ASTERISK-29359: res_pjsip: Allow to define a transport without listener

[Home]

Summary: ASTERISK-29359: res_pjsip: Allow to define a transport without listener

Reporter: Michael Maier (micha) Labels:

Date Opened: 2021-03-21 00:13:15 Date Closed: 2021-05-12 15:09:16

Priority: Minor Regression? No

Status: Closed/Complete Components: Resources/res_pjsip

Versions: 18.0.0 Frequency of
Occurrence

Related
Issues:

Environment: Attachments: ( 0) allow-port-0.diff.gz

Description: res_pjsip/config_transport.c:
The pjsip architecture uses so called transports as the interface of each configured device, which provides the network connection for a device. Therefore Asterisk provides a interface to create this transport. At the moment, it is impossible to create a transport without a listener added (even the flow transport can't be used without an arbitrary existing transport containing the correct listener (sip / sips)).

Attached is a proposal, which enables Asterisk to configure transports without forcibly adding a listener. This is handy if you don't need a listener at all (and therefore increases security) - e.g. for a trunk device, which registers itself to a SIP provider and which is and should be never connected from outside. Pjsip itself supports this operation by adding port 0 to this transport.

This proposal is tested on base of ASTERISK-29241.

Comments: By: Asterisk Team (asteriskteam) 2021-03-21 00:13:17.273-0500

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. Please note that log messages and other files should not be sent to the Sangoma Asterisk Team unless explicitly asked for. All files should be placed on this issue in a sanitized fashion as needed.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].

Please note that once your issue enters an open state it has been accepted. As Asterisk is an open source project there is no guarantee or timeframe on when your issue will be looked into. If you need expedient resolution you will need to find and pay a suitable developer. Asking for an update on your issue will not yield any progress on it and will not result in a response. All updates are posted to the issue when they occur.

Please note that by submitting data, code, or documentation to Sangoma through JIRA, you accept the Terms of Use present at [https://www.asterisk.org/terms-of-use/|https://www.asterisk.org/terms-of-use/].
By: Michael Maier (micha) 2021-03-21 00:16:52.074-0500

That's a short description to show how the transport interface could be changed to achieve the desired behavior.
By: Joshua C. Colp (jcolp) 2021-03-21 04:25:06.960-0500

The attachment is of a diff which is code. I've had to mark it as a contribution accordingly. You can describe how such a thing could be accomplished in the description and someone could potentially work on it.

Any attachment that is code (be it a proposal or ready to be merged) needs a signed contributor agreement. I understand you do not wish to sign one, so in the future you can describe in human readable text how things could be changed without providing code.
By: Michael Maier (micha) 2021-03-21 07:36:05.300-0500

Ok - as usual, you can use (or not) the proposal as you like. I would sign the license agreement as such - but I'm not willing to provide any private data. You really should think about protection of privacy. It's not necessary for you to know this data. Others like Linux kernel development doesn't need it, too.

From my point of view I fully described what I would like to achieve (and I know, how it actually works (for me)) and how it potentially could be done. Feel free to ask, if you have any further specific questions. I will try to answer it.
By: Joshua C. Colp (jcolp) 2021-03-21 07:57:21.840-0500

I will forward your feedback in regards to licensing to legal.
By: Michael Maier (micha) 2021-04-30 01:28:45.925-0500

Well, the attached proposal doesn't really solve the problem - it just creates another random port for the listener. Therefore it's unrewarding. But I could prove, that a upstream trunk to an VoIP ISP doesn't need a listener at all, as all incoming and outgoing Requests to and from the ISP went through the connection opened by asterisk, which doesn't use the listener port at all. Additionally added portfilter policy prevented connects to this random listener anyway.

Therefore I looked around and found a solution, which really prevents creation of a listener: pjsip knows the compile time option [PJSIP_TLS_TRANSPORT_DONT_CREATE_LISTENER|https://pjsip.org/pjsip/docs/html/group__PJSIP__TRANSPORT__TLS.htm] or [PJSIP_TCP_TRANSPORT_DONT_CREATE_LISTENER|https://pjsip.org/pjsip/docs/html/group__PJSIP__TRANSPORT__TCP.htm] in conjunction with pjsip_tls_transport_lis_start() / pjsip_tcp_transport_lis_start(). If you're building now asterisk / pjsip using this compile time option and an additional added new nobind option to transport configuration, you really get client only transports w/o any listener.
As you don't like to have code I won't provide any proposal. If anyone is interested in the code - just drop me a mail.
By: Sean Bright (seanbright) 2021-05-12 15:09:05.188-0500

Features requests without patches are not accepted through the issue tracker. Features requests are openly discussed on the mailing lists, forums, and IRC [1]. Please see the Asterisk Issue Guidelines [2] for more information on feature request and patch submission.

[1] http://asterisk.org/community/discuss
[2] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines