search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
core cleanup: separate code for sipe_backend_account_status_and_note()
[siplcs.git] / src / core / sip-transport.c
blob91b0e59f6ce66fa72522b6df88844475f9870ca8
1 /**
2 * @file sip-transport.c
3 *
4 * pidgin-sipe
5 *
6 * Copyright (C) 2010-11 SIPE Project <http://sipe.sourceforge.net/>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
22
23 /**
24 * This module incapsulates SIP (RFC3261) protocol and provides
25 * higher level API (a layer) to XML-based SIPE (SIP with Extensions).
26 * Underlying leyer for this is TCP/SSL layer.
27 *
28 * A diagram in pseudographics:
29 *
30 * === SIPE (XML-based) layer ======================
31 * === SIP RFC3261 transport layer (This module) ===
32 * === TCP/SSL layer ===============================
33 *
34 * Authentication (Kerberos and NTLM) is applicable to this layer only.
35 * The same with message integtity (signing). No sip-sec* code should
36 * be used ourside of this module.
37 *
38 * SIP errors as codes(both as a return codes and network conditions) should be
39 * escalated to higher leyer (SIPE). Network conditions include no response
40 * within timeout interval.
41 *
42 * This module should support redirect internally. No escalations to higher
43 * layers needed.
44 *
45 * NO SIP-messages (headers) composing and processing should be outside of
46 * this module (!) Like headers: Via, Route, Contact, Authorization, etc.
47 * It's all irrelevant to higher layer responsibilities.
48 *
49 */
50
51 #ifdef HAVE_CONFIG_H
52 #include "config.h"
53 #endif
54
55 #include <stdlib.h>
56 #include <string.h>
57 #include <stdio.h>
58
59 #include <glib.h>
60
61 #include "sipe-common.h"
62 #include "sipmsg.h"
63 #include "sip-sec.h"
64 #include "sip-transport.h"
65 #include "sipe-backend.h"
66 #include "sipe-core.h"
67 #include "sipe-core-private.h"
68 #include "sipe-certificate.h"
69 #include "sipe-dialog.h"
70 #include "sipe-incoming.h"
71 #include "sipe-nls.h"
72 #include "sipe-notify.h"
73 #include "sipe-schedule.h"
74 #include "sipe-sign.h"
75 #include "sipe-subscriptions.h"
76 #include "sipe-utils.h"
77 #include "sipe.h"
78
79 struct sip_auth {
80 guint type;
81 struct sip_sec_context *gssapi_context;
82 gchar *gssapi_data;
83 gchar *opaque;
84 const gchar *protocol;
85 gchar *realm;
86 gchar *sts_uri;
87 gchar *target;
88 int version;
89 int retries;
90 int ntlm_num;
91 int expires;
92 };
93
94 /* sip-transport.c private data */
95 struct sip_transport {
96 struct sipe_transport_connection *connection;
97
98 gchar *server_name;
99 guint server_port;
100 gchar *server_version;
101
102 gchar *user_agent;
103
104 GSList *transactions;
105
106 struct sip_auth registrar;
107 struct sip_auth proxy;
108
109 guint cseq;
110 guint register_attempt;
111
112 gboolean processing_input; /* whether full header received */
113 gboolean auth_incomplete; /* whether authentication not completed */
114 gboolean reregister_set; /* whether reregister timer set */
115 gboolean reauthenticate_set; /* whether reauthenticate timer set */
116 gboolean subscribed; /* whether subscribed to events, except buddies presence */
117 };
118
119 /* Keep in sync with sipe_transport_type! */
120 static const char *transport_descriptor[] = { "", "tls", "tcp"};
121 #define TRANSPORT_DESCRIPTOR (transport_descriptor[transport->connection->type])
122
123 static char *genbranch()
124 {
125 return g_strdup_printf("z9hG4bK%04X%04X%04X%04X%04X",
126 rand() & 0xFFFF, rand() & 0xFFFF, rand() & 0xFFFF,
127 rand() & 0xFFFF, rand() & 0xFFFF);
128 }
129
130 static void sipe_auth_free(struct sip_auth *auth)
131 {
132 g_free(auth->opaque);
133 auth->opaque = NULL;
134 auth->protocol = NULL;
135 g_free(auth->realm);
136 auth->realm = NULL;
137 g_free(auth->sts_uri);
138 auth->sts_uri = NULL;
139 g_free(auth->target);
140 auth->target = NULL;
141 auth->version = 0;
142 auth->type = AUTH_TYPE_UNSET;
143 auth->retries = 0;
144 auth->expires = 0;
145 g_free(auth->gssapi_data);
146 auth->gssapi_data = NULL;
147 sip_sec_destroy_context(auth->gssapi_context);
148 auth->gssapi_context = NULL;
149 }
150
151 static void sipe_make_signature(struct sipe_core_private *sipe_private,
152 struct sipmsg *msg)
153 {
154 struct sip_transport *transport = sipe_private->transport;
155 if (sip_sec_context_is_ready(transport->registrar.gssapi_context)) {
156 struct sipmsg_breakdown msgbd;
157 gchar *signature_input_str;
158 msgbd.msg = msg;
159 sipmsg_breakdown_parse(&msgbd, transport->registrar.realm, transport->registrar.target,
160 transport->registrar.protocol);
161 msgbd.rand = g_strdup_printf("%08x", g_random_int());
162 transport->registrar.ntlm_num++;
163 msgbd.num = g_strdup_printf("%d", transport->registrar.ntlm_num);
164 signature_input_str = sipmsg_breakdown_get_string(transport->registrar.version, &msgbd);
165 if (signature_input_str != NULL) {
166 char *signature_hex = sip_sec_make_signature(transport->registrar.gssapi_context, signature_input_str);
167 msg->signature = signature_hex;
168 msg->rand = g_strdup(msgbd.rand);
169 msg->num = g_strdup(msgbd.num);
170 g_free(signature_input_str);
171 }
172 sipmsg_breakdown_free(&msgbd);
173 }
174 }
175
176 static gchar *auth_header_version(struct sip_auth *auth)
177 {
178 return(auth->version > 2 ?
179 g_strdup_printf(", version=%d", auth->version) :
180 g_strdup(""));
181 }
182
183 static const gchar *const auth_type_to_protocol[] = {
184 NULL, /* AUTH_TYPE_UNSET */
185 "NTLM", /* AUTH_TYPE_NTLM */
186 "Kerberos", /* AUTH_TYPE_KERBEROS */
187 NULL, /* AUTH_TYPE_NEGOTIATE */
188 "TLS-DSK", /* AUTH_TYPE_TLS_DSK */
189 };
190 #define AUTH_PROTOCOLS (sizeof(auth_type_to_protocol)/sizeof(gchar *))
191
192 static gchar *msg_signature_to_auth(struct sip_auth *auth,
193 struct sipmsg *msg)
194 {
195 return(g_strdup_printf("%s qop=\"auth\", opaque=\"%s\", realm=\"%s\", targetname=\"%s\", crand=\"%s\", cnum=\"%s\", response=\"%s\"",
196 auth->protocol,
197 auth->opaque, auth->realm, auth->target,
198 msg->rand, msg->num, msg->signature));
199 }
200
201 static gchar *initialize_auth_context(struct sipe_core_private *sipe_private,
202 struct sip_auth *auth,
203 struct sipmsg *msg)
204 {
205 gchar *ret;
206 gchar *gssapi_data = NULL;
207 gchar *sign_str;
208 gchar *gssapi_str;
209 gchar *opaque_str;
210 gchar *version_str;
211
212 /* Create security context or handshake continuation? */
213 if (auth->gssapi_context) {
214 /* Perform next step in authentication handshake */
215 int status = sip_sec_init_context_step(auth->gssapi_context,
216 auth->target,
217 auth->gssapi_data,
218 &gssapi_data,
219 &auth->expires);
220
221 /* If authentication is completed gssapi_data can be NULL */
222 if ((status < 0) ||
223 !(sip_sec_context_is_ready(auth->gssapi_context) || gssapi_data)) {
224 SIPE_DEBUG_ERROR_NOFORMAT("initialize_auth_context: security context continuation failed");
225 g_free(gssapi_data);
226 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
227 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED,
228 _("Failed to authenticate to server"));
229 return NULL;
230 }
231
232 } else {
233 /* Create security context */
234 struct sipe_account_data *sip = SIPE_ACCOUNT_DATA_PRIVATE;
235 const gchar *authuser = sip->authuser;
236 gpointer password = sip->password;
237
238 if (is_empty(authuser)) {
239 authuser = sipe_private->username;
240 }
241
242 /* For TLS-DSK the "password" is a certificate */
243 if (auth->type == AUTH_TYPE_TLS_DSK) {
244 password = sipe_certificate_tls_dsk_find(sipe_private,
245 auth->target);
246
247 if (!password) {
248 if (auth->sts_uri) {
249 SIPE_DEBUG_INFO("initialize_auth_context: TLS-DSK Certificate Provisioning URI %s",
250 auth->sts_uri);
251 if (!sipe_certificate_tls_dsk_generate(sipe_private,
252 auth->target,
253 authuser,
254 auth->sts_uri)) {
255 gchar *tmp = g_strdup_printf(_("Can't request certificate from %s"),
256 auth->sts_uri);
257 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
258 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED,
259 tmp);
260 g_free(tmp);
261 }
262 } else {
263 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
264 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED,
265 _("No URI for certificate provisioning service provided"));
266 }
267
268 /* we can't authenticate the message yet */
269 sipe_private->transport->auth_incomplete = TRUE;
270
271 return(NULL);
272 } else {
273 SIPE_DEBUG_INFO("initialize_auth_context: TLS-DSK certificate for target '%s' found.",
274 auth->target);
275 }
276 }
277
278 gssapi_data = sip_sec_init_context(&(auth->gssapi_context),
279 &(auth->expires),
280 auth->type,
281 SIPE_CORE_PUBLIC_FLAG_IS(SSO),
282 sip->authdomain ? sip->authdomain : "",
283 authuser,
284 password,
285 auth->target,
286 auth->gssapi_data);
287 if (!gssapi_data || !auth->gssapi_context) {
288 g_free(gssapi_data);
289 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
290 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED,
291 _("Failed to authenticate to server"));
292 return NULL;
293 }
294 }
295
296 if ((auth->version > 3) &&
297 sip_sec_context_is_ready(auth->gssapi_context)) {
298 sipe_make_signature(sipe_private, msg);
299 sign_str = g_strdup_printf(", crand=\"%s\", cnum=\"%s\", response=\"%s\"",
300 msg->rand, msg->num, msg->signature);
301 } else {
302 sign_str = g_strdup("");
303 }
304
305 if (gssapi_data) {
306 gssapi_str = g_strdup_printf(", gssapi-data=\"%s\"",
307 gssapi_data);
308 g_free(gssapi_data);
309 } else {
310 gssapi_str = g_strdup("");
311 }
312
313 opaque_str = auth->opaque ? g_strdup_printf(", opaque=\"%s\"", auth->opaque) : g_strdup("");
314 version_str = auth_header_version(auth);
315 ret = g_strdup_printf("%s qop=\"auth\"%s, realm=\"%s\", targetname=\"%s\"%s%s%s",
316 auth->protocol, opaque_str,
317 auth->realm, auth->target,
318 gssapi_str, version_str, sign_str);
319 g_free(version_str);
320 g_free(opaque_str);
321 g_free(gssapi_str);
322 g_free(sign_str);
323
324 return(ret);
325 }
326
327 static gchar *start_auth_handshake(struct sip_auth *auth)
328 {
329 gchar *version_str = auth_header_version(auth);
330 gchar *ret = g_strdup_printf("%s qop=\"auth\", realm=\"%s\", targetname=\"%s\", gssapi-data=\"\"%s",
331 auth->protocol,
332 auth->realm, auth->target,
333 version_str);
334 g_free(version_str);
335 return(ret);
336 }
337
338 static gchar *auth_header(struct sipe_core_private *sipe_private,
339 struct sip_auth *auth,
340 struct sipmsg *msg)
341 {
342 gchar *ret = NULL;
343
344 /*
345 * If the message is already signed then we have an authentication
346 * context, i.e. the authentication handshake is complete. Generate
347 * authentication header from message signature.
348 */
349 if (msg->signature) {
350 ret = msg_signature_to_auth(auth, msg);
351
352 /*
353 * If the message isn't signed then we don't have a initialized
354 * authentication context yet.
355 *
356 * Start the authentication handshake if NTLM is selected.
357 */
358 } else if ((auth->type == AUTH_TYPE_NTLM) && !auth->gssapi_data) {
359 ret = start_auth_handshake(auth);
360
361 /*
362 * We should reach this point only when the authentication context
363 * needs to be initialized.
364 */
365 } else {
366 ret = initialize_auth_context(sipe_private, auth, msg);
367 }
368
369 return(ret);
370 }
371
372 static void fill_auth(const gchar *hdr, struct sip_auth *auth)
373 {
374 const gchar *param;
375
376 /* skip authentication identifier */
377 hdr = strchr(hdr, ' ');
378 if (!hdr) {
379 SIPE_DEBUG_ERROR_NOFORMAT("fill_auth: corrupted authentication header");
380 return;
381 }
382 while (*hdr == ' ')
383 hdr++;
384
385 /* start of next parameter value */
386 while ((param = strchr(hdr, '=')) != NULL) {
387 const gchar *end;
388
389 /* parameter value type */
390 param++;
391 if (*param == '"') {
392 /* string: xyz="..."(,) */
393 end = strchr(++param, '"');
394 if (!end) {
395 SIPE_DEBUG_ERROR("fill_auth: corrupted string parameter near '%s'", hdr);
396 break;
397 }
398 } else {
399 /* number: xyz=12345(,) */
400 end = strchr(param, ',');
401 if (!end) {
402 /* last parameter */
403 end = param + strlen(param);
404 }
405 }
406
407 #if 0
408 SIPE_DEBUG_INFO("fill_auth: hdr '%s'", hdr);
409 SIPE_DEBUG_INFO("fill_auth: param '%s'", param);
410 SIPE_DEBUG_INFO("fill_auth: end '%s'", end);
411 #endif
412
413 /* parameter type */
414 if (g_str_has_prefix(hdr, "gssapi-data=\"")) {
415 g_free(auth->gssapi_data);
416 auth->gssapi_data = g_strndup(param, end - param);
417 } else if (g_str_has_prefix(hdr, "opaque=\"")) {
418 g_free(auth->opaque);
419 auth->opaque = g_strndup(param, end - param);
420 } else if (g_str_has_prefix(hdr, "realm=\"")) {
421 g_free(auth->realm);
422 auth->realm = g_strndup(param, end - param);
423 } else if (g_str_has_prefix(hdr, "sts-uri=\"")) {
424 /* Only used with AUTH_TYPE_TLS_DSK */
425 g_free(auth->sts_uri);
426 auth->sts_uri = g_strndup(param, end - param);
427 } else if (g_str_has_prefix(hdr, "targetname=\"")) {
428 g_free(auth->target);
429 auth->target = g_strndup(param, end - param);
430 } else if (g_str_has_prefix(hdr, "version=")) {
431 auth->version = atoi(param);
432 }
433
434 /* skip to next parameter */
435 while ((*end == '"') || (*end == ',') || (*end == ' '))
436 end++;
437 hdr = end;
438 }
439
440 return;
441 }
442
443 static void sign_outgoing_message(struct sipe_core_private *sipe_private,
444 struct sipmsg *msg)
445 {
446 struct sip_transport *transport = sipe_private->transport;
447 gchar *buf;
448
449 if (transport->registrar.type == AUTH_TYPE_UNSET) {
450 return;
451 }
452
453 sipe_make_signature(sipe_private, msg);
454
455 buf = auth_header(sipe_private, &transport->registrar, msg);
456 if (buf) {
457 sipmsg_add_header_now_pos(msg, "Authorization", buf, 5);
458 g_free(buf);
459 }
460 }
461
462 static const gchar *sip_transport_user_agent(struct sipe_core_private *sipe_private)
463 {
464 struct sip_transport *transport = sipe_private->transport;
465
466 if (!transport->user_agent) {
467 const gchar *useragent = sipe_backend_setting(SIPE_CORE_PUBLIC,
468 SIPE_SETTING_USER_AGENT);
469 if (is_empty(useragent)) {
470 /*@TODO: better approach to define _user_ OS, it's version and host architecture */
471 /* ref: lzodefs.h */
472 #if defined(__linux__) || defined(__linux) || defined(__LINUX__)
473 #define SIPE_TARGET_PLATFORM "linux"
474 #elif defined(__NetBSD__) ||defined( __OpenBSD__) || defined(__FreeBSD__)
475 #define SIPE_TARGET_PLATFORM "bsd"
476 #elif defined(__APPLE__) || defined(__MACOS__)
477 #define SIPE_TARGET_PLATFORM "macosx"
478 #elif defined(_AIX) || defined(__AIX__) || defined(__aix__)
479 #define SIPE_TARGET_PLATFORM "aix"
480 #elif defined(__solaris__) || defined(__sun)
481 #define SIPE_TARGET_PLATFORM "sun"
482 #elif defined(_WIN32)
483 #define SIPE_TARGET_PLATFORM "win"
484 #elif defined(__CYGWIN__)
485 #define SIPE_TARGET_PLATFORM "cygwin"
486 #elif defined(__hpux__)
487 #define SIPE_TARGET_PLATFORM "hpux"
488 #elif defined(__sgi__)
489 #define SIPE_TARGET_PLATFORM "irix"
490 #else
491 #define SIPE_TARGET_PLATFORM "unknown"
492 #endif
493
494 #if defined(__amd64__) || defined(__x86_64__) || defined(_M_AMD64)
495 #define SIPE_TARGET_ARCH "x86_64"
496 #elif defined(__386__) || defined(__i386__) || defined(__i386) || defined(_M_IX86) || defined(_M_I386)
497 #define SIPE_TARGET_ARCH "i386"
498 #elif defined(__ppc64__)
499 #define SIPE_TARGET_ARCH "ppc64"
500 #elif defined(__powerpc__) || defined(__powerpc) || defined(__ppc__) || defined(__PPC__) || defined(_M_PPC) || defined(_ARCH_PPC) || defined(_ARCH_PWR)
501 #define SIPE_TARGET_ARCH "ppc"
502 #elif defined(__hppa__) || defined(__hppa)
503 #define SIPE_TARGET_ARCH "hppa"
504 #elif defined(__mips__) || defined(__mips) || defined(_MIPS_ARCH) || defined(_M_MRX000)
505 #define SIPE_TARGET_ARCH "mips"
506 #elif defined(__s390__) || defined(__s390) || defined(__s390x__) || defined(__s390x)
507 #define SIPE_TARGET_ARCH "s390"
508 #elif defined(__sparc__) || defined(__sparc) || defined(__sparcv8)
509 #define SIPE_TARGET_ARCH "sparc"
510 #elif defined(__arm__)
511 #define SIPE_TARGET_ARCH "arm"
512 #else
513 #define SIPE_TARGET_ARCH "other"
514 #endif
515 gchar *backend = sipe_backend_version();
516 transport->user_agent = g_strdup_printf("%s Sipe/" PACKAGE_VERSION " (" SIPE_TARGET_PLATFORM "-" SIPE_TARGET_ARCH "; %s)",
517 backend,
518 transport->server_version ? transport->server_version : "");
519 g_free(backend);
520 } else {
521 transport->user_agent = g_strdup(useragent);
522 }
523 }
524 return(transport->user_agent);
525 }
526
527 void sip_transport_response(struct sipe_core_private *sipe_private,
528 struct sipmsg *msg,
529 guint code,
530 const char *text,
531 const char *body)
532 {
533 gchar *name;
534 gchar *value;
535 GString *outstr = g_string_new("");
536 gchar *contact;
537 GSList *tmp;
538 const gchar *keepers[] = { "To", "From", "Call-ID", "CSeq", "Via", "Record-Route", NULL };
539
540 /* Can return NULL! */
541 contact = get_contact(sipe_private);
542 if (contact) {
543 sipmsg_add_header(msg, "Contact", contact);
544 g_free(contact);
545 }
546
547 if (body) {
548 gchar *len = g_strdup_printf("%" G_GSIZE_FORMAT , (gsize) strlen(body));
549 sipmsg_add_header(msg, "Content-Length", len);
550 g_free(len);
551 } else {
552 sipmsg_add_header(msg, "Content-Length", "0");
553 }
554
555 sipmsg_add_header(msg, "User-Agent", sip_transport_user_agent(sipe_private));
556
557 msg->response = code;
558
559 sipmsg_strip_headers(msg, keepers);
560 sipmsg_merge_new_headers(msg);
561 sign_outgoing_message(sipe_private, msg);
562
563 g_string_append_printf(outstr, "SIP/2.0 %d %s\r\n", code, text);
564 tmp = msg->headers;
565 while (tmp) {
566 name = ((struct sipnameval*) (tmp->data))->name;
567 value = ((struct sipnameval*) (tmp->data))->value;
568
569 g_string_append_printf(outstr, "%s: %s\r\n", name, value);
570 tmp = g_slist_next(tmp);
571 }
572 g_string_append_printf(outstr, "\r\n%s", body ? body : "");
573 sipe_utils_message_debug("SIP", outstr->str, NULL, TRUE);
574 sipe_backend_transport_message(sipe_private->transport->connection, outstr->str);
575 g_string_free(outstr, TRUE);
576 }
577
578 static void transactions_remove(struct sipe_core_private *sipe_private,
579 struct transaction *trans)
580 {
581 struct sip_transport *transport = sipe_private->transport;
582 if (transport->transactions) {
583 transport->transactions = g_slist_remove(transport->transactions,
584 trans);
585 SIPE_DEBUG_INFO("SIP transactions count:%d after removal", g_slist_length(transport->transactions));
586
587 if (trans->msg) sipmsg_free(trans->msg);
588 if (trans->payload) {
589 (*trans->payload->destroy)(trans->payload->data);
590 g_free(trans->payload);
591 }
592 g_free(trans->key);
593 if (trans->timeout_key) {
594 sipe_schedule_cancel(sipe_private, trans->timeout_key);
595 g_free(trans->timeout_key);
596 }
597 g_free(trans);
598 }
599 }
600
601 static struct transaction *transactions_find(struct sip_transport *transport,
602 struct sipmsg *msg)
603 {
604 GSList *transactions = transport->transactions;
605 const gchar *call_id = sipmsg_find_header(msg, "Call-ID");
606 const gchar *cseq = sipmsg_find_header(msg, "CSeq");
607 gchar *key;
608
609 if (!call_id || !cseq) {
610 SIPE_DEBUG_ERROR_NOFORMAT("transaction_find: no Call-ID or CSeq!");
611 return NULL;
612 }
613
614 key = g_strdup_printf("<%s><%s>", call_id, cseq);
615 while (transactions) {
616 struct transaction *trans = transactions->data;
617 if (!g_strcasecmp(trans->key, key)) {
618 g_free(key);
619 return trans;
620 }
621 transactions = transactions->next;
622 }
623 g_free(key);
624
625 return NULL;
626 }
627
628 static void transaction_timeout_cb(struct sipe_core_private *sipe_private,
629 gpointer data)
630 {
631 struct transaction *trans = data;
632 (trans->timeout_callback)(sipe_private, trans->msg, trans);
633 transactions_remove(sipe_private, trans);
634 }
635
636 struct transaction *sip_transport_request_timeout(struct sipe_core_private *sipe_private,
637 const gchar *method,
638 const gchar *url,
639 const gchar *to,
640 const gchar *addheaders,
641 const gchar *body,
642 struct sip_dialog *dialog,
643 TransCallback callback,
644 guint timeout,
645 TransCallback timeout_callback)
646 {
647 struct sip_transport *transport = sipe_private->transport;
648 struct sipe_account_data *sip = SIPE_ACCOUNT_DATA_PRIVATE;
649 char *buf;
650 struct sipmsg *msg;
651 gchar *ourtag = dialog && dialog->ourtag ? g_strdup(dialog->ourtag) : NULL;
652 gchar *theirtag = dialog && dialog->theirtag ? g_strdup(dialog->theirtag) : NULL;
653 gchar *theirepid = dialog && dialog->theirepid ? g_strdup(dialog->theirepid) : NULL;
654 gchar *callid = dialog && dialog->callid ? g_strdup(dialog->callid) : gencallid();
655 gchar *branch = dialog && dialog->callid ? NULL : genbranch();
656 gchar *route = g_strdup("");
657 gchar *epid = get_epid(sipe_private);
658 int cseq = dialog ? ++dialog->cseq : 1 /* as Call-Id is new in this case */;
659 struct transaction *trans = NULL;
660
661 if (dialog && dialog->routes)
662 {
663 GSList *iter = dialog->routes;
664
665 while(iter)
666 {
667 char *tmp = route;
668 route = g_strdup_printf("%sRoute: %s\r\n", route, (char *)iter->data);
669 g_free(tmp);
670 iter = g_slist_next(iter);
671 }
672 }
673
674 if (!ourtag && !dialog) {
675 ourtag = gentag();
676 }
677
678 if (sipe_strequal(method, "REGISTER")) {
679 if (sip->regcallid) {
680 g_free(callid);
681 callid = g_strdup(sip->regcallid);
682 } else {
683 sip->regcallid = g_strdup(callid);
684 }
685 cseq = ++transport->cseq;
686 }
687
688 buf = g_strdup_printf("%s %s SIP/2.0\r\n"
689 "Via: SIP/2.0/%s %s:%d%s%s\r\n"
690 "From: <sip:%s>%s%s;epid=%s\r\n"
691 "To: <%s>%s%s%s%s\r\n"
692 "Max-Forwards: 70\r\n"
693 "CSeq: %d %s\r\n"
694 "User-Agent: %s\r\n"
695 "Call-ID: %s\r\n"
696 "%s%s"
697 "Content-Length: %" G_GSIZE_FORMAT "\r\n\r\n%s",
698 method,
699 dialog && dialog->request ? dialog->request : url,
700 TRANSPORT_DESCRIPTOR,
701 sipe_backend_network_ip_address(),
702 transport->connection->client_port,
703 branch ? ";branch=" : "",
704 branch ? branch : "",
705 sipe_private->username,
706 ourtag ? ";tag=" : "",
707 ourtag ? ourtag : "",
708 epid,
709 to,
710 theirtag ? ";tag=" : "",
711 theirtag ? theirtag : "",
712 theirepid ? ";epid=" : "",
713 theirepid ? theirepid : "",
714 cseq,
715 method,
716 sip_transport_user_agent(sipe_private),
717 callid,
718 route,
719 addheaders ? addheaders : "",
720 body ? (gsize) strlen(body) : 0,
721 body ? body : "");
722
723
724 //printf ("parsing msg buf:\n%s\n\n", buf);
725 msg = sipmsg_parse_msg(buf);
726
727 g_free(buf);
728 g_free(ourtag);
729 g_free(theirtag);
730 g_free(theirepid);
731 g_free(branch);
732 g_free(route);
733 g_free(epid);
734
735 sign_outgoing_message(sipe_private, msg);
736
737 /* The authentication scheme is not ready so we can't send the message.
738 This should only happen for REGISTER messages. */
739 if (!transport->auth_incomplete) {
740 buf = sipmsg_to_string(msg);
741
742 /* add to ongoing transactions */
743 /* ACK isn't supposed to be answered ever. So we do not keep transaction for it. */
744 if (!sipe_strequal(method, "ACK")) {
745 trans = g_new0(struct transaction, 1);
746 trans->callback = callback;
747 trans->msg = msg;
748 trans->key = g_strdup_printf("<%s><%d %s>", callid, cseq, method);
749 if (timeout_callback) {
750 trans->timeout_callback = timeout_callback;
751 trans->timeout_key = g_strdup_printf("<transaction timeout>%s", trans->key);
752 sipe_schedule_seconds(sipe_private,
753 trans->timeout_key,
754 trans,
755 timeout,
756 transaction_timeout_cb,
757 NULL);
758 }
759 transport->transactions = g_slist_append(transport->transactions,
760 trans);
761 SIPE_DEBUG_INFO("SIP transactions count:%d after addition", g_slist_length(transport->transactions));
762 }
763
764 sipe_utils_message_debug("SIP", buf, NULL, TRUE);
765 sipe_backend_transport_message(transport->connection, buf);
766 g_free(buf);
767 }
768
769 if (!trans) sipmsg_free(msg);
770 g_free(callid);
771 return trans;
772 }
773
774 struct transaction *sip_transport_request(struct sipe_core_private *sipe_private,
775 const gchar *method,
776 const gchar *url,
777 const gchar *to,
778 const gchar *addheaders,
779 const gchar *body,
780 struct sip_dialog *dialog,
781 TransCallback callback)
782 {
783 return sip_transport_request_timeout(sipe_private,
784 method,
785 url,
786 to,
787 addheaders,
788 body,
789 dialog,
790 callback,
791 0,
792 NULL);
793 }
794
795 static void sip_transport_simple_request(struct sipe_core_private *sipe_private,
796 const gchar *method,
797 struct sip_dialog *dialog)
798 {
799 sip_transport_request(sipe_private,
800 method,
801 dialog->with,
802 dialog->with,
803 NULL,
804 NULL,
805 dialog,
806 NULL);
807 }
808
809 void sip_transport_ack(struct sipe_core_private *sipe_private,
810 struct sip_dialog *dialog)
811 {
812 sip_transport_simple_request(sipe_private, "ACK", dialog);
813 }
814
815 void sip_transport_bye(struct sipe_core_private *sipe_private,
816 struct sip_dialog *dialog)
817 {
818 sip_transport_simple_request(sipe_private, "BYE", dialog);
819 }
820
821 struct transaction *sip_transport_info(struct sipe_core_private *sipe_private,
822 const gchar *addheaders,
823 const gchar *body,
824 struct sip_dialog *dialog,
825 TransCallback callback)
826 {
827 return sip_transport_request(sipe_private,
828 "INFO",
829 dialog->with,
830 dialog->with,
831 addheaders,
832 body,
833 dialog,
834 callback);
835 }
836
837 struct transaction *sip_transport_invite(struct sipe_core_private *sipe_private,
838 const gchar *addheaders,
839 const gchar *body,
840 struct sip_dialog *dialog,
841 TransCallback callback)
842 {
843 return sip_transport_request(sipe_private,
844 "INVITE",
845 dialog->with,
846 dialog->with,
847 addheaders,
848 body,
849 dialog,
850 callback);
851 }
852
853 struct transaction *sip_transport_service(struct sipe_core_private *sipe_private,
854 const gchar *uri,
855 const gchar *addheaders,
856 const gchar *body,
857 TransCallback callback)
858 {
859 return sip_transport_request(sipe_private,
860 "SERVICE",
861 uri,
862 uri,
863 addheaders,
864 body,
865 NULL,
866 callback);
867 }
868
869 void sip_transport_subscribe(struct sipe_core_private *sipe_private,
870 const gchar *uri,
871 const gchar *addheaders,
872 const gchar *body,
873 struct sip_dialog *dialog,
874 TransCallback callback)
875 {
876 sip_transport_request(sipe_private,
877 "SUBSCRIBE",
878 uri,
879 uri,
880 addheaders,
881 body,
882 dialog,
883 callback);
884 }
885
886 static const gchar *get_auth_header(struct sipe_core_private *sipe_private,
887 struct sip_auth *auth,
888 struct sipmsg *msg)
889 {
890 auth->type = AUTH_TYPE_NTLM;
891 #if defined(HAVE_LIBKRB5) || defined(HAVE_SSPI)
892 if (SIPE_CORE_PUBLIC_FLAG_IS(KRB5)) {
893 auth->type = AUTH_TYPE_KERBEROS;
894 }
895 #endif
896 if (SIPE_CORE_PUBLIC_FLAG_IS(TLS_DSK)) {
897 auth->type = AUTH_TYPE_TLS_DSK;
898 }
899 auth->protocol = auth_type_to_protocol[auth->type];
900
901 return(sipmsg_find_auth_header(msg, auth->protocol));
902 }
903
904 static void do_register(struct sipe_core_private *sipe_private,
905 gboolean deregister);
906
907 static void do_reauthenticate_cb(struct sipe_core_private *sipe_private,
908 SIPE_UNUSED_PARAMETER gpointer unused)
909 {
910 struct sip_transport *transport = sipe_private->transport;
911
912 /* register again when security token expires */
913 /* we have to start a new authentication as the security token
914 * is almost expired by sending a not signed REGISTER message */
915 SIPE_DEBUG_INFO_NOFORMAT("do a full reauthentication");
916 sipe_auth_free(&transport->registrar);
917 sipe_auth_free(&transport->proxy);
918 sipe_schedule_cancel(sipe_private, "<registration>");
919 transport->reregister_set = FALSE;
920 transport->register_attempt = 0;
921 do_register(sipe_private, FALSE);
922 transport->reauthenticate_set = FALSE;
923 }
924
925 static void sip_transport_default_contact(struct sipe_core_private *sipe_private)
926 {
927 struct sip_transport *transport = sipe_private->transport;
928 sipe_private->contact = g_strdup_printf("<sip:%s:%d;maddr=%s;transport=%s>;proxy=replace",
929 sipe_private->username,
930 transport->connection->client_port,
931 sipe_backend_network_ip_address(),
932 TRANSPORT_DESCRIPTOR);
933 }
934
935 static void do_register_cb(struct sipe_core_private *sipe_private,
936 SIPE_UNUSED_PARAMETER void *unused)
937 {
938 do_register(sipe_private, FALSE);
939 }
940
941 static void sip_transport_set_reregister(struct sipe_core_private *sipe_private,
942 int expires)
943 {
944 sipe_schedule_seconds(sipe_private,
945 "<registration>",
946 NULL,
947 expires,
948 do_register_cb,
949 NULL);
950 }
951
952 static void sipe_server_register(struct sipe_core_private *sipe_private,
953 guint type,
954 gchar *server_name,
955 guint server_port);
956
957 static gboolean process_register_response(struct sipe_core_private *sipe_private,
958 struct sipmsg *msg,
959 SIPE_UNUSED_PARAMETER struct transaction *trans)
960 {
961 struct sip_transport *transport = sipe_private->transport;
962 struct sipe_account_data *sip = SIPE_ACCOUNT_DATA_PRIVATE;
963 const gchar *expires_header;
964 int expires, i;
965 GSList *hdr = msg->headers;
966 struct sipnameval *elem;
967
968 expires_header = sipmsg_find_header(msg, "Expires");
969 expires = expires_header != NULL ? strtol(expires_header, NULL, 10) : 0;
970 SIPE_DEBUG_INFO("process_register_response: got response to REGISTER; expires = %d", expires);
971
972 switch (msg->response) {
973 case 200:
974 if (expires) {
975 const gchar *contact_hdr;
976 const gchar *auth_hdr;
977 gchar *gruu = NULL;
978 gchar *uuid;
979 gchar *timeout;
980 const gchar *server_hdr = sipmsg_find_header(msg, "Server");
981
982 if (!transport->reregister_set) {
983 sip_transport_set_reregister(sipe_private,
984 expires);
985 transport->reregister_set = TRUE;
986 }
987
988 if (server_hdr && !transport->server_version) {
989 transport->server_version = g_strdup(server_hdr);
990 g_free(transport->user_agent);
991 transport->user_agent = NULL;
992 }
993
994 auth_hdr = get_auth_header(sipe_private, &transport->registrar, msg);
995 if (auth_hdr) {
996 SIPE_DEBUG_INFO("process_register_response: Auth header: %s", auth_hdr);
997 fill_auth(auth_hdr, &transport->registrar);
998 }
999
1000 if (!transport->reauthenticate_set) {
1001 gchar *action_name = g_strdup_printf("<%s>", "+reauthentication");
1002 guint reauth_timeout;
1003
1004 SIPE_DEBUG_INFO_NOFORMAT("process_register_response: authentication handshake completed successfully");
1005
1006 if (transport->registrar.type == AUTH_TYPE_KERBEROS && transport->registrar.expires > 0) {
1007 /* assuming normal Kerberos ticket expiration of about 8-10 hours */
1008 reauth_timeout = transport->registrar.expires - 300;
1009 } else {
1010 /* NTLM: we have to reauthenticate as our security token expires
1011 after eight hours (be five minutes early) */
1012 reauth_timeout = (8 * 3600) - 300;
1013 }
1014 sipe_schedule_seconds(sipe_private,
1015 action_name,
1016 NULL,
1017 reauth_timeout,
1018 do_reauthenticate_cb,
1019 NULL);
1020 g_free(action_name);
1021 transport->reauthenticate_set = TRUE;
1022 }
1023
1024 sipe_backend_connection_completed(SIPE_CORE_PUBLIC);
1025
1026 uuid = get_uuid(sipe_private);
1027
1028 // There can be multiple Contact headers (one per location where the user is logged in) so
1029 // make sure to only get the one for this uuid
1030 for (i = 0; (contact_hdr = sipmsg_find_header_instance (msg, "Contact", i)); i++) {
1031 gchar * valid_contact = sipmsg_find_part_of_header (contact_hdr, uuid, NULL, NULL);
1032 if (valid_contact) {
1033 gruu = sipmsg_find_part_of_header(contact_hdr, "gruu=\"", "\"", NULL);
1034 //SIPE_DEBUG_INFO("process_register_response: got gruu %s from contact hdr w/ right uuid: %s", gruu, contact_hdr);
1035 g_free(valid_contact);
1036 break;
1037 } else {
1038 //SIPE_DEBUG_INFO("process_register_response: ignoring contact hdr b/c not right uuid: %s", contact_hdr);
1039 }
1040 }
1041 g_free(uuid);
1042
1043 g_free(sipe_private->contact);
1044 if(gruu) {
1045 sipe_private->contact = g_strdup_printf("<%s>", gruu);
1046 g_free(gruu);
1047 } else {
1048 //SIPE_DEBUG_INFO_NOFORMAT("process_register_response: didn't find gruu in a Contact hdr");
1049 sip_transport_default_contact(sipe_private);
1050 }
1051 SIPE_CORE_PRIVATE_FLAG_UNSET(OCS2007);
1052 SIPE_CORE_PRIVATE_FLAG_UNSET(REMOTE_USER);
1053 sip->batched_support = FALSE;
1054
1055 while(hdr)
1056 {
1057 elem = hdr->data;
1058 if (sipe_strcase_equal(elem->name, "Supported")) {
1059 if (sipe_strcase_equal(elem->value, "msrtc-event-categories")) {
1060 /* We interpret this as OCS2007+ indicator */
1061 SIPE_CORE_PRIVATE_FLAG_SET(OCS2007);
1062 SIPE_DEBUG_INFO("Supported: %s (indicates OCS2007+)", elem->value);
1063 }
1064 if (sipe_strcase_equal(elem->value, "adhoclist")) {
1065 sip->batched_support = TRUE;
1066 SIPE_DEBUG_INFO("Supported: %s", elem->value);
1067 }
1068 }
1069 if (sipe_strcase_equal(elem->name, "Allow-Events")){
1070 gchar **caps = g_strsplit(elem->value,",",0);
1071 i = 0;
1072 while (caps[i]) {
1073 sip->allow_events = g_slist_append(sip->allow_events, g_strdup(caps[i]));
1074 SIPE_DEBUG_INFO("Allow-Events: %s", caps[i]);
1075 i++;
1076 }
1077 g_strfreev(caps);
1078 }
1079 if (sipe_strcase_equal(elem->name, "ms-user-logon-data")) {
1080 if (sipe_strcase_equal(elem->value, "RemoteUser")) {
1081 SIPE_CORE_PRIVATE_FLAG_SET(REMOTE_USER);
1082 SIPE_DEBUG_INFO_NOFORMAT("ms-user-logon-data: RemoteUser (connected "
1083 "via Edge Server)");
1084 }
1085 }
1086 hdr = g_slist_next(hdr);
1087 }
1088
1089 /* rejoin open chats to be able to use them by continue to send messages */
1090 sipe_backend_chat_rejoin_all(SIPE_CORE_PUBLIC);
1091
1092 /* subscriptions */
1093 if (!transport->subscribed) { //do it just once, not every re-register
1094
1095 if (g_slist_find_custom(sip->allow_events, "vnd-microsoft-roaming-contacts",
1096 (GCompareFunc)g_ascii_strcasecmp)) {
1097 sipe_subscribe_roaming_contacts(sipe_private);
1098 }
1099
1100 /* For 2007+ it does not make sence to subscribe to:
1101 * vnd-microsoft-roaming-ACL
1102 * vnd-microsoft-provisioning (not v2)
1103 * presence.wpending
1104 * These are for backward compatibility.
1105 */
1106 if (SIPE_CORE_PRIVATE_FLAG_IS(OCS2007))
1107 {
1108 if (g_slist_find_custom(sip->allow_events, "vnd-microsoft-roaming-self",
1109 (GCompareFunc)g_ascii_strcasecmp)) {
1110 sipe_subscribe_roaming_self(sipe_private);
1111 }
1112 if (g_slist_find_custom(sip->allow_events, "vnd-microsoft-provisioning-v2",
1113 (GCompareFunc)g_ascii_strcasecmp)) {
1114 sipe_subscribe_roaming_provisioning_v2(sipe_private);
1115 }
1116 }
1117 /* For 2005- servers */
1118 else
1119 {
1120 //sipe_options_request(sip, sipe_private->public.sip_domain);
1121
1122 if (g_slist_find_custom(sip->allow_events, "vnd-microsoft-roaming-ACL",
1123 (GCompareFunc)g_ascii_strcasecmp)) {
1124 sipe_subscribe_roaming_acl(sipe_private);
1125 }
1126 if (g_slist_find_custom(sip->allow_events, "vnd-microsoft-provisioning",
1127 (GCompareFunc)g_ascii_strcasecmp)) {
1128 sipe_subscribe_roaming_provisioning(sipe_private);
1129 }
1130 if (g_slist_find_custom(sip->allow_events, "presence.wpending",
1131 (GCompareFunc)g_ascii_strcasecmp)) {
1132 sipe_subscribe_presence_wpending(sipe_private,
1133 NULL);
1134 }
1135
1136 /* For 2007+ we publish our initial statuses and calendar data only after
1137 * received our existing publications in sipe_process_roaming_self()
1138 * Only in this case we know versions of current publications made
1139 * on our behalf.
1140 */
1141 /* For 2005- we publish our initial statuses only after
1142 * received our existing UserInfo data in response to
1143 * self subscription.
1144 * Only in this case we won't override existing UserInfo data
1145 * set earlier or by other client on our behalf.
1146 */
1147 }
1148
1149 transport->subscribed = TRUE;
1150 }
1151
1152 timeout = sipmsg_find_part_of_header(sipmsg_find_header(msg, "ms-keep-alive"),
1153 "timeout=", ";", NULL);
1154 if (timeout != NULL) {
1155 sscanf(timeout, "%u", &sipe_private->public.keepalive_timeout);
1156 SIPE_DEBUG_INFO("process_register_response: server determined keep alive timeout is %u seconds",
1157 sipe_private->public.keepalive_timeout);
1158 g_free(timeout);
1159 }
1160
1161 SIPE_DEBUG_INFO("process_register_response: got 200, removing CSeq: %d", transport->cseq);
1162 }
1163 break;
1164 case 301:
1165 {
1166 gchar *redirect = parse_from(sipmsg_find_header(msg, "Contact"));
1167
1168 SIPE_DEBUG_INFO_NOFORMAT("process_register_response: authentication handshake completed successfully");
1169
1170 if (redirect && (g_strncasecmp("sip:", redirect, 4) == 0)) {
1171 gchar **parts = g_strsplit(redirect + 4, ";", 0);
1172 gchar **tmp;
1173 gchar *hostname;
1174 int port = 0;
1175 guint transport = SIPE_TRANSPORT_TLS;
1176 int i = 1;
1177
1178 tmp = g_strsplit(parts[0], ":", 0);
1179 hostname = g_strdup(tmp[0]);
1180 if (tmp[1]) port = strtoul(tmp[1], NULL, 10);
1181 g_strfreev(tmp);
1182
1183 while (parts[i]) {
1184 tmp = g_strsplit(parts[i], "=", 0);
1185 if (tmp[1]) {
1186 if (g_strcasecmp("transport", tmp[0]) == 0) {
1187 if (g_strcasecmp("tcp", tmp[1]) == 0) {
1188 transport = SIPE_TRANSPORT_TCP;
1189 }
1190 }
1191 }
1192 g_strfreev(tmp);
1193 i++;
1194 }
1195 g_strfreev(parts);
1196
1197 /* Close old connection */
1198 sipe_core_connection_cleanup(sipe_private);
1199
1200 /* Create new connection */
1201 sipe_server_register(sipe_private, transport, hostname, port);
1202 SIPE_DEBUG_INFO("process_register_response: redirected to host %s port %d transport %d",
1203 hostname, port, transport);
1204 }
1205 g_free(redirect);
1206 }
1207 break;
1208 case 401:
1209 {
1210 const char *auth_hdr;
1211
1212 SIPE_DEBUG_INFO("process_register_response: REGISTER retries %d", transport->registrar.retries);
1213 if (sip_sec_context_is_ready(transport->registrar.gssapi_context)) {
1214 SIPE_DEBUG_INFO_NOFORMAT("process_register_response: authentication handshake failed - giving up.");
1215 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
1216 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED,
1217 _("Authentication failed"));
1218 return TRUE;
1219 }
1220
1221 if (transport->reauthenticate_set) {
1222 SIPE_DEBUG_ERROR_NOFORMAT("process_register_response: RE-REGISTER rejected, triggering re-authentication");
1223 do_reauthenticate_cb(sipe_private, NULL);
1224 return TRUE;
1225 }
1226
1227 auth_hdr = get_auth_header(sipe_private, &transport->registrar, msg);
1228 if (!auth_hdr) {
1229 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
1230 SIPE_CONNECTION_ERROR_AUTHENTICATION_IMPOSSIBLE,
1231 _("Incompatible authentication scheme chosen"));
1232 return TRUE;
1233 }
1234 SIPE_DEBUG_INFO("process_register_response: Auth header: %s", auth_hdr);
1235 fill_auth(auth_hdr, &transport->registrar);
1236 transport->reregister_set = FALSE;
1237 transport->register_attempt = 0;
1238 do_register(sipe_private,
1239 sipe_backend_connection_is_disconnecting(SIPE_CORE_PUBLIC));
1240 }
1241 break;
1242 case 403:
1243 {
1244 gchar *reason;
1245 gchar *warning;
1246 sipmsg_parse_warning(msg, &reason);
1247 reason = reason ? reason : sipmsg_get_ms_diagnostics_public_reason(msg);
1248 warning = g_strdup_printf(_("You have been rejected by the server: %s"),
1249 reason ? reason : _("no reason given"));
1250 g_free(reason);
1251
1252 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
1253 SIPE_CONNECTION_ERROR_INVALID_SETTINGS,
1254 warning);
1255 g_free(warning);
1256 return TRUE;
1257 }
1258 break;
1259 case 404:
1260 {
1261 const gchar *diagnostics = sipmsg_find_header(msg, "ms-diagnostics");
1262 gchar *reason = sipmsg_get_ms_diagnostics_reason(msg);
1263 gchar *warning;
1264 warning = g_strdup_printf(_("Not found: %s. Please contact your Administrator"),
1265 diagnostics ? (reason ? reason : _("no reason given")) :
1266 _("SIP is either not enabled for the destination URI or it does not exist"));
1267 g_free(reason);
1268
1269 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
1270 SIPE_CONNECTION_ERROR_INVALID_USERNAME,
1271 warning);
1272 g_free(warning);
1273 return TRUE;
1274 }
1275 break;
1276 case 504: /* Server time-out */
1277 /* first attempt + 5 retries */
1278 if (transport->register_attempt < 6) {
1279 SIPE_DEBUG_INFO("process_register_response: RE-REGISTER timeout on attempt %d, retrying later",
1280 transport->register_attempt);
1281 sip_transport_set_reregister(sipe_private, 60);
1282 return TRUE;
1283 }
1284 /* FALLTHROUGH */
1285 case 503:
1286 {
1287 gchar *reason = sipmsg_get_ms_diagnostics_reason(msg);
1288 gchar *warning;
1289 warning = g_strdup_printf(_("Service unavailable: %s"), reason ? reason : _("no reason given"));
1290 g_free(reason);
1291
1292 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
1293 SIPE_CONNECTION_ERROR_NETWORK,
1294 warning);
1295 g_free(warning);
1296 return TRUE;
1297 }
1298 break;
1299 }
1300 return TRUE;
1301 }
1302
1303 static gboolean register_response_timeout(struct sipe_core_private *sipe_private,
1304 SIPE_UNUSED_PARAMETER struct sipmsg *msg,
1305 SIPE_UNUSED_PARAMETER struct transaction *trans)
1306 {
1307 struct sip_transport *transport = sipe_private->transport;
1308 if (transport->register_attempt < 6) {
1309 SIPE_DEBUG_INFO("register_response_timeout: no answer to attempt %d, retrying",
1310 transport->register_attempt);
1311 do_register(sipe_private, FALSE);
1312 } else {
1313 gchar *warning = g_strdup_printf(_("Service unavailable: %s"), _("no reason given"));
1314 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
1315 SIPE_CONNECTION_ERROR_NETWORK,
1316 warning);
1317 g_free(warning);
1318 }
1319 return TRUE;
1320 }
1321
1322 static void do_register(struct sipe_core_private *sipe_private,
1323 gboolean deregister)
1324 {
1325 struct sip_transport *transport = sipe_private->transport;
1326 char *uri;
1327 char *to;
1328 char *hdr;
1329 char *uuid;
1330
1331 if (!sipe_private->public.sip_domain) return;
1332
1333 if (!deregister) {
1334 if (transport->reregister_set) {
1335 transport->reregister_set = FALSE;
1336 transport->register_attempt = 1;
1337 } else {
1338 transport->register_attempt++;
1339 }
1340 }
1341
1342 transport->auth_incomplete = FALSE;
1343
1344 uuid = get_uuid(sipe_private);
1345 hdr = g_strdup_printf("Contact: <sip:%s:%d;transport=%s;ms-opaque=d3470f2e1d>;methods=\"INVITE, MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY\";proxy=replace;+sip.instance=\"<urn:uuid:%s>\"\r\n"
1346 "Supported: gruu-10, adhoclist, msrtc-event-categories, com.microsoft.msrtc.presence\r\n"
1347 "Event: registration\r\n"
1348 "Allow-Events: presence\r\n"
1349 "ms-keep-alive: UAC;hop-hop=yes\r\n"
1350 "%s",
1351 sipe_backend_network_ip_address(),
1352 transport->connection->client_port,
1353 TRANSPORT_DESCRIPTOR,
1354 uuid,
1355 deregister ? "Expires: 0\r\n" : "");
1356 g_free(uuid);
1357
1358 uri = sip_uri_from_name(sipe_private->public.sip_domain);
1359 to = sip_uri_self(sipe_private);
1360 sip_transport_request_timeout(sipe_private,
1361 "REGISTER",
1362 uri,
1363 to,
1364 hdr,
1365 "",
1366 NULL,
1367 process_register_response,
1368 60,
1369 deregister ? NULL : register_response_timeout);
1370 g_free(to);
1371 g_free(uri);
1372 g_free(hdr);
1373
1374 if (deregister) {
1375 /* Make sure that all messages are pushed to the server
1376 before the connection gets shut down */
1377 SIPE_DEBUG_INFO_NOFORMAT("De-register from server. Flushing outstanding messages.");
1378 sipe_backend_transport_flush(transport->connection);
1379 }
1380 }
1381
1382 void sip_transport_deregister(struct sipe_core_private *sipe_private)
1383 {
1384 do_register(sipe_private, TRUE);
1385 }
1386
1387 void sip_transport_disconnect(struct sipe_core_private *sipe_private)
1388 {
1389 struct sip_transport *transport = sipe_private->transport;
1390
1391 /* transport can be NULL during connection setup */
1392 if (transport) {
1393 sipe_backend_transport_disconnect(transport->connection);
1394
1395 sipe_auth_free(&transport->registrar);
1396 sipe_auth_free(&transport->proxy);
1397
1398 g_free(transport->server_name);
1399 g_free(transport->server_version);
1400 g_free(transport->user_agent);
1401
1402 while (transport->transactions)
1403 transactions_remove(sipe_private,
1404 transport->transactions->data);
1405
1406 g_free(transport);
1407 }
1408
1409 sipe_private->transport = NULL;
1410 sipe_private->service_data = NULL;
1411
1412 if (sipe_private->dns_query)
1413 sipe_backend_dns_query_cancel(sipe_private->dns_query);
1414
1415 }
1416
1417 void sip_transport_authentication_completed(struct sipe_core_private *sipe_private)
1418 {
1419 do_reauthenticate_cb(sipe_private, NULL);
1420 }
1421
1422 guint sip_transport_port(struct sipe_core_private *sipe_private)
1423 {
1424 return sipe_private->transport->server_port;
1425 }
1426
1427 static void process_input_message(struct sipe_core_private *sipe_private,
1428 struct sipmsg *msg)
1429 {
1430 struct sip_transport *transport = sipe_private->transport;
1431 gboolean notfound = FALSE;
1432 const char *method = msg->method ? msg->method : "NOT FOUND";
1433
1434 SIPE_DEBUG_INFO("process_input_message: msg->response(%d),msg->method(%s)",
1435 msg->response, method);
1436
1437 if (msg->response == 0) { /* request */
1438 if (sipe_strequal(method, "MESSAGE")) {
1439 process_incoming_message(sipe_private, msg);
1440 } else if (sipe_strequal(method, "NOTIFY")) {
1441 SIPE_DEBUG_INFO_NOFORMAT("send->process_incoming_notify");
1442 process_incoming_notify(sipe_private, msg, TRUE, FALSE);
1443 } else if (sipe_strequal(method, "BENOTIFY")) {
1444 SIPE_DEBUG_INFO_NOFORMAT("send->process_incoming_benotify");
1445 process_incoming_notify(sipe_private, msg, TRUE, TRUE);
1446 } else if (sipe_strequal(method, "INVITE")) {
1447 process_incoming_invite(sipe_private, msg);
1448 } else if (sipe_strequal(method, "REFER")) {
1449 process_incoming_refer(sipe_private, msg);
1450 } else if (sipe_strequal(method, "OPTIONS")) {
1451 process_incoming_options(sipe_private, msg);
1452 } else if (sipe_strequal(method, "INFO")) {
1453 process_incoming_info(sipe_private, msg);
1454 } else if (sipe_strequal(method, "ACK")) {
1455 /* ACK's don't need any response */
1456 } else if (sipe_strequal(method, "PRACK")) {
1457 sip_transport_response(sipe_private, msg, 200, "OK", NULL);
1458 } else if (sipe_strequal(method, "SUBSCRIBE")) {
1459 /* LCS 2005 sends us these - just respond 200 OK */
1460 sip_transport_response(sipe_private, msg, 200, "OK", NULL);
1461 } else if (sipe_strequal(method, "CANCEL")) {
1462 process_incoming_cancel(sipe_private, msg);
1463 } else if (sipe_strequal(method, "BYE")) {
1464 process_incoming_bye(sipe_private, msg);
1465 } else {
1466 sip_transport_response(sipe_private, msg, 501, "Not implemented", NULL);
1467 notfound = TRUE;
1468 }
1469
1470 } else { /* response */
1471 struct transaction *trans = transactions_find(transport, msg);
1472 if (trans) {
1473 if (msg->response < 200) {
1474 /* ignore provisional response */
1475 SIPE_DEBUG_INFO("process_input_message: got provisional (%d) response, ignoring", msg->response);
1476
1477 /* Transaction not yet completed */
1478 trans = NULL;
1479
1480 } else if (msg->response == 401) { /* Unauthorized */
1481
1482 if (sipe_strequal(trans->msg->method, "REGISTER")) {
1483 /* Expected response during authentication handshake */
1484 transport->registrar.retries++;
1485 SIPE_DEBUG_INFO("process_input_message: RE-REGISTER CSeq: %d", transport->cseq);
1486 } else {
1487 gchar *resend;
1488
1489 /* Are we registered? */
1490 if (transport->reregister_set) {
1491 SIPE_DEBUG_INFO_NOFORMAT("process_input_message: 401 response to non-REGISTER message. Retrying with new authentication.");
1492 sign_outgoing_message(sipe_private,
1493 trans->msg);
1494 } else {
1495 /**
1496 * We don't have a valid authentication at the moment.
1497 * Resend message unchanged. It will be rejected again
1498 * and hopefully by then we have a valid authentication.
1499 */
1500 SIPE_DEBUG_INFO_NOFORMAT("process_input_message: 401 response to non-REGISTER message. Bouncing...");
1501 }
1502
1503 /* Resend request */
1504 resend = sipmsg_to_string(trans->msg);
1505 sipe_utils_message_debug("SIP", resend, NULL, TRUE);
1506 sipe_backend_transport_message(sipe_private->transport->connection, resend);
1507 g_free(resend);
1508
1509 /* Transaction not yet completed */
1510 trans = NULL;
1511 }
1512
1513 } else if (msg->response == 407) { /* Proxy Authentication Required */
1514
1515 if (transport->proxy.retries > 30) {
1516 SIPE_DEBUG_ERROR_NOFORMAT("process_input_message: too many proxy authentication retries. Giving up.");
1517 } else {
1518 gchar *resend, *auth;
1519 const gchar *auth_hdr;
1520
1521 transport->proxy.retries++;
1522
1523 /* do proxy authentication */
1524 auth_hdr = sipmsg_find_header(msg, "Proxy-Authenticate");
1525 if (auth_hdr) {
1526 guint i;
1527 transport->proxy.type = AUTH_TYPE_UNSET;
1528 for (i = 0; i < AUTH_PROTOCOLS; i++) {
1529 const gchar *protocol = auth_type_to_protocol[i];
1530 if (protocol &&
1531 !g_strncasecmp(auth_hdr, protocol, strlen(protocol))) {
1532 SIPE_DEBUG_INFO("proxy auth: type %s", protocol);
1533 transport->proxy.type = i;
1534 transport->proxy.protocol = protocol;
1535 break;
1536 }
1537 }
1538 if (transport->proxy.type == AUTH_TYPE_UNSET)
1539 SIPE_DEBUG_ERROR("Unknown proxy authentication: %s", auth_hdr);
1540 fill_auth(auth_hdr, &transport->proxy);
1541 }
1542 auth = auth_header(sipe_private, &transport->proxy, trans->msg);
1543 if (auth) {
1544 sipmsg_remove_header_now(trans->msg, "Proxy-Authorization");
1545 sipmsg_add_header_now_pos(trans->msg, "Proxy-Authorization", auth, 5);
1546 g_free(auth);
1547 }
1548
1549 /* resend request */
1550 resend = sipmsg_to_string(trans->msg);
1551 sipe_utils_message_debug("SIP", resend, NULL, TRUE);
1552 sipe_backend_transport_message(sipe_private->transport->connection, resend);
1553 g_free(resend);
1554
1555 /* Transaction not yet completed */
1556 trans = NULL;
1557 }
1558
1559 } else {
1560 transport->registrar.retries = 0;
1561 transport->proxy.retries = 0;
1562 }
1563
1564 /* Is transaction completed? */
1565 if (trans) {
1566 if (trans->callback) {
1567 SIPE_DEBUG_INFO_NOFORMAT("process_input_message: we have a transaction callback");
1568 /* call the callback to process response */
1569 (trans->callback)(sipe_private, msg, trans);
1570 }
1571
1572 SIPE_DEBUG_INFO("process_input_message: removing CSeq %d", transport->cseq);
1573 transactions_remove(sipe_private, trans);
1574 }
1575 } else {
1576 SIPE_DEBUG_INFO_NOFORMAT("process_input_message: received response to unknown transaction");
1577 notfound = TRUE;
1578 }
1579 }
1580
1581 if (notfound) {
1582 SIPE_DEBUG_INFO("received a unknown sip message with method %s and response %d", method, msg->response);
1583 }
1584 }
1585
1586 static void sip_transport_input(struct sipe_transport_connection *conn)
1587 {
1588 struct sipe_core_private *sipe_private = conn->user_data;
1589 struct sip_transport *transport = sipe_private->transport;
1590 gchar *cur = conn->buffer;
1591
1592 /* according to the RFC remove CRLF at the beginning */
1593 while (*cur == '\r' || *cur == '\n') {
1594 cur++;
1595 }
1596 if (cur != conn->buffer)
1597 sipe_utils_shrink_buffer(conn, cur);
1598
1599 /* Received a full Header? */
1600 transport->processing_input = TRUE;
1601 while (transport->processing_input &&
1602 ((cur = strstr(conn->buffer, "\r\n\r\n")) != NULL)) {
1603 struct sipmsg *msg;
1604 guint remainder;
1605
1606 cur += 2;
1607 cur[0] = '\0';
1608 msg = sipmsg_parse_header(conn->buffer);
1609
1610 cur += 2;
1611 remainder = conn->buffer_used - (cur - conn->buffer);
1612 if (msg && remainder >= (guint) msg->bodylen) {
1613 char *dummy = g_malloc(msg->bodylen + 1);
1614 memcpy(dummy, cur, msg->bodylen);
1615 dummy[msg->bodylen] = '\0';
1616 msg->body = dummy;
1617 cur += msg->bodylen;
1618 sipe_utils_message_debug("SIP",
1619 conn->buffer,
1620 msg->body,
1621 FALSE);
1622 sipe_utils_shrink_buffer(conn, cur);
1623 } else {
1624 if (msg){
1625 SIPE_DEBUG_INFO("sipe_transport_input: body too short (%d < %d, strlen %d) - ignoring message", remainder, msg->bodylen, (int)strlen(conn->buffer));
1626 sipmsg_free(msg);
1627 }
1628
1629 /* restore header for next try */
1630 cur[-2] = '\r';
1631 return;
1632 }
1633
1634 // Verify the signature before processing it
1635 if (sip_sec_context_is_ready(transport->registrar.gssapi_context)) {
1636 struct sipmsg_breakdown msgbd;
1637 gchar *signature_input_str;
1638 gchar *rspauth;
1639 msgbd.msg = msg;
1640 sipmsg_breakdown_parse(&msgbd, transport->registrar.realm, transport->registrar.target,
1641 transport->registrar.protocol);
1642 signature_input_str = sipmsg_breakdown_get_string(transport->registrar.version, &msgbd);
1643
1644 rspauth = sipmsg_find_part_of_header(sipmsg_find_header(msg, "Authentication-Info"), "rspauth=\"", "\"", NULL);
1645
1646 if (rspauth != NULL) {
1647 if (!sip_sec_verify_signature(transport->registrar.gssapi_context, signature_input_str, rspauth)) {
1648 SIPE_DEBUG_INFO_NOFORMAT("sip_transport_input: signature of incoming message validated");
1649 process_input_message(sipe_private, msg);
1650 } else {
1651 SIPE_DEBUG_INFO_NOFORMAT("sip_transport_input: signature of incoming message is invalid.");
1652 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
1653 SIPE_CONNECTION_ERROR_NETWORK,
1654 _("Invalid message signature received"));
1655 }
1656 } else if ((msg->response == 401) ||
1657 sipe_strequal(msg->method, "REGISTER")) {
1658 /* a) Retry non-REGISTER requests with updated authentication */
1659 /* b) We must always process REGISTER responses */
1660 process_input_message(sipe_private, msg);
1661 } else {
1662 /* OCS sends provisional messages that are *not* signed */
1663 if (msg->response >= 200) {
1664 /* We are not calling process_input_message(),
1665 so we need to drop the transaction here. */
1666 struct transaction *trans = transactions_find(transport, msg);
1667 if (trans) transactions_remove(sipe_private, trans);
1668 }
1669 SIPE_DEBUG_INFO_NOFORMAT("sip_transport_input: message without authentication data - ignoring");
1670 }
1671 g_free(signature_input_str);
1672
1673 g_free(rspauth);
1674 sipmsg_breakdown_free(&msgbd);
1675 } else {
1676 process_input_message(sipe_private, msg);
1677 }
1678
1679 sipmsg_free(msg);
1680
1681 /* Redirect: old content of "transport" is no longer valid */
1682 transport = sipe_private->transport;
1683 }
1684 }
1685
1686 static void sip_transport_connected(struct sipe_transport_connection *conn)
1687 {
1688 struct sipe_core_private *sipe_private = conn->user_data;
1689 sipe_private->service_data = NULL;
1690 do_register(sipe_private, FALSE);
1691 }
1692
1693 static void resolve_next_service(struct sipe_core_private *sipe_private,
1694 const struct sip_service_data *start);
1695 static void sip_transport_error(struct sipe_transport_connection *conn,
1696 const gchar *msg)
1697 {
1698 struct sipe_core_private *sipe_private = conn->user_data;
1699
1700 /* This failed attempt was based on a DNS SRV record */
1701 if (sipe_private->service_data) {
1702 resolve_next_service(sipe_private, NULL);
1703 } else {
1704 sipe_backend_connection_error(SIPE_CORE_PUBLIC,
1705 SIPE_CONNECTION_ERROR_NETWORK,
1706 msg);
1707 }
1708 }
1709
1710 /* server_name must be g_alloc()'ed */
1711 static void sipe_server_register(struct sipe_core_private *sipe_private,
1712 guint type,
1713 gchar *server_name,
1714 guint server_port)
1715 {
1716 sipe_connect_setup setup = {
1717 type,
1718 server_name,
1719 (server_port != 0) ? server_port :
1720 (type == SIPE_TRANSPORT_TLS) ? 5061 : 5060,
1721 sipe_private,
1722 sip_transport_connected,
1723 sip_transport_input,
1724 sip_transport_error
1725 };
1726 struct sip_transport *transport = g_new0(struct sip_transport, 1);
1727
1728 transport->server_name = server_name;
1729 transport->server_port = setup.server_port;
1730 transport->connection = sipe_backend_transport_connect(SIPE_CORE_PUBLIC,
1731 &setup);
1732 sipe_private->transport = transport;
1733 }
1734
1735 struct sip_service_data {
1736 const char *protocol;
1737 const char *transport;
1738 guint type;
1739 };
1740
1741 /* Service list for autodection */
1742 static const struct sip_service_data service_autodetect[] = {
1743 { "sipinternaltls", "tcp", SIPE_TRANSPORT_TLS }, /* for internal TLS connections */
1744 { "sipinternal", "tcp", SIPE_TRANSPORT_TCP }, /* for internal TCP connections */
1745 { "sip", "tls", SIPE_TRANSPORT_TLS }, /* for external TLS connections */
1746 { "sip", "tcp", SIPE_TRANSPORT_TCP }, /*.for external TCP connections */
1747 { NULL, NULL, 0 }
1748 };
1749
1750 /* Service list for SSL/TLS */
1751 static const struct sip_service_data service_tls[] = {
1752 { "sipinternaltls", "tcp", SIPE_TRANSPORT_TLS }, /* for internal TLS connections */
1753 { "sip", "tls", SIPE_TRANSPORT_TLS }, /* for external TLS connections */
1754 { NULL, NULL, 0 }
1755 };
1756
1757 /* Service list for TCP */
1758 static const struct sip_service_data service_tcp[] = {
1759 { "sipinternal", "tcp", SIPE_TRANSPORT_TCP }, /* for internal TCP connections */
1760 { "sip", "tcp", SIPE_TRANSPORT_TCP }, /*.for external TCP connections */
1761 { NULL, NULL, 0 }
1762 };
1763
1764 static const struct sip_service_data *services[] = {
1765 service_autodetect, /* SIPE_TRANSPORT_AUTO */
1766 service_tls, /* SIPE_TRANSPORT_TLS */
1767 service_tcp /* SIPE_TRANSPORT_TCP */
1768 };
1769
1770 static void sipe_core_dns_resolved(struct sipe_core_public *sipe_public,
1771 const gchar *hostname, guint port)
1772 {
1773 struct sipe_core_private *sipe_private = SIPE_CORE_PRIVATE;
1774
1775 sipe_private->dns_query = NULL;
1776
1777 if (hostname) {
1778 SIPE_DEBUG_INFO("sipe_core_dns_resolved - SRV hostname: %s port: %d",
1779 hostname, port);
1780 sipe_server_register(sipe_private,
1781 sipe_private->service_data->type,
1782 g_strdup(hostname), port);
1783 } else {
1784 resolve_next_service(SIPE_CORE_PRIVATE, NULL);
1785 }
1786 }
1787
1788 static void resolve_next_service(struct sipe_core_private *sipe_private,
1789 const struct sip_service_data *start)
1790 {
1791 if (start) {
1792 sipe_private->service_data = start;
1793 } else {
1794 sipe_private->service_data++;
1795 if (sipe_private->service_data->protocol == NULL) {
1796 guint type = sipe_private->transport_type;
1797
1798 /* We tried all services */
1799 sipe_private->service_data = NULL;
1800
1801 /* Try connecting to the SIP hostname directly */
1802 SIPE_DEBUG_INFO_NOFORMAT("no SRV records found; using SIP domain as fallback");
1803 if (type == SIPE_TRANSPORT_AUTO)
1804 type = SIPE_TRANSPORT_TLS;
1805
1806 sipe_server_register(sipe_private, type,
1807 g_strdup(sipe_private->public.sip_domain),
1808 0);
1809 return;
1810 }
1811 }
1812
1813 /* Try to resolve next service */
1814 sipe_private->dns_query = sipe_backend_dns_query_srv(
1815 sipe_private->service_data->protocol,
1816 sipe_private->service_data->transport,
1817 sipe_private->public.sip_domain,
1818 (sipe_dns_resolved_cb) sipe_core_dns_resolved,
1819 SIPE_CORE_PUBLIC);
1820 }
1821
1822 void sipe_core_transport_sip_connect(struct sipe_core_public *sipe_public,
1823 guint transport,
1824 const gchar *server,
1825 const gchar *port)
1826 {
1827 struct sipe_core_private *sipe_private = SIPE_CORE_PRIVATE;
1828
1829 if (server) {
1830 /* Use user specified server[:port] */
1831 int port_number = 0;
1832
1833 if (port)
1834 port_number = atoi(port);
1835
1836 SIPE_DEBUG_INFO("sipe_core_connect: user specified SIP server %s:%d",
1837 server, port_number);
1838
1839 sipe_server_register(sipe_private, transport,
1840 g_strdup(server), port_number);
1841 } else {
1842 /* Server auto-discovery */
1843
1844 /* Remember user specified transport type */
1845 sipe_private->transport_type = transport;
1846 resolve_next_service(sipe_private, services[transport]);
1847 }
1848 }
1849
1850 void sipe_core_transport_sip_keepalive(struct sipe_core_public *sipe_public)
1851 {
1852 SIPE_DEBUG_INFO("sending keep alive %d",
1853 sipe_public->keepalive_timeout);
1854 sipe_utils_message_debug("SIP", "", NULL, TRUE);
1855 sipe_backend_transport_message(SIPE_CORE_PRIVATE->transport->connection,
1856 "\r\n\r\n");
1857 }
1858
1859 int sip_transaction_cseq(struct transaction *trans)
1860 {
1861 int cseq;
1862
1863 g_return_val_if_fail(trans && trans->key, 0);
1864
1865 sscanf(trans->key, "<%*[a-zA-Z0-9]><%d INVITE>", &cseq);
1866 return cseq;
1867 }
1868
1869 /*
1870 Local Variables:
1871 mode: c
1872 c-file-style: "bsd"
1873 indent-tabs-mode: t
1874 tab-width: 8
1875 End:
1876 */
A third-party Pidgin plugin for Microsoft LCS/OCS