Class: OverSIP::SIP::TlsServer

# File 'lib/oversip/sip/listeners/tls_server.rb', line 8

def post_init
  @client_pems = []
  @client_last_pem = false

  start_tls({
    :verify_peer => true,
    :cert_chain_file => ::OverSIP.tls_public_cert,
    :private_key_file => ::OverSIP.tls_private_cert,
    :use_tls => true
  })

  # If the remote client does never send us a TLS certificate
  # after the TCP connection we would leak by storing more and
  # more messages in @pending_messages array.
  @timer_tls_handshake = ::EM::Timer.new(TLS_HANDSHAKE_MAX_TIME) do
    unless @connected
      log_system_notice "TLS handshake not performed within #{TLS_HANDSHAKE_MAX_TIME} seconds, closing the connection"
      close_connection
    end
  end
end

#ssl_handshake_completed ⇒ `Object`

# File 'lib/oversip/sip/listeners/tls_server.rb', line 45

def ssl_handshake_completed
  log_system_info "TLS connection established from " << remote_desc

  # @connected in TlsServer means "TLS connection" rather than
  # just "TCP connection".
  @connected = true
  @timer_tls_handshake.cancel  if @timer_tls_handshake

  if ::OverSIP::SIP.callback_on_client_tls_handshake
    # Set the state to :waiting_for_on_client_tls_handshake so data received after TLS handshake  but before
    # user callback validation is just stored.
    @state = :waiting_for_on_client_tls_handshake

    # Run OverSIP::SipEvents.on_client_tls_handshake.
    ::Fiber.new do
      begin
        log_system_debug "running OverSIP::SipEvents.on_client_tls_handshake()..."  if $oversip_debug
        ::OverSIP::SipEvents.on_client_tls_handshake self, @client_pems
        # If the user of the peer has not closed the connection then continue.
        unless @local_closed or error?
          @state = :init
          # Call process_received_data() to process possible data received in the meanwhile.
          process_received_data
        else
          log_system_debug "connection closed, aborting"  if $oversip_debug
        end

      rescue ::Exception => e
        log_system_error "error calling OverSIP::SipEvents.on_client_tls_handshake():"
        log_system_error e
        close_connection
      end
    end.resume
  end
end

#ssl_verify_peer(pem) ⇒ `Object`

# File 'lib/oversip/sip/listeners/tls_server.rb', line 31

def ssl_verify_peer pem
  # TODO: Dirty workaround for bug https://github.com/eventmachine/eventmachine/issues/194.
  return true  if @client_last_pem == pem

  @client_last_pem = pem
  @client_pems << pem

  log_system_debug "received certificate num #{@client_pems.size} from client"  if $oversip_debug

  # Validation must be done in ssl_handshake_completed after receiving all the certs, so return true.
  return true
end

#unbind(cause = nil) ⇒ `Object`

# File 'lib/oversip/sip/listeners/tls_server.rb', line 82

def unbind cause=nil
  @timer_tls_handshake.cancel  if @timer_tls_handshake
  super
end

Class: OverSIP::SIP::TlsServer

Direct Known Subclasses

Constant Summary collapse

Constants inherited from TcpConnection

Constants included from MessageProcessor

Instance Attribute Summary

Attributes inherited from TcpServer

Attributes inherited from Connection

Instance Method Summary collapse

Methods inherited from TcpServer

Methods inherited from TcpConnection

Methods inherited from Connection

Methods included from Logger

Constructor Details

Instance Method Details

#post_init ⇒ Object

#ssl_handshake_completed ⇒ Object

#ssl_verify_peer(pem) ⇒ Object

#unbind(cause = nil) ⇒ Object

#post_init ⇒ `Object`

#ssl_handshake_completed ⇒ `Object`

#ssl_verify_peer(pem) ⇒ `Object`

#unbind(cause = nil) ⇒ `Object`