deleted file mode 100644

@@ -1,1843 +0,0 @@

-/*

- * Copyright (C) 2001-2003 FhG Fokus

- *

- * This file is part of Kamailio, a free SIP server.

- *

- * Kamailio is free software; you can redistribute it and/or modify

- * it under the terms of the GNU General Public License as published by

- * the Free Software Foundation; either version 2 of the License, or

- * (at your option) any later version

- *

- * Kamailio is distributed in the hope that it will be useful,

- * but WITHOUT ANY WARRANTY; without even the implied warranty of

- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

- * GNU General Public License for more details.

- *

- * You should have received a copy of the GNU General Public License

- * along with this program; if not, write to the Free Software

- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA

- */

-

-/** Kamailio core :: tcp readers processes, tcp read and pre-parse msg. functions.

- * @file tcp_read.c

- * @ingroup core

- * Module: @ref core

- */

-

-#ifdef USE_TCP

-

-#include <stdio.h>

-#include <errno.h>

-#include <string.h>

-

-

-#include <sys/time.h>

-#include <sys/types.h>

-#include <sys/select.h>

-#include <sys/socket.h>

-

-#include <unistd.h>

-#include <stdlib.h> /* for abort() */

-

-

-#include "dprint.h"

-#include "tcp_conn.h"

-#include "tcp_read.h"

-#include "tcp_stats.h"

-#include "tcp_ev.h"

-#include "pass_fd.h"

-#include "globals.h"

-#include "receive.h"

-#include "timer.h"

-#include "local_timer.h"

-#include "ut.h"

-#include "trim.h"

-#include "pt.h"

-#include "cfg/cfg_struct.h"

-#ifdef CORE_TLS

-#include "tls/tls_server.h"

-#else

-#include "tls_hooks.h"

-#endif /* CORE_TLS */

-#ifdef USE_DST_BLACKLIST

-#include "dst_blacklist.h"

-#endif /* USE_DST_BLACKLIST */

-

-#define HANDLE_IO_INLINE

-#include "io_wait.h"

-#include <fcntl.h> /* must be included after io_wait.h if SIGIO_RT is used */

-#include "tsend.h"

-#include "forward.h"

-#include "events.h"

-#include "stun.h"

-

-#ifdef READ_HTTP11

-#define HTTP11CONTINUE	"HTTP/1.1 100 Continue\r\nContent-Length: 0\r\n\r\n"

-#define HTTP11CONTINUE_LEN	(sizeof(HTTP11CONTINUE)-1)

-#endif

-

-#define TCPCONN_TIMEOUT_MIN_RUN  1 /* run the timers each new tick */

-

-/* types used in io_wait* */

-enum fd_types { F_NONE, F_TCPMAIN, F_TCPCONN };

-

-/* list of tcp connections handled by this process */

-static struct tcp_connection* tcp_conn_lst=0;

-static io_wait_h io_w; /* io_wait handler*/

-static int tcpmain_sock=-1;

-

-static struct local_timer tcp_reader_ltimer;

-static ticks_t tcp_reader_prev_ticks;

-

-int is_msg_complete(struct tcp_req* r);

-

-/**

- * control cloning of TCP receive buffer

- * - needed for operations working directly inside the buffer

- *   (like msg_apply_changes())

- */

-#define TCP_CLONE_RCVBUF

-static int tcp_clone_rcvbuf = 0;

-

-int tcp_set_clone_rcvbuf(int v)

-{

-	int r;

-	r = tcp_clone_rcvbuf;

-	tcp_clone_rcvbuf = v;

-	return r;

-}

-

-#ifdef READ_HTTP11

-static inline char *strfindcasestrz(str *haystack, char *needlez)

-{

-	int i,j;

-	str needle;

-

-	needle.s = needlez;

-	needle.len = strlen(needlez);

-	for(i=0;i<haystack->len-needle.len;i++) {

-		for(j=0;j<needle.len;j++) {

-			if ( !((haystack->s[i+j]==needle.s[j]) ||

-					( isalpha((int)haystack->s[i+j])

-						&& ((haystack->s[i+j])^(needle.s[j]))==0x20 )) )

-				break;

-		}

-		if (j==needle.len)

-			return haystack->s+i;

-	}

-	return 0;

-}

-

-int tcp_http11_continue(struct tcp_connection *c)

-{

-	struct dest_info dst;

-	char *p;

-	struct msg_start fline;

-	int ret;

-	str msg;

-

-	ret = 0;

-

-	msg.s = c->req.start;

-	msg.len = c->req.pos - c->req.start;

-#ifdef READ_MSRP

-	/* skip if MSRP message */

-	if(c->req.flags&F_TCP_REQ_MSRP_FRAME)

-		return 0;

-#endif

-	p = parse_first_line(msg.s, msg.len, &fline);

-	if(p==NULL)

-		return 0;

-

-	if(fline.type!=SIP_REQUEST)

-		return 0;

-

-	/* check if http request */

-	if(fline.u.request.version.len < HTTP_VERSION_LEN

-			|| strncasecmp(fline.u.request.version.s,

-				HTTP_VERSION, HTTP_VERSION_LEN))

-		return 0;

-

-	/* check for Expect header */

-	if(strfindcasestrz(&msg, "Expect: 100-continue")!=NULL)

-	{

-		init_dst_from_rcv(&dst, &c->rcv);

-		if (tcp_send(&dst, 0, HTTP11CONTINUE, HTTP11CONTINUE_LEN) < 0) {

-			LM_ERR("HTTP/1.1 continue failed\n");

-		}

-	}

-	/* check for Transfer-Encoding header */

-	if(strfindcasestrz(&msg, "Transfer-Encoding: chunked")!=NULL)

-	{

-		c->req.flags |= F_TCP_REQ_BCHUNKED;

-		ret = 1;

-	}

-	/* check for HTTP Via header

-	 * - HTTP Via format is different that SIP Via

-	 * - workaround: replace with Hia to be ignored by SIP parser

-	 */

-	if((p=strfindcasestrz(&msg, "\nVia:"))!=NULL)

-	{

-		p++;

-		*p = 'H';

-		LM_DBG("replaced HTTP Via with Hia [[\n%.*s]]\n", msg.len, msg.s);

-	}

-	return ret;

-}

-#endif /* HTTP11 */

-

-static int tcp_emit_closed_event(struct tcp_connection *con, enum tcp_closed_reason reason)

-{

-	int ret;

-	tcp_closed_event_info_t tev;

-

-	ret = 0;

-	LM_DBG("TCP closed event creation triggered\n");

-	if(likely(sr_event_enabled(SREV_TCP_CLOSED))) {

-		memset(&tev, 0, sizeof(tcp_closed_event_info_t));

-		tev.reason = reason;

-		tev.con = con;

-		ret = sr_event_exec(SREV_TCP_CLOSED, (void*)(&tev));

-	} else {

-		LM_DBG("no callback registering for handling TCP closed event - dropping!\n");

-	}

-	return ret;

-}

-

-

-/** reads data from an existing tcp connection.

- * Side-effects: blacklisting, sets connection state to S_CONN_OK, tcp stats.

- * @param fd - connection file descriptor

- * @param c - tcp connection structure. c->state might be changed and

- *             receive info might be used for blacklisting.

- * @param buf - buffer where the received data will be stored.

- * @param b_size - buffer size.

- * @param flags - value/result - used to signal a seen or "forced" EOF on the

- *     connection (when it is known that no more data will come after the 

- *     current socket buffer is emptied )=> return/signal EOF on the first

- *     short read (=> don't use it on POLLPRI, as OOB data will cause short

- *     reads even if there are still remaining bytes in the socket buffer)

- *     input: RD_CONN_FORCE_EOF  - force EOF after the first successful read

- *                                 (bytes_read >=0 )

- *     output: RD_CONN_SHORT_READ - if the read exhausted all the bytes

- *                                  in the socket read buffer.

- *             RD_CONN_EOF - if EOF detected (0 bytes read) or forced via

- *                           RD_CONN_FORCE_EOF.

- *             RD_CONN_REPEAT_READ - the read should be repeated immediately

- *                                   (used only by the tls code for now).

- *     Note: RD_CONN_SHORT_READ & RD_CONN_EOF _are_ not cleared internally,

- *           so one should clear them before calling this function.

- * @return number of bytes read, 0 on EOF or -1 on error,

- * on EOF it also sets c->state to S_CONN_EOF.

- * (to distinguish from reads that would block which could return 0)

- * RD_CONN_SHORT_READ is also set in *flags for short reads.

- * EOF checking should be done by checking the RD_CONN_EOF flag.

- */

-int tcp_read_data(int fd, struct tcp_connection *c,

-					char* buf, int b_size, int* flags)

-{

-	int bytes_read;

-	

-again:

-	bytes_read=read(fd, buf, b_size);

-	

-	if (likely(bytes_read!=b_size)){

-		if(unlikely(bytes_read==-1)){

-			if (errno == EWOULDBLOCK || errno == EAGAIN){

-				bytes_read=0; /* nothing has been read */

-			}else if (errno == EINTR) goto again;

-			else{

-				if (unlikely(c->state==S_CONN_CONNECT)){

-					switch(errno){

-						case ECONNRESET:

-#ifdef USE_DST_BLACKLIST

-							dst_blacklist_su(BLST_ERR_CONNECT, c->rcv.proto,

-												&c->rcv.src_su,

-												&c->send_flags, 0);

-#endif /* USE_DST_BLACKLIST */

-							TCP_EV_CONNECT_RST(errno, TCP_LADDR(c),

-									TCP_LPORT(c), TCP_PSU(c), TCP_PROTO(c));

-							break;

-						case ETIMEDOUT:

-#ifdef USE_DST_BLACKLIST

-							dst_blacklist_su(BLST_ERR_CONNECT, c->rcv.proto,

-												&c->rcv.src_su,

-												&c->send_flags, 0);

-#endif /* USE_DST_BLACKLIST */

-							TCP_EV_CONNECT_TIMEOUT(errno, TCP_LADDR(c),

-									TCP_LPORT(c), TCP_PSU(c), TCP_PROTO(c));

-							break;

-						default:

-							TCP_EV_CONNECT_ERR(errno, TCP_LADDR(c),

-									TCP_LPORT(c), TCP_PSU(c), TCP_PROTO(c));

-					}

-					TCP_STATS_CONNECT_FAILED();

-				}else{

-						switch(errno){

-							case ECONNRESET:

-								TCP_STATS_CON_RESET();

-							case ETIMEDOUT:

-#ifdef USE_DST_BLACKLIST

-								dst_blacklist_su(BLST_ERR_SEND, c->rcv.proto,

-													&c->rcv.src_su,

-													&c->send_flags, 0);

-#endif /* USE_DST_BLACKLIST */

-								break;

-						}

-				}

-				LOG(cfg_get(core, core_cfg, corelog),

-						"error reading: %s (%d) ([%s]:%u ->",

-						strerror(errno), errno,

-						ip_addr2a(&c->rcv.src_ip), c->rcv.src_port);

-				LOG(cfg_get(core, core_cfg, corelog),"-> [%s]:%u)\n", ip_addr2a(&c->rcv.dst_ip), c->rcv.dst_port);

-				if (errno == ETIMEDOUT) {

-					tcp_emit_closed_event(c, TCP_CLOSED_TIMEOUT);

-				} else if (errno == ECONNRESET) {

-					tcp_emit_closed_event(c, TCP_CLOSED_RESET);

-				}

-				return -1;

-			}

-		}else if (unlikely((bytes_read==0) || 

-					(*flags & RD_CONN_FORCE_EOF))){

-			c->state=S_CONN_EOF;

-			*flags|=RD_CONN_EOF;

-			tcp_emit_closed_event(c, TCP_CLOSED_EOF);

-			LM_DBG("EOF on %p, FD %d ([%s]:%u ->", c, fd, ip_addr2a(&c->rcv.src_ip), c->rcv.src_port);

-			LM_DBG("-> [%s]:%u)\n", ip_addr2a(&c->rcv.dst_ip), c->rcv.dst_port);

-		}else{

-			if (unlikely(c->state==S_CONN_CONNECT || c->state==S_CONN_ACCEPT)){

-				TCP_STATS_ESTABLISHED(c->state);

-				c->state=S_CONN_OK;

-			}

-		}

-		/* short read */

-		*flags|=RD_CONN_SHORT_READ;

-	}else{ /* else normal full read */

-		if (unlikely(c->state==S_CONN_CONNECT || c->state==S_CONN_ACCEPT)){

-			TCP_STATS_ESTABLISHED(c->state);

-			c->state=S_CONN_OK;

-		}

-	}

-	return bytes_read;

-}

-

-

-

-/* reads next available bytes

- *   c- tcp connection used for reading, tcp_read changes also c->state on

- *      EOF and c->req.error on read error

- *   * flags - value/result - used to signal a seen or "forced" EOF on the 

- *     connection (when it is known that no more data will come after the 

- *     current socket buffer is emptied )=> return/signal EOF on the first 

- *     short read (=> don't use it on POLLPRI, as OOB data will cause short

- *      reads even if there are still remaining bytes in the socket buffer)

- * return number of bytes read, 0 on EOF or -1 on error,

- * on EOF it also sets c->state to S_CONN_EOF.

- * (to distinguish from reads that would block which could return 0)

- * RD_CONN_SHORT_READ is also set in *flags for short reads.

- * sets also r->error */

-int tcp_read(struct tcp_connection *c, int* flags)

-{

-	int bytes_free, bytes_read;

-	struct tcp_req *r;

-	int fd;

-

-	r=&c->req;

-	fd=c->fd;

-	bytes_free=r->b_size- (int)(r->pos - r->buf);

-	

-	if (unlikely(bytes_free==0)){

-		LM_ERR("buffer overrun, dropping ([%s]:%u -> [%s]:%u)\n",

-				ip_addr2a(&c->rcv.src_ip), c->rcv.src_port,

-				ip_addr2a(&c->rcv.dst_ip), c->rcv.dst_port);

-		r->error=TCP_REQ_OVERRUN;

-		return -1;

-	}

-	bytes_read = tcp_read_data(fd, c, r->pos, bytes_free, flags);

-	if (unlikely(bytes_read < 0)){

-		r->error=TCP_READ_ERROR;

-		return -1;

-	}

-#ifdef EXTRA_DEBUG

-	LM_DBG("read %d bytes:\n%.*s\n", bytes_read, bytes_read, r->pos);

-#endif

-	r->pos+=bytes_read;

-	return bytes_read;

-}

-

-

-

-/* reads all headers (until double crlf), & parses the content-length header

- * (WARNING: inefficient, tries to reuse receive_msg but will go through

- * the headers twice [once here looking for Content-Length and for the end

- * of the headers and once in receive_msg]; a more speed efficient version will

- * result in either major code duplication or major changes to the receive code)

- * returns number of bytes read & sets r->state & r->body

- * when either r->body!=0 or r->state==H_BODY =>

- * all headers have been read. It should be called in a while loop.

- * returns < 0 if error or 0 if EOF */

-int tcp_read_headers(struct tcp_connection *c, int* read_flags)

-{

-	int bytes, remaining;

-	char *p;

-	struct tcp_req* r;

-	unsigned int mc;   /* magic cookie */

-	unsigned short body_len;

-

-#ifdef READ_MSRP

-	char *mfline;

-	str mtransid;

-#endif

-

-	#define crlf_default_skip_case \

-					case '\n': \

-						r->state=H_LF; \

-						break; \

-					default: \

-						r->state=H_SKIP

-	

-	#define content_len_beg_case \

-					case ' ': \

-					case '\t': \

-						if (!TCP_REQ_HAS_CLEN(r)) r->state=H_STARTWS; \

-						else r->state=H_SKIP; \

-							/* not interested if we already found one */ \

-						break; \

-					case 'C': \

-					case 'c': \

-						if(!TCP_REQ_HAS_CLEN(r)) r->state=H_CONT_LEN1; \

-						else r->state=H_SKIP; \

-						break; \

-					case 'l': \

-					case 'L': \

-						/* short form for Content-Length */ \

-						if (!TCP_REQ_HAS_CLEN(r)) r->state=H_L_COLON; \

-						else r->state=H_SKIP; \

-						break

-						

-	#define change_state(upper, lower, newstate)\

-					switch(*p){ \

-						case upper: \

-						case lower: \

-							r->state=(newstate); break; \

-						crlf_default_skip_case; \

-					}

-	

-	#define change_state_case(state0, upper, lower, newstate)\

-					case state0: \

-							  change_state(upper, lower, newstate); \

-							  p++; \

-							  break

-

-

-	r=&c->req;

-	/* if we still have some unparsed part, parse it first, don't do the read*/

-	if (unlikely(r->parsed<r->pos)){

-		bytes=0;

-	}else{

-#ifdef USE_TLS

-		if (unlikely(c->type==PROTO_TLS))

-			bytes=tls_read(c, read_flags);

-		else

-#endif

-			bytes=tcp_read(c, read_flags);

-		if (bytes<=0) return bytes;

-	}

-	p=r->parsed;

-

-	while(p<r->pos && r->error==TCP_REQ_OK){

-		switch((unsigned char)r->state){

-			case H_BODY: /* read the body*/

-				remaining=r->pos-p;

-				if (remaining>r->bytes_to_go) remaining=r->bytes_to_go;

-				r->bytes_to_go-=remaining;

-				p+=remaining;

-				if (r->bytes_to_go==0){

-					r->flags|=F_TCP_REQ_COMPLETE;

-					goto skip;

-				}

-				break;

-				

-			case H_SKIP:

-				/* find lf, we are in this state if we are not interested

-				 * in anything till end of line*/

-				p=q_memchr(p, '\n', r->pos-p);

-				if (p){

-#ifdef READ_MSRP

-					/* catch if it is MSRP or not with first '\n' */

-					if(!((r->flags&F_TCP_REQ_MSRP_NO)

-								|| (r->flags&F_TCP_REQ_MSRP_FRAME))) {

-						if((r->pos - r->start)>5

-									&& strncmp(r->start, "MSRP ", 5)==0)

-						{

-							r->flags |= F_TCP_REQ_MSRP_FRAME;

-						} else {

-							r->flags |= F_TCP_REQ_MSRP_NO;

-						}

-					}

-#endif

-					p++;

-					r->state=H_LF;

-				}else{

-					p=r->pos;

-				}

-				break;

-				

-			case H_LF:

-				/* terminate on LF CR LF or LF LF */

-				switch (*p){

-					case '\r':

-						r->state=H_LFCR;

-						break;

-					case '\n':

-						/* found LF LF */

-						r->state=H_BODY;

-#ifdef READ_HTTP11

-						if (cfg_get(tcp, tcp_cfg, accept_no_cl)!=0)

-							tcp_http11_continue(c);

-#endif

-						if (TCP_REQ_HAS_CLEN(r)){

-							r->body=p+1;

-							r->bytes_to_go=r->content_len;

-							if (r->bytes_to_go==0){

-								r->flags|=F_TCP_REQ_COMPLETE;

-								p++;

-								goto skip;

-							}

-						}else{

-							if(cfg_get(tcp, tcp_cfg, accept_no_cl)!=0) {

-#ifdef READ_MSRP

-								/* if MSRP message */

-								if(c->req.flags&F_TCP_REQ_MSRP_FRAME)

-								{

-									r->body=p+1;

-									/* at least 3 bytes: 0\r\n */

-									r->bytes_to_go=3;

-									p++;

-									r->content_len = 0;

-									r->state=H_MSRP_BODY;

-									break;

-								}

-#endif

-

-#ifdef READ_HTTP11

-								if(TCP_REQ_BCHUNKED(r)) {

-									r->body=p+1;

-									/* at least 3 bytes: 0\r\n */

-									r->bytes_to_go=3;

-									p++;

-									r->content_len = 0;

-									r->state=H_HTTP11_CHUNK_START;

-									break;

-								}

-#endif

-								r->body=p+1;

-								r->bytes_to_go=0;

-								r->flags|=F_TCP_REQ_COMPLETE;

-								p++;

-								goto skip;

-							} else {

-								LM_DBG("no clen, p=%X\n", *p);

-								r->error=TCP_REQ_BAD_LEN;

-							}

-						}

-						break;

-					case '-':

-						r->state=H_SKIP;

-#ifdef READ_MSRP

-						/* catch end of MSRP frame without body

-						 *     '-------sessid$\r\n'

-						 * follows headers wihtout extra CRLF */

-						if(r->flags&F_TCP_REQ_MSRP_FRAME) {

-							p--;

-							r->state=H_MSRP_BODY_END;

-						}

-#endif

-						break;

-					content_len_beg_case;

-					default: 

-						r->state=H_SKIP;

-				}

-				p++;

-				break;

-			case H_LFCR:

-				if (*p=='\n'){

-					/* found LF CR LF */

-					r->state=H_BODY;

-#ifdef READ_HTTP11

-					if (cfg_get(tcp, tcp_cfg, accept_no_cl)!=0)

-						tcp_http11_continue(c);

-#endif

-					if (TCP_REQ_HAS_CLEN(r)){

-						r->body=p+1;

-						r->bytes_to_go=r->content_len;

-						if (r->bytes_to_go==0){

-							r->flags|=F_TCP_REQ_COMPLETE;

-							p++;

-							goto skip;

-						}

-					}else{

-						if (cfg_get(tcp, tcp_cfg, accept_no_cl)!=0) {

-#ifdef READ_MSRP

-							/* if MSRP message */

-							if(c->req.flags&F_TCP_REQ_MSRP_FRAME)

-							{

-								r->body=p+1;

-								/* at least 3 bytes: 0\r\n */

-								r->bytes_to_go=3;

-								p++;

-								r->content_len = 0;

-								r->state=H_MSRP_BODY;

-								break;

-							}

-#endif

-

-#ifdef READ_HTTP11

-							if(TCP_REQ_BCHUNKED(r)) {

-								r->body=p+1;

-								/* at least 3 bytes: 0\r\n */

-								r->bytes_to_go=3;

-								p++;

-								r->content_len = 0;

-								r->state=H_HTTP11_CHUNK_START;

-								break;

-							}

-#endif

-							r->body=p+1;

-							r->bytes_to_go=0;

-							r->flags|=F_TCP_REQ_COMPLETE;

-							p++;

-							goto skip;

-						} else {

-							LM_DBG("no clen, p=%X\n", *p);

-							r->error=TCP_REQ_BAD_LEN;

-						}

-					}

-				}else r->state=H_SKIP;

-				p++;

-				break;

-				

-			case H_STARTWS:

-				switch (*p){

-					content_len_beg_case;

-					crlf_default_skip_case;

-				}

-				p++;

-				break;

-			case H_SKIP_EMPTY:

-				switch (*p){

-					case '\n':

-						break;

-					case '\r':

-						if (cfg_get(tcp, tcp_cfg, crlf_ping)) {

-							r->state=H_SKIP_EMPTY_CR_FOUND;

-							r->start=p;

-						}

-						break;

-					case ' ':

-					case '\t':

-						/* skip empty lines */

-						break;

-					case 'C': 

-					case 'c': 

-						r->state=H_CONT_LEN1; 

-						r->start=p;

-						break;

-					case 'l':

-					case 'L':

-						/* short form for Content-Length */

-						r->state=H_L_COLON;

-						r->start=p;

-						break;

-					default:

-						/* stun test */						

-						if (unlikely(sr_event_enabled(SREV_STUN_IN)) && (unsigned char)*p == 0x00) {

-							r->state=H_STUN_MSG;

-						/* body will used as pointer to the last used byte */

-							r->body=p;

-							r->content_len = 0;

-							LM_DBG("stun msg detected\n");

-						} else {

-							r->state=H_SKIP;

-						}

-						r->start=p;

-				};

-				p++;

-				break;

-

-			case H_SKIP_EMPTY_CR_FOUND:

-				if (*p=='\n'){

-					r->state=H_SKIP_EMPTY_CRLF_FOUND;

-					p++;

-				}else{

-					r->state=H_SKIP_EMPTY;

-				}

-				break;

-

-			case H_SKIP_EMPTY_CRLF_FOUND:

-				if (*p=='\r'){

-					r->state = H_SKIP_EMPTY_CRLFCR_FOUND;

-					p++;

-				}else{

-					r->state = H_SKIP_EMPTY;

-				}

-				break;

-

-			case H_SKIP_EMPTY_CRLFCR_FOUND:

-				if (*p=='\n'){

-					r->state = H_PING_CRLF;

-					r->flags |= F_TCP_REQ_HAS_CLEN |

-							F_TCP_REQ_COMPLETE; /* hack to avoid error check */

-					p++;

-					goto skip;

-				}else{

-					r->state = H_SKIP_EMPTY;

-				}

-				break;

-

-			case H_STUN_MSG:

-				if ((r->pos - r->body) >= sizeof(struct stun_hdr)) {

-					/* copy second short from buffer where should be body 

-					 * length 

-					 */

-					memcpy(&body_len, &r->start[sizeof(unsigned short)], 

-						sizeof(unsigned short));

-					

-					body_len = ntohs(body_len);

-					

-					/* check if there is valid magic cookie */

-					memcpy(&mc, &r->start[sizeof(unsigned int)], 

-						sizeof(unsigned int));

-					mc = ntohl(mc);

-					/* using has_content_len as a flag if there should be

-					 * fingerprint or no

-					 */

-					r->flags |= (mc == MAGIC_COOKIE) ? F_TCP_REQ_HAS_CLEN : 0;

-					

-					r->body += sizeof(struct stun_hdr);

-					p = r->body; 

-					

-					if (body_len > 0) {

-						r->state = H_STUN_READ_BODY;

-					}

-					else {

-						if (is_msg_complete(r) != 0) {

-							goto skip;

-						}

-						else {

-							/* set content_len to length of fingerprint */

-							body_len = sizeof(struct stun_attr) + 20;

-							/* 20 is SHA_DIGEST_LENGTH from openssl/sha.h */

-						}

-					}

-					r->content_len=body_len;

-				}

-				else {

-					p = r->pos; 

-				}

-				break;

-				

-			case H_STUN_READ_BODY:

-				/* check if the whole body was read */

-				body_len=r->content_len;

-				if ((r->pos - r->body) >= body_len) {

-					r->body += body_len;

-					p = r->body;

-					if (is_msg_complete(r) != 0) {

-						r->content_len=0;

-						goto skip;

-					}

-					else {

-						/* set content_len to length of fingerprint */

-						body_len = sizeof(struct stun_attr) + 20;

-						/* 20 is SHA_DIGEST_LENGTH from openssl/sha.h */

-						r->content_len=body_len;

-					}

-				}

-				else {

-					p = r->pos;

-				}

-				break;

-				

-			case H_STUN_FP:

-				/* content_len contains length of fingerprint in this place! */

-				body_len=r->content_len;

-				if ((r->pos - r->body) >= body_len) {

-					r->body += body_len;

-					p = r->body;

-					r->state = H_STUN_END;

-					r->flags |= F_TCP_REQ_COMPLETE |

-						F_TCP_REQ_HAS_CLEN; /* hack to avoid error check */

-					r->content_len=0;

-					goto skip;

-				}

-				else {

-					p = r->pos;

-				}

-				break;

-

-			change_state_case(H_CONT_LEN1,  'O', 'o', H_CONT_LEN2);

-			change_state_case(H_CONT_LEN2,  'N', 'n', H_CONT_LEN3);

-			change_state_case(H_CONT_LEN3,  'T', 't', H_CONT_LEN4);

-			change_state_case(H_CONT_LEN4,  'E', 'e', H_CONT_LEN5);

-			change_state_case(H_CONT_LEN5,  'N', 'n', H_CONT_LEN6);

-			change_state_case(H_CONT_LEN6,  'T', 't', H_CONT_LEN7);

-			change_state_case(H_CONT_LEN7,  '-', '_', H_CONT_LEN8);

-			change_state_case(H_CONT_LEN8,  'L', 'l', H_CONT_LEN9);

-			change_state_case(H_CONT_LEN9,  'E', 'e', H_CONT_LEN10);

-			change_state_case(H_CONT_LEN10, 'N', 'n', H_CONT_LEN11);

-			change_state_case(H_CONT_LEN11, 'G', 'g', H_CONT_LEN12);

-			change_state_case(H_CONT_LEN12, 'T', 't', H_CONT_LEN13);

-			change_state_case(H_CONT_LEN13, 'H', 'h', H_L_COLON);

-

-			case H_L_COLON:

-				switch(*p){

-					case ' ':

-					case '\t':

-						break; /* skip space */

-					case ':':

-						r->state=H_CONT_LEN_BODY;

-						break;

-					crlf_default_skip_case;

-				};

-				p++;

-				break;

-

-			case  H_CONT_LEN_BODY:

-				switch(*p){

-					case ' ':

-					case '\t':

-						break; /* eat space */

-					case '0':

-					case '1':

-					case '2':

-					case '3':

-					case '4':

-					case '5':

-					case '6':

-					case '7':

-					case '8':

-					case '9':

-						r->state=H_CONT_LEN_BODY_PARSE;

-						r->content_len=(*p-'0');

-						break;

-					/*FIXME: content length on different lines ! */

-					crlf_default_skip_case;

-				}

-				p++;

-				break;

-

-			case H_CONT_LEN_BODY_PARSE:

-				switch(*p){

-					case '0':

-					case '1':

-					case '2':

-					case '3':

-					case '4':

-					case '5':

-					case '6':

-					case '7':

-					case '8':

-					case '9':

-						r->content_len=r->content_len*10+(*p-'0');

-						break;

-					case '\r':

-					case ' ':

-					case '\t': /* FIXME: check if line contains only WS */

-						if(r->content_len<0) {

-							LM_ERR("bad Content-Length header value %d in"

-									" state %d\n", r->content_len, r->state);

-							r->content_len=0;

-							r->error=TCP_REQ_BAD_LEN;

-							r->state=H_SKIP; /* skip now */

-						}

-						r->state=H_SKIP;

-						r->flags|=F_TCP_REQ_HAS_CLEN;

-						break;

-					case '\n':

-						/* end of line, parse successful */

-						if(r->content_len<0) {

-							LM_ERR("bad Content-Length header value %d in"

-									" state %d\n", r->content_len, r->state);

-							r->content_len=0;

-							r->error=TCP_REQ_BAD_LEN;

-							r->state=H_SKIP; /* skip now */

-						}

-						r->state=H_LF;

-						r->flags|=F_TCP_REQ_HAS_CLEN;

-						break;

-					default:

-						LM_ERR("bad Content-Length header value, unexpected "

-								"char %c in state %d\n", *p, r->state);

-						r->state=H_SKIP; /* try to find another?*/

-				}

-				p++;

-				break;

-			

-#ifdef READ_HTTP11

-			case H_HTTP11_CHUNK_START: /* start a new body chunk: SIZE\r\nBODY\r\n */

-				r->chunk_size = 0;