diff --git a/.github/workflows/abi.yml b/.github/workflows/abi.yml index 648b455a6..2ec7c6b8e 100644 --- a/.github/workflows/abi.yml +++ b/.github/workflows/abi.yml @@ -15,7 +15,7 @@ jobs: steps: - uses: actions/checkout@v4 with: - ref: 'v3.10.0' + ref: 'v3.11.0' path: old - uses: actions/checkout@v4 diff --git a/CHANGELOG.md b/CHANGELOG.md index 7c7021139..50320665d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,31 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v3.12.0] - 2024-05-15 + +## What's Changed +* cmake: fix static library build (vcpkg) by @alfredh in https://github.com/baresip/re/pull/1096 +* h264: add STAP-A decode with long startcodes by @alfredh in https://github.com/baresip/re/pull/1101 +* sess,request: deref request and ctrans immediately by @maximilianfridrich in https://github.com/baresip/re/pull/1099 +* ua: enforce magic cookie in Via branch by @maximilianfridrich in https://github.com/baresip/re/pull/1102 +* sip/auth: SHA-256 digest algorithm support by @sreimers in https://github.com/baresip/re/pull/1103 +* ci/coverage: increase min. coverage by @sreimers in https://github.com/baresip/re/pull/1106 +* rtp: fix correct logging text by @alfredh in https://github.com/baresip/re/pull/1109 +* types: fix RE_ARG_SIZE gcc bit fields by @sreimers in https://github.com/baresip/re/pull/1110 +* fmt: use re_fprintf instead of DEBUG_WARNING to avoid deadlock by @alfredh in https://github.com/baresip/re/pull/1112 +* dbg: remove support for logfile by @alfredh in https://github.com/baresip/re/pull/1111 +* test: add usage of rtcp_msg_print() by @alfredh in https://github.com/baresip/re/pull/1105 +* http/client: add setter to disable tls server verification by @maximilianfridrich in https://github.com/baresip/re/pull/1114 +* dbg: mutex should be unlocked while calling print handler by @alfredh in https://github.com/baresip/re/pull/1113 +* Update README.md by @alfredh in https://github.com/baresip/re/pull/1115 +* http/request: reset body mbuf pos on re-sending by @maximilianfridrich in https://github.com/baresip/re/pull/1116 +* bump version by @alfredh in https://github.com/baresip/re/pull/1118 +* cmake: bump soversion by @alfredh in https://github.com/baresip/re/pull/1119 + + +**Full Changelog**: https://github.com/baresip/re/compare/v3.11.0...v3.12.0 + + ## [v3.11.0] - 2024-04-09 ### What's Changed diff --git a/CMakeLists.txt b/CMakeLists.txt index 7cb3dc07d..a951df07c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -14,13 +14,13 @@ cmake_minimum_required(VERSION 3.14) project(re - VERSION 3.11.0 + VERSION 3.12.0 LANGUAGES C HOMEPAGE_URL https://github.com/baresip/re DESCRIPTION "Generic library for real-time communications" ) -set(PROJECT_SOVERSION 23) # bump if ABI breaks +set(PROJECT_SOVERSION 24) # bump if ABI breaks # Pre-release identifier, comment out on a release # Increment for breaking changes (dev2, dev3...) diff --git a/cmake/re-config.cmake b/cmake/re-config.cmake index 68c0c80cd..426a79db4 100644 --- a/cmake/re-config.cmake +++ b/cmake/re-config.cmake @@ -163,7 +163,6 @@ if(USE_OPENSSL) USE_OPENSSL USE_OPENSSL_AES USE_OPENSSL_HMAC - USE_OPENSSL_SRTP USE_TLS ) endif() diff --git a/mk/Doxyfile b/mk/Doxyfile index df583912b..3a646e6d0 100644 --- a/mk/Doxyfile +++ b/mk/Doxyfile @@ -4,7 +4,7 @@ # Project related configuration options #--------------------------------------------------------------------------- PROJECT_NAME = libre -PROJECT_NUMBER = 3.11.0 +PROJECT_NUMBER = 3.12.0 OUTPUT_DIRECTORY = ../re-dox CREATE_SUBDIRS = NO OUTPUT_LANGUAGE = English diff --git a/src/http/client.c b/src/http/client.c index 58a1e9302..c97623bc5 100644 --- a/src/http/client.c +++ b/src/http/client.c @@ -28,8 +28,6 @@ #define DEBUG_LEVEL 5 #include -#define PEMBUF_SIZE 512 - enum { CONN_TIMEOUT = 30000, RECV_TIMEOUT = 60000, @@ -1108,8 +1106,9 @@ int http_client_set_cert(struct http_cli *cli, const char *path) /** * Set client certificate in PEM format + * * @param cli HTTP Client - * @param pem Client certificate in PEM format + * @param pem Client certificate as 0-terminated string in PEM format * * @return 0 for success, error code otherwise. */ @@ -1120,11 +1119,19 @@ int http_client_set_certpem(struct http_cli *cli, const char *pem) return EINVAL; cli->cert = mem_deref(cli->cert); - cli->cert = mbuf_alloc(PEMBUF_SIZE); + cli->cert = mbuf_alloc(strlen(pem)); return mbuf_write_str(cli->cert, pem); } +/** + * Set client key + * + * @param cli HTTP Client + * @param path File path to client key + * + * @return 0 for success, error code otherwise. + */ int http_client_set_key(struct http_cli *cli, const char *path) { int err = 0; @@ -1143,6 +1150,14 @@ int http_client_set_key(struct http_cli *cli, const char *path) } +/** + * Set client key in PEM format + * + * @param cli HTTP Client + * @param pem Client key as 0-terminated string in PEM format + * + * @return 0 for success, error code otherwise. + */ int http_client_set_keypem(struct http_cli *cli, const char *pem) { if (!cli || !str_isset(pem)) @@ -1150,7 +1165,7 @@ int http_client_set_keypem(struct http_cli *cli, const char *pem) cli->key = mem_deref(cli->key); - cli->key = mbuf_alloc(PEMBUF_SIZE); + cli->key = mbuf_alloc(strlen(pem)); return mbuf_write_str(cli->key, pem); } diff --git a/src/http/request.c b/src/http/request.c index da056cda5..8d1bbf98d 100644 --- a/src/http/request.c +++ b/src/http/request.c @@ -235,6 +235,7 @@ static void resp_handler(int err, const struct http_msg *msg, void *arg) } pl_set_mbuf(&auth, abuf); + mbuf_set_pos(conn->body, 0); err = send_req(conn, &auth); if (err) goto disconnect; diff --git a/src/main/openssl.c b/src/main/openssl.c index 1fbaccfc4..71f79aac9 100644 --- a/src/main/openssl.c +++ b/src/main/openssl.c @@ -6,7 +6,6 @@ #ifdef HAVE_SIGNAL #include #endif -#include #include #include "main.h" @@ -22,15 +21,9 @@ static void sigpipe_handler(int x) int openssl_init(void) { - int err; - #ifdef SIGPIPE (void)signal(SIGPIPE, sigpipe_handler); #endif - err = OPENSSL_init_ssl(OPENSSL_INIT_SSL_DEFAULT, NULL); - if (!err) - return ENOSYS; - return 0; } diff --git a/src/sip/transp.c b/src/sip/transp.c index e62e9f18d..ea9e9d43c 100644 --- a/src/sip/transp.c +++ b/src/sip/transp.c @@ -314,7 +314,8 @@ static bool have_essential_fields(const struct sip_msg *msg) pl_isset(&(msg->from.auri)) && pl_isset(&(msg->cseq.met)) && pl_isset(&(msg->callid)) && - pl_isset(&(msg->maxfwd)) && + (pl_isset(&(msg->maxfwd)) || + !pl_strncmp(&msg->met, "ACK", 3)) && pl_isset(&(msg->via.branch))) return true; diff --git a/src/tls/openssl/tls.c b/src/tls/openssl/tls.c index 1d9fb50cb..f3d111ceb 100644 --- a/src/tls/openssl/tls.c +++ b/src/tls/openssl/tls.c @@ -1089,7 +1089,6 @@ int tls_set_verify_client_handler(struct tls_conn *tc, int depth, */ int tls_set_srtp(struct tls *tls, const char *suites) { -#ifdef USE_OPENSSL_SRTP if (!tls || !suites) return EINVAL; @@ -1099,12 +1098,6 @@ int tls_set_srtp(struct tls *tls, const char *suites) } return 0; -#else - (void)tls; - (void)suites; - - return ENOSYS; -#endif } @@ -1265,7 +1258,6 @@ int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite, uint8_t *cli_key, size_t cli_key_size, uint8_t *srv_key, size_t srv_key_size) { -#ifdef USE_OPENSSL_SRTP static const char *label = "EXTRACTOR-dtls_srtp"; size_t key_size, salt_size, size; SRTP_PROTECTION_PROFILE *sel; @@ -1336,16 +1328,6 @@ int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite, mem_secclean(keymat, sizeof(keymat)); return 0; -#else - (void)tc; - (void)suite; - (void)cli_key; - (void)cli_key_size; - (void)srv_key; - (void)srv_key_size; - - return ENOSYS; -#endif } diff --git a/src/tls/openssl/tls_tcp.c b/src/tls/openssl/tls_tcp.c index e7fbe0be2..422343ed2 100644 --- a/src/tls/openssl/tls_tcp.c +++ b/src/tls/openssl/tls_tcp.c @@ -230,7 +230,7 @@ static bool recv_handler(int *err, struct mbuf *mb, bool *estab, void *arg) if (SSL_state(tc->ssl) != SSL_ST_OK) { - if (tc->up) { + if (tc->up && !SSL_get_secure_renegotiation_support(tc->ssl)) { *err = EPROTO; return true; } diff --git a/src/tls/openssl/tls_udp.c b/src/tls/openssl/tls_udp.c index 6a57f602e..19d31485b 100644 --- a/src/tls/openssl/tls_udp.c +++ b/src/tls/openssl/tls_udp.c @@ -353,7 +353,7 @@ static void conn_recv(struct tls_conn *tc, struct mbuf *mb) if (SSL_state(tc->ssl) != SSL_ST_OK) { - if (tc->up) { + if (tc->up && !SSL_get_secure_renegotiation_support(tc->ssl)) { conn_close(tc, EPROTO); return; }