From 475573af9a1d39fcce130a5a4591e5fa234c1837 Mon Sep 17 00:00:00 2001 From: Maximilian Fridrich Date: Sun, 12 May 2024 13:36:05 +0200 Subject: [PATCH 01/10] http/request: reset body mbuf pos on re-sending (#1116) --- src/http/request.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/http/request.c b/src/http/request.c index da056cda5..8d1bbf98d 100644 --- a/src/http/request.c +++ b/src/http/request.c @@ -235,6 +235,7 @@ static void resp_handler(int err, const struct http_msg *msg, void *arg) } pl_set_mbuf(&auth, abuf); + mbuf_set_pos(conn->body, 0); err = send_req(conn, &auth); if (err) goto disconnect; From 6716a245af812a825479bd876ce0f192b0fa1df0 Mon Sep 17 00:00:00 2001 From: Sebastian Reimers Date: Tue, 14 May 2024 14:59:18 +0200 Subject: [PATCH 02/10] ci/abi: bump abi version --- .github/workflows/abi.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/abi.yml b/.github/workflows/abi.yml index 648b455a6..2ec7c6b8e 100644 --- a/.github/workflows/abi.yml +++ b/.github/workflows/abi.yml @@ -15,7 +15,7 @@ jobs: steps: - uses: actions/checkout@v4 with: - ref: 'v3.10.0' + ref: 'v3.11.0' path: old - uses: actions/checkout@v4 From d252b9c8a468a260925a38238376d77f54c0f929 Mon Sep 17 00:00:00 2001 From: "Alfred E. Heggestad" <114750+alfredh@users.noreply.github.com> Date: Tue, 14 May 2024 15:06:01 +0200 Subject: [PATCH 03/10] bump version (#1118) --- CMakeLists.txt | 2 +- mk/Doxyfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 7cb3dc07d..7974acbdc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -14,7 +14,7 @@ cmake_minimum_required(VERSION 3.14) project(re - VERSION 3.11.0 + VERSION 3.12.0 LANGUAGES C HOMEPAGE_URL https://github.com/baresip/re DESCRIPTION "Generic library for real-time communications" diff --git a/mk/Doxyfile b/mk/Doxyfile index df583912b..3a646e6d0 100644 --- a/mk/Doxyfile +++ b/mk/Doxyfile @@ -4,7 +4,7 @@ # Project related configuration options #--------------------------------------------------------------------------- PROJECT_NAME = libre -PROJECT_NUMBER = 3.11.0 +PROJECT_NUMBER = 3.12.0 OUTPUT_DIRECTORY = ../re-dox CREATE_SUBDIRS = NO OUTPUT_LANGUAGE = English From a4e15c30feaf3b76381ea5f6a8e651853dbddde2 Mon Sep 17 00:00:00 2001 From: "Alfred E. Heggestad" <114750+alfredh@users.noreply.github.com> Date: Tue, 14 May 2024 15:59:22 +0200 Subject: [PATCH 04/10] cmake: bump soversion (#1119) --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 7974acbdc..a951df07c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -20,7 +20,7 @@ project(re DESCRIPTION "Generic library for real-time communications" ) -set(PROJECT_SOVERSION 23) # bump if ABI breaks +set(PROJECT_SOVERSION 24) # bump if ABI breaks # Pre-release identifier, comment out on a release # Increment for breaking changes (dev2, dev3...) From dea97648eb2f2f9c0af3a6e03e742a49c00c89c8 Mon Sep 17 00:00:00 2001 From: "Alfred E. Heggestad" <114750+alfredh@users.noreply.github.com> Date: Wed, 15 May 2024 08:37:35 +0200 Subject: [PATCH 05/10] version 3.12.0 --- CHANGELOG.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7c7021139..50320665d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,31 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v3.12.0] - 2024-05-15 + +## What's Changed +* cmake: fix static library build (vcpkg) by @alfredh in https://github.com/baresip/re/pull/1096 +* h264: add STAP-A decode with long startcodes by @alfredh in https://github.com/baresip/re/pull/1101 +* sess,request: deref request and ctrans immediately by @maximilianfridrich in https://github.com/baresip/re/pull/1099 +* ua: enforce magic cookie in Via branch by @maximilianfridrich in https://github.com/baresip/re/pull/1102 +* sip/auth: SHA-256 digest algorithm support by @sreimers in https://github.com/baresip/re/pull/1103 +* ci/coverage: increase min. coverage by @sreimers in https://github.com/baresip/re/pull/1106 +* rtp: fix correct logging text by @alfredh in https://github.com/baresip/re/pull/1109 +* types: fix RE_ARG_SIZE gcc bit fields by @sreimers in https://github.com/baresip/re/pull/1110 +* fmt: use re_fprintf instead of DEBUG_WARNING to avoid deadlock by @alfredh in https://github.com/baresip/re/pull/1112 +* dbg: remove support for logfile by @alfredh in https://github.com/baresip/re/pull/1111 +* test: add usage of rtcp_msg_print() by @alfredh in https://github.com/baresip/re/pull/1105 +* http/client: add setter to disable tls server verification by @maximilianfridrich in https://github.com/baresip/re/pull/1114 +* dbg: mutex should be unlocked while calling print handler by @alfredh in https://github.com/baresip/re/pull/1113 +* Update README.md by @alfredh in https://github.com/baresip/re/pull/1115 +* http/request: reset body mbuf pos on re-sending by @maximilianfridrich in https://github.com/baresip/re/pull/1116 +* bump version by @alfredh in https://github.com/baresip/re/pull/1118 +* cmake: bump soversion by @alfredh in https://github.com/baresip/re/pull/1119 + + +**Full Changelog**: https://github.com/baresip/re/compare/v3.11.0...v3.12.0 + + ## [v3.11.0] - 2024-04-09 ### What's Changed From c1e09deebb3ea6a704edb83752b9f9dfdb778acc Mon Sep 17 00:00:00 2001 From: Maximilian Fridrich Date: Wed, 15 May 2024 11:17:28 +0200 Subject: [PATCH 06/10] http/client: use dynamically sized buffers for PEM setters (#1117) --- src/http/client.c | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/src/http/client.c b/src/http/client.c index 58a1e9302..c97623bc5 100644 --- a/src/http/client.c +++ b/src/http/client.c @@ -28,8 +28,6 @@ #define DEBUG_LEVEL 5 #include -#define PEMBUF_SIZE 512 - enum { CONN_TIMEOUT = 30000, RECV_TIMEOUT = 60000, @@ -1108,8 +1106,9 @@ int http_client_set_cert(struct http_cli *cli, const char *path) /** * Set client certificate in PEM format + * * @param cli HTTP Client - * @param pem Client certificate in PEM format + * @param pem Client certificate as 0-terminated string in PEM format * * @return 0 for success, error code otherwise. */ @@ -1120,11 +1119,19 @@ int http_client_set_certpem(struct http_cli *cli, const char *pem) return EINVAL; cli->cert = mem_deref(cli->cert); - cli->cert = mbuf_alloc(PEMBUF_SIZE); + cli->cert = mbuf_alloc(strlen(pem)); return mbuf_write_str(cli->cert, pem); } +/** + * Set client key + * + * @param cli HTTP Client + * @param path File path to client key + * + * @return 0 for success, error code otherwise. + */ int http_client_set_key(struct http_cli *cli, const char *path) { int err = 0; @@ -1143,6 +1150,14 @@ int http_client_set_key(struct http_cli *cli, const char *path) } +/** + * Set client key in PEM format + * + * @param cli HTTP Client + * @param pem Client key as 0-terminated string in PEM format + * + * @return 0 for success, error code otherwise. + */ int http_client_set_keypem(struct http_cli *cli, const char *pem) { if (!cli || !str_isset(pem)) @@ -1150,7 +1165,7 @@ int http_client_set_keypem(struct http_cli *cli, const char *pem) cli->key = mem_deref(cli->key); - cli->key = mbuf_alloc(PEMBUF_SIZE); + cli->key = mbuf_alloc(strlen(pem)); return mbuf_write_str(cli->key, pem); } From 14c981e77e023d6f119d720ee986dc1d1ed004c7 Mon Sep 17 00:00:00 2001 From: Maximilian Fridrich Date: Thu, 16 May 2024 10:47:36 +0200 Subject: [PATCH 07/10] tls: allow secure TLS renegotiation (#1121) --- src/tls/openssl/tls_tcp.c | 2 +- src/tls/openssl/tls_udp.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/tls/openssl/tls_tcp.c b/src/tls/openssl/tls_tcp.c index e7fbe0be2..422343ed2 100644 --- a/src/tls/openssl/tls_tcp.c +++ b/src/tls/openssl/tls_tcp.c @@ -230,7 +230,7 @@ static bool recv_handler(int *err, struct mbuf *mb, bool *estab, void *arg) if (SSL_state(tc->ssl) != SSL_ST_OK) { - if (tc->up) { + if (tc->up && !SSL_get_secure_renegotiation_support(tc->ssl)) { *err = EPROTO; return true; } diff --git a/src/tls/openssl/tls_udp.c b/src/tls/openssl/tls_udp.c index 6a57f602e..19d31485b 100644 --- a/src/tls/openssl/tls_udp.c +++ b/src/tls/openssl/tls_udp.c @@ -353,7 +353,7 @@ static void conn_recv(struct tls_conn *tc, struct mbuf *mb) if (SSL_state(tc->ssl) != SSL_ST_OK) { - if (tc->up) { + if (tc->up && !SSL_get_secure_renegotiation_support(tc->ssl)) { conn_close(tc, EPROTO); return; } From 034cc387c376bd8f6f0a7fa404f0a6a1cad23c25 Mon Sep 17 00:00:00 2001 From: "Alfred E. Heggestad" <114750+alfredh@users.noreply.github.com> Date: Thu, 16 May 2024 11:07:09 +0200 Subject: [PATCH 08/10] tls: always enable USE_OPENSSL_SRTP (#1122) --- cmake/re-config.cmake | 1 - src/tls/openssl/tls.c | 18 ------------------ 2 files changed, 19 deletions(-) diff --git a/cmake/re-config.cmake b/cmake/re-config.cmake index 68c0c80cd..426a79db4 100644 --- a/cmake/re-config.cmake +++ b/cmake/re-config.cmake @@ -163,7 +163,6 @@ if(USE_OPENSSL) USE_OPENSSL USE_OPENSSL_AES USE_OPENSSL_HMAC - USE_OPENSSL_SRTP USE_TLS ) endif() diff --git a/src/tls/openssl/tls.c b/src/tls/openssl/tls.c index 1d9fb50cb..f3d111ceb 100644 --- a/src/tls/openssl/tls.c +++ b/src/tls/openssl/tls.c @@ -1089,7 +1089,6 @@ int tls_set_verify_client_handler(struct tls_conn *tc, int depth, */ int tls_set_srtp(struct tls *tls, const char *suites) { -#ifdef USE_OPENSSL_SRTP if (!tls || !suites) return EINVAL; @@ -1099,12 +1098,6 @@ int tls_set_srtp(struct tls *tls, const char *suites) } return 0; -#else - (void)tls; - (void)suites; - - return ENOSYS; -#endif } @@ -1265,7 +1258,6 @@ int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite, uint8_t *cli_key, size_t cli_key_size, uint8_t *srv_key, size_t srv_key_size) { -#ifdef USE_OPENSSL_SRTP static const char *label = "EXTRACTOR-dtls_srtp"; size_t key_size, salt_size, size; SRTP_PROTECTION_PROFILE *sel; @@ -1336,16 +1328,6 @@ int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite, mem_secclean(keymat, sizeof(keymat)); return 0; -#else - (void)tc; - (void)suite; - (void)cli_key; - (void)cli_key_size; - (void)srv_key; - (void)srv_key_size; - - return ENOSYS; -#endif } From 25b1e40d812949cd4130f488003b24bd1e543581 Mon Sep 17 00:00:00 2001 From: "Alfred E. Heggestad" <114750+alfredh@users.noreply.github.com> Date: Thu, 16 May 2024 11:07:18 +0200 Subject: [PATCH 09/10] main: remove call to openssl init (#1120) --- src/main/openssl.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/main/openssl.c b/src/main/openssl.c index 1fbaccfc4..71f79aac9 100644 --- a/src/main/openssl.c +++ b/src/main/openssl.c @@ -6,7 +6,6 @@ #ifdef HAVE_SIGNAL #include #endif -#include #include #include "main.h" @@ -22,15 +21,9 @@ static void sigpipe_handler(int x) int openssl_init(void) { - int err; - #ifdef SIGPIPE (void)signal(SIGPIPE, sigpipe_handler); #endif - err = OPENSSL_init_ssl(OPENSSL_INIT_SSL_DEFAULT, NULL); - if (!err) - return ENOSYS; - return 0; } From 24671f12b7aeac3d773dc6b423e2495c493215d4 Mon Sep 17 00:00:00 2001 From: juha-h Date: Tue, 21 May 2024 12:08:05 +0300 Subject: [PATCH 10/10] sip/transp: Allow ACK w/o Max-Forwards header (#1124) --- src/sip/transp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/sip/transp.c b/src/sip/transp.c index e62e9f18d..ea9e9d43c 100644 --- a/src/sip/transp.c +++ b/src/sip/transp.c @@ -314,7 +314,8 @@ static bool have_essential_fields(const struct sip_msg *msg) pl_isset(&(msg->from.auri)) && pl_isset(&(msg->cseq.met)) && pl_isset(&(msg->callid)) && - pl_isset(&(msg->maxfwd)) && + (pl_isset(&(msg->maxfwd)) || + !pl_strncmp(&msg->met, "ACK", 3)) && pl_isset(&(msg->via.branch))) return true;