diff options
author | Nanang Izzuddin <nanang@teluu.com> | 2010-02-24 05:43:34 +0000 |
---|---|---|
committer | Nanang Izzuddin <nanang@teluu.com> | 2010-02-24 05:43:34 +0000 |
commit | bb2fc905eb58b9ebdf66e89330599be996821db7 (patch) | |
tree | f6bedef48655a824a1393efbb667a3b8af560b63 /pjsip-apps/src/pjsua | |
parent | df622f00fa10e2cbcde9df6169ad628fe3e72226 (diff) |
Ticket #1032:
- Initial version of server domain name verification:
- Updated SSL certificate info, especially identities info
- Updated verification mechanism as in the specifications in ticket desc.
- Added server domain name info in pjsip_tx_data.
- Added alternative API for acquiring transport and creating transport of transport factory to include pjsip_tx_data param.
- Server identity match criteria:
- full host name match
- wild card not accepted
- if identity is URI, it must be SIP/SIPS URI
- Initial version of transport state notifications:
- Added new API to set transport state callback in PJSIP and PJSUA.
- Defined states: connected/disconnected, accepted/rejected, verification errors.
- Minors:
- Updated SSL socket test: dump verification result, test of requiring client cert, and few minors.
- Updated test cert to include subjectAltName extensions.
- Added SSL certificate dump function.
- Updated max number of socket async operations in Symbian sample apps (RSocketServ::Connect()) to 32 (was default 8).
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3106 74dad513-b988-da41-8d7b-12977e46ad98
Diffstat (limited to 'pjsip-apps/src/pjsua')
-rw-r--r-- | pjsip-apps/src/pjsua/pjsua_app.c | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/pjsip-apps/src/pjsua/pjsua_app.c b/pjsip-apps/src/pjsua/pjsua_app.c index 42ce0127..d3cb8c82 100644 --- a/pjsip-apps/src/pjsua/pjsua_app.c +++ b/pjsip-apps/src/pjsua/pjsua_app.c @@ -2788,6 +2788,85 @@ static void on_mwi_info(pjsua_acc_id acc_id, pjsua_mwi_info *mwi_info) /* + * Transport status notification + */ +static pj_bool_t on_transport_state(pjsip_transport *tp, pj_uint32_t state, + const pjsip_transport_state_info *info) +{ + char host_port[128]; + + pj_ansi_snprintf(host_port, sizeof(host_port), "[%.*s:%d]", + (int)tp->remote_name.host.slen, + tp->remote_name.host.ptr, + tp->remote_name.port); + + if (state & PJSIP_TP_STATE_CONNECTED) { + PJ_LOG(3,(THIS_FILE, "SIP transport %s is connected to %s", + tp->type_name, host_port)); + } + else if (state & PJSIP_TP_STATE_ACCEPTED) { + PJ_LOG(3,(THIS_FILE, "SIP transport %s accepted %s", + tp->type_name, host_port)); + } + else if (state & PJSIP_TP_STATE_DISCONNECTED) { + char buf[100]; + + snprintf(buf, sizeof(buf), "SIP transport %s is disconnected from %s", + tp->type_name, host_port); + pjsua_perror(THIS_FILE, buf, info->status); + } + else if (state & PJSIP_TP_STATE_REJECTED) { + char buf[100]; + + snprintf(buf, sizeof(buf), "SIP transport %s rejected %s", + tp->type_name, host_port); + pjsua_perror(THIS_FILE, buf, info->status); + } + +#if defined(PJSIP_HAS_TLS_TRANSPORT) && PJSIP_HAS_TLS_TRANSPORT!=0 + + if (!pj_ansi_stricmp(tp->type_name, "tls") && info->ext_info && + (state == PJSIP_TP_STATE_CONNECTED || + (state & PJSIP_TP_STATE_TLS_VERIF_ERROR))) + { + pjsip_tls_state_info *tls_info = (pjsip_tls_state_info*)info->ext_info; + pj_ssl_sock_info *ssl_sock_info = (pj_ssl_sock_info*) + tls_info->ssl_sock_info; + char buf[2048]; + const char *verif_msgs[32]; + unsigned verif_msg_cnt; + + /* Dump server TLS certificate */ + pj_ssl_cert_info_dump(ssl_sock_info->remote_cert_info, " ", + buf, sizeof(buf)); + PJ_LOG(4,(THIS_FILE, "TLS cert info of %s:\n%s", host_port, buf)); + + /* Dump server TLS certificate verification result */ + verif_msg_cnt = PJ_ARRAY_SIZE(verif_msgs); + pj_ssl_cert_verify_error_st(ssl_sock_info->verify_status, + verif_msgs, &verif_msg_cnt); + PJ_LOG(3,(THIS_FILE, "TLS cert verification result of %s : %s", + host_port, + (verif_msg_cnt == 1? verif_msgs[0]:""))); + if (verif_msg_cnt > 1) { + unsigned i; + for (i = 0; i < verif_msg_cnt; ++i) + PJ_LOG(3,(THIS_FILE, "- %s", verif_msgs[i])); + } + + if (state & PJSIP_TP_STATE_TLS_VERIF_ERROR && + !app_config.udp_cfg.tls_setting.verify_server) + { + PJ_LOG(3,(THIS_FILE, "PJSUA is configured to ignore TLS cert " + "verification errors")); + } + } + +#endif + return PJ_TRUE; +} + +/* * Print buddy list. */ static void print_buddy_list(void) @@ -4383,6 +4462,7 @@ pj_status_t app_init(int argc, char *argv[]) app_config.cfg.cb.on_call_replaced = &on_call_replaced; app_config.cfg.cb.on_nat_detect = &on_nat_detect; app_config.cfg.cb.on_mwi_info = &on_mwi_info; + app_config.cfg.cb.on_transport_state = &on_transport_state; /* Set sound device latency */ if (app_config.capture_lat > 0) |