000000000 +0200 @@ -16,7 +16,7 @@ { #if !defined(WIN32) setp(buffer,buffer+Size); - openlog (0, LOG_NDELAY, LOG_LOCAL6); + openlog (0, LOG_NDELAY | LOG_PID, LOG_LOCAL6); #endif }