Summary: | ASTERISK-27032: res_pjsip: TLS options do not handle empty values | ||
Reporter: | seanchann.zhou (seanchann) | Labels: | pjsip |
Date Opened: | 2017-06-05 04:24:46 | Date Closed: | 2017-11-07 10:30:31.000-0600 |
Priority: | Minor | Regression? | |
Status: | Closed/Complete | Components: | Resources/res_pjsip |
Versions: | 13.15.1 | Frequency of Occurrence | |
Related Issues: | |||
Environment: | openwrt | Attachments: | |
Description: | Hi:
in file config_transport.c line 661: If there is no configuration value, loading the entire module will exit. But if the current protocol value is not tls, Then it is not necessary to have these values I bind sorcery with realtime for ps_transports. if check current protocol value, only process tls type. Look at the following code snippet ``` if(transport->type != AST_TRANSPORT_TLS){ return 0; } ``` | ||
Comments: | By: Asterisk Team (asteriskteam) 2017-06-05 04:24:47.920-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Rusty Newton (rnewton) 2017-06-06 17:56:08.476-0500 Can you attach your sorcery.conf and extconfig.conf for clarity? Do transports fail to load completely? What transport are you configuring in the database? Please attach a log captured during the load with warning,error,notice,verbose,debug levels, with verbose and debug turned up to 5 or above. https://wiki.asterisk.org/wiki/display/AST/Collecting+Debug+Information By: seanchann.zhou (seanchann) 2017-06-06 22:01:22.993-0500 hi: extconfig.conf: {noformat} pjsip.conf => sqlite3,pjsipconf,ast_config pjsip_notify.conf => sqlite3,pjsipnotifyconf,ast_config pjproject.conf => sqlite3,pjprojectconf,ast_config ps_systems => sqlite3,ps_systems,ps_systems ps_globals => sqlite3,ps_globals,ps_globals ps_transports => sqlite3,ps_transports,ps_transports ps_endpoints => sqlite3,ps_endpoints,ps_endpoints ps_auths => sqlite3,ps_auths,ps_auths ps_aors => sqlite3,ps_aors,ps_aors ps_domain_aliases => sqlite3,ps_domain_aliases,ps_domain_aliases ps_contacts => sqlite3,ps_contacts,ps_contacts ps_endpoint_id_ips => sqlite3,ps_endpoint_id_ips,ps_endpoint_id_ips ps_registrations => sqlite3,ps_registrations,ps_registrations ps_subscription_persistence => sqlite3,ps_subscription_persistence,ps_subscription_persistence sorcery.conf => sqlite3,sorceryconf,ast_config {noformat} res_config_sqlit3.conf: {noformat} ;ps_transports => sqlite3,ps_transports,ps_transports [ps_transports] dbfile => /etc/ps_transports.realtime ;debug=yes requirements=warn batch=0s [sorceryconf] dbfile => /etc/opmanage/sorcery_conf.realtime ;debug=yes requirements=warn batch=0 {noformat} pjsip transport configration in sqlite3: {noformat} sqlite> .tables ps_transports sqlite> .schema ps_transports CREATE TABLE ps_transports (id TEXT CHECK( LENGTH(id) <= 40 ) UNIQUE NOT NULL,async_operations INTEGER,bind TEXT CHECK( LENGTH(bind) <= 40 ),ca_list_file TEXT CHECK( LENGTH(ca_list_file) <= 200 ),cert_file TEXT CHECK( LENGTH(cert_file) <= 200 ),cipher TEXT CHECK( LENGTH(cipher) <= 200 ),domain TEXT CHECK( LENGTH(domain) <= 40 ),external_media_address TEXT CHECK( LENGTH(external_media_address) <= 40 ),external_signaling_address TEXT CHECK( LENGTH(external_signaling_address) <= 40 ),external_signaling_port INTEGER,method TEXT CHECK( LENGTH(method) <= 10 ),local_net TEXT CHECK( LENGTH(local_net) <= 40 ),password TEXT CHECK( LENGTH(password) <= 40 ),priv_key_file TEXT CHECK( LENGTH(priv_key_file) <= 200 ),protocol TEXT CHECK( LENGTH(protocol) <= 10 ),require_client_cert TEXT CHECK( LENGTH(require_client_cert) <= 10 ),verify_client TEXT CHECK( LENGTH(verify_client) <= 10 ),verify_server TEXT CHECK( LENGTH(verify_server) <= 10 ) NULL,tos TEXT CHECK( LENGTH(tos) <= 10 ) NULL,cos INTEGER,allow_reload TEXT CHECK( LENGTH(allow_reload) <= 10 ),symmetric_transport TEXT CHECK( LENGTH(symmetric_transport) <= 10 )); CREATE INDEX ps_transports_id ON ps_transports (id); sqlite> select * from ps_transports; transport-udp|1|0.0.0.0|||||||0|default||||udp|no|no|no|cs3|3|no|no transport-tcp|1|0.0.0.0|||||||0|default||||tcp|no|no|no|cs3|3|no|no sqlite> {noformat} sorcery.conf in sqlite3 {noformat} sqlite> .tables ast_config sqlite> .schema ast_config CREATE TABLE ast_config ( id INTEGER PRIMARY KEY AUTOINCREMENT , cat_metric INTEGER, var_metric INTEGER, commented INTEGER, filename VARCHAR(80), category VARCHAR(80), var_name VARCHAR(80), var_val VARCHAR(320)); sqlite> sqlite> sqlite> select * from ast_config; 1|0|1|0|sorcery.conf|res_pjsip|endpoint|realtime,ps_endpoints 2|0|2|0|sorcery.conf|res_pjsip|auth|realtime,ps_auths 3|0|3|0|sorcery.conf|res_pjsip|aor|realtime,ps_aors 4|0|4|0|sorcery.conf|res_pjsip|domain_alias|realtime,ps_domain_aliases 5|0|5|0|sorcery.conf|res_pjsip|contact|realtime,ps_contacts 6|0|6|0|sorcery.conf|res_pjsip|transport|realtime,ps_transports 7|0|7|0|sorcery.conf|res_pjsip|system|realtime,ps_systems 8|0|8|0|sorcery.conf|res_pjsip|global|realtime,ps_globals 9|1|1|0|sorcery.conf|res_pjsip_endpoint_identifier_ip|identify|realtime,ps_endpoint_id_ips 10|2|1|0|sorcery.conf|res_pjsip_outbound_registration|registration|realtime,ps_registrations sqlite> {noformat} asterisk load log: {noformat} *CLI> pjsip show transports [Jun 7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [0] in [0, 65535] gives [0](0) [Jun 7 10:59:02] DEBUG[5463]: config.c:3689 ast_parse_arg: extract int from [100] in [1, 2147483647] gives [100](0) [Jun 7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [1] in [0, 4294967295] gives [1](0) [Jun 7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [0] in [0, 4294967295] gives [0](0) [Jun 7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [1] in [0, 4294967295] gives [1](0) [Jun 7 10:59:02] ERROR[5463]: res_pjsip/config_transport.c:666 transport_tls_file_handler: Transport: transport-udp: ca_list_file is either missing or not readable [Jun 7 10:59:02] ERROR[5463]: config_options.c:738 aco_process_var: Error parsing ca_list_file=test1 at line 0 of [Jun 7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [0] in [0, 65535] gives [0](0) [Jun 7 10:59:02] DEBUG[5463]: config.c:3689 ast_parse_arg: extract int from [100] in [1, 2147483647] gives [100](0) [Jun 7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [1] in [0, 4294967295] gives [1](0) [Jun 7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [0] in [0, 4294967295] gives [0](0) [Jun 7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [1] in [0, 4294967295] gives [1](0) [Jun 7 10:59:02] ERROR[5463]: res_pjsip/config_transport.c:666 transport_tls_file_handler: Transport: transport-tcp: ca_list_file is either missing or not readable [Jun 7 10:59:02] ERROR[5463]: config_options.c:738 aco_process_var: Error parsing ca_list_file= at line 0 of No objects found. {noformat} By: Joshua C. Colp (jcolp) 2017-06-12 09:01:20.565-0500 The underlying bug here is that the handler does not support an empty value. In that case it should be ignored. By: Friendly Automation (friendly-automation) 2017-11-07 10:30:31.924-0600 Change 7004 merged by Jenkins2: res_pjsip: Ignore empty TLS configuration [https://gerrit.asterisk.org/7004|https://gerrit.asterisk.org/7004] By: Friendly Automation (friendly-automation) 2017-11-07 11:06:02.526-0600 Change 7007 merged by Jenkins2: res_pjsip: Ignore empty TLS configuration [https://gerrit.asterisk.org/7007|https://gerrit.asterisk.org/7007] By: Friendly Automation (friendly-automation) 2017-11-07 11:51:54.576-0600 Change 7006 merged by Joshua Colp: res_pjsip: Ignore empty TLS configuration [https://gerrit.asterisk.org/7006|https://gerrit.asterisk.org/7006] |