2 * @file sip-transport.c
6 * Copyright (C) 2010-2013 SIPE Project <http://sipe.sourceforge.net/>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 * This module incapsulates SIP (RFC3261) protocol and provides
25 * higher level API (a layer) to XML-based SIPE (SIP with Extensions).
26 * Underlying leyer for this is TCP/SSL layer.
28 * A diagram in pseudographics:
30 * === SIPE (XML-based) layer ======================
31 * === SIP RFC3261 transport layer (This module) ===
32 * === TCP/SSL layer ===============================
34 * Authentication (Kerberos and NTLM) is applicable to this layer only.
35 * The same with message integtity (signing). No sip-sec* code should
36 * be used ourside of this module.
38 * SIP errors as codes(both as a return codes and network conditions) should be
39 * escalated to higher leyer (SIPE). Network conditions include no response
40 * within timeout interval.
42 * This module should support redirect internally. No escalations to higher
45 * NO SIP-messages (headers) composing and processing should be outside of
46 * this module (!) Like headers: Via, Route, Contact, Authorization, etc.
47 * It's all irrelevant to higher layer responsibilities.
61 #include "sipe-common.h"
64 #include "sip-sec-digest.h"
65 #include "sip-transport.h"
66 #include "sipe-backend.h"
67 #include "sipe-core.h"
68 #include "sipe-core-private.h"
69 #include "sipe-certificate.h"
70 #include "sipe-dialog.h"
71 #include "sipe-incoming.h"
73 #include "sipe-notify.h"
74 #include "sipe-schedule.h"
75 #include "sipe-sign.h"
76 #include "sipe-subscriptions.h"
77 #include "sipe-utils.h"
81 struct sip_sec_context
*gssapi_context
;
84 const gchar
*protocol
;
94 /* sip-transport.c private data */
95 struct sip_transport
{
96 struct sipe_transport_connection
*connection
;
100 gchar
*server_version
;
104 GSList
*transactions
;
106 struct sip_auth registrar
;
107 struct sip_auth proxy
;
110 guint register_attempt
;
112 gboolean processing_input
; /* whether full header received */
113 gboolean auth_incomplete
; /* whether authentication not completed */
114 gboolean reregister_set
; /* whether reregister timer set */
115 gboolean reauthenticate_set
; /* whether reauthenticate timer set */
116 gboolean subscribed
; /* whether subscribed to events, except buddies presence */
117 gboolean deregister
; /* whether in deregistration */
120 /* Keep in sync with sipe_transport_type! */
121 static const char *transport_descriptor
[] = { "", "tls", "tcp"};
122 #define TRANSPORT_DESCRIPTOR (transport_descriptor[transport->connection->type])
124 static char *genbranch()
126 return g_strdup_printf("z9hG4bK%04X%04X%04X%04X%04X",
127 rand() & 0xFFFF, rand() & 0xFFFF, rand() & 0xFFFF,
128 rand() & 0xFFFF, rand() & 0xFFFF);
131 static void sipe_auth_free(struct sip_auth
*auth
)
133 g_free(auth
->opaque
);
135 auth
->protocol
= NULL
;
138 g_free(auth
->sts_uri
);
139 auth
->sts_uri
= NULL
;
140 g_free(auth
->target
);
143 auth
->type
= SIPE_AUTHENTICATION_TYPE_UNSET
;
146 g_free(auth
->gssapi_data
);
147 auth
->gssapi_data
= NULL
;
148 sip_sec_destroy_context(auth
->gssapi_context
);
149 auth
->gssapi_context
= NULL
;
152 static void sipe_make_signature(struct sipe_core_private
*sipe_private
,
155 struct sip_transport
*transport
= sipe_private
->transport
;
156 if (sip_sec_context_is_ready(transport
->registrar
.gssapi_context
)) {
157 struct sipmsg_breakdown msgbd
;
158 gchar
*signature_input_str
;
160 sipmsg_breakdown_parse(&msgbd
, transport
->registrar
.realm
, transport
->registrar
.target
,
161 transport
->registrar
.protocol
);
162 msgbd
.rand
= g_strdup_printf("%08x", g_random_int());
163 transport
->registrar
.ntlm_num
++;
164 msgbd
.num
= g_strdup_printf("%d", transport
->registrar
.ntlm_num
);
165 signature_input_str
= sipmsg_breakdown_get_string(transport
->registrar
.version
, &msgbd
);
166 if (signature_input_str
!= NULL
) {
167 char *signature_hex
= sip_sec_make_signature(transport
->registrar
.gssapi_context
, signature_input_str
);
168 msg
->signature
= signature_hex
;
169 msg
->rand
= g_strdup(msgbd
.rand
);
170 msg
->num
= g_strdup(msgbd
.num
);
171 g_free(signature_input_str
);
173 sipmsg_breakdown_free(&msgbd
);
177 static const gchar
*const auth_type_to_protocol
[] = {
178 NULL
, /* SIPE_AUTHENTICATION_TYPE_UNSET */
179 NULL
, /* SIPE_AUTHENTICATION_TYPE_BASIC */
180 "NTLM", /* SIPE_AUTHENTICATION_TYPE_NTLM */
181 "Kerberos", /* SIPE_AUTHENTICATION_TYPE_KERBEROS */
182 NULL
, /* SIPE_AUTHENTICATION_TYPE_NEGOTIATE */
183 "TLS-DSK", /* SIPE_AUTHENTICATION_TYPE_TLS_DSK */
185 #define AUTH_PROTOCOLS (sizeof(auth_type_to_protocol)/sizeof(gchar *))
187 static gchar
*msg_signature_to_auth(struct sip_auth
*auth
,
190 return(g_strdup_printf("%s qop=\"auth\", opaque=\"%s\", realm=\"%s\", targetname=\"%s\", crand=\"%s\", cnum=\"%s\", response=\"%s\"",
192 auth
->opaque
, auth
->realm
, auth
->target
,
193 msg
->rand
, msg
->num
, msg
->signature
));
196 static gchar
*initialize_auth_context(struct sipe_core_private
*sipe_private
,
197 struct sip_auth
*auth
,
200 struct sip_transport
*transport
= sipe_private
->transport
;
202 gchar
*gssapi_data
= NULL
;
209 * If transport is de-registering when we reach this point then we
210 * are in the middle of the previous authentication context setup
211 * attempt. So we shouldn't try another attempt.
213 if (transport
->deregister
)
216 /* Create security context or handshake continuation? */
217 if (auth
->gssapi_context
) {
218 /* Perform next step in authentication handshake */
219 gboolean status
= sip_sec_init_context_step(auth
->gssapi_context
,
225 /* If authentication is completed gssapi_data can be NULL */
227 (sip_sec_context_is_ready(auth
->gssapi_context
) || gssapi_data
))) {
228 SIPE_DEBUG_ERROR_NOFORMAT("initialize_auth_context: security context continuation failed");
230 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
231 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED
,
232 _("Failed to authenticate to server"));
237 /* Create security context */
238 gpointer password
= sipe_private
->password
;
240 /* For TLS-DSK the "password" is a certificate */
241 if (auth
->type
== SIPE_AUTHENTICATION_TYPE_TLS_DSK
) {
242 password
= sipe_certificate_tls_dsk_find(sipe_private
,
247 SIPE_DEBUG_INFO("initialize_auth_context: TLS-DSK Certificate Provisioning URI %s",
249 if (!sipe_certificate_tls_dsk_generate(sipe_private
,
252 gchar
*tmp
= g_strdup_printf(_("Can't request certificate from %s"),
254 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
255 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED
,
260 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
261 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED
,
262 _("No URI for certificate provisioning service provided"));
265 /* we can't authenticate the message yet */
266 transport
->auth_incomplete
= TRUE
;
270 SIPE_DEBUG_INFO("initialize_auth_context: TLS-DSK certificate for target '%s' found.",
275 auth
->gssapi_context
= sip_sec_create_context(auth
->type
,
276 SIPE_CORE_PRIVATE_FLAG_IS(SSO
),
277 FALSE
, /* connection-less for SIP */
278 sipe_private
->authdomain
? sipe_private
->authdomain
: "",
279 sipe_private
->authuser
,
282 if (auth
->gssapi_context
) {
283 sip_sec_init_context_step(auth
->gssapi_context
,
290 if (!gssapi_data
|| !auth
->gssapi_context
) {
292 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
293 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED
,
294 _("Failed to authenticate to server"));
299 if ((auth
->version
> 3) &&
300 sip_sec_context_is_ready(auth
->gssapi_context
)) {
301 sipe_make_signature(sipe_private
, msg
);
302 sign_str
= g_strdup_printf(", crand=\"%s\", cnum=\"%s\", response=\"%s\"",
303 msg
->rand
, msg
->num
, msg
->signature
);
305 sign_str
= g_strdup("");
309 gssapi_str
= g_strdup_printf(", gssapi-data=\"%s\"",
313 gssapi_str
= g_strdup("");
316 opaque_str
= auth
->opaque
? g_strdup_printf(", opaque=\"%s\"", auth
->opaque
) : g_strdup("");
318 if (auth
->version
> 2) {
319 version_str
= g_strdup_printf(", version=%d", auth
->version
);
321 version_str
= g_strdup("");
324 ret
= g_strdup_printf("%s qop=\"auth\"%s, realm=\"%s\", targetname=\"%s\"%s%s%s",
325 auth
->protocol
, opaque_str
,
326 auth
->realm
, auth
->target
,
327 gssapi_str
, version_str
, sign_str
);
336 static gchar
*auth_header(struct sipe_core_private
*sipe_private
,
337 struct sip_auth
*auth
,
343 * If the message is already signed then we have an authentication
344 * context, i.e. the authentication handshake is complete. Generate
345 * authentication header from message signature.
347 if (msg
->signature
) {
348 ret
= msg_signature_to_auth(auth
, msg
);
351 * We should reach this point only when the authentication context
352 * needs to be initialized.
355 ret
= initialize_auth_context(sipe_private
, auth
, msg
);
361 static void fill_auth(const gchar
*hdr
, struct sip_auth
*auth
)
365 /* skip authentication identifier */
366 hdr
= strchr(hdr
, ' ');
368 SIPE_DEBUG_ERROR_NOFORMAT("fill_auth: corrupted authentication header");
374 /* start of next parameter value */
375 while ((param
= strchr(hdr
, '=')) != NULL
) {
378 /* parameter value type */
381 /* string: xyz="..."(,) */
382 end
= strchr(++param
, '"');
384 SIPE_DEBUG_ERROR("fill_auth: corrupted string parameter near '%s'", hdr
);
388 /* number: xyz=12345(,) */
389 end
= strchr(param
, ',');
392 end
= param
+ strlen(param
);
397 SIPE_DEBUG_INFO("fill_auth: hdr '%s'", hdr
);
398 SIPE_DEBUG_INFO("fill_auth: param '%s'", param
);
399 SIPE_DEBUG_INFO("fill_auth: end '%s'", end
);
403 if (g_str_has_prefix(hdr
, "gssapi-data=\"")) {
404 g_free(auth
->gssapi_data
);
405 auth
->gssapi_data
= g_strndup(param
, end
- param
);
406 } else if (g_str_has_prefix(hdr
, "opaque=\"")) {
407 g_free(auth
->opaque
);
408 auth
->opaque
= g_strndup(param
, end
- param
);
409 } else if (g_str_has_prefix(hdr
, "realm=\"")) {
411 auth
->realm
= g_strndup(param
, end
- param
);
412 } else if (g_str_has_prefix(hdr
, "sts-uri=\"")) {
413 /* Only used with SIPE_AUTHENTICATION_TYPE_TLS_DSK */
414 g_free(auth
->sts_uri
);
415 auth
->sts_uri
= g_strndup(param
, end
- param
);
416 } else if (g_str_has_prefix(hdr
, "targetname=\"")) {
417 g_free(auth
->target
);
418 auth
->target
= g_strndup(param
, end
- param
);
419 } else if (g_str_has_prefix(hdr
, "version=")) {
420 auth
->version
= atoi(param
);
423 /* skip to next parameter */
424 while ((*end
== '"') || (*end
== ',') || (*end
== ' '))
432 static void sign_outgoing_message(struct sipe_core_private
*sipe_private
,
435 struct sip_transport
*transport
= sipe_private
->transport
;
438 if (transport
->registrar
.type
== SIPE_AUTHENTICATION_TYPE_UNSET
) {
442 sipe_make_signature(sipe_private
, msg
);
444 buf
= auth_header(sipe_private
, &transport
->registrar
, msg
);
446 sipmsg_add_header_now(msg
, "Authorization", buf
);
451 static const gchar
*sip_transport_user_agent(struct sipe_core_private
*sipe_private
)
453 struct sip_transport
*transport
= sipe_private
->transport
;
455 if (!transport
->user_agent
) {
456 const gchar
*useragent
= sipe_backend_setting(SIPE_CORE_PUBLIC
,
457 SIPE_SETTING_USER_AGENT
);
458 if (is_empty(useragent
)) {
459 /*@TODO: better approach to define _user_ OS, it's version and host architecture */
461 #if defined(__linux__) || defined(__linux) || defined(__LINUX__)
462 #define SIPE_TARGET_PLATFORM "linux"
463 #elif defined(__NetBSD__) ||defined( __OpenBSD__) || defined(__FreeBSD__)
464 #define SIPE_TARGET_PLATFORM "bsd"
465 #elif defined(__APPLE__) || defined(__MACOS__)
466 #define SIPE_TARGET_PLATFORM "macosx"
467 #elif defined(_AIX) || defined(__AIX__) || defined(__aix__)
468 #define SIPE_TARGET_PLATFORM "aix"
469 #elif defined(__solaris__) || defined(__sun)
470 #define SIPE_TARGET_PLATFORM "sun"
471 #elif defined(_WIN32)
472 #define SIPE_TARGET_PLATFORM "win"
473 #elif defined(__CYGWIN__)
474 #define SIPE_TARGET_PLATFORM "cygwin"
475 #elif defined(__hpux__)
476 #define SIPE_TARGET_PLATFORM "hpux"
477 #elif defined(__sgi__)
478 #define SIPE_TARGET_PLATFORM "irix"
480 #define SIPE_TARGET_PLATFORM "unknown"
483 #if defined(__amd64__) || defined(__x86_64__) || defined(_M_AMD64)
484 #define SIPE_TARGET_ARCH "x86_64"
485 #elif defined(__386__) || defined(__i386__) || defined(__i386) || defined(_M_IX86) || defined(_M_I386)
486 #define SIPE_TARGET_ARCH "i386"
487 #elif defined(__ppc64__)
488 #define SIPE_TARGET_ARCH "ppc64"
489 #elif defined(__powerpc__) || defined(__powerpc) || defined(__ppc__) || defined(__PPC__) || defined(_M_PPC) || defined(_ARCH_PPC) || defined(_ARCH_PWR)
490 #define SIPE_TARGET_ARCH "ppc"
491 #elif defined(__hppa__) || defined(__hppa)
492 #define SIPE_TARGET_ARCH "hppa"
493 #elif defined(__mips__) || defined(__mips) || defined(_MIPS_ARCH) || defined(_M_MRX000)
494 #define SIPE_TARGET_ARCH "mips"
495 #elif defined(__s390__) || defined(__s390) || defined(__s390x__) || defined(__s390x)
496 #define SIPE_TARGET_ARCH "s390"
497 #elif defined(__sparc__) || defined(__sparc) || defined(__sparcv8)
498 #define SIPE_TARGET_ARCH "sparc"
499 #elif defined(__arm__)
500 #define SIPE_TARGET_ARCH "arm"
502 #define SIPE_TARGET_ARCH "other"
504 gchar
*backend
= sipe_backend_version();
505 transport
->user_agent
= g_strdup_printf("%s Sipe/" PACKAGE_VERSION
" (" SIPE_TARGET_PLATFORM
"-" SIPE_TARGET_ARCH
"; %s)",
507 transport
->server_version
? transport
->server_version
: "");
510 transport
->user_agent
= g_strdup(useragent
);
513 return(transport
->user_agent
);
516 void sip_transport_response(struct sipe_core_private
*sipe_private
,
524 GString
*outstr
= g_string_new("");
527 const gchar
*keepers
[] = { "To", "From", "Call-ID", "CSeq", "Via", "Record-Route", NULL
};
529 /* Can return NULL! */
530 contact
= get_contact(sipe_private
);
532 sipmsg_add_header(msg
, "Contact", contact
);
537 gchar
*len
= g_strdup_printf("%" G_GSIZE_FORMAT
, (gsize
) strlen(body
));
538 sipmsg_add_header(msg
, "Content-Length", len
);
541 sipmsg_add_header(msg
, "Content-Length", "0");
544 sipmsg_add_header(msg
, "User-Agent", sip_transport_user_agent(sipe_private
));
546 msg
->response
= code
;
548 sipmsg_strip_headers(msg
, keepers
);
549 sipmsg_merge_new_headers(msg
);
550 sign_outgoing_message(sipe_private
, msg
);
552 g_string_append_printf(outstr
, "SIP/2.0 %d %s\r\n", code
, text
);
555 name
= ((struct sipnameval
*) (tmp
->data
))->name
;
556 value
= ((struct sipnameval
*) (tmp
->data
))->value
;
558 g_string_append_printf(outstr
, "%s: %s\r\n", name
, value
);
559 tmp
= g_slist_next(tmp
);
561 g_string_append_printf(outstr
, "\r\n%s", body
? body
: "");
562 sipe_utils_message_debug("SIP", outstr
->str
, NULL
, TRUE
);
563 sipe_backend_transport_message(sipe_private
->transport
->connection
, outstr
->str
);
564 g_string_free(outstr
, TRUE
);
567 static void transactions_remove(struct sipe_core_private
*sipe_private
,
568 struct transaction
*trans
)
570 struct sip_transport
*transport
= sipe_private
->transport
;
571 if (transport
->transactions
) {
572 transport
->transactions
= g_slist_remove(transport
->transactions
,
574 SIPE_DEBUG_INFO("SIP transactions count:%d after removal", g_slist_length(transport
->transactions
));
576 if (trans
->msg
) sipmsg_free(trans
->msg
);
577 if (trans
->payload
) {
578 if (trans
->payload
->destroy
)
579 (*trans
->payload
->destroy
)(trans
->payload
->data
);
580 g_free(trans
->payload
);
583 if (trans
->timeout_key
) {
584 sipe_schedule_cancel(sipe_private
, trans
->timeout_key
);
585 g_free(trans
->timeout_key
);
591 static struct transaction
*transactions_find(struct sip_transport
*transport
,
594 GSList
*transactions
= transport
->transactions
;
595 const gchar
*call_id
= sipmsg_find_header(msg
, "Call-ID");
596 const gchar
*cseq
= sipmsg_find_header(msg
, "CSeq");
599 if (!call_id
|| !cseq
) {
600 SIPE_DEBUG_ERROR_NOFORMAT("transaction_find: no Call-ID or CSeq!");
604 key
= g_strdup_printf("<%s><%s>", call_id
, cseq
);
605 while (transactions
) {
606 struct transaction
*trans
= transactions
->data
;
607 if (!g_ascii_strcasecmp(trans
->key
, key
)) {
611 transactions
= transactions
->next
;
618 static void transaction_timeout_cb(struct sipe_core_private
*sipe_private
,
621 struct transaction
*trans
= data
;
622 (trans
->timeout_callback
)(sipe_private
, trans
->msg
, trans
);
623 transactions_remove(sipe_private
, trans
);
626 struct transaction
*sip_transport_request_timeout(struct sipe_core_private
*sipe_private
,
630 const gchar
*addheaders
,
632 struct sip_dialog
*dialog
,
633 TransCallback callback
,
635 TransCallback timeout_callback
)
637 struct sip_transport
*transport
= sipe_private
->transport
;
640 gchar
*ourtag
= dialog
&& dialog
->ourtag
? g_strdup(dialog
->ourtag
) : NULL
;
641 gchar
*theirtag
= dialog
&& dialog
->theirtag
? g_strdup(dialog
->theirtag
) : NULL
;
642 gchar
*theirepid
= dialog
&& dialog
->theirepid
? g_strdup(dialog
->theirepid
) : NULL
;
643 gchar
*callid
= dialog
&& dialog
->callid
? g_strdup(dialog
->callid
) : gencallid();
644 gchar
*branch
= dialog
&& dialog
->callid
? NULL
: genbranch();
645 gchar
*route
= g_strdup("");
646 gchar
*epid
= get_epid(sipe_private
);
647 int cseq
= dialog
? ++dialog
->cseq
: 1 /* as Call-Id is new in this case */;
648 struct transaction
*trans
= NULL
;
650 if (dialog
&& dialog
->routes
)
652 GSList
*iter
= dialog
->routes
;
657 route
= g_strdup_printf("%sRoute: %s\r\n", route
, (char *)iter
->data
);
659 iter
= g_slist_next(iter
);
663 if (!ourtag
&& !dialog
) {
667 if (sipe_strequal(method
, "REGISTER")) {
668 if (sipe_private
->register_callid
) {
670 callid
= g_strdup(sipe_private
->register_callid
);
672 sipe_private
->register_callid
= g_strdup(callid
);
674 cseq
= ++transport
->cseq
;
677 buf
= g_strdup_printf("%s %s SIP/2.0\r\n"
678 "Via: SIP/2.0/%s %s:%d%s%s\r\n"
679 "From: <sip:%s>%s%s;epid=%s\r\n"
680 "To: <%s>%s%s%s%s\r\n"
681 "Max-Forwards: 70\r\n"
686 "Content-Length: %" G_GSIZE_FORMAT
"\r\n\r\n%s",
688 dialog
&& dialog
->request
? dialog
->request
: url
,
689 TRANSPORT_DESCRIPTOR
,
690 sipe_backend_network_ip_address(SIPE_CORE_PUBLIC
),
691 transport
->connection
->client_port
,
692 branch
? ";branch=" : "",
693 branch
? branch
: "",
694 sipe_private
->username
,
695 ourtag
? ";tag=" : "",
696 ourtag
? ourtag
: "",
699 theirtag
? ";tag=" : "",
700 theirtag
? theirtag
: "",
701 theirepid
? ";epid=" : "",
702 theirepid
? theirepid
: "",
705 sip_transport_user_agent(sipe_private
),
708 addheaders
? addheaders
: "",
709 body
? (gsize
) strlen(body
) : 0,
713 //printf ("parsing msg buf:\n%s\n\n", buf);
714 msg
= sipmsg_parse_msg(buf
);
724 sign_outgoing_message(sipe_private
, msg
);
726 /* The authentication scheme is not ready so we can't send the message.
727 This should only happen for REGISTER messages. */
728 if (!transport
->auth_incomplete
) {
729 buf
= sipmsg_to_string(msg
);
731 /* add to ongoing transactions */
732 /* ACK isn't supposed to be answered ever. So we do not keep transaction for it. */
733 if (!sipe_strequal(method
, "ACK")) {
734 trans
= g_new0(struct transaction
, 1);
735 trans
->callback
= callback
;
737 trans
->key
= g_strdup_printf("<%s><%d %s>", callid
, cseq
, method
);
738 if (timeout_callback
) {
739 trans
->timeout_callback
= timeout_callback
;
740 trans
->timeout_key
= g_strdup_printf("<transaction timeout>%s", trans
->key
);
741 sipe_schedule_seconds(sipe_private
,
745 transaction_timeout_cb
,
748 transport
->transactions
= g_slist_append(transport
->transactions
,
750 SIPE_DEBUG_INFO("SIP transactions count:%d after addition", g_slist_length(transport
->transactions
));
753 sipe_utils_message_debug("SIP", buf
, NULL
, TRUE
);
754 sipe_backend_transport_message(transport
->connection
, buf
);
758 if (!trans
) sipmsg_free(msg
);
763 struct transaction
*sip_transport_request(struct sipe_core_private
*sipe_private
,
767 const gchar
*addheaders
,
769 struct sip_dialog
*dialog
,
770 TransCallback callback
)
772 return sip_transport_request_timeout(sipe_private
,
784 static void sip_transport_simple_request(struct sipe_core_private
*sipe_private
,
786 struct sip_dialog
*dialog
)
788 sip_transport_request(sipe_private
,
798 void sip_transport_ack(struct sipe_core_private
*sipe_private
,
799 struct sip_dialog
*dialog
)
801 sip_transport_simple_request(sipe_private
, "ACK", dialog
);
804 void sip_transport_bye(struct sipe_core_private
*sipe_private
,
805 struct sip_dialog
*dialog
)
807 sip_transport_simple_request(sipe_private
, "BYE", dialog
);
810 struct transaction
*sip_transport_info(struct sipe_core_private
*sipe_private
,
811 const gchar
*addheaders
,
813 struct sip_dialog
*dialog
,
814 TransCallback callback
)
816 return sip_transport_request(sipe_private
,
826 struct transaction
*sip_transport_invite(struct sipe_core_private
*sipe_private
,
827 const gchar
*addheaders
,
829 struct sip_dialog
*dialog
,
830 TransCallback callback
)
832 return sip_transport_request(sipe_private
,
842 struct transaction
*sip_transport_service(struct sipe_core_private
*sipe_private
,
844 const gchar
*addheaders
,
846 TransCallback callback
)
848 return sip_transport_request(sipe_private
,
858 void sip_transport_subscribe(struct sipe_core_private
*sipe_private
,
860 const gchar
*addheaders
,
862 struct sip_dialog
*dialog
,
863 TransCallback callback
)
865 sip_transport_request(sipe_private
,
875 static const gchar
*get_auth_header(struct sipe_core_private
*sipe_private
,
876 struct sip_auth
*auth
,
879 auth
->type
= sipe_private
->authentication_type
;
880 auth
->protocol
= auth_type_to_protocol
[auth
->type
];
882 return(sipmsg_find_auth_header(msg
, auth
->protocol
));
885 static void do_register(struct sipe_core_private
*sipe_private
,
886 gboolean deregister
);
888 static void do_reauthenticate_cb(struct sipe_core_private
*sipe_private
,
889 SIPE_UNUSED_PARAMETER gpointer unused
)
891 struct sip_transport
*transport
= sipe_private
->transport
;
893 /* register again when security token expires */
894 /* we have to start a new authentication as the security token
895 * is almost expired by sending a not signed REGISTER message */
896 SIPE_DEBUG_INFO_NOFORMAT("do a full reauthentication");
897 sipe_auth_free(&transport
->registrar
);
898 sipe_auth_free(&transport
->proxy
);
899 sipe_schedule_cancel(sipe_private
, "<registration>");
900 transport
->reregister_set
= FALSE
;
901 transport
->register_attempt
= 0;
902 do_register(sipe_private
, FALSE
);
903 transport
->reauthenticate_set
= FALSE
;
906 static void sip_transport_default_contact(struct sipe_core_private
*sipe_private
)
908 struct sip_transport
*transport
= sipe_private
->transport
;
909 sipe_private
->contact
= g_strdup_printf("<sip:%s:%d;maddr=%s;transport=%s>;proxy=replace",
910 sipe_private
->username
,
911 transport
->connection
->client_port
,
912 sipe_backend_network_ip_address(SIPE_CORE_PUBLIC
),
913 TRANSPORT_DESCRIPTOR
);
916 static void do_register_cb(struct sipe_core_private
*sipe_private
,
917 SIPE_UNUSED_PARAMETER
void *unused
)
919 do_register(sipe_private
, FALSE
);
922 static void sip_transport_set_reregister(struct sipe_core_private
*sipe_private
,
925 sipe_schedule_seconds(sipe_private
,
933 static void sipe_server_register(struct sipe_core_private
*sipe_private
,
938 static gboolean
process_register_response(struct sipe_core_private
*sipe_private
,
940 SIPE_UNUSED_PARAMETER
struct transaction
*trans
)
942 struct sip_transport
*transport
= sipe_private
->transport
;
943 const gchar
*expires_header
;
945 GSList
*hdr
= msg
->headers
;
946 struct sipnameval
*elem
;
948 expires_header
= sipmsg_find_header(msg
, "Expires");
949 expires
= expires_header
!= NULL
? strtol(expires_header
, NULL
, 10) : 0;
950 SIPE_DEBUG_INFO("process_register_response: got response to REGISTER; expires = %d", expires
);
952 switch (msg
->response
) {
955 const gchar
*contact_hdr
;
956 const gchar
*auth_hdr
;
960 const gchar
*server_hdr
= sipmsg_find_header(msg
, "Server");
962 if (!transport
->reregister_set
) {
963 sip_transport_set_reregister(sipe_private
,
965 transport
->reregister_set
= TRUE
;
968 if (server_hdr
&& !transport
->server_version
) {
969 transport
->server_version
= g_strdup(server_hdr
);
970 g_free(transport
->user_agent
);
971 transport
->user_agent
= NULL
;
974 auth_hdr
= get_auth_header(sipe_private
, &transport
->registrar
, msg
);
976 SIPE_DEBUG_INFO("process_register_response: Auth header: %s", auth_hdr
);
977 fill_auth(auth_hdr
, &transport
->registrar
);
980 if (!transport
->reauthenticate_set
) {
981 gchar
*action_name
= g_strdup_printf("<%s>", "+reauthentication");
982 guint reauth_timeout
= transport
->registrar
.expires
;
984 SIPE_DEBUG_INFO_NOFORMAT("process_register_response: authentication handshake completed successfully");
986 /* Does authentication scheme provide valid expiration time? */
987 if (reauth_timeout
<= (5 * 60)) {
988 SIPE_DEBUG_INFO_NOFORMAT("process_register_response: no expiration time - using default of 8 hours");
989 reauth_timeout
= 8 * 60 * 60;
992 /* schedule reauthentication 5 minutes before expiration */
993 sipe_schedule_seconds(sipe_private
,
996 reauth_timeout
- 5 * 60,
997 do_reauthenticate_cb
,
1000 transport
->reauthenticate_set
= TRUE
;
1003 sipe_backend_connection_completed(SIPE_CORE_PUBLIC
);
1005 uuid
= get_uuid(sipe_private
);
1007 // There can be multiple Contact headers (one per location where the user is logged in) so
1008 // make sure to only get the one for this uuid
1009 for (i
= 0; (contact_hdr
= sipmsg_find_header_instance (msg
, "Contact", i
)); i
++) {
1010 gchar
* valid_contact
= sipmsg_find_part_of_header (contact_hdr
, uuid
, NULL
, NULL
);
1011 if (valid_contact
) {
1012 gruu
= sipmsg_find_part_of_header(contact_hdr
, "gruu=\"", "\"", NULL
);
1013 //SIPE_DEBUG_INFO("process_register_response: got gruu %s from contact hdr w/ right uuid: %s", gruu, contact_hdr);
1014 g_free(valid_contact
);
1017 //SIPE_DEBUG_INFO("process_register_response: ignoring contact hdr b/c not right uuid: %s", contact_hdr);
1022 g_free(sipe_private
->contact
);
1024 sipe_private
->contact
= g_strdup_printf("<%s>", gruu
);
1027 //SIPE_DEBUG_INFO_NOFORMAT("process_register_response: didn't find gruu in a Contact hdr");
1028 sip_transport_default_contact(sipe_private
);
1030 SIPE_CORE_PRIVATE_FLAG_UNSET(OCS2007
);
1031 SIPE_CORE_PRIVATE_FLAG_UNSET(REMOTE_USER
);
1032 SIPE_CORE_PRIVATE_FLAG_UNSET(BATCHED_SUPPORT
);
1037 if (sipe_strcase_equal(elem
->name
, "Supported")) {
1038 if (sipe_strcase_equal(elem
->value
, "msrtc-event-categories")) {
1039 /* We interpret this as OCS2007+ indicator */
1040 SIPE_CORE_PRIVATE_FLAG_SET(OCS2007
);
1041 SIPE_DEBUG_INFO("Supported: %s (indicates OCS2007+)", elem
->value
);
1043 if (sipe_strcase_equal(elem
->value
, "adhoclist")) {
1044 SIPE_CORE_PRIVATE_FLAG_SET(BATCHED_SUPPORT
);
1045 SIPE_DEBUG_INFO("Supported: %s", elem
->value
);
1048 if (sipe_strcase_equal(elem
->name
, "Allow-Events")){
1049 gchar
**caps
= g_strsplit(elem
->value
,",",0);
1052 sipe_private
->allowed_events
= g_slist_append(sipe_private
->allowed_events
, g_strdup(caps
[i
]));
1053 SIPE_DEBUG_INFO("Allow-Events: %s", caps
[i
]);
1058 if (sipe_strcase_equal(elem
->name
, "ms-user-logon-data")) {
1059 if (sipe_strcase_equal(elem
->value
, "RemoteUser")) {
1060 SIPE_CORE_PRIVATE_FLAG_SET(REMOTE_USER
);
1061 SIPE_DEBUG_INFO_NOFORMAT("ms-user-logon-data: RemoteUser (connected "
1062 "via Edge Server)");
1065 hdr
= g_slist_next(hdr
);
1068 /* rejoin open chats to be able to use them by continue to send messages */
1069 sipe_backend_chat_rejoin_all(SIPE_CORE_PUBLIC
);
1071 /* subscriptions, done only once */
1072 if (!transport
->subscribed
) {
1073 sipe_subscription_self_events(sipe_private
);
1074 transport
->subscribed
= TRUE
;
1077 timeout
= sipmsg_find_part_of_header(sipmsg_find_header(msg
, "ms-keep-alive"),
1078 "timeout=", ";", NULL
);
1079 if (timeout
!= NULL
) {
1080 sscanf(timeout
, "%u", &sipe_private
->public.keepalive_timeout
);
1081 SIPE_DEBUG_INFO("process_register_response: server determined keep alive timeout is %u seconds",
1082 sipe_private
->public.keepalive_timeout
);
1086 SIPE_DEBUG_INFO("process_register_response: got 200, removing CSeq: %d", transport
->cseq
);
1091 gchar
*redirect
= parse_from(sipmsg_find_header(msg
, "Contact"));
1093 SIPE_DEBUG_INFO_NOFORMAT("process_register_response: authentication handshake completed successfully (with redirect)");
1095 if (redirect
&& (g_ascii_strncasecmp("sip:", redirect
, 4) == 0)) {
1096 gchar
**parts
= g_strsplit(redirect
+ 4, ";", 0);
1100 guint transport_type
= SIPE_TRANSPORT_TLS
;
1103 tmp
= g_strsplit(parts
[0], ":", 0);
1104 hostname
= g_strdup(tmp
[0]);
1105 if (tmp
[1]) port
= strtoul(tmp
[1], NULL
, 10);
1109 tmp
= g_strsplit(parts
[i
], "=", 0);
1111 if (g_ascii_strcasecmp("transport", tmp
[0]) == 0) {
1112 if (g_ascii_strcasecmp("tcp", tmp
[1]) == 0) {
1113 transport_type
= SIPE_TRANSPORT_TCP
;
1122 /* Close old connection */
1123 sipe_core_connection_cleanup(sipe_private
);
1124 /* transport and sipe_private->transport are invalid after this */
1126 /* Create new connection */
1127 sipe_server_register(sipe_private
, transport_type
, hostname
, port
);
1128 /* sipe_private->transport has a new value */
1129 SIPE_DEBUG_INFO("process_register_response: redirected to host %s port %d transport %d",
1130 hostname
, port
, transport_type
);
1137 const char *auth_hdr
;
1139 SIPE_DEBUG_INFO("process_register_response: REGISTER retries %d", transport
->registrar
.retries
);
1141 if (transport
->reauthenticate_set
) {
1142 SIPE_DEBUG_ERROR_NOFORMAT("process_register_response: RE-REGISTER rejected, triggering re-authentication");
1143 do_reauthenticate_cb(sipe_private
, NULL
);
1147 if (sip_sec_context_is_ready(transport
->registrar
.gssapi_context
)) {
1148 SIPE_DEBUG_INFO_NOFORMAT("process_register_response: authentication handshake failed - giving up.");
1149 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
1150 SIPE_CONNECTION_ERROR_AUTHENTICATION_FAILED
,
1151 _("Authentication failed"));
1155 auth_hdr
= get_auth_header(sipe_private
, &transport
->registrar
, msg
);
1157 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
1158 SIPE_CONNECTION_ERROR_AUTHENTICATION_IMPOSSIBLE
,
1159 _("Incompatible authentication scheme chosen"));
1162 SIPE_DEBUG_INFO("process_register_response: Auth header: %s", auth_hdr
);
1163 fill_auth(auth_hdr
, &transport
->registrar
);
1164 transport
->reregister_set
= FALSE
;
1165 transport
->register_attempt
= 0;
1166 do_register(sipe_private
,
1167 sipe_backend_connection_is_disconnecting(SIPE_CORE_PUBLIC
));
1174 sipmsg_parse_warning(msg
, &reason
);
1175 reason
= reason
? reason
: sipmsg_get_ms_diagnostics_public_reason(msg
);
1176 warning
= g_strdup_printf(_("You have been rejected by the server: %s"),
1177 reason
? reason
: _("no reason given"));
1180 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
1181 SIPE_CONNECTION_ERROR_INVALID_SETTINGS
,
1189 const gchar
*diagnostics
= sipmsg_find_header(msg
, "ms-diagnostics");
1190 gchar
*reason
= sipmsg_get_ms_diagnostics_reason(msg
);
1192 warning
= g_strdup_printf(_("Not found: %s. Please contact your Administrator"),
1193 diagnostics
? (reason
? reason
: _("no reason given")) :
1194 _("SIP is either not enabled for the destination URI or it does not exist"));
1197 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
1198 SIPE_CONNECTION_ERROR_INVALID_USERNAME
,
1204 case 504: /* Server time-out */
1205 /* first attempt + 5 retries */
1206 if (transport
->register_attempt
< 6) {
1207 SIPE_DEBUG_INFO("process_register_response: RE-REGISTER timeout on attempt %d, retrying later",
1208 transport
->register_attempt
);
1209 sip_transport_set_reregister(sipe_private
, 60);
1215 gchar
*reason
= sipmsg_get_ms_diagnostics_reason(msg
);
1217 warning
= g_strdup_printf(_("Service unavailable: %s"), reason
? reason
: _("no reason given"));
1220 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
1221 SIPE_CONNECTION_ERROR_NETWORK
,
1231 static gboolean
register_response_timeout(struct sipe_core_private
*sipe_private
,
1232 SIPE_UNUSED_PARAMETER
struct sipmsg
*msg
,
1233 SIPE_UNUSED_PARAMETER
struct transaction
*trans
)
1235 struct sip_transport
*transport
= sipe_private
->transport
;
1236 if (transport
->register_attempt
< 6) {
1237 SIPE_DEBUG_INFO("register_response_timeout: no answer to attempt %d, retrying",
1238 transport
->register_attempt
);
1239 do_register(sipe_private
, FALSE
);
1241 gchar
*warning
= g_strdup_printf(_("Service unavailable: %s"), _("no reason given"));
1242 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
1243 SIPE_CONNECTION_ERROR_NETWORK
,
1250 static void do_register(struct sipe_core_private
*sipe_private
,
1251 gboolean deregister
)
1253 struct sip_transport
*transport
= sipe_private
->transport
;
1259 if (!sipe_private
->public.sip_domain
) return;
1262 if (transport
->reregister_set
) {
1263 transport
->reregister_set
= FALSE
;
1264 transport
->register_attempt
= 1;
1266 transport
->register_attempt
++;
1270 transport
->deregister
= deregister
;
1271 transport
->auth_incomplete
= FALSE
;
1273 uuid
= get_uuid(sipe_private
);
1274 hdr
= g_strdup_printf("Contact: <sip:%s:%d;transport=%s;ms-opaque=d3470f2e1d>;methods=\"INVITE, MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY\";proxy=replace;+sip.instance=\"<urn:uuid:%s>\"\r\n"
1275 "Supported: gruu-10, adhoclist, msrtc-event-categories, com.microsoft.msrtc.presence\r\n"
1276 "Event: registration\r\n"
1277 "Allow-Events: presence\r\n"
1278 "ms-keep-alive: UAC;hop-hop=yes\r\n"
1280 sipe_backend_network_ip_address(SIPE_CORE_PUBLIC
),
1281 transport
->connection
->client_port
,
1282 TRANSPORT_DESCRIPTOR
,
1284 deregister
? "Expires: 0\r\n" : "");
1287 uri
= sip_uri_from_name(sipe_private
->public.sip_domain
);
1288 to
= sip_uri_self(sipe_private
);
1289 sip_transport_request_timeout(sipe_private
,
1296 process_register_response
,
1298 deregister
? NULL
: register_response_timeout
);
1304 /* Make sure that all messages are pushed to the server
1305 before the connection gets shut down */
1306 SIPE_DEBUG_INFO_NOFORMAT("De-register from server. Flushing outstanding messages.");
1307 sipe_backend_transport_flush(transport
->connection
);
1311 void sip_transport_deregister(struct sipe_core_private
*sipe_private
)
1313 do_register(sipe_private
, TRUE
);
1316 void sip_transport_disconnect(struct sipe_core_private
*sipe_private
)
1318 struct sip_transport
*transport
= sipe_private
->transport
;
1320 /* transport can be NULL during connection setup */
1322 sipe_backend_transport_disconnect(transport
->connection
);
1324 sipe_auth_free(&transport
->registrar
);
1325 sipe_auth_free(&transport
->proxy
);
1327 g_free(transport
->server_name
);
1328 g_free(transport
->server_version
);
1329 g_free(transport
->user_agent
);
1331 while (transport
->transactions
)
1332 transactions_remove(sipe_private
,
1333 transport
->transactions
->data
);
1338 sipe_private
->transport
= NULL
;
1339 sipe_private
->service_data
= NULL
;
1340 sipe_private
->address_data
= NULL
;
1342 if (sipe_private
->dns_query
)
1343 sipe_backend_dns_query_cancel(sipe_private
->dns_query
);
1347 void sip_transport_authentication_completed(struct sipe_core_private
*sipe_private
)
1349 do_reauthenticate_cb(sipe_private
, NULL
);
1352 guint
sip_transport_port(struct sipe_core_private
*sipe_private
)
1354 return sipe_private
->transport
->server_port
;
1357 static void process_input_message(struct sipe_core_private
*sipe_private
,
1360 struct sip_transport
*transport
= sipe_private
->transport
;
1361 gboolean notfound
= FALSE
;
1362 const char *method
= msg
->method
? msg
->method
: "NOT FOUND";
1364 SIPE_DEBUG_INFO("process_input_message: msg->response(%d),msg->method(%s)",
1365 msg
->response
, method
);
1367 if (msg
->response
== 0) { /* request */
1368 if (sipe_strequal(method
, "MESSAGE")) {
1369 process_incoming_message(sipe_private
, msg
);
1370 } else if (sipe_strequal(method
, "NOTIFY")) {
1371 SIPE_DEBUG_INFO_NOFORMAT("send->process_incoming_notify");
1372 process_incoming_notify(sipe_private
, msg
);
1373 sip_transport_response(sipe_private
, msg
, 200, "OK", NULL
);
1374 } else if (sipe_strequal(method
, "BENOTIFY")) {
1375 SIPE_DEBUG_INFO_NOFORMAT("send->process_incoming_benotify");
1376 process_incoming_notify(sipe_private
, msg
);
1377 } else if (sipe_strequal(method
, "INVITE")) {
1378 process_incoming_invite(sipe_private
, msg
);
1379 } else if (sipe_strequal(method
, "REFER")) {
1380 process_incoming_refer(sipe_private
, msg
);
1381 } else if (sipe_strequal(method
, "OPTIONS")) {
1382 process_incoming_options(sipe_private
, msg
);
1383 } else if (sipe_strequal(method
, "INFO")) {
1384 process_incoming_info(sipe_private
, msg
);
1385 } else if (sipe_strequal(method
, "ACK")) {
1386 /* ACK's don't need any response */
1387 } else if (sipe_strequal(method
, "PRACK")) {
1388 sip_transport_response(sipe_private
, msg
, 200, "OK", NULL
);
1389 } else if (sipe_strequal(method
, "SUBSCRIBE")) {
1390 /* LCS 2005 sends us these - just respond 200 OK */
1391 sip_transport_response(sipe_private
, msg
, 200, "OK", NULL
);
1392 } else if (sipe_strequal(method
, "CANCEL")) {
1393 process_incoming_cancel(sipe_private
, msg
);
1394 } else if (sipe_strequal(method
, "BYE")) {
1395 process_incoming_bye(sipe_private
, msg
);
1397 sip_transport_response(sipe_private
, msg
, 501, "Not implemented", NULL
);
1401 } else { /* response */
1402 struct transaction
*trans
= transactions_find(transport
, msg
);
1404 if (msg
->response
< 200) {
1405 /* ignore provisional response */
1406 SIPE_DEBUG_INFO("process_input_message: got provisional (%d) response, ignoring", msg
->response
);
1408 /* Transaction not yet completed */
1411 } else if (msg
->response
== 401) { /* Unauthorized */
1413 if (sipe_strequal(trans
->msg
->method
, "REGISTER")) {
1414 /* Expected response during authentication handshake */
1415 transport
->registrar
.retries
++;
1416 SIPE_DEBUG_INFO("process_input_message: RE-REGISTER CSeq: %d", transport
->cseq
);
1420 /* Are we registered? */
1421 if (transport
->reregister_set
) {
1422 SIPE_DEBUG_INFO_NOFORMAT("process_input_message: 401 response to non-REGISTER message. Retrying with new authentication.");
1423 sign_outgoing_message(sipe_private
,
1427 * We don't have a valid authentication at the moment.
1428 * Resend message unchanged. It will be rejected again
1429 * and hopefully by then we have a valid authentication.
1431 SIPE_DEBUG_INFO_NOFORMAT("process_input_message: 401 response to non-REGISTER message. Bouncing...");
1434 /* Resend request */
1435 resend
= sipmsg_to_string(trans
->msg
);
1436 sipe_utils_message_debug("SIP", resend
, NULL
, TRUE
);
1437 sipe_backend_transport_message(sipe_private
->transport
->connection
, resend
);
1440 /* Transaction not yet completed */
1444 } else if (msg
->response
== 407) { /* Proxy Authentication Required */
1446 if (transport
->proxy
.retries
++ <= 30) {
1447 const gchar
*proxy_hdr
= sipmsg_find_header(msg
, "Proxy-Authenticate");
1452 if (!g_ascii_strncasecmp(proxy_hdr
, "Digest", 6)) {
1453 auth
= sip_sec_digest_authorization(sipe_private
,
1460 transport
->proxy
.type
= SIPE_AUTHENTICATION_TYPE_UNSET
;
1461 for (i
= 0; i
< AUTH_PROTOCOLS
; i
++) {
1462 const gchar
*protocol
= auth_type_to_protocol
[i
];
1464 !g_ascii_strncasecmp(proxy_hdr
, protocol
, strlen(protocol
))) {
1465 SIPE_DEBUG_INFO("process_input_message: proxy authentication scheme '%s'", protocol
);
1466 transport
->proxy
.type
= i
;
1467 transport
->proxy
.protocol
= protocol
;
1468 fill_auth(proxy_hdr
, &transport
->proxy
);
1469 auth
= auth_header(sipe_private
, &transport
->proxy
, trans
->msg
);
1478 /* replace old proxy authentication with new one */
1479 sipmsg_remove_header_now(trans
->msg
, "Proxy-Authorization");
1480 sipmsg_add_header_now(trans
->msg
, "Proxy-Authorization", auth
);
1483 /* resend request with proxy authentication */
1484 resend
= sipmsg_to_string(trans
->msg
);
1485 sipe_utils_message_debug("SIP", resend
, NULL
, TRUE
);
1486 sipe_backend_transport_message(sipe_private
->transport
->connection
, resend
);
1489 /* Transaction not yet completed */
1493 SIPE_DEBUG_ERROR_NOFORMAT("process_input_message: can't generate proxy authentication. Giving up.");
1495 SIPE_DEBUG_ERROR_NOFORMAT("process_input_message: 407 response without 'Proxy-Authenticate' header. Giving up.");
1497 SIPE_DEBUG_ERROR_NOFORMAT("process_input_message: too many proxy authentication retries. Giving up.");
1500 transport
->registrar
.retries
= 0;
1501 transport
->proxy
.retries
= 0;
1504 /* Is transaction completed? */
1506 if (trans
->callback
) {
1507 SIPE_DEBUG_INFO_NOFORMAT("process_input_message: we have a transaction callback");
1508 /* call the callback to process response */
1509 (trans
->callback
)(sipe_private
, msg
, trans
);
1510 /* transport && trans no longer valid after redirect */
1514 * Redirect case: sipe_private->transport is
1515 * the new transport with empty queue
1517 if (sipe_private
->transport
->transactions
) {
1518 SIPE_DEBUG_INFO("process_input_message: removing CSeq %d", transport
->cseq
);
1519 transactions_remove(sipe_private
, trans
);
1523 SIPE_DEBUG_INFO_NOFORMAT("process_input_message: received response to unknown transaction");
1529 SIPE_DEBUG_INFO("received a unknown sip message with method %s and response %d", method
, msg
->response
);
1533 static void sip_transport_input(struct sipe_transport_connection
*conn
)
1535 struct sipe_core_private
*sipe_private
= conn
->user_data
;
1536 struct sip_transport
*transport
= sipe_private
->transport
;
1537 gchar
*cur
= conn
->buffer
;
1539 /* according to the RFC remove CRLF at the beginning */
1540 while (*cur
== '\r' || *cur
== '\n') {
1543 if (cur
!= conn
->buffer
)
1544 sipe_utils_shrink_buffer(conn
, cur
);
1546 /* Received a full Header? */
1547 transport
->processing_input
= TRUE
;
1548 while (transport
->processing_input
&&
1549 ((cur
= strstr(conn
->buffer
, "\r\n\r\n")) != NULL
)) {
1555 msg
= sipmsg_parse_header(conn
->buffer
);
1558 remainder
= conn
->buffer_used
- (cur
- conn
->buffer
);
1559 if (msg
&& remainder
>= (guint
) msg
->bodylen
) {
1560 char *dummy
= g_malloc(msg
->bodylen
+ 1);
1561 memcpy(dummy
, cur
, msg
->bodylen
);
1562 dummy
[msg
->bodylen
] = '\0';
1564 cur
+= msg
->bodylen
;
1565 sipe_utils_message_debug("SIP",
1569 sipe_utils_shrink_buffer(conn
, cur
);
1572 SIPE_DEBUG_INFO("sipe_transport_input: body too short (%d < %d, strlen %d) - ignoring message", remainder
, msg
->bodylen
, (int)strlen(conn
->buffer
));
1576 /* restore header for next try */
1581 // Verify the signature before processing it
1582 if (sip_sec_context_is_ready(transport
->registrar
.gssapi_context
)) {
1583 struct sipmsg_breakdown msgbd
;
1584 gchar
*signature_input_str
;
1587 sipmsg_breakdown_parse(&msgbd
, transport
->registrar
.realm
, transport
->registrar
.target
,
1588 transport
->registrar
.protocol
);
1589 signature_input_str
= sipmsg_breakdown_get_string(transport
->registrar
.version
, &msgbd
);
1591 rspauth
= sipmsg_find_part_of_header(sipmsg_find_header(msg
, "Authentication-Info"), "rspauth=\"", "\"", NULL
);
1593 if (rspauth
!= NULL
) {
1594 if (sip_sec_verify_signature(transport
->registrar
.gssapi_context
, signature_input_str
, rspauth
)) {
1595 SIPE_DEBUG_INFO_NOFORMAT("sip_transport_input: signature of incoming message validated");
1596 process_input_message(sipe_private
, msg
);
1597 /* transport is invalid after redirect */
1599 SIPE_DEBUG_INFO_NOFORMAT("sip_transport_input: signature of incoming message is invalid.");
1600 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
1601 SIPE_CONNECTION_ERROR_NETWORK
,
1602 _("Invalid message signature received"));
1604 } else if ((msg
->response
== 401) ||
1605 sipe_strequal(msg
->method
, "REGISTER")) {
1606 /* a) Retry non-REGISTER requests with updated authentication */
1607 /* b) We must always process REGISTER responses */
1608 process_input_message(sipe_private
, msg
);
1610 /* OCS sends provisional messages that are *not* signed */
1611 if (msg
->response
>= 200) {
1612 /* We are not calling process_input_message(),
1613 so we need to drop the transaction here. */
1614 struct transaction
*trans
= transactions_find(transport
, msg
);
1615 if (trans
) transactions_remove(sipe_private
, trans
);
1617 SIPE_DEBUG_INFO_NOFORMAT("sip_transport_input: message without authentication data - ignoring");
1619 g_free(signature_input_str
);
1622 sipmsg_breakdown_free(&msgbd
);
1624 process_input_message(sipe_private
, msg
);
1629 /* Redirect: old content of "transport" & "conn" is no longer valid */
1630 transport
= sipe_private
->transport
;
1631 conn
= transport
->connection
;
1635 static void sip_transport_connected(struct sipe_transport_connection
*conn
)
1637 struct sipe_core_private
*sipe_private
= conn
->user_data
;
1638 sipe_private
->service_data
= NULL
;
1639 sipe_private
->address_data
= NULL
;
1640 do_register(sipe_private
, FALSE
);
1643 static void resolve_next_service(struct sipe_core_private
*sipe_private
,
1644 const struct sip_service_data
*start
);
1645 static void resolve_next_address(struct sipe_core_private
*sipe_private
,
1647 static void sip_transport_error(struct sipe_transport_connection
*conn
,
1650 struct sipe_core_private
*sipe_private
= conn
->user_data
;
1652 /* This failed attempt was based on a DNS SRV record */
1653 if (sipe_private
->service_data
) {
1654 resolve_next_service(sipe_private
, NULL
);
1655 /* This failed attempt was based on a DNS A record */
1656 } else if (sipe_private
->address_data
) {
1657 resolve_next_address(sipe_private
, FALSE
);
1659 sipe_backend_connection_error(SIPE_CORE_PUBLIC
,
1660 SIPE_CONNECTION_ERROR_NETWORK
,
1665 /* server_name must be g_alloc()'ed */
1666 static void sipe_server_register(struct sipe_core_private
*sipe_private
,
1671 sipe_connect_setup setup
= {
1674 (server_port
!= 0) ? server_port
:
1675 (type
== SIPE_TRANSPORT_TLS
) ? 5061 : 5060,
1677 sip_transport_connected
,
1678 sip_transport_input
,
1681 struct sip_transport
*transport
= g_new0(struct sip_transport
, 1);
1683 transport
->server_name
= server_name
;
1684 transport
->server_port
= setup
.server_port
;
1685 transport
->connection
= sipe_backend_transport_connect(SIPE_CORE_PUBLIC
,
1687 sipe_private
->transport
= transport
;
1690 struct sip_service_data
{
1691 const char *protocol
;
1692 const char *transport
;
1697 * Autodiscover using DNS SRV records. See RFC2782/3263
1699 * Service list for AUTO
1701 static const struct sip_service_data service_autodetect
[] = {
1702 { "sipinternaltls", "tcp", SIPE_TRANSPORT_TLS
}, /* for internal TLS connections */
1703 { "sipinternal", "tcp", SIPE_TRANSPORT_TCP
}, /* for internal TCP connections */
1704 { "sip", "tls", SIPE_TRANSPORT_TLS
}, /* for external TLS connections */
1705 { "sip", "tcp", SIPE_TRANSPORT_TCP
}, /*.for external TCP connections */
1709 /* Service list for SSL/TLS */
1710 static const struct sip_service_data service_tls
[] = {
1711 { "sipinternaltls", "tcp", SIPE_TRANSPORT_TLS
}, /* for internal TLS connections */
1712 { "sip", "tls", SIPE_TRANSPORT_TLS
}, /* for external TLS connections */
1716 /* Service list for TCP */
1717 static const struct sip_service_data service_tcp
[] = {
1718 { "sipinternal", "tcp", SIPE_TRANSPORT_TCP
}, /* for internal TCP connections */
1719 { "sip", "tcp", SIPE_TRANSPORT_TCP
}, /*.for external TCP connections */
1723 static const struct sip_service_data
*services
[] = {
1724 service_autodetect
, /* SIPE_TRANSPORT_AUTO */
1725 service_tls
, /* SIPE_TRANSPORT_TLS */
1726 service_tcp
/* SIPE_TRANSPORT_TCP */
1729 struct sip_address_data
{
1735 * Autodiscover using DNS A records. This is an extension addded
1736 * by Microsoft. See http://support.microsoft.com/kb/2619522
1738 static const struct sip_address_data addresses
[] = {
1739 { "sipinternal", 5061 },
1740 { "sipexternal", 443 },
1742 * Our implementation supports only one port per host name. If the host name
1743 * resolves OK, we abort the search and try to connect. If we would know if we
1744 * are trying to connect from "Intranet" or "Internet" then we could choose
1745 * between those two ports.
1747 * We drop port 5061 in order to cover the "Internet" case.
1755 static void sipe_core_dns_resolved(struct sipe_core_public
*sipe_public
,
1756 const gchar
*hostname
, guint port
)
1758 struct sipe_core_private
*sipe_private
= SIPE_CORE_PRIVATE
;
1759 gboolean service
= sipe_private
->service_data
!= NULL
;
1761 sipe_private
->dns_query
= NULL
;
1768 host
= g_strdup(hostname
);
1769 type
= sipe_private
->service_data
->type
;
1771 /* DNS A resolver returns an IP address */
1772 host
= g_strdup_printf("%s.%s",
1773 sipe_private
->address_data
->prefix
,
1774 sipe_private
->public.sip_domain
);
1775 port
= sipe_private
->address_data
->port
;
1776 type
= sipe_private
->transport_type
;
1777 if (type
== SIPE_TRANSPORT_AUTO
)
1778 type
= SIPE_TRANSPORT_TLS
;
1781 SIPE_DEBUG_INFO("sipe_core_dns_resolved - %s hostname: %s port: %d",
1782 service
? "SRV" : "A", hostname
, port
);
1783 sipe_server_register(sipe_private
, type
, host
, port
);
1786 resolve_next_service(SIPE_CORE_PRIVATE
, NULL
);
1788 resolve_next_address(SIPE_CORE_PRIVATE
, FALSE
);
1792 static void resolve_next_service(struct sipe_core_private
*sipe_private
,
1793 const struct sip_service_data
*start
)
1796 sipe_private
->service_data
= start
;
1798 sipe_private
->service_data
++;
1799 if (sipe_private
->service_data
->protocol
== NULL
) {
1801 /* We tried all services */
1802 sipe_private
->service_data
= NULL
;
1804 /* Try A records list next */
1805 SIPE_DEBUG_INFO_NOFORMAT("no SRV records found; trying A records next");
1806 resolve_next_address(sipe_private
, TRUE
);
1811 /* Try to resolve next service */
1812 sipe_private
->dns_query
= sipe_backend_dns_query_srv(
1814 sipe_private
->service_data
->protocol
,
1815 sipe_private
->service_data
->transport
,
1816 sipe_private
->public.sip_domain
,
1817 (sipe_dns_resolved_cb
) sipe_core_dns_resolved
,
1821 static void resolve_next_address(struct sipe_core_private
*sipe_private
,
1827 sipe_private
->address_data
= addresses
;
1829 sipe_private
->address_data
++;
1830 if (sipe_private
->address_data
->prefix
== NULL
) {
1831 guint type
= sipe_private
->transport_type
;
1833 /* We tried all addresss */
1834 sipe_private
->address_data
= NULL
;
1836 /* Try connecting to the SIP hostname directly */
1837 SIPE_DEBUG_INFO_NOFORMAT("no SRV or A records found; using SIP domain as fallback");
1838 if (type
== SIPE_TRANSPORT_AUTO
)
1839 type
= SIPE_TRANSPORT_TLS
;
1841 sipe_server_register(sipe_private
, type
,
1842 g_strdup(sipe_private
->public.sip_domain
),
1848 /* Try to resolve next address */
1849 hostname
= g_strdup_printf("%s.%s",
1850 sipe_private
->address_data
->prefix
,
1851 sipe_private
->public.sip_domain
);
1852 sipe_private
->dns_query
= sipe_backend_dns_query_a(
1855 sipe_private
->address_data
->port
,
1856 (sipe_dns_resolved_cb
) sipe_core_dns_resolved
,
1862 * NOTE: this function can be called before sipe_core_allocate()!
1864 gboolean
sipe_core_transport_sip_requires_password(guint authentication
,
1867 return(sip_sec_requires_password(authentication
, sso
));
1870 void sipe_core_transport_sip_connect(struct sipe_core_public
*sipe_public
,
1872 guint authentication
,
1873 const gchar
*server
,
1876 struct sipe_core_private
*sipe_private
= SIPE_CORE_PRIVATE
;
1878 sipe_private
->authentication_type
= authentication
;
1881 * Initializing the certificate sub-system will trigger the generation
1882 * of a cryptographic key pair which takes time. If we do this after we
1883 * have connected to the server then there is a risk that we run into a
1884 * SIP connection timeout. So let's get this out of the way now...
1886 * This is currently only needed if the user has selected TLS-DSK.
1888 if (sipe_private
->authentication_type
== SIPE_AUTHENTICATION_TYPE_TLS_DSK
)
1889 sipe_certificate_init(sipe_private
);
1892 /* Use user specified server[:port] */
1893 int port_number
= 0;
1896 port_number
= atoi(port
);
1898 SIPE_DEBUG_INFO("sipe_core_connect: user specified SIP server %s:%d",
1899 server
, port_number
);
1901 sipe_server_register(sipe_private
, transport
,
1902 g_strdup(server
), port_number
);
1904 /* Server auto-discovery */
1906 /* Remember user specified transport type */
1907 sipe_private
->transport_type
= transport
;
1908 resolve_next_service(sipe_private
, services
[transport
]);
1912 void sipe_core_transport_sip_keepalive(struct sipe_core_public
*sipe_public
)
1914 SIPE_DEBUG_INFO("sending keep alive %d",
1915 sipe_public
->keepalive_timeout
);
1916 sipe_utils_message_debug("SIP", "", NULL
, TRUE
);
1917 sipe_backend_transport_message(SIPE_CORE_PRIVATE
->transport
->connection
,
1921 const gchar
*sipe_core_transport_sip_server_name(struct sipe_core_public
*sipe_public
)
1923 struct sip_transport
*transport
= SIPE_CORE_PRIVATE
->transport
;
1924 return(transport
? transport
->server_name
: NULL
);
1927 int sip_transaction_cseq(struct transaction
*trans
)
1931 g_return_val_if_fail(trans
&& trans
->key
, 0);
1933 sscanf(trans
->key
, "<%*[a-zA-Z0-9]><%d INVITE>", &cseq
);