Browse code

core, lib, modules: restructured source code tree

- new folder src/ to hold the source code for main project applications
- main.c is in src/
- all core files are subfolder are in src/core/
- modules are in src/modules/
- libs are in src/lib/
- application Makefiles are in src/
- application binary is built in src/ (src/kamailio)

Daniel-Constantin Mierla authored on 07/12/2016 11:03:51
Showing 1 changed files
1 1
deleted file mode 100644
... ...
@@ -1,45 +0,0 @@
1
-/* 
2
- * TLS module - module interface
3
- *
4
- * Copyright (C) 2005 iptelorg GmbH
5
- *
6
- * Permission to use, copy, modify, and distribute this software for any
7
- * purpose with or without fee is hereby granted, provided that the above
8
- * copyright notice and this permission notice appear in all copies.
9
- *
10
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
- */
18
-/** Kamailio TLS support :: module interface.
19
- * @file
20
- * @ingroup tls
21
- * Module: @ref tls
22
- */
23
-
24
-
25
-
26
-#ifndef _TLS_MOD_H
27
-#define _TLS_MOD_H
28
-
29
-#include "../../str.h"
30
-#include "../../locking.h"
31
-#include "tls_domain.h"
32
-
33
-
34
-/* Current TLS configuration */
35
-extern tls_domains_cfg_t** tls_domains_cfg;
36
-extern gen_lock_t* tls_domains_cfg_lock;
37
-
38
-extern tls_domain_t cli_defaults;
39
-extern tls_domain_t srv_defaults;
40
-
41
-extern str tls_domains_cfg_file;
42
-
43
-extern int sr_tls_renegotiation;
44
-
45
-#endif /* _TLS_MOD_H */
Browse code

tls Remove history, change "SIP-router" to "Kamailio"

Olle E. Johansson authored on 10/01/2015 16:33:42
Showing 1 changed files
... ...
@@ -15,7 +15,7 @@
15 15
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 16
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 17
  */
18
-/** SIP-router TLS support :: module interface.
18
+/** Kamailio TLS support :: module interface.
19 19
  * @file
20 20
  * @ingroup tls
21 21
  * Module: @ref tls
Browse code

tls: clarified licensing based on development history

- some were c&p as they refered to files related to components that were
developed later than the (c) year (e.g., selects)
- added openssl exception to gpl parts based on agreement from the
developers of those components - most of the code was released long time
ago under BSD by iptelorg. Code was rewrote for 3.1 when asynchronous
support was developed.

Daniel-Constantin Mierla authored on 02/12/2013 17:17:34
Showing 1 changed files
... ...
@@ -1,32 +1,19 @@
1
-/*
2
- * $Id$
3
- *
1
+/* 
4 2
  * TLS module - module interface
5 3
  *
6
- * Copyright (C) 2001-2003 FhG FOKUS
7
- * Copyright (C) 2004,2005 Free Software Foundation, Inc.
8 4
  * Copyright (C) 2005 iptelorg GmbH
9 5
  *
10
- * This file is part of sip-router, a free SIP server.
11
- *
12
- * sip-router is free software; you can redistribute it and/or modify
13
- * it under the terms of the GNU General Public License as published by
14
- * the Free Software Foundation; either version 2 of the License, or
15
- * (at your option) any later version
16
- *
17
- * For a license to use the sip-router software under conditions
18
- * other than those described here, or to purchase support for this
19
- * software, please contact iptel.org by e-mail at the following addresses:
20
- *    info@iptel.org
21
- *
22
- * sip-router is distributed in the hope that it will be useful,
23
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
24
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
25
- * GNU General Public License for more details.
6
+ * Permission to use, copy, modify, and distribute this software for any
7
+ * purpose with or without fee is hereby granted, provided that the above
8
+ * copyright notice and this permission notice appear in all copies.
26 9
  *
27
- * You should have received a copy of the GNU General Public License 
28
- * along with this program; if not, write to the Free Software 
29
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
10
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
30 17
  */
31 18
 /** SIP-router TLS support :: module interface.
32 19
  * @file
Browse code

tls: new parameter 'renegotiation' to enable/disable client renegotiation

- default is 0 (renegotiation disabled), to protect against SSL
renegotiation attack
- can be enabled by setting it to 1

Daniel-Constantin Mierla authored on 17/12/2011 21:22:04
Showing 1 changed files
... ...
@@ -53,4 +53,6 @@ extern tls_domain_t srv_defaults;
53 53
 
54 54
 extern str tls_domains_cfg_file;
55 55
 
56
+extern int sr_tls_renegotiation;
57
+
56 58
 #endif /* _TLS_MOD_H */
Browse code

tls: migrated to the runtime cfg framework

- moved all the module params to runtime config. Most of the
variables are read-only (for now) with the following exceptions:
config - can be changed at runtime and if followed by a
tls.realod, the configuration from the new file will
be loaded.
log
connection_timeout
low_mem_threshold1
low_mem_threshold2
- renamed tls_fix_cfg() to tls_fix_domains_cfg() to avoid
confusion with the runtime cfg (named tls_cfg).

Andrei Pelinescu-Onciul authored on 28/05/2010 10:35:07
Showing 1 changed files
... ...
@@ -43,14 +43,6 @@
43 43
 #include "../../locking.h"
44 44
 #include "tls_domain.h"
45 45
 
46
-extern int tls_con_lifetime;
47
-extern int tls_log;
48
-extern int tls_session_cache;
49
-extern str tls_session_id;
50
-extern int ssl_mode_release_buffers;
51
-extern int ssl_freelist_max_len;
52
-extern int ssl_max_send_fragment;
53
-extern int ssl_read_ahead;
54 46
 
55 47
 /* Current TLS configuration */
56 48
 extern tls_domains_cfg_t** tls_domains_cfg;
Browse code

tls: removed handshake_timeout and send_timeout

Removed the handshake_timeout and send_timeout parameters.
The values from tcp are used instead (tcp_connect_timeout and
tcp_send_timeout).

Andrei Pelinescu-Onciul authored on 27/05/2010 17:48:02
Showing 1 changed files
... ...
@@ -43,8 +43,6 @@
43 43
 #include "../../locking.h"
44 44
 #include "tls_domain.h"
45 45
 
46
-extern int tls_handshake_timeout;
47
-extern int tls_send_timeout;
48 46
 extern int tls_con_lifetime;
49 47
 extern int tls_log;
50 48
 extern int tls_session_cache;
Browse code

tls: s/tls_cfg/tls_domains_cfg

Internal variable and type name change: replaces tls_cfg with
tls_domains_cfg. This frees up tls_cfg for use with the runtime
configuration framework (by convention a module runtime
configuration is named <module_name>_cfg and it would be very
confusing to have an exception for the tls module).

Andrei Pelinescu-Onciul authored on 27/05/2010 15:20:16
Showing 1 changed files
... ...
@@ -55,12 +55,12 @@ extern int ssl_max_send_fragment;
55 55
 extern int ssl_read_ahead;
56 56
 
57 57
 /* Current TLS configuration */
58
-extern tls_cfg_t** tls_cfg;
59
-extern gen_lock_t* tls_cfg_lock;
58
+extern tls_domains_cfg_t** tls_domains_cfg;
59
+extern gen_lock_t* tls_domains_cfg_lock;
60 60
 
61 61
 extern tls_domain_t cli_defaults;
62 62
 extern tls_domain_t srv_defaults;
63 63
 
64
-extern str tls_cfg_file;
64
+extern str tls_domains_cfg_file;
65 65
 
66 66
 #endif /* _TLS_MOD_H */
Browse code

tls: new parameters for advanced openssl options

- ssl_release_buffers: release internal openssl read or write
buffers when they are no longer used (complete read or write that
does not have to buffer anything).
Should be used together with tls_free_list_max_len. Might have
some performance impact (and extra *malloc pressure), but has
also the potential of saving a lot of memory (at least 32k/idle
connection in the default config, or ~16k+tls_max_send_fragment)).
Works only with openssl >= 1.0.0.

- ssl_freelist_max_len: maximum length of free/unused memory
buffers/chunks per connection. Setting it to 0 would cause any
unused buffers to be immediately freed and hence a lower memory
footprint (at the cost of a possible performance hit and more
*malloc pressure). Too large value would result in extra memory
consumption. The default is 32 in openssl.
For lowest memory usage set it to 0 and tls_mode_release_buffers
to 1.
Works / makes sense only for openssl >= 1.0.0.

- ssl_max_send_fragment: maximum number of bytes (clear text) sent
into one record. The default and maximum value are ~16k. Lower
values would lead to a lower memory footprint. Values lower then
the typical app. write size might decrease performance, so
it should be kept ~2k+ for normal SIP traffic.
Too low values (e.g. <1024) might cause the initial handshake
to fail, so use with care.
Works only for openssl >= 0.9.9.

- ssl_read_ahead: enable read ahead. Should increase performance
(1 less syscall when enabled, else openssl makes 1 read() for
each record header and another or the content), but might
interact with SSL_pending() (not used right now).
Default: 1 (enabled).

Andrei Pelinescu-Onciul authored on 19/03/2010 14:11:49
Showing 1 changed files
... ...
@@ -28,11 +28,10 @@
28 28
  * along with this program; if not, write to the Free Software 
29 29
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
30 30
  */
31
-/*!
32
- * \file
33
- * \brief SIP-router TLS support :: module interface
34
- * \ingroup tls
35
- * Module: \ref tls
31
+/** SIP-router TLS support :: module interface.
32
+ * @file
33
+ * @ingroup tls
34
+ * Module: @ref tls
36 35
  */
37 36
 
38 37
 
... ...
@@ -50,6 +49,10 @@ extern int tls_con_lifetime;
50 49
 extern int tls_log;
51 50
 extern int tls_session_cache;
52 51
 extern str tls_session_id;
52
+extern int ssl_mode_release_buffers;
53
+extern int ssl_freelist_max_len;
54
+extern int ssl_max_send_fragment;
55
+extern int ssl_read_ahead;
53 56
 
54 57
 /* Current TLS configuration */
55 58
 extern tls_cfg_t** tls_cfg;
Browse code

tls(sr): fix define error introduced in 9accd256fdc80e6a6207cb7

Henning Westerholt authored on 14/10/2009 16:59:06
Showing 1 changed files
... ...
@@ -38,7 +38,7 @@
38 38
 
39 39
 
40 40
 #ifndef _TLS_MOD_H
41
-#iefine _TLS_MOD_H
41
+#define _TLS_MOD_H
42 42
 
43 43
 #include "../../str.h"
44 44
 #include "../../locking.h"
Browse code

Adding doxygen documentation

oej authored on 10/10/2009 11:48:00
Showing 1 changed files
... ...
@@ -7,19 +7,19 @@
7 7
  * Copyright (C) 2004,2005 Free Software Foundation, Inc.
8 8
  * Copyright (C) 2005 iptelorg GmbH
9 9
  *
10
- * This file is part of ser, a free SIP server.
10
+ * This file is part of sip-router, a free SIP server.
11 11
  *
12
- * ser is free software; you can redistribute it and/or modify
12
+ * sip-router is free software; you can redistribute it and/or modify
13 13
  * it under the terms of the GNU General Public License as published by
14 14
  * the Free Software Foundation; either version 2 of the License, or
15 15
  * (at your option) any later version
16 16
  *
17
- * For a license to use the ser software under conditions
17
+ * For a license to use the sip-router software under conditions
18 18
  * other than those described here, or to purchase support for this
19 19
  * software, please contact iptel.org by e-mail at the following addresses:
20 20
  *    info@iptel.org
21 21
  *
22
- * ser is distributed in the hope that it will be useful,
22
+ * sip-router is distributed in the hope that it will be useful,
23 23
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 24
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
25 25
  * GNU General Public License for more details.
... ...
@@ -28,10 +28,17 @@
28 28
  * along with this program; if not, write to the Free Software 
29 29
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
30 30
  */
31
+/*!
32
+ * \file
33
+ * \brief SIP-router TLS support :: module interface
34
+ * \ingroup tls
35
+ * Module: \ref tls
36
+ */
37
+
31 38
 
32 39
 
33 40
 #ifndef _TLS_MOD_H
34
-#define _TLS_MOD_H
41
+#iefine _TLS_MOD_H
35 42
 
36 43
 #include "../../str.h"
37 44
 #include "../../locking.h"
Browse code

- timeouts fixed (all the tcp timeouts use now ticks and not seconds)

Andrei Pelinescu-Onciul authored on 17/01/2007 20:24:05
Showing 1 changed files
... ...
@@ -39,7 +39,7 @@
39 39
 
40 40
 extern int tls_handshake_timeout;
41 41
 extern int tls_send_timeout;
42
-extern int tls_conn_timeout;
42
+extern int tls_con_lifetime;
43 43
 extern int tls_log;
44 44
 extern int tls_session_cache;
45 45
 extern str tls_session_id;
Browse code

- fixed file comments - added missing defines in header files - added missing Id tags

Jan Janak authored on 03/03/2006 15:52:11
Showing 1 changed files
... ...
@@ -1,7 +1,7 @@
1 1
 /*
2 2
  * $Id$
3 3
  *
4
- * TLS module interface
4
+ * TLS module - module interface
5 5
  *
6 6
  * Copyright (C) 2001-2003 FhG FOKUS
7 7
  * Copyright (C) 2004,2005 Free Software Foundation, Inc.
Browse code

- Support for external TLS configuration file - support for relative path names (CFG_DIR will be added automaticaly) - Support for run-time configuration re-load - tls.reload management command implemented

Jan Janak authored on 03/03/2006 11:26:53
Showing 1 changed files
... ...
@@ -34,6 +34,8 @@
34 34
 #define _TLS_MOD_H
35 35
 
36 36
 #include "../../str.h"
37
+#include "../../locking.h"
38
+#include "tls_domain.h"
37 39
 
38 40
 extern int tls_handshake_timeout;
39 41
 extern int tls_send_timeout;
... ...
@@ -41,6 +43,14 @@ extern int tls_conn_timeout;
41 43
 extern int tls_log;
42 44
 extern int tls_session_cache;
43 45
 extern str tls_session_id;
44
-extern char* tls_config;
46
+
47
+/* Current TLS configuration */
48
+extern tls_cfg_t** tls_cfg;
49
+extern gen_lock_t* tls_cfg_lock;
50
+
51
+extern tls_domain_t cli_defaults;
52
+extern tls_domain_t srv_defaults;
53
+
54
+extern str tls_cfg_file;
45 55
 
46 56
 #endif /* _TLS_MOD_H */
Browse code

- TLS configuration file parser (not yet integrated with rest of tls module)

Jan Janak authored on 22/02/2006 23:37:19
Showing 1 changed files
... ...
@@ -41,5 +41,6 @@ extern int tls_conn_timeout;
41 41
 extern int tls_log;
42 42
 extern int tls_session_cache;
43 43
 extern str tls_session_id;
44
+extern char* tls_config;
44 45
 
45 46
 #endif /* _TLS_MOD_H */
Browse code

Preliminary TLS module (requires core patch which is attached), the module contains: - Many bugfixes and better implementation of tls_write and tls_read by Andrei - openssl compression fix by Andrei - extended tls multi-domain support (most parameters can be configured to different values in different domains) - support for outgoing domains (not complete) - support for certificate based authentication through selects ( if @tls.peer == "Bob") ... - the tls code is merge of experimental/tls and Andrei's tls to get best of both

Jan Janak authored on 28/01/2006 12:34:31
Showing 1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,45 @@
1
+/*
2
+ * $Id$
3
+ *
4
+ * TLS module interface
5
+ *
6
+ * Copyright (C) 2001-2003 FhG FOKUS
7
+ * Copyright (C) 2004,2005 Free Software Foundation, Inc.
8
+ * Copyright (C) 2005 iptelorg GmbH
9
+ *
10
+ * This file is part of ser, a free SIP server.
11
+ *
12
+ * ser is free software; you can redistribute it and/or modify
13
+ * it under the terms of the GNU General Public License as published by
14
+ * the Free Software Foundation; either version 2 of the License, or
15
+ * (at your option) any later version
16
+ *
17
+ * For a license to use the ser software under conditions
18
+ * other than those described here, or to purchase support for this
19
+ * software, please contact iptel.org by e-mail at the following addresses:
20
+ *    info@iptel.org
21
+ *
22
+ * ser is distributed in the hope that it will be useful,
23
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
24
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
25
+ * GNU General Public License for more details.
26
+ *
27
+ * You should have received a copy of the GNU General Public License 
28
+ * along with this program; if not, write to the Free Software 
29
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
30
+ */
31
+
32
+
33
+#ifndef _TLS_MOD_H
34
+#define _TLS_MOD_H
35
+
36
+#include "../../str.h"
37
+
38
+extern int tls_handshake_timeout;
39
+extern int tls_send_timeout;
40
+extern int tls_conn_timeout;
41
+extern int tls_log;
42
+extern int tls_session_cache;
43
+extern str tls_session_id;
44
+
45
+#endif /* _TLS_MOD_H */