[Home]

Summary:ASTERISK-27032: res_pjsip: TLS options do not handle empty values
Reporter:seanchann.zhou (seanchann)Labels:pjsip
Date Opened:2017-06-05 04:24:46Date Closed:2017-11-07 10:30:31.000-0600
Priority:MinorRegression?
Status:Closed/CompleteComponents:Resources/res_pjsip
Versions:13.15.1 Frequency of
Occurrence
Related
Issues:
Environment:openwrtAttachments:
Description:Hi:
  in file config_transport.c line  661:
  If there is no configuration value, loading the entire module will exit. But if the current  protocol  value is not tls, Then it is not necessary to have these values
  I bind sorcery with realtime for ps_transports.

  if check current protocol value, only process tls type.
  Look at the following code snippet

  ```
    if(transport->type != AST_TRANSPORT_TLS){
return 0;
}
  ```
Comments:By: Asterisk Team (asteriskteam) 2017-06-05 04:24:47.920-0500

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].
By: Rusty Newton (rnewton) 2017-06-06 17:56:08.476-0500

Can you attach your sorcery.conf and extconfig.conf for clarity?

Do transports fail to load completely?

What transport are you configuring in the database?

Please attach a log captured during the load with warning,error,notice,verbose,debug levels, with verbose and debug turned up to 5 or above.

https://wiki.asterisk.org/wiki/display/AST/Collecting+Debug+Information
By: seanchann.zhou (seanchann) 2017-06-06 22:01:22.993-0500

hi:
  extconfig.conf:
{noformat}
pjsip.conf => sqlite3,pjsipconf,ast_config
pjsip_notify.conf => sqlite3,pjsipnotifyconf,ast_config
pjproject.conf => sqlite3,pjprojectconf,ast_config
ps_systems => sqlite3,ps_systems,ps_systems
ps_globals => sqlite3,ps_globals,ps_globals
ps_transports => sqlite3,ps_transports,ps_transports
ps_endpoints => sqlite3,ps_endpoints,ps_endpoints
ps_auths => sqlite3,ps_auths,ps_auths
ps_aors => sqlite3,ps_aors,ps_aors
ps_domain_aliases => sqlite3,ps_domain_aliases,ps_domain_aliases
ps_contacts => sqlite3,ps_contacts,ps_contacts
ps_endpoint_id_ips => sqlite3,ps_endpoint_id_ips,ps_endpoint_id_ips
ps_registrations => sqlite3,ps_registrations,ps_registrations
ps_subscription_persistence => sqlite3,ps_subscription_persistence,ps_subscription_persistence
sorcery.conf => sqlite3,sorceryconf,ast_config
{noformat}
  res_config_sqlit3.conf:
{noformat}
;ps_transports => sqlite3,ps_transports,ps_transports
[ps_transports]
dbfile => /etc/ps_transports.realtime
;debug=yes
requirements=warn
batch=0s

[sorceryconf]
dbfile => /etc/opmanage/sorcery_conf.realtime
;debug=yes
requirements=warn
batch=0
{noformat}
  pjsip  transport configration in sqlite3:
{noformat}
sqlite> .tables
ps_transports
sqlite> .schema ps_transports
CREATE TABLE ps_transports (id TEXT CHECK( LENGTH(id) <= 40 ) UNIQUE NOT NULL,async_operations INTEGER,bind TEXT CHECK( LENGTH(bind) <= 40 ),ca_list_file TEXT CHECK( LENGTH(ca_list_file) <= 200 ),cert_file TEXT CHECK( LENGTH(cert_file) <= 200 ),cipher TEXT CHECK( LENGTH(cipher) <= 200 ),domain TEXT CHECK( LENGTH(domain) <= 40 ),external_media_address TEXT CHECK( LENGTH(external_media_address) <= 40 ),external_signaling_address TEXT CHECK( LENGTH(external_signaling_address) <= 40 ),external_signaling_port INTEGER,method TEXT CHECK( LENGTH(method) <= 10 ),local_net TEXT CHECK( LENGTH(local_net) <= 40 ),password TEXT CHECK( LENGTH(password) <= 40 ),priv_key_file TEXT CHECK( LENGTH(priv_key_file) <= 200 ),protocol TEXT CHECK( LENGTH(protocol) <= 10 ),require_client_cert TEXT CHECK( LENGTH(require_client_cert) <= 10 ),verify_client TEXT CHECK( LENGTH(verify_client) <= 10 ),verify_server TEXT CHECK( LENGTH(verify_server) <= 10 )  NULL,tos TEXT CHECK( LENGTH(tos) <= 10 )  NULL,cos INTEGER,allow_reload TEXT CHECK( LENGTH(allow_reload) <= 10 ),symmetric_transport TEXT CHECK( LENGTH(symmetric_transport) <= 10 ));
CREATE INDEX ps_transports_id ON ps_transports (id);
sqlite> select * from ps_transports;
transport-udp|1|0.0.0.0|||||||0|default||||udp|no|no|no|cs3|3|no|no
transport-tcp|1|0.0.0.0|||||||0|default||||tcp|no|no|no|cs3|3|no|no
sqlite>
{noformat}
 sorcery.conf in sqlite3
{noformat}
 sqlite> .tables
ast_config
sqlite> .schema ast_config
CREATE TABLE ast_config (       id      INTEGER PRIMARY KEY AUTOINCREMENT ,     cat_metric      INTEGER,        var_metric      INTEGER,        commented       INTEGER,  filename        VARCHAR(80),    category        VARCHAR(80),    var_name        VARCHAR(80),    var_val         VARCHAR(320));
sqlite>
sqlite>
sqlite> select * from ast_config;
1|0|1|0|sorcery.conf|res_pjsip|endpoint|realtime,ps_endpoints
2|0|2|0|sorcery.conf|res_pjsip|auth|realtime,ps_auths
3|0|3|0|sorcery.conf|res_pjsip|aor|realtime,ps_aors
4|0|4|0|sorcery.conf|res_pjsip|domain_alias|realtime,ps_domain_aliases
5|0|5|0|sorcery.conf|res_pjsip|contact|realtime,ps_contacts
6|0|6|0|sorcery.conf|res_pjsip|transport|realtime,ps_transports
7|0|7|0|sorcery.conf|res_pjsip|system|realtime,ps_systems
8|0|8|0|sorcery.conf|res_pjsip|global|realtime,ps_globals
9|1|1|0|sorcery.conf|res_pjsip_endpoint_identifier_ip|identify|realtime,ps_endpoint_id_ips
10|2|1|0|sorcery.conf|res_pjsip_outbound_registration|registration|realtime,ps_registrations
sqlite>
{noformat}
asterisk load log:
{noformat}
 *CLI> pjsip show transports
[Jun  7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [0] in [0, 65535] gives [0](0)
[Jun  7 10:59:02] DEBUG[5463]: config.c:3689 ast_parse_arg: extract int from [100] in [1, 2147483647] gives [100](0)
[Jun  7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [1] in [0, 4294967295] gives [1](0)
[Jun  7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [0] in [0, 4294967295] gives [0](0)
[Jun  7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [1] in [0, 4294967295] gives [1](0)
[Jun  7 10:59:02] ERROR[5463]: res_pjsip/config_transport.c:666 transport_tls_file_handler: Transport: transport-udp: ca_list_file  is either missing or not readable
[Jun  7 10:59:02] ERROR[5463]: config_options.c:738 aco_process_var: Error parsing ca_list_file=test1 at line 0 of
[Jun  7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [0] in [0, 65535] gives [0](0)
[Jun  7 10:59:02] DEBUG[5463]: config.c:3689 ast_parse_arg: extract int from [100] in [1, 2147483647] gives [100](0)
[Jun  7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [1] in [0, 4294967295] gives [1](0)
[Jun  7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [0] in [0, 4294967295] gives [0](0)
[Jun  7 10:59:02] DEBUG[5463]: config.c:3742 ast_parse_arg: extract uint from [1] in [0, 4294967295] gives [1](0)
[Jun  7 10:59:02] ERROR[5463]: res_pjsip/config_transport.c:666 transport_tls_file_handler: Transport: transport-tcp: ca_list_file  is either missing or not readable
[Jun  7 10:59:02] ERROR[5463]: config_options.c:738 aco_process_var: Error parsing ca_list_file= at line 0 of
No objects found.
{noformat}

By: Joshua C. Colp (jcolp) 2017-06-12 09:01:20.565-0500

The underlying bug here is that the handler does not support an empty value. In that case it should be ignored.
By: Friendly Automation (friendly-automation) 2017-11-07 10:30:31.924-0600

Change 7004 merged by Jenkins2:
res_pjsip: Ignore empty TLS configuration

[https://gerrit.asterisk.org/7004|https://gerrit.asterisk.org/7004]
By: Friendly Automation (friendly-automation) 2017-11-07 11:06:02.526-0600

Change 7007 merged by Jenkins2:
res_pjsip: Ignore empty TLS configuration

[https://gerrit.asterisk.org/7007|https://gerrit.asterisk.org/7007]
By: Friendly Automation (friendly-automation) 2017-11-07 11:51:54.576-0600

Change 7006 merged by Joshua Colp:
res_pjsip: Ignore empty TLS configuration

[https://gerrit.asterisk.org/7006|https://gerrit.asterisk.org/7006]