From a8b3dd4ac884bdd4ded9cfc22fdf1728a3f5ec45 Mon Sep 17 00:00:00 2001 From: sarbyn Date: Thu, 23 Mar 2017 16:21:20 +0100 Subject: [PATCH 1/7] First Commit --- Makefile | 13 ++++--------- apns_feedback.c | 2 +- push.c | 8 ++++---- push_common.c | 4 ++-- push_mod.c | 14 +++++++------- push_ssl_utils.c | 2 +- 6 files changed, 19 insertions(+), 24 deletions(-) diff --git a/Makefile b/Makefile index 05344ab..6e4415c 100644 --- a/Makefile +++ b/Makefile @@ -9,19 +9,14 @@ include ../../Makefile.defs auto_gen= NAME=push.so - DEFS += -I$(LOCALBASE)/ssl/include - LIBS += -L$(LOCALBASE)/lib -L$(LOCALBASE)/ssl/lib \ - -L$(LOCALBASE)/lib64 -L$(LOCALBASE)/ssl/lib64 \ - -lssl -lcrypto +DEFS += -I$(LOCALBASE)/ssl/include +LIBS += -L$(LOCALBASE)/lib -L$(LOCALBASE)/ssl/lib \ + -L$(LOCALBASE)/lib64 -L$(LOCALBASE)/ssl/lib64 \ + -lssl -lcrypto CFLAGS+=-g3 #include ../../Makefile.push DEFS+=-DKAMAILIO_MOD_INTERFACE -SERLIBPATH=../../lib -SER_LIBS+=$(SERLIBPATH)/kcore/kcore -SER_LIBS+=$(SERLIBPATH)/srdb1/srdb1 - - include ../../Makefile.modules diff --git a/apns_feedback.c b/apns_feedback.c index 679bd48..9b5f02e 100644 --- a/apns_feedback.c +++ b/apns_feedback.c @@ -16,7 +16,7 @@ #include "push_ssl_utils.h" #include "apns_feedback.h" -#include "../../dprint.h" +#include "../../core/dprint.h" #define CHECK_FEEDBACK_TIMEOUT 3600 diff --git a/push.c b/push.c index 0349618..b6a8266 100644 --- a/push.c +++ b/push.c @@ -5,10 +5,10 @@ #include -#include "../../sr_module.h" -#include "../../dprint.h" -#include "../../mem/mem.h" -#include "../../parser/parse_to.h" +#include "../../core/sr_module.h" +#include "../../core/dprint.h" +#include "../../core/mem/mem.h" +#include "../../core/parser/parse_to.h" #include "../../lib/cds/list.h" #include "../../lib/srdb1/db.h" #include "../../lib/srdb1/db_val.h" diff --git a/push_common.c b/push_common.c index e602e4d..ad25a50 100644 --- a/push_common.c +++ b/push_common.c @@ -23,9 +23,9 @@ #include #include -#include "../../dprint.h" +#include "../../core/dprint.h" #include "../../lib/srdb1/db_val.h" -#include "../../locking.h" +#include "../../core/locking.h" #include "push_common.h" #include "push_ssl_utils.h" diff --git a/push_mod.c b/push_mod.c index 9822b96..c670e46 100644 --- a/push_mod.c +++ b/push_mod.c @@ -33,13 +33,13 @@ #include #include -#include "../../sr_module.h" -#include "../../trim.h" -#include "../../dprint.h" -#include "../../mem/mem.h" -#include "../../parser/parse_to.h" -#include "../../parser/parse_uri.h" -#include "../../cfg/cfg_struct.h" +#include "../../core/sr_module.h" +#include "../../core/trim.h" +#include "../../core/dprint.h" +#include "../../core/mem/mem.h" +#include "../../core/parser/parse_to.h" +#include "../../core/parser/parse_uri.h" +#include "../../core/cfg/cfg_struct.h" #include "push_mod.h" #include "push.h" diff --git a/push_ssl_utils.c b/push_ssl_utils.c index 2d01898..e0ee446 100644 --- a/push_ssl_utils.c +++ b/push_ssl_utils.c @@ -42,7 +42,7 @@ #include #include -#include "../../dprint.h" +#include "../../core/dprint.h" #include "push_common.h" #include "push_ssl_utils.h" From 849585e9e1392a2ab96beacd477214a5ade6a6ec Mon Sep 17 00:00:00 2001 From: sarbyn Date: Thu, 23 Mar 2017 16:40:54 +0100 Subject: [PATCH 2/7] Fixing makefile --- Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Makefile b/Makefile index 6e4415c..eebbc04 100644 --- a/Makefile +++ b/Makefile @@ -19,4 +19,7 @@ CFLAGS+=-g3 DEFS+=-DKAMAILIO_MOD_INTERFACE +SERLIBPATH=../../lib +SER_LIBS+=$(SERLIBPATH)/srdb1/srdb1 + include ../../Makefile.modules From fc4419f66ed71b784ead38f778198321f35ac6b8 Mon Sep 17 00:00:00 2001 From: sarbyn Date: Fri, 24 Mar 2017 17:46:58 +0100 Subject: [PATCH 3/7] Fix log priority --- push_ssl_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/push_ssl_utils.c b/push_ssl_utils.c index e0ee446..a5b29f7 100644 --- a/push_ssl_utils.c +++ b/push_ssl_utils.c @@ -136,7 +136,7 @@ static int socket_init(const char* server, uint16_t port) memcpy(&sa.sin_addr, host->h_addr_list[0], host->h_length); } - LM_ERR("Create a socket and connect it to %s:%d\n", server, port); + LM_DBG("Create a socket and connect it to %s:%d\n", server, port); /* Create a socket and connect to server using normal socket calls. */ sd = socket (PF_INET, SOCK_STREAM, 0); if (sd == -1) From 9a5ec01344b10910a4e06221f9c3165ff88f18d6 Mon Sep 17 00:00:00 2001 From: sarbyn Date: Fri, 24 Mar 2017 17:47:17 +0100 Subject: [PATCH 4/7] Disable feedback service (no longer supported by apple --- push_common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/push_common.h b/push_common.h index 2a9f863..c1ed90e 100644 --- a/push_common.h +++ b/push_common.h @@ -5,7 +5,7 @@ #include "../../lib/srdb1/db.h" -#define ENABLE_FEEDBACK_SERVICE +//#define ENABLE_FEEDBACK_SERVICE #define PUSH_TABLE_VERSION 1 From 044510f524b8b53b86a6cfb7b528a813e5e92e74 Mon Sep 17 00:00:00 2001 From: Emanuele Gambaro Date: Tue, 9 May 2017 10:37:54 +0200 Subject: [PATCH 5/7] Connecting to APNS servers may succeed, but subsequently fail during SSL/TLS initialization: be sure to check that both the socket _and_ the SSL stream are available before using either of them. Fixes several potential crashes caused by a NULL SSL stream --- push_ssl_utils.c | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/push_ssl_utils.c b/push_ssl_utils.c index 2d01898..527972e 100644 --- a/push_ssl_utils.c +++ b/push_ssl_utils.c @@ -1,6 +1,6 @@ /* * $Id$ - * + * * APNs support module * * Copyright (C) 2013 Volodymyr Tarasenko @@ -57,7 +57,7 @@ struct Push_error_Item { char code; const char* msg; -} push_codes[] = +} push_codes[] = { {0, "No errors encountered"}, {1, "Processing error"}, @@ -72,7 +72,7 @@ struct Push_error_Item {255, "None (unknown)"} }; -// Declaration: Static functions +// Declaration: Static functions //static void read_status(PushServer* server); static int load_ssl_certs(SSL_CTX* ctx, char* cert, char* key, char* ca); static int socket_init(const char* server, uint16_t port); @@ -102,7 +102,7 @@ static int load_ssl_certs(SSL_CTX* ctx, char* cert, char* key, char* ca) LOG_SSL_ERROR(err); return -1; } - + err = SSL_CTX_load_verify_locations(ctx, ca, 0); if (err != 1) { @@ -144,7 +144,7 @@ static int socket_init(const char* server, uint16_t port) LM_ERR("Socket creation error\n"); return -1; } - + err = connect(sd, (struct sockaddr*) &sa, sizeof(sa)); if (err == -1) { @@ -154,7 +154,7 @@ static int socket_init(const char* server, uint16_t port) } LM_DBG("Socket %d connected\n", sd); - + return sd; } @@ -195,10 +195,10 @@ static SSL* ssl_start(int sd, SSL_CTX* ctx) LM_DBG("SSL connect...\n"); err = SSL_connect (s); LM_DBG("SSL connect done...\n"); - if ((err) == -1) - { - ERR_print_errors_fp(stderr); - return NULL; + if ((err) == -1) + { + ERR_print_errors_fp(stderr); + return NULL; } LM_DBG("SSL connect done...\n"); @@ -215,7 +215,7 @@ static int check_cert(SSL* s) data exchange to be successful. */ /* /\* Get the cipher - opt *\/ */ /* printf ("SSL connection using %s\n", SSL_get_cipher (ssl)); */ - + /* Get server's certificate (note: beware of dynamic allocation) - opt */ server_cert = SSL_get_peer_certificate (s); if (server_cert == NULL) @@ -299,14 +299,14 @@ int send_push_data(PushServer* server, const char* buffer, uint32_t length) int err = 0; uint32_t written = 0; int first_try = 1; - + again: - if ((server->socket == -1) && (server->flags != NoReconnect)) + if ((server->socket == -1 || server->ssl == NULL) && (server->flags != NoReconnect)) establish_ssl_connection(server); while(written != length) { - if (server->socket == -1) + if (server->socket == -1 || server->ssl == NULL) { LM_ERR("Cannot write, peer disconnected...\n"); return -1; @@ -344,7 +344,7 @@ int send_push_data(PushServer* server, const char* buffer, uint32_t length) } // read_status(server); - if (server->socket == -1 && first_try) + if (server->socket == -1 || server->ssl == NULL) && first_try) { first_try = 0; goto again; @@ -389,9 +389,9 @@ int establish_ssl_connection(PushServer* server) LM_DBG("SSL context started, looading certs if any\n"); if (server->cert_file) - load_ssl_certs(server->ssl_ctx, - server->cert_file, - server->cert_key, + load_ssl_certs(server->ssl_ctx, + server->cert_file, + server->cert_key, server->cert_ca); LM_DBG("Create new socket, old: %d",server->socket); @@ -403,7 +403,7 @@ int establish_ssl_connection(PushServer* server) return -1; } - LM_DBG("Push socket initialed\n"); + LM_DBG("Push socket initialed\n"); server->ssl = ssl_start(server->socket, server->ssl_ctx); if (server->ssl == NULL) @@ -430,7 +430,7 @@ int establish_ssl_connection(PushServer* server) void ssl_init() { - SSL_library_init(); + SSL_library_init(); SSL_load_error_strings(); } @@ -449,7 +449,7 @@ int extended_read(PushServer* server, fd_set readfds; struct timeval timeout; - if ((server->socket == -1) && -1 == establish_ssl_connection(server)) + if ((server->socket == -1) || server->ssl == NULL) && -1 == establish_ssl_connection(server)) { LM_ERR("extended_read failed, cannot reconnecd initialization failed\n"); return -1; @@ -466,7 +466,7 @@ int extended_read(PushServer* server, { FD_SET(comm_sock, &readfds); } - + mx = server->socket > comm_sock ? server->socket+1 : comm_sock +1; err = select(mx, &readfds, 0, 0, &timeout); From dff69ab2f31beeb36788fae7ac585466259940d3 Mon Sep 17 00:00:00 2001 From: Emanuele Gambaro Date: Tue, 9 May 2017 10:48:27 +0200 Subject: [PATCH 6/7] Fix bad commit --- push_ssl_utils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/push_ssl_utils.c b/push_ssl_utils.c index 97560c7..17515c5 100644 --- a/push_ssl_utils.c +++ b/push_ssl_utils.c @@ -344,7 +344,7 @@ int send_push_data(PushServer* server, const char* buffer, uint32_t length) } // read_status(server); - if (server->socket == -1 || server->ssl == NULL) && first_try) + if (server->socket == -1 || server->ssl == NULL && first_try) { first_try = 0; goto again; @@ -449,7 +449,7 @@ int extended_read(PushServer* server, fd_set readfds; struct timeval timeout; - if ((server->socket == -1) || server->ssl == NULL) && -1 == establish_ssl_connection(server)) + if ((server->socket == -1) || server->ssl == NULL && -1 == establish_ssl_connection(server)) { LM_ERR("extended_read failed, cannot reconnecd initialization failed\n"); return -1; From 55b88131f1df2e347e0c89b3f848bbead609fea7 Mon Sep 17 00:00:00 2001 From: Emanuele Gambaro Date: Tue, 9 May 2017 10:48:27 +0200 Subject: [PATCH 7/7] Fix bad commit --- push_ssl_utils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/push_ssl_utils.c b/push_ssl_utils.c index 97560c7..2d5ae23 100644 --- a/push_ssl_utils.c +++ b/push_ssl_utils.c @@ -344,7 +344,7 @@ int send_push_data(PushServer* server, const char* buffer, uint32_t length) } // read_status(server); - if (server->socket == -1 || server->ssl == NULL) && first_try) + if ((server->socket == -1 || server->ssl == NULL) && first_try) { first_try = 0; goto again; @@ -449,7 +449,7 @@ int extended_read(PushServer* server, fd_set readfds; struct timeval timeout; - if ((server->socket == -1) || server->ssl == NULL) && -1 == establish_ssl_connection(server)) + if ((server->socket == -1 || server->ssl == NULL) && -1 == establish_ssl_connection(server)) { LM_ERR("extended_read failed, cannot reconnecd initialization failed\n"); return -1;