Class: OverSIP::SIP::TlsServer

Inherits:
TcpServer show all
Defined in:
lib/oversip/sip/listeners/tls_server.rb

Direct Known Subclasses

IPv4TlsServer, IPv6TlsServer

Constant Summary collapse

TLS_HANDSHAKE_MAX_TIME =
4

Constants inherited from TcpConnection

OverSIP::SIP::TcpConnection::HEADERS_MAX_SIZE

Constants included from MessageProcessor

MessageProcessor::MSG_TYPE

Instance Attribute Summary

Attributes inherited from TcpServer

#outbound_flow_token

Attributes inherited from Connection

#cvars

Instance Method Summary collapse

Methods inherited from TcpServer

#post_connection, #remote_desc

Methods inherited from TcpConnection

#get_body, #parse_headers, #process_received_data, #receive_data, #remote_ip, #remote_ip_type, #remote_port, #send_sip_msg

Methods inherited from Connection

#initialize, #open?, outbound_listener?, #receive_senderror, reliable_transport_listener?, #transport

Methods included from Logger

close, fg_system_msg2str, init_logger_mq, load_methods, #log_id, syslog_system_msg2str, syslog_user_msg2str

Constructor Details

This class inherits a constructor from OverSIP::SIP::Connection

Instance Method Details

#post_initObject



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# File 'lib/oversip/sip/listeners/tls_server.rb', line 8

def post_init
  @client_pems = []
  @client_last_pem = false

  start_tls({
    :verify_peer => true,
    :cert_chain_file => ::OverSIP.tls_public_cert,
    :private_key_file => ::OverSIP.tls_private_cert,
    :use_tls => true
  })

  # If the remote client does never send us a TLS certificate
  # after the TCP connection we would leak by storing more and
  # more messages in @pending_messages array.
  @timer_tls_handshake = ::EM::Timer.new(TLS_HANDSHAKE_MAX_TIME) do
    unless @connected
      log_system_notice "TLS handshake not performed within #{TLS_HANDSHAKE_MAX_TIME} seconds, closing the connection"
      close_connection
    end
  end
end

#ssl_handshake_completedObject



45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# File 'lib/oversip/sip/listeners/tls_server.rb', line 45

def ssl_handshake_completed
  log_system_info "TLS connection established from " << remote_desc

  # @connected in TlsServer means "TLS connection" rather than
  # just "TCP connection".
  @connected = true
  @timer_tls_handshake.cancel  if @timer_tls_handshake

  if ::OverSIP::SIP.callback_on_client_tls_handshake
    # Set the state to :waiting_for_on_client_tls_handshake so data received after TLS handshake  but before
    # user callback validation is just stored.
    @state = :waiting_for_on_client_tls_handshake

    # Run OverSIP::SipEvents.on_client_tls_handshake.
    ::Fiber.new do
      begin
        log_system_debug "running OverSIP::SipEvents.on_client_tls_handshake()..."  if $oversip_debug
        ::OverSIP::SipEvents.on_client_tls_handshake self, @client_pems
        # If the user of the peer has not closed the connection then continue.
        unless @local_closed or error?
          @state = :init
          # Call process_received_data() to process possible data received in the meanwhile.
          process_received_data
        else
          log_system_debug "connection closed, aborting"  if $oversip_debug
        end

      rescue ::Exception => e
        log_system_error "error calling OverSIP::SipEvents.on_client_tls_handshake():"
        log_system_error e
        close_connection
      end
    end.resume
  end
end

#ssl_verify_peer(pem) ⇒ Object



31
32
33
34
35
36
37
38
39
40
41
42
# File 'lib/oversip/sip/listeners/tls_server.rb', line 31

def ssl_verify_peer pem
  # TODO: Dirty workaround for bug https://github.com/eventmachine/eventmachine/issues/194.
  return true  if @client_last_pem == pem

  @client_last_pem = pem
  @client_pems << pem

  log_system_debug "received certificate num #{@client_pems.size} from client"  if $oversip_debug

  # Validation must be done in ssl_handshake_completed after receiving all the certs, so return true.
  return true
end

#unbind(cause = nil) ⇒ Object



82
83
84
85
# File 'lib/oversip/sip/listeners/tls_server.rb', line 82

def unbind cause=nil
  @timer_tls_handshake.cancel  if @timer_tls_handshake
  super
end