diff --git a/CHANGES b/CHANGES
index 3b2be7125b..4f91c73d01 100644
--- a/CHANGES
+++ b/CHANGES
@@ -70,6 +70,13 @@ res_pjsip_pubsub
need to run the "alembic upgrade head" process to add the column to
the schema.
+res_pjsip_transport_management
+------------------
+ * Since res_pjsip_transport_management provides several attack
+ mitigation features, its functionality moved to res_pjsip and
+ this module has been removed. This way the features will always
+ be available if res_pjsip is loaded.
+
------------------------------------------------------------------------------
--- Functionality changes from Asterisk 15.1.0 to Asterisk 15.2.0 ------------
------------------------------------------------------------------------------
diff --git a/UPGRADE.txt b/UPGRADE.txt
index 5e138e8eaa..6df39f1fe6 100644
--- a/UPGRADE.txt
+++ b/UPGRADE.txt
@@ -50,6 +50,13 @@ res_pjsip_endpoint_identifier_ip
you can now predict which endpoint is matched when a request comes in that
matches both.
+res_pjsip_transport_management
+------------------
+ * Since res_pjsip_transport_management provides several attack
+ mitigation features, its functionality moved to res_pjsip and
+ this module has been removed. This way the features will always
+ be available if res_pjsip is loaded.
+
New in 15.0.0:
Build System:
diff --git a/res/res_pjsip.c b/res/res_pjsip.c
index 7867c52c12..44871f415f 100644
--- a/res/res_pjsip.c
+++ b/res/res_pjsip.c
@@ -4027,7 +4027,8 @@ int ast_sip_failover_request(pjsip_tx_data *tdata)
{
pjsip_via_hdr *via;
- if (!tdata->dest_info.addr.count || (tdata->dest_info.cur_addr == tdata->dest_info.addr.count - 1)) {
+ if (!tdata || !tdata->dest_info.addr.count
+ || (tdata->dest_info.cur_addr == tdata->dest_info.addr.count - 1)) {
/* No more addresses to try */
return 0;
}
@@ -4575,9 +4576,15 @@ static void supplement_outgoing_response(pjsip_tx_data *tdata, struct ast_sip_en
int ast_sip_send_response(pjsip_response_addr *res_addr, pjsip_tx_data *tdata, struct ast_sip_endpoint *sip_endpoint)
{
+ pj_status_t status;
+
supplement_outgoing_response(tdata, sip_endpoint);
+ status = pjsip_endpt_send_response(ast_sip_get_pjsip_endpoint(), res_addr, tdata, NULL, NULL);
+ if (status != PJ_SUCCESS) {
+ pjsip_tx_data_dec_ref(tdata);
+ }
- return pjsip_endpt_send_response(ast_sip_get_pjsip_endpoint(), res_addr, tdata, NULL, NULL);
+ return status == PJ_SUCCESS ? 0 : -1;
}
int ast_sip_send_stateful_response(pjsip_rx_data *rdata, pjsip_tx_data *tdata, struct ast_sip_endpoint *sip_endpoint)
@@ -4819,6 +4826,7 @@ static int unload_pjsip(void *data)
ast_res_pjsip_cleanup_options_handling();
ast_res_pjsip_cleanup_message_filter();
ast_sip_destroy_distributor();
+ ast_sip_destroy_transport_management();
ast_res_pjsip_destroy_configuration();
ast_sip_destroy_system();
ast_sip_destroy_global_headers();
@@ -4984,6 +4992,11 @@ static int load_module(void)
ast_sip_initialize_resolver();
ast_sip_initialize_dns();
+ if (ast_sip_initialize_transport_management()) {
+ ast_log(LOG_ERROR, "Failed to initialize SIP transport management. Aborting load\n");
+ goto error;
+ }
+
if (ast_sip_initialize_distributor()) {
ast_log(LOG_ERROR, "Failed to register distributor module. Aborting load\n");
goto error;
diff --git a/res/res_pjsip/include/res_pjsip_private.h b/res/res_pjsip/include/res_pjsip_private.h
index 46526597d3..04ed990eec 100644
--- a/res/res_pjsip/include/res_pjsip_private.h
+++ b/res/res_pjsip/include/res_pjsip_private.h
@@ -409,4 +409,32 @@ int ast_sip_destroy_scheduler(void);
int ast_sip_will_uri_survive_restart(pjsip_sip_uri *uri, struct ast_sip_endpoint *endpoint,
pjsip_rx_data *rdata);
+/*!
+ * \internal
+ * \brief Initialize the transport management module
+ * \since 13.20.0
+ *
+ * The transport management module is responsible for 3 things...
+ * 1. It automatically destroys any reliable transport that does not
+ * receive a valid request within system/timer_b milliseconds of the
+ * connection being opened. (Attack mitigation)
+ * 2. Since it increments the reliable transport's reference count
+ * for that period of time, it also prevents issues if the transport
+ * disconnects while we're still trying to process a response.
+ * (Attack mitigation)
+ * 3. If enabled by global/keep_alive_interval, it sends '\r\n'
+ * keepalives on reliable transports at the interval specified.
+ *
+ * \retval -1 Failure
+ * \retval 0 Success
+ */
+int ast_sip_initialize_transport_management(void);
+
+/*!
+ * \internal
+ * \brief Destruct the transport management module.
+ * \since 13.20.0
+ */
+void ast_sip_destroy_transport_management(void);
+
#endif /* RES_PJSIP_PRIVATE_H_ */
diff --git a/res/res_pjsip/pjsip_distributor.c b/res/res_pjsip/pjsip_distributor.c
index b4828d89fb..7f512d1bb7 100644
--- a/res/res_pjsip/pjsip_distributor.c
+++ b/res/res_pjsip/pjsip_distributor.c
@@ -854,7 +854,9 @@ static pj_bool_t authenticate(pjsip_rx_data *rdata)
case AST_SIP_AUTHENTICATION_CHALLENGE:
/* Send the 401 we created for them */
ast_sip_report_auth_challenge_sent(endpoint, rdata, tdata);
- pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL);
+ if (pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL) != PJ_SUCCESS) {
+ pjsip_tx_data_dec_ref(tdata);
+ }
return PJ_TRUE;
case AST_SIP_AUTHENTICATION_SUCCESS:
/* See note in endpoint_lookup about not holding an unnecessary write lock */
@@ -867,7 +869,9 @@ static pj_bool_t authenticate(pjsip_rx_data *rdata)
case AST_SIP_AUTHENTICATION_FAILED:
log_failed_request(rdata, "Failed to authenticate", 0, 0);
ast_sip_report_auth_failed_challenge_response(endpoint, rdata);
- pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL);
+ if (pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL) != PJ_SUCCESS) {
+ pjsip_tx_data_dec_ref(tdata);
+ }
return PJ_TRUE;
case AST_SIP_AUTHENTICATION_ERROR:
log_failed_request(rdata, "Error to authenticate", 0, 0);
diff --git a/res/res_pjsip_transport_management.c b/res/res_pjsip/pjsip_transport_management.c
similarity index 94%
rename from res/res_pjsip_transport_management.c
rename to res/res_pjsip/pjsip_transport_management.c
index eb92eb7a51..efda37d7cb 100644
--- a/res/res_pjsip_transport_management.c
+++ b/res/res_pjsip/pjsip_transport_management.c
@@ -16,12 +16,6 @@
* at the top of the source tree.
*/
-/*** MODULEINFO
- pjproject
- res_pjsip
- core
- ***/
-
#include "asterisk.h"
#include
@@ -32,6 +26,7 @@
#include "asterisk/res_pjsip.h"
#include "asterisk/module.h"
#include "asterisk/astobj2.h"
+#include "include/res_pjsip_private.h"
/*! \brief Number of buckets for monitored transports */
#define TRANSPORTS_BUCKETS 127
@@ -319,12 +314,10 @@ static pjsip_module idle_monitor_module = {
.on_rx_request = idle_monitor_on_rx_request,
};
-static int load_module(void)
+int ast_sip_initialize_transport_management(void)
{
struct ao2_container *transports;
- CHECK_PJSIP_MODULE_LOADED();
-
transports = ao2_container_alloc(TRANSPORTS_BUCKETS, monitored_transport_hash_fn,
monitored_transport_cmp_fn);
if (!transports) {
@@ -356,11 +349,10 @@ static int load_module(void)
ast_sorcery_observer_add(ast_sip_get_sorcery(), "global", &keepalive_global_observer);
ast_sorcery_reload_object(ast_sip_get_sorcery(), "global");
- ast_module_shutdown_ref(ast_module_info->self);
return AST_MODULE_LOAD_SUCCESS;
}
-static int unload_module(void)
+void ast_sip_destroy_transport_management(void)
{
if (keepalive_interval) {
keepalive_interval = 0;
@@ -381,20 +373,4 @@ static int unload_module(void)
sched = NULL;
ao2_global_obj_release(monitored_transports);
-
- return 0;
-}
-
-static int reload_module(void)
-{
- ast_sorcery_reload_object(ast_sip_get_sorcery(), "global");
- return 0;
}
-
-AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "PJSIP Reliable Transport Management",
- .support_level = AST_MODULE_SUPPORT_CORE,
- .load = load_module,
- .reload = reload_module,
- .unload = unload_module,
- .load_pri = AST_MODPRI_CHANNEL_DEPEND - 4,
-);
diff --git a/res/res_pjsip_session.c b/res/res_pjsip_session.c
index f0606d67fa..1842d41e68 100644
--- a/res/res_pjsip_session.c
+++ b/res/res_pjsip_session.c
@@ -1866,7 +1866,9 @@ static pj_bool_t session_reinvite_on_rx_request(pjsip_rx_data *rdata)
/* Otherwise this is a new re-invite, so reject it */
if (pjsip_dlg_create_response(dlg, rdata, 491, NULL, &tdata) == PJ_SUCCESS) {
- pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL);
+ if (pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL) != PJ_SUCCESS) {
+ pjsip_tx_data_dec_ref(tdata);
+ }
}
return PJ_TRUE;
@@ -2856,7 +2858,9 @@ static pjsip_inv_session *pre_session_setup(pjsip_rx_data *rdata, const struct a
if (pjsip_inv_verify_request(rdata, &options, NULL, NULL, ast_sip_get_pjsip_endpoint(), &tdata) != PJ_SUCCESS) {
if (tdata) {
- pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL);
+ if (pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL) != PJ_SUCCESS) {
+ pjsip_tx_data_dec_ref(tdata);
+ }
} else {
pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 500, NULL, NULL, NULL);
}