AST-2018-005: res_pjsip_transport_management: Move to core
[asterisk/asterisk.git] / res / res_pjsip / config_transport.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2013, Digium, Inc.
5  *
6  * Joshua Colp <jcolp@digium.com>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18
19 #include "asterisk.h"
20
21 #include <math.h>
22 #include <pjsip.h>
23 #include <pjlib.h>
24
25 #include "asterisk/res_pjsip.h"
26 #include "asterisk/res_pjsip_cli.h"
27 #include "asterisk/logger.h"
28 #include "asterisk/astobj2.h"
29 #include "asterisk/sorcery.h"
30 #include "asterisk/acl.h"
31 #include "asterisk/utils.h"
32 #include "include/res_pjsip_private.h"
33 /* We're only using a #define from http_websocket.h, no OPTIONAL_API symbols are used. */
34 #include "asterisk/http_websocket.h"
35
36 #define MAX_POINTER_STRING 33
37
38 /*! \brief Default number of state container buckets */
39 #define DEFAULT_STATE_BUCKETS 53
40 static struct ao2_container *transport_states;
41
42 struct internal_state {
43         char *id;
44         /*! Set if there was a change detected */
45         int change_detected;
46         /*! \brief Transport configuration object */
47         struct ast_sip_transport *transport;
48         /*! \brief Transport state information */
49         struct ast_sip_transport_state *state;
50 };
51
52 static void temp_state_store_cleanup(void *data)
53 {
54         struct ast_sip_transport_state **temp_state = data;
55
56         ao2_cleanup(*temp_state);
57         ast_free(data);
58 }
59
60 AST_THREADSTORAGE_CUSTOM(temp_state_store, NULL, temp_state_store_cleanup);
61
62 /*! \brief hashing function for state objects */
63 static int internal_state_hash(const void *obj, const int flags)
64 {
65         const struct internal_state *object;
66         const char *key;
67
68         switch (flags & OBJ_SEARCH_MASK) {
69         case OBJ_SEARCH_KEY:
70                 key = obj;
71                 break;
72         case OBJ_SEARCH_OBJECT:
73                 object = obj;
74                 key = object->id;
75                 break;
76         default:
77                 ast_assert(0);
78                 return 0;
79         }
80         return ast_str_hash(key);
81 }
82
83 /*! \brief comparator function for state objects */
84 static int internal_state_cmp(void *obj, void *arg, int flags)
85 {
86         const struct internal_state *object_left = obj;
87         const struct internal_state *object_right = arg;
88         const char *right_key = arg;
89         int cmp;
90
91         switch (flags & OBJ_SEARCH_MASK) {
92         case OBJ_SEARCH_OBJECT:
93                 right_key = object_right->id;
94                 /* Fall through */
95         case OBJ_SEARCH_KEY:
96                 cmp = strcmp(object_left->id, right_key);
97                 break;
98         case OBJ_SEARCH_PARTIAL_KEY:
99                 /* Not supported by container. */
100                 ast_assert(0);
101                 return 0;
102         default:
103                 cmp = 0;
104                 break;
105         }
106         if (cmp) {
107                 return 0;
108         }
109         return CMP_MATCH;
110 }
111
112 /*! \brief hashing function for state objects */
113 static int transport_state_hash(const void *obj, const int flags)
114 {
115         const struct ast_sip_transport_state *object;
116         const char *key;
117
118         switch (flags & OBJ_SEARCH_MASK) {
119         case OBJ_SEARCH_KEY:
120                 key = obj;
121                 break;
122         case OBJ_SEARCH_OBJECT:
123                 object = obj;
124                 key = object->id;
125                 break;
126         default:
127                 ast_assert(0);
128                 return 0;
129         }
130         return ast_str_hash(key);
131 }
132
133 /*! \brief comparator function for state objects */
134 static int transport_state_cmp(void *obj, void *arg, int flags)
135 {
136         const struct ast_sip_transport_state *object_left = obj;
137         const struct ast_sip_transport_state *object_right = arg;
138         const char *right_key = arg;
139         int cmp;
140
141         switch (flags & OBJ_SEARCH_MASK) {
142         case OBJ_SEARCH_OBJECT:
143                 right_key = object_right->id;
144                 /* Fall through */
145         case OBJ_SEARCH_KEY:
146                 cmp = strcmp(object_left->id, right_key);
147                 break;
148         case OBJ_SEARCH_PARTIAL_KEY:
149                 /* Not supported by container. */
150                 ast_assert(0);
151                 return 0;
152         default:
153                 cmp = 0;
154                 break;
155         }
156         if (cmp) {
157                 return 0;
158         }
159         return CMP_MATCH;
160 }
161
162 static int sip_transport_to_ami(const struct ast_sip_transport *transport,
163                                 struct ast_str **buf)
164 {
165         return ast_sip_sorcery_object_to_ami(transport, buf);
166 }
167
168 static int format_ami_endpoint_transport(const struct ast_sip_endpoint *endpoint,
169                                          struct ast_sip_ami *ami)
170 {
171         RAII_VAR(struct ast_str *, buf, NULL, ast_free);
172         RAII_VAR(struct ast_sip_transport *, transport, NULL, ao2_cleanup);
173
174         if (ast_strlen_zero(endpoint->transport)) {
175                 return 0;
176         }
177
178         buf = ast_sip_create_ami_event("TransportDetail", ami);
179         if (!buf) {
180                 return -1;
181         }
182
183         transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport",
184                 endpoint->transport);
185         if (!transport) {
186                 astman_send_error_va(ami->s, ami->m, "Unable to retrieve "
187                                      "transport %s\n", endpoint->transport);
188                 return -1;
189         }
190
191         sip_transport_to_ami(transport, &buf);
192
193         ast_str_append(&buf, 0, "EndpointName: %s\r\n",
194                        ast_sorcery_object_get_id(endpoint));
195
196         astman_append(ami->s, "%s\r\n", ast_str_buffer(buf));
197         ami->count++;
198
199         return 0;
200 }
201
202 struct ast_sip_endpoint_formatter endpoint_transport_formatter = {
203         .format_ami = format_ami_endpoint_transport
204 };
205
206 static void set_qos(struct ast_sip_transport *transport, pj_qos_params *qos)
207 {
208         int tos_as_dscp = transport->tos >> 2;
209
210         if (transport->tos) {
211                 qos->flags |= PJ_QOS_PARAM_HAS_DSCP;
212                 qos->dscp_val = tos_as_dscp;
213         }
214         if (transport->cos) {
215                 qos->flags |= PJ_QOS_PARAM_HAS_SO_PRIO;
216                 qos->so_prio = transport->cos;
217         }
218 }
219
220 /*! \brief Destructor for transport */
221 static void sip_transport_destroy(void *obj)
222 {
223         struct ast_sip_transport *transport = obj;
224
225         ast_string_field_free_memory(transport);
226 }
227
228 /*! \brief Allocator for transport */
229 static void *sip_transport_alloc(const char *name)
230 {
231         struct ast_sip_transport *transport = ast_sorcery_generic_alloc(sizeof(*transport), sip_transport_destroy);
232
233         if (!transport) {
234                 return NULL;
235         }
236
237         if (ast_string_field_init(transport, 256)) {
238                 ao2_cleanup(transport);
239                 return NULL;
240         }
241
242         return transport;
243 }
244
245 static int destroy_sip_transport_state(void *data)
246 {
247         struct ast_sip_transport_state *transport_state = data;
248
249         ast_free(transport_state->id);
250         ast_free_ha(transport_state->localnet);
251
252         if (transport_state->external_signaling_address_refresher) {
253                 ast_dnsmgr_release(transport_state->external_signaling_address_refresher);
254         }
255         if (transport_state->external_media_address_refresher) {
256                 ast_dnsmgr_release(transport_state->external_media_address_refresher);
257         }
258         if (transport_state->transport) {
259                 pjsip_transport_shutdown(transport_state->transport);
260         }
261
262         return 0;
263 }
264
265 /*! \brief Destructor for ast_sip_transport state information */
266 static void sip_transport_state_destroy(void *obj)
267 {
268         struct ast_sip_transport_state *state = obj;
269
270         ast_sip_push_task_synchronous(NULL, destroy_sip_transport_state, state);
271 }
272
273 /*! \brief Destructor for ast_sip_transport state information */
274 static void internal_state_destroy(void *obj)
275 {
276         struct internal_state *state = obj;
277
278         ast_free(state->id);
279         ao2_cleanup(state->transport);
280         ao2_cleanup(state->state);
281 }
282
283 static struct internal_state *find_internal_state_by_transport(const struct ast_sip_transport *transport)
284 {
285         const char *key = ast_sorcery_object_get_id(transport);
286
287         return ao2_find(transport_states, key, OBJ_SEARCH_KEY | OBJ_NOLOCK);
288 }
289
290 static struct ast_sip_transport_state *find_state_by_transport(const struct ast_sip_transport *transport)
291 {
292         struct internal_state *state;
293         struct ast_sip_transport_state *trans_state;
294
295         state = find_internal_state_by_transport(transport);
296         if (!state) {
297                 return NULL;
298         }
299         trans_state = ao2_bump(state->state);
300         ao2_ref(state, -1);
301
302         return trans_state;
303 }
304
305 static int remove_temporary_state(void)
306 {
307         struct ast_sip_transport_state **state;
308
309         state = ast_threadstorage_get(&temp_state_store, sizeof(state));
310         if (!state) {
311                 return -1;
312         }
313
314         ao2_cleanup(*state);
315         *state = NULL;
316         return 0;
317 }
318
319 static struct ast_sip_transport_state *find_temporary_state(struct ast_sip_transport *transport)
320 {
321         struct ast_sip_transport_state **state;
322
323         state = ast_threadstorage_get(&temp_state_store, sizeof(state));
324         if (state && *state) {
325                 ao2_ref(*state, +1);
326                 return *state;
327         }
328
329         return NULL;
330 }
331
332 static struct internal_state *internal_state_alloc(struct ast_sip_transport *transport)
333 {
334         struct internal_state *internal_state;
335
336         internal_state = ao2_alloc(sizeof(*internal_state), internal_state_destroy);
337         if (!internal_state) {
338                 return NULL;
339         }
340
341         internal_state->id = ast_strdup(ast_sorcery_object_get_id(transport));
342         if (!internal_state->id) {
343                 ao2_cleanup(internal_state);
344                 return NULL;
345         }
346
347         /* We're transferring the reference from find_temporary_state */
348         internal_state->state = find_temporary_state(transport);
349         if (!internal_state->state) {
350                 ao2_cleanup(internal_state);
351                 return NULL;
352         }
353         internal_state->transport = ao2_bump(transport);
354         internal_state->transport->state = internal_state->state;
355         remove_temporary_state();
356
357         return internal_state;
358 }
359
360 /*!
361  * \internal
362  * \brief Should only be called by the individual field handlers
363  */
364 static struct ast_sip_transport_state *find_or_create_temporary_state(struct ast_sip_transport *transport)
365 {
366         struct ast_sip_transport_state **state;
367         struct ast_sip_transport_state *new_state;
368
369         if ((new_state = find_temporary_state(transport))) {
370                 return new_state;
371         }
372
373         state = ast_threadstorage_get(&temp_state_store, sizeof(state));
374         if (!state || *state) {
375                 return NULL;
376         }
377
378         new_state = ao2_alloc(sizeof(**state), sip_transport_state_destroy);
379         if (!new_state) {
380                 return NULL;
381         }
382         new_state->id = ast_strdup(ast_sorcery_object_get_id(transport));
383         new_state->type = transport->type;
384
385         pjsip_tls_setting_default(&new_state->tls);
386 #ifdef HAVE_PJSIP_TLS_TRANSPORT_PROTO
387         /* proto must be forced to 0 to enable all protocols otherwise only TLS will work */
388         new_state->tls.proto = 0;
389 #endif
390         new_state->tls.ciphers = new_state->ciphers;
391
392         ao2_ref(new_state, +1);
393         *state = new_state;
394
395         return new_state;
396 }
397
398 static void copy_state_to_transport(struct ast_sip_transport *transport)
399 {
400         ast_assert(transport && transport->state);
401
402         memcpy(&transport->host, &transport->state->host, sizeof(transport->host));
403         memcpy(&transport->tls, &transport->state->tls, sizeof(transport->tls));
404         memcpy(&transport->ciphers, &transport->state->ciphers, sizeof(transport->ciphers));
405         transport->localnet = transport->state->localnet;
406         transport->external_address_refresher = transport->state->external_signaling_address_refresher;
407         memcpy(&transport->external_address, &transport->state->external_signaling_address, sizeof(transport->external_signaling_address));
408 }
409
410 static int has_state_changed(struct ast_sip_transport_state *a, struct ast_sip_transport_state *b)
411 {
412         if (a->type != b->type) {
413                 return -1;
414         }
415
416         if (pj_sockaddr_cmp(&a->host, &b->host)) {
417                 return -1;
418         }
419
420         if ((a->localnet || b->localnet)
421                 && ((!a->localnet != !b->localnet)
422                 || ast_sockaddr_cmp(&a->localnet->addr, &b->localnet->addr)
423                 || ast_sockaddr_cmp(&a->localnet->netmask, &b->localnet->netmask)))
424         {
425                 return -1;
426         }
427
428         if (ast_sockaddr_cmp(&a->external_signaling_address, &b->external_signaling_address)) {
429                 return -1;
430         }
431
432         if (ast_sockaddr_cmp(&a->external_media_address, &b->external_media_address)) {
433                 return -1;
434         }
435
436         if (a->tls.method != b->tls.method
437                 || a->tls.ciphers_num != b->tls.ciphers_num
438 #ifdef HAVE_PJSIP_TLS_TRANSPORT_PROTO
439                 || a->tls.proto != b->tls.proto
440 #endif
441                 || a->tls.verify_client != b->tls.verify_client
442                 || a->tls.verify_server != b->tls.verify_server
443                 || a->tls.require_client_cert != b->tls.require_client_cert) {
444                 return -1;
445         }
446
447         if (memcmp(a->ciphers, b->ciphers, sizeof(pj_ssl_cipher) * fmax(a->tls.ciphers_num, b->tls.ciphers_num))) {
448                 return -1;
449         }
450
451         return 0;
452 }
453
454 static void states_cleanup(void *states)
455 {
456         if (states) {
457                 ao2_unlock(states);
458         }
459 }
460
461 /*! \brief Apply handler for transports */
462 static int transport_apply(const struct ast_sorcery *sorcery, void *obj)
463 {
464         struct ast_sip_transport *transport = obj;
465         const char *transport_id = ast_sorcery_object_get_id(obj);
466         RAII_VAR(struct ao2_container *, states, transport_states, states_cleanup);
467         RAII_VAR(struct internal_state *, temp_state, NULL, ao2_cleanup);
468         RAII_VAR(struct internal_state *, perm_state, NULL, ao2_cleanup);
469         RAII_VAR(struct ast_variable *, changes, NULL, ast_variables_destroy);
470         pj_status_t res = -1;
471         int i;
472 #define BIND_TRIES 3
473 #define BIND_DELAY_US 100000
474
475         if (!states) {
476                 return -1;
477         }
478
479         /*
480          * transport_apply gets called for EVERY retrieval of a transport when using realtime.
481          * We need to prevent multiple threads from trying to mess with underlying transports
482          * at the same time.  The container is the only thing we have to lock on.
483          */
484         ao2_wrlock(states);
485
486         temp_state = internal_state_alloc(transport);
487         if (!temp_state) {
488                 ast_log(LOG_ERROR, "Transport '%s' failed to allocate memory\n", transport_id);
489                 return -1;
490         }
491
492         perm_state = find_internal_state_by_transport(transport);
493         if (perm_state) {
494                 ast_sorcery_diff(sorcery, perm_state->transport, transport, &changes);
495                 if (!changes && !has_state_changed(perm_state->state, temp_state->state)) {
496                         /* In case someone is using the deprecated fields, reset them */
497                         transport->state = perm_state->state;
498                         copy_state_to_transport(transport);
499                         ao2_replace(perm_state->transport, transport);
500                         return 0;
501                 }
502
503                 if (!transport->allow_reload) {
504                         if (!perm_state->change_detected) {
505                                 perm_state->change_detected = 1;
506                                 ast_log(LOG_WARNING, "Transport '%s' is not reloadable, maintaining previous values\n", transport_id);
507                         }
508                         /* In case someone is using the deprecated fields, reset them */
509                         transport->state = perm_state->state;
510                         copy_state_to_transport(transport);
511                         ao2_replace(perm_state->transport, transport);
512                         return 0;
513                 }
514         }
515
516         if (temp_state->state->host.addr.sa_family != PJ_AF_INET && temp_state->state->host.addr.sa_family != PJ_AF_INET6) {
517                 ast_log(LOG_ERROR, "Transport '%s' could not be started as binding not specified\n", transport_id);
518                 return -1;
519         }
520
521         /* Set default port if not present */
522         if (!pj_sockaddr_get_port(&temp_state->state->host)) {
523                 pj_sockaddr_set_port(&temp_state->state->host, (transport->type == AST_TRANSPORT_TLS) ? 5061 : 5060);
524         }
525
526         /* Now that we know what address family we can set up a dnsmgr refresh for the external addresses if present */
527         if (!ast_strlen_zero(transport->external_signaling_address)) {
528                 if (temp_state->state->host.addr.sa_family == pj_AF_INET()) {
529                         temp_state->state->external_signaling_address.ss.ss_family = AF_INET;
530                 } else if (temp_state->state->host.addr.sa_family == pj_AF_INET6()) {
531                         temp_state->state->external_signaling_address.ss.ss_family = AF_INET6;
532                 } else {
533                         ast_log(LOG_ERROR, "Unknown address family for transport '%s', could not get external signaling address\n",
534                                         transport_id);
535                         return -1;
536                 }
537
538                 if (ast_dnsmgr_lookup(transport->external_signaling_address, &temp_state->state->external_signaling_address, &temp_state->state->external_signaling_address_refresher, NULL) < 0) {
539                         ast_log(LOG_ERROR, "Could not create dnsmgr for external signaling address on '%s'\n", transport_id);
540                         return -1;
541                 }
542         }
543
544         if (!ast_strlen_zero(transport->external_media_address)) {
545                 if (temp_state->state->host.addr.sa_family == pj_AF_INET()) {
546                         temp_state->state->external_media_address.ss.ss_family = AF_INET;
547                 } else if (temp_state->state->host.addr.sa_family == pj_AF_INET6()) {
548                         temp_state->state->external_media_address.ss.ss_family = AF_INET6;
549                 } else {
550                         ast_log(LOG_ERROR, "Unknown address family for transport '%s', could not get external media address\n",
551                                         transport_id);
552                         return -1;
553                 }
554
555                 if (ast_dnsmgr_lookup(transport->external_media_address, &temp_state->state->external_media_address, &temp_state->state->external_media_address_refresher, NULL) < 0) {
556                         ast_log(LOG_ERROR, "Could not create dnsmgr for external media address on '%s'\n", transport_id);
557                         return -1;
558                 }
559         }
560
561         if (transport->type == AST_TRANSPORT_UDP) {
562
563                 for (i = 0; i < BIND_TRIES && res != PJ_SUCCESS; i++) {
564                         if (perm_state && perm_state->state && perm_state->state->transport) {
565                                 pjsip_udp_transport_pause(perm_state->state->transport,
566                                         PJSIP_UDP_TRANSPORT_DESTROY_SOCKET);
567                                 usleep(BIND_DELAY_US);
568                         }
569
570                         if (temp_state->state->host.addr.sa_family == pj_AF_INET()) {
571                                 res = pjsip_udp_transport_start(ast_sip_get_pjsip_endpoint(),
572                                         &temp_state->state->host.ipv4, NULL, transport->async_operations,
573                                         &temp_state->state->transport);
574                         } else if (temp_state->state->host.addr.sa_family == pj_AF_INET6()) {
575                                 res = pjsip_udp_transport_start6(ast_sip_get_pjsip_endpoint(),
576                                         &temp_state->state->host.ipv6, NULL, transport->async_operations,
577                                         &temp_state->state->transport);
578                         }
579                 }
580
581                 if (res == PJ_SUCCESS) {
582                         temp_state->state->transport->info = pj_pool_alloc(temp_state->state->transport->pool,
583                                 (AST_SIP_X_AST_TXP_LEN + strlen(transport_id) + 2));
584
585                         sprintf(temp_state->state->transport->info, "%s:%s", AST_SIP_X_AST_TXP, transport_id);
586
587                         if (transport->tos || transport->cos) {
588                                 pj_sock_t sock;
589                                 pj_qos_params qos_params;
590                                 sock = pjsip_udp_transport_get_socket(temp_state->state->transport);
591                                 pj_sock_get_qos_params(sock, &qos_params);
592                                 set_qos(transport, &qos_params);
593                                 pj_sock_set_qos_params(sock, &qos_params);
594                         }
595                 }
596         } else if (transport->type == AST_TRANSPORT_TCP) {
597                 pjsip_tcp_transport_cfg cfg;
598                 static int option = 1;
599
600                 pjsip_tcp_transport_cfg_default(&cfg, temp_state->state->host.addr.sa_family);
601                 cfg.bind_addr = temp_state->state->host;
602                 cfg.async_cnt = transport->async_operations;
603                 set_qos(transport, &cfg.qos_params);
604                 /* sockopt_params.options is copied to each newly connected socket */
605                 cfg.sockopt_params.options[0].level = pj_SOL_TCP();
606                 cfg.sockopt_params.options[0].optname = pj_TCP_NODELAY();
607                 cfg.sockopt_params.options[0].optval = &option;
608                 cfg.sockopt_params.options[0].optlen = sizeof(option);
609                 cfg.sockopt_params.cnt = 1;
610
611                 for (i = 0; i < BIND_TRIES && res != PJ_SUCCESS; i++) {
612                         if (perm_state && perm_state->state && perm_state->state->factory
613                                 && perm_state->state->factory->destroy) {
614                                 perm_state->state->factory->destroy(perm_state->state->factory);
615                                 usleep(BIND_DELAY_US);
616                         }
617
618                         res = pjsip_tcp_transport_start3(ast_sip_get_pjsip_endpoint(), &cfg,
619                                 &temp_state->state->factory);
620                 }
621         } else if (transport->type == AST_TRANSPORT_TLS) {
622                 static int option = 1;
623
624                 if (transport->async_operations > 1 && ast_compare_versions(pj_get_version(), "2.5.0") < 0) {
625                         ast_log(LOG_ERROR, "Transport: %s: When protocol=tls and pjproject version < 2.5.0, async_operations can't be > 1\n",
626                                         ast_sorcery_object_get_id(obj));
627                         return -1;
628                 }
629
630                 temp_state->state->tls.password = pj_str((char*)transport->password);
631                 set_qos(transport, &temp_state->state->tls.qos_params);
632
633                 /* sockopt_params.options is copied to each newly connected socket */
634                 temp_state->state->tls.sockopt_params.options[0].level = pj_SOL_TCP();
635                 temp_state->state->tls.sockopt_params.options[0].optname = pj_TCP_NODELAY();
636                 temp_state->state->tls.sockopt_params.options[0].optval = &option;
637                 temp_state->state->tls.sockopt_params.options[0].optlen = sizeof(option);
638                 temp_state->state->tls.sockopt_params.cnt = 1;
639
640                 for (i = 0; i < BIND_TRIES && res != PJ_SUCCESS; i++) {
641                         if (perm_state && perm_state->state && perm_state->state->factory
642                                 && perm_state->state->factory->destroy) {
643                                 perm_state->state->factory->destroy(perm_state->state->factory);
644                                 usleep(BIND_DELAY_US);
645                         }
646
647                         res = pjsip_tls_transport_start2(ast_sip_get_pjsip_endpoint(), &temp_state->state->tls,
648                                 &temp_state->state->host, NULL, transport->async_operations,
649                                 &temp_state->state->factory);
650                 }
651         } else if ((transport->type == AST_TRANSPORT_WS) || (transport->type == AST_TRANSPORT_WSS)) {
652                 if (transport->cos || transport->tos) {
653                         ast_log(LOG_WARNING, "TOS and COS values ignored for websocket transport\n");
654                 }
655                 res = PJ_SUCCESS;
656         }
657
658         if (res != PJ_SUCCESS) {
659                 char msg[PJ_ERR_MSG_SIZE];
660
661                 pj_strerror(res, msg, sizeof(msg));
662                 ast_log(LOG_ERROR, "Transport '%s' could not be started: %s\n", ast_sorcery_object_get_id(obj), msg);
663                 return -1;
664         }
665
666         copy_state_to_transport(transport);
667         if (perm_state) {
668                 ao2_unlink_flags(states, perm_state, OBJ_NOLOCK);
669         }
670         ao2_link_flags(states, temp_state, OBJ_NOLOCK);
671
672         return 0;
673 }
674
675 /*! \brief Custom handler for type just makes sure the state is created */
676 static int transport_state_init(const struct aco_option *opt, struct ast_variable *var, void *obj)
677 {
678         struct ast_sip_transport *transport = obj;
679         struct ast_sip_transport_state *state = find_or_create_temporary_state(transport);
680
681         ao2_cleanup(state);
682
683         return 0;
684 }
685
686 /*! \brief Custom handler for TLS method setting */
687 static int transport_tls_file_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
688 {
689         struct ast_sip_transport *transport = obj;
690         RAII_VAR(struct ast_sip_transport_state *, state, find_or_create_temporary_state(transport), ao2_cleanup);
691
692         if (!state) {
693                 return -1;
694         }
695
696         if (ast_strlen_zero(var->value)) {
697                 /* Ignore empty options */
698                 return 0;
699         }
700
701         if (!ast_file_is_readable(var->value)) {
702                 ast_log(LOG_ERROR, "Transport: %s: %s %s is either missing or not readable\n",
703                         ast_sorcery_object_get_id(obj), var->name, var->value);
704                 return -1;
705         }
706
707         if (!strcasecmp(var->name, "ca_list_file")) {
708                 state->tls.ca_list_file = pj_str((char*)var->value);
709                 ast_string_field_set(transport, ca_list_file, var->value);
710         } else if (!strcasecmp(var->name, "ca_list_path")) {
711 #ifdef HAVE_PJ_SSL_CERT_LOAD_FROM_FILES2
712                 state->tls.ca_list_path = pj_str((char*)var->value);
713                 ast_string_field_set(transport, ca_list_path, var->value);
714 #else
715                 ast_log(LOG_WARNING, "Asterisk has been built against a version of pjproject that does not "
716                                 "support the 'ca_list_path' option. Please upgrade to version 2.4 or later.\n");
717 #endif
718         } else if (!strcasecmp(var->name, "cert_file")) {
719                 state->tls.cert_file = pj_str((char*)var->value);
720                 ast_string_field_set(transport, cert_file, var->value);
721         } else if (!strcasecmp(var->name, "priv_key_file")) {
722                 state->tls.privkey_file = pj_str((char*)var->value);
723                 ast_string_field_set(transport, privkey_file, var->value);
724         }
725
726         return 0;
727 }
728
729 static int ca_list_file_to_str(const void *obj, const intptr_t *args, char **buf)
730 {
731         const struct ast_sip_transport *transport = obj;
732
733         *buf = ast_strdup(transport->ca_list_file);
734
735         return 0;
736 }
737
738 static int ca_list_path_to_str(const void *obj, const intptr_t *args, char **buf)
739 {
740         const struct ast_sip_transport *transport = obj;
741
742         *buf = ast_strdup(transport->ca_list_path);
743
744         return 0;
745 }
746
747 static int cert_file_to_str(const void *obj, const intptr_t *args, char **buf)
748 {
749         const struct ast_sip_transport *transport = obj;
750
751         *buf = ast_strdup(transport->cert_file);
752
753         return 0;
754 }
755
756 static int privkey_file_to_str(const void *obj, const intptr_t *args, char **buf)
757 {
758         const struct ast_sip_transport *transport = obj;
759
760         *buf = ast_strdup(transport->privkey_file);
761
762         return 0;
763 }
764
765 /*! \brief Custom handler for turning a string protocol into an enum */
766 static int transport_protocol_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
767 {
768         struct ast_sip_transport *transport = obj;
769         RAII_VAR(struct ast_sip_transport_state *, state, find_or_create_temporary_state(transport), ao2_cleanup);
770
771         if (!state) {
772                 return -1;
773         }
774
775         if (!strcasecmp(var->value, "udp")) {
776                 transport->type = AST_TRANSPORT_UDP;
777         } else if (!strcasecmp(var->value, "tcp")) {
778                 transport->type = AST_TRANSPORT_TCP;
779         } else if (!strcasecmp(var->value, "tls")) {
780                 transport->type = AST_TRANSPORT_TLS;
781         } else if (!strcasecmp(var->value, "ws")) {
782                 transport->type = AST_TRANSPORT_WS;
783         } else if (!strcasecmp(var->value, "wss")) {
784                 transport->type = AST_TRANSPORT_WSS;
785         } else {
786                 return -1;
787         }
788
789         state->type = transport->type;
790
791         return 0;
792 }
793
794 static const char *transport_types[] = {
795         [AST_TRANSPORT_UDP] = "udp",
796         [AST_TRANSPORT_TCP] = "tcp",
797         [AST_TRANSPORT_TLS] = "tls",
798         [AST_TRANSPORT_WS] = "ws",
799         [AST_TRANSPORT_WSS] = "wss"
800 };
801
802 static int transport_protocol_to_str(const void *obj, const intptr_t *args, char **buf)
803 {
804         const struct ast_sip_transport *transport = obj;
805
806         if (ARRAY_IN_BOUNDS(transport->type, transport_types)) {
807                 *buf = ast_strdup(transport_types[transport->type]);
808         }
809
810         return 0;
811 }
812
813 /*! \brief Custom handler for turning a string bind into a pj_sockaddr */
814 static int transport_bind_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
815 {
816         struct ast_sip_transport *transport = obj;
817         pj_str_t buf;
818         int rc;
819         RAII_VAR(struct ast_sip_transport_state *, state, find_or_create_temporary_state(transport), ao2_cleanup);
820
821         if (!state) {
822                 return -1;
823         }
824
825         rc = pj_sockaddr_parse(pj_AF_UNSPEC(), 0, pj_cstr(&buf, var->value), &state->host);
826
827         return rc != PJ_SUCCESS ? -1 : 0;
828 }
829
830 static int transport_bind_to_str(const void *obj, const intptr_t *args, char **buf)
831 {
832         const struct ast_sip_transport *transport = obj;
833         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
834
835         if (!state) {
836                 return -1;
837         }
838
839         if (!(*buf = ast_calloc(MAX_OBJECT_FIELD, sizeof(char)))) {
840                 return -1;
841         }
842
843         /* include port as well as brackets if IPv6 */
844         pj_sockaddr_print(&state->host, *buf, MAX_OBJECT_FIELD, 1 | 2);
845
846         return 0;
847 }
848
849 /*! \brief Custom handler for TLS boolean settings */
850 static int transport_tls_bool_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
851 {
852         struct ast_sip_transport *transport = obj;
853         RAII_VAR(struct ast_sip_transport_state *, state, find_or_create_temporary_state(transport), ao2_cleanup);
854
855         if (!state) {
856                 return -1;
857         }
858
859         if (!strcasecmp(var->name, "verify_server")) {
860                 state->tls.verify_server = ast_true(var->value) ? PJ_TRUE : PJ_FALSE;
861         } else if (!strcasecmp(var->name, "verify_client")) {
862                 state->tls.verify_client = ast_true(var->value) ? PJ_TRUE : PJ_FALSE;
863         } else if (!strcasecmp(var->name, "require_client_cert")) {
864                 state->tls.require_client_cert = ast_true(var->value) ? PJ_TRUE : PJ_FALSE;
865         } else {
866                 return -1;
867         }
868
869         return 0;
870 }
871
872 static int verify_server_to_str(const void *obj, const intptr_t *args, char **buf)
873 {
874         const struct ast_sip_transport *transport = obj;
875         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
876
877         if (!state) {
878                 return -1;
879         }
880
881         *buf = ast_strdup(AST_YESNO(state->tls.verify_server));
882
883         return 0;
884 }
885
886 static int verify_client_to_str(const void *obj, const intptr_t *args, char **buf)
887 {
888         const struct ast_sip_transport *transport = obj;
889         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
890
891         if (!state) {
892                 return -1;
893         }
894
895         *buf = ast_strdup(AST_YESNO(state->tls.verify_client));
896
897         return 0;
898 }
899
900 static int require_client_cert_to_str(const void *obj, const intptr_t *args, char **buf)
901 {
902         const struct ast_sip_transport *transport = obj;
903         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
904
905         if (!state) {
906                 return -1;
907         }
908
909         *buf = ast_strdup(AST_YESNO(state->tls.require_client_cert));
910
911         return 0;
912 }
913
914 /*! \brief Custom handler for TLS method setting */
915 static int transport_tls_method_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
916 {
917         struct ast_sip_transport *transport = obj;
918         RAII_VAR(struct ast_sip_transport_state *, state, find_or_create_temporary_state(transport), ao2_cleanup);
919
920         if (!state) {
921                 return -1;
922         }
923
924         if (ast_strlen_zero(var->value) || !strcasecmp(var->value, "default")) {
925                 state->tls.method = PJSIP_SSL_DEFAULT_METHOD;
926         } else if (!strcasecmp(var->value, "unspecified")) {
927                 state->tls.method = PJSIP_SSL_UNSPECIFIED_METHOD;
928         } else if (!strcasecmp(var->value, "tlsv1")) {
929                 state->tls.method = PJSIP_TLSV1_METHOD;
930 #ifdef HAVE_PJSIP_TLS_TRANSPORT_PROTO
931         } else if (!strcasecmp(var->value, "tlsv1_1")) {
932                 state->tls.method = PJSIP_TLSV1_1_METHOD;
933         } else if (!strcasecmp(var->value, "tlsv1_2")) {
934                 state->tls.method = PJSIP_TLSV1_2_METHOD;
935 #endif
936         } else if (!strcasecmp(var->value, "sslv2")) {
937                 state->tls.method = PJSIP_SSLV2_METHOD;
938         } else if (!strcasecmp(var->value, "sslv3")) {
939                 state->tls.method = PJSIP_SSLV3_METHOD;
940         } else if (!strcasecmp(var->value, "sslv23")) {
941                 state->tls.method = PJSIP_SSLV23_METHOD;
942         } else {
943                 return -1;
944         }
945
946         return 0;
947 }
948
949 static const char *tls_method_map[] = {
950         [PJSIP_SSL_UNSPECIFIED_METHOD] = "unspecified",
951         [PJSIP_TLSV1_METHOD] = "tlsv1",
952 #ifdef HAVE_PJSIP_TLS_TRANSPORT_PROTO
953         [PJSIP_TLSV1_1_METHOD] = "tlsv1_1",
954         [PJSIP_TLSV1_2_METHOD] = "tlsv1_2",
955 #endif
956         [PJSIP_SSLV2_METHOD] = "sslv2",
957         [PJSIP_SSLV3_METHOD] = "sslv3",
958         [PJSIP_SSLV23_METHOD] = "sslv23",
959 };
960
961 static int tls_method_to_str(const void *obj, const intptr_t *args, char **buf)
962 {
963         const struct ast_sip_transport *transport = obj;
964         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
965
966         if (!state) {
967                 return -1;
968         }
969
970         if (ARRAY_IN_BOUNDS(state->tls.method, tls_method_map)) {
971                 *buf = ast_strdup(tls_method_map[state->tls.method]);
972         }
973
974         return 0;
975 }
976
977 /*! \brief Helper function which turns a cipher name into an identifier */
978 static pj_ssl_cipher cipher_name_to_id(const char *name)
979 {
980         pj_ssl_cipher ciphers[100];
981         pj_ssl_cipher id = 0;
982         unsigned int cipher_num = PJ_ARRAY_SIZE(ciphers);
983         int pos;
984         const char *pos_name;
985
986         if (pj_ssl_cipher_get_availables(ciphers, &cipher_num)) {
987                 return 0;
988         }
989
990         for (pos = 0; pos < cipher_num; ++pos) {
991                 pos_name = pj_ssl_cipher_name(ciphers[pos]);
992                 if (!pos_name || strcmp(pos_name, name)) {
993                         continue;
994                 }
995
996                 id = ciphers[pos];
997                 break;
998         }
999
1000         return id;
1001 }
1002
1003 /*!
1004  * \internal
1005  * \brief Add a new cipher to the transport's cipher list array.
1006  *
1007  * \param transport Which transport to add the cipher to.
1008  * \param name Cipher identifier name.
1009  *
1010  * \retval 0 on success.
1011  * \retval -1 on error.
1012  */
1013 static int transport_cipher_add(struct ast_sip_transport_state *state, const char *name)
1014 {
1015         pj_ssl_cipher cipher;
1016         int idx;
1017
1018         cipher = cipher_name_to_id(name);
1019         if (!cipher) {
1020                 /* TODO: Check this over/tweak - it's taken from pjsua for now */
1021                 if (!strnicmp(name, "0x", 2)) {
1022                         pj_str_t cipher_st = pj_str((char *) name + 2);
1023                         cipher = pj_strtoul2(&cipher_st, NULL, 16);
1024                 } else {
1025                         cipher = atoi(name);
1026                 }
1027         }
1028
1029         if (pj_ssl_cipher_is_supported(cipher)) {
1030                 for (idx = state->tls.ciphers_num; idx--;) {
1031                         if (state->ciphers[idx] == cipher) {
1032                                 /* The cipher is already in the list. */
1033                                 return 0;
1034                         }
1035                 }
1036                 state->ciphers[state->tls.ciphers_num++] = cipher;
1037                 return 0;
1038         } else {
1039                 ast_log(LOG_ERROR, "Cipher '%s' is unsupported\n", name);
1040                 return -1;
1041         }
1042 }
1043
1044 /*! \brief Custom handler for TLS cipher setting */
1045 static int transport_tls_cipher_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
1046 {
1047         struct ast_sip_transport *transport = obj;
1048         char *parse;
1049         char *name;
1050         int res = 0;
1051         RAII_VAR(struct ast_sip_transport_state *, state, find_or_create_temporary_state(transport), ao2_cleanup);
1052
1053         if (!state) {
1054                 return -1;
1055         }
1056
1057         parse = ast_strdupa(S_OR(var->value, ""));
1058         while ((name = ast_strip(strsep(&parse, ",")))) {
1059                 if (ast_strlen_zero(name)) {
1060                         continue;
1061                 }
1062                 if (ARRAY_LEN(state->ciphers) <= state->tls.ciphers_num) {
1063                         ast_log(LOG_ERROR, "Too many ciphers specified\n");
1064                         res = -1;
1065                         break;
1066                 }
1067                 res |= transport_cipher_add(state, name);
1068         }
1069         return res ? -1 : 0;
1070 }
1071
1072 static void cipher_to_str(char **buf, const pj_ssl_cipher *ciphers, unsigned int cipher_num)
1073 {
1074         struct ast_str *str;
1075         int idx;
1076
1077         str = ast_str_create(128);
1078         if (!str) {
1079                 *buf = NULL;
1080                 return;
1081         }
1082
1083         for (idx = 0; idx < cipher_num; ++idx) {
1084                 ast_str_append(&str, 0, "%s", pj_ssl_cipher_name(ciphers[idx]));
1085                 if (idx < cipher_num - 1) {
1086                         ast_str_append(&str, 0, ", ");
1087                 }
1088         }
1089
1090         *buf = ast_strdup(ast_str_buffer(str));
1091         ast_free(str);
1092 }
1093
1094 static int transport_tls_cipher_to_str(const void *obj, const intptr_t *args, char **buf)
1095 {
1096         const struct ast_sip_transport *transport = obj;
1097         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
1098
1099         if (!state) {
1100                 return -1;
1101         }
1102
1103         cipher_to_str(buf, state->ciphers, state->tls.ciphers_num);
1104         return *buf ? 0 : -1;
1105 }
1106
1107 static char *handle_pjsip_list_ciphers(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1108 {
1109         pj_ssl_cipher ciphers[100];
1110         unsigned int cipher_num = PJ_ARRAY_SIZE(ciphers);
1111         char *buf;
1112
1113         switch (cmd) {
1114         case CLI_INIT:
1115                 e->command = "pjsip list ciphers";
1116                 e->usage = "Usage: pjsip list ciphers\n"
1117                         "       List available OpenSSL cipher names.\n";
1118                 return NULL;
1119         case CLI_GENERATE:
1120                 return NULL;
1121         }
1122
1123         if (pj_ssl_cipher_get_availables(ciphers, &cipher_num) || !cipher_num) {
1124                 buf = NULL;
1125         } else {
1126                 cipher_to_str(&buf, ciphers, cipher_num);
1127         }
1128
1129         if (!ast_strlen_zero(buf)) {
1130                 ast_cli(a->fd, "Available ciphers: '%s'\n", buf);
1131         } else {
1132                 ast_cli(a->fd, "No available ciphers\n");
1133         }
1134         ast_free(buf);
1135         return CLI_SUCCESS;
1136 }
1137
1138 /*! \brief Custom handler for localnet setting */
1139 static int transport_localnet_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
1140 {
1141         struct ast_sip_transport *transport = obj;
1142         int error = 0;
1143         RAII_VAR(struct ast_sip_transport_state *, state, find_or_create_temporary_state(transport), ao2_cleanup);
1144
1145         if (!state) {
1146                 return -1;
1147         }
1148
1149         if (ast_strlen_zero(var->value)) {
1150                 ast_free_ha(state->localnet);
1151                 state->localnet = NULL;
1152                 return 0;
1153         }
1154
1155         /* We use only the ast_apply_ha() which defaults to ALLOW
1156          * ("permit"), so we add DENY rules. */
1157         if (!(state->localnet = ast_append_ha("deny", var->value, state->localnet, &error))) {
1158                 return -1;
1159         }
1160
1161         return error;
1162 }
1163
1164 static int localnet_to_vl(const void *obj, struct ast_variable **fields)
1165 {
1166         const struct ast_sip_transport *transport = obj;
1167         char str[MAX_OBJECT_FIELD];
1168         struct ast_variable *head = NULL;
1169         struct ast_ha *ha;
1170         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
1171
1172         if (!state) {
1173                 return -1;
1174         }
1175
1176         for (ha = state->localnet; ha; ha = ha->next) {
1177                 const char *addr = ast_strdupa(ast_sockaddr_stringify_addr(&ha->addr));
1178                 snprintf(str, MAX_OBJECT_FIELD, "%s%s/%s", ha->sense == AST_SENSE_ALLOW ? "!" : "",
1179                         addr, ast_sockaddr_stringify_addr(&ha->netmask));
1180
1181                 ast_variable_list_append(&head, ast_variable_new("local_net", str, ""));
1182         }
1183
1184         if (head) {
1185                 *fields = head;
1186         }
1187
1188         return 0;
1189 }
1190
1191 static int localnet_to_str(const void *obj, const intptr_t *args, char **buf)
1192 {
1193         RAII_VAR(struct ast_str *, str, ast_str_create(MAX_OBJECT_FIELD), ast_free);
1194         const struct ast_sip_transport *transport = obj;
1195         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
1196
1197         if (!state) {
1198                 return -1;
1199         }
1200
1201         ast_ha_join(state->localnet, &str);
1202         *buf = ast_strdup(ast_str_buffer(str));
1203         return 0;
1204 }
1205
1206 /*! \brief Custom handler for TOS setting */
1207 static int transport_tos_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
1208 {
1209         struct ast_sip_transport *transport = obj;
1210         unsigned int value;
1211
1212         if (ast_str2tos(var->value, &value)) {
1213                 ast_log(LOG_ERROR, "Error configuring transport '%s' - Could not "
1214                         "interpret 'tos' value '%s'\n",
1215                         ast_sorcery_object_get_id(transport), var->value);
1216                 return -1;
1217         }
1218
1219         if (value % 4) {
1220                 value = value >> 2;
1221                 value = value << 2;
1222                 ast_log(LOG_WARNING,
1223                         "transport '%s' - 'tos' value '%s' uses bits that are "
1224                         "discarded when converted to DSCP. Using equivalent %u instead.\n",
1225                         ast_sorcery_object_get_id(transport), var->value, value);
1226         }
1227
1228         transport->tos = value;
1229         return 0;
1230 }
1231
1232 static int tos_to_str(const void *obj, const intptr_t *args, char **buf)
1233 {
1234         const struct ast_sip_transport *transport = obj;
1235
1236         if (ast_asprintf(buf, "%u", transport->tos) == -1) {
1237                 return -1;
1238         }
1239         return 0;
1240 }
1241
1242 static struct ao2_container *cli_get_container(const char *regex)
1243 {
1244         RAII_VAR(struct ao2_container *, container, NULL, ao2_cleanup);
1245         struct ao2_container *s_container;
1246
1247         container = ast_sorcery_retrieve_by_regex(ast_sip_get_sorcery(), "transport",
1248                 regex);
1249         if (!container) {
1250                 return NULL;
1251         }
1252
1253         s_container = ao2_container_alloc_list(AO2_ALLOC_OPT_LOCK_NOLOCK, 0,
1254                 ast_sorcery_object_id_sort, ast_sorcery_object_id_compare);
1255         if (!s_container) {
1256                 return NULL;
1257         }
1258
1259         if (ao2_container_dup(s_container, container, 0)) {
1260                 ao2_ref(s_container, -1);
1261                 return NULL;
1262         }
1263
1264         return s_container;
1265 }
1266
1267 static int cli_iterate(void *container, ao2_callback_fn callback, void *args)
1268 {
1269         const struct ast_sip_endpoint *endpoint = container;
1270         struct ast_sip_transport *transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(),
1271                 "transport", endpoint->transport);
1272
1273         if (!transport) {
1274                 return -1;
1275         }
1276
1277         return callback(transport, args, 0);
1278 }
1279
1280 static void *cli_retrieve_by_id(const char *id)
1281 {
1282         return ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", id);
1283 }
1284
1285 static int cli_print_header(void *obj, void *arg, int flags)
1286 {
1287         struct ast_sip_cli_context *context = arg;
1288         int indent = CLI_INDENT_TO_SPACES(context->indent_level);
1289         int filler = CLI_MAX_WIDTH - indent - 61;
1290
1291         ast_assert(context->output_buffer != NULL);
1292
1293         ast_str_append(&context->output_buffer, 0,
1294                 "%*s:  <TransportId........>  <Type>  <cos>  <tos>  <BindAddress%*.*s>\n",
1295                 indent, "Transport", filler, filler, CLI_HEADER_FILLER);
1296
1297         return 0;
1298 }
1299
1300 static int cli_print_body(void *obj, void *arg, int flags)
1301 {
1302         struct ast_sip_transport *transport = obj;
1303         struct ast_sip_cli_context *context = arg;
1304         char hoststr[PJ_INET6_ADDRSTRLEN];
1305         RAII_VAR(struct ast_sip_transport_state *, state, find_state_by_transport(transport), ao2_cleanup);
1306
1307         if (!state) {
1308                 return -1;
1309         }
1310
1311         ast_assert(context->output_buffer != NULL);
1312
1313         pj_sockaddr_print(&state->host, hoststr, sizeof(hoststr), 3);
1314
1315         ast_str_append(&context->output_buffer, 0, "%*s:  %-21s  %6s  %5u  %5u  %s\n",
1316                 CLI_INDENT_TO_SPACES(context->indent_level), "Transport",
1317                 ast_sorcery_object_get_id(transport),
1318                 ARRAY_IN_BOUNDS(transport->type, transport_types) ? transport_types[transport->type] : "Unknown",
1319                 transport->cos, transport->tos, hoststr);
1320
1321         if (context->show_details
1322                 || (context->show_details_only_level_0 && context->indent_level == 0)) {
1323                 ast_str_append(&context->output_buffer, 0, "\n");
1324                 ast_sip_cli_print_sorcery_objectset(transport, context, 0);
1325         }
1326
1327         return 0;
1328 }
1329
1330 static struct ast_cli_entry cli_commands[] = {
1331         AST_CLI_DEFINE(handle_pjsip_list_ciphers, "List available OpenSSL cipher names"),
1332         AST_CLI_DEFINE(ast_sip_cli_traverse_objects, "List PJSIP Transports",
1333                 .command = "pjsip list transports",
1334                 .usage = "Usage: pjsip list transports [ like <pattern> ]\n"
1335                                 "       List the configured PJSIP Transports\n"
1336                                 "       Optional regular expression pattern is used to filter the list.\n"),
1337         AST_CLI_DEFINE(ast_sip_cli_traverse_objects, "Show PJSIP Transports",
1338                 .command = "pjsip show transports",
1339                 .usage = "Usage: pjsip show transports [ like <pattern> ]\n"
1340                                 "       Show the configured PJSIP Transport\n"
1341                                 "       Optional regular expression pattern is used to filter the list.\n"),
1342         AST_CLI_DEFINE(ast_sip_cli_traverse_objects, "Show PJSIP Transport",
1343                 .command = "pjsip show transport",
1344                 .usage = "Usage: pjsip show transport <id>\n"
1345                                  "       Show the configured PJSIP Transport\n"),
1346 };
1347
1348 static struct ast_sip_cli_formatter_entry *cli_formatter;
1349
1350 struct ast_sip_transport_state *ast_sip_get_transport_state(const char *transport_id)
1351 {
1352         struct internal_state *state = NULL;
1353         struct ast_sip_transport_state *trans_state;
1354
1355         if (!transport_states) {
1356                 return NULL;
1357         }
1358
1359         state = ao2_find(transport_states, transport_id, OBJ_SEARCH_KEY);
1360         if (!state) {
1361                 return NULL;
1362         }
1363
1364         trans_state = ao2_bump(state->state);
1365         ao2_ref(state, -1);
1366
1367         return trans_state;
1368 }
1369
1370 static int populate_transport_states(void *obj, void *arg, int flags)
1371 {
1372         struct internal_state *state = obj;
1373         struct ao2_container *container = arg;
1374
1375         ao2_link(container, state->state);
1376
1377         return CMP_MATCH;
1378 }
1379
1380 struct ao2_container *ast_sip_get_transport_states(void)
1381 {
1382         struct ao2_container *states = ao2_container_alloc(DEFAULT_STATE_BUCKETS, transport_state_hash, transport_state_cmp);
1383
1384         if (!states) {
1385                 return NULL;
1386         }
1387
1388         ao2_callback(transport_states, OBJ_NODATA | OBJ_MULTIPLE, populate_transport_states, states);
1389         return states;
1390 }
1391
1392 /*! \brief Initialize sorcery with transport support */
1393 int ast_sip_initialize_sorcery_transport(void)
1394 {
1395         struct ast_sorcery *sorcery = ast_sip_get_sorcery();
1396         struct ao2_container *transports = NULL;
1397
1398         /* Create outbound registration states container. */
1399         transport_states = ao2_container_alloc(DEFAULT_STATE_BUCKETS, internal_state_hash, internal_state_cmp);
1400         if (!transport_states) {
1401                 ast_log(LOG_ERROR, "Unable to allocate transport states container\n");
1402                 return -1;
1403         }
1404
1405         ast_sorcery_apply_default(sorcery, "transport", "config", "pjsip.conf,criteria=type=transport");
1406
1407         if (ast_sorcery_object_register(sorcery, "transport", sip_transport_alloc, NULL, transport_apply)) {
1408                 return -1;
1409         }
1410
1411         /* Normally type is a OPT_NOOP_T but we're using it to make sure that state is created */
1412         ast_sorcery_object_field_register_custom(sorcery, "transport", "type", "", transport_state_init, NULL, NULL, 0, 0);
1413         ast_sorcery_object_field_register_custom(sorcery, "transport", "protocol", "udp", transport_protocol_handler, transport_protocol_to_str, NULL, 0, 0);
1414         ast_sorcery_object_field_register_custom(sorcery, "transport", "bind", "", transport_bind_handler, transport_bind_to_str, NULL, 0, 0);
1415         ast_sorcery_object_field_register(sorcery, "transport", "async_operations", "1", OPT_UINT_T, 0, FLDSET(struct ast_sip_transport, async_operations));
1416
1417         ast_sorcery_object_field_register_custom(sorcery, "transport", "ca_list_file", "", transport_tls_file_handler, ca_list_file_to_str, NULL, 0, 0);
1418         ast_sorcery_object_field_register_custom(sorcery, "transport", "ca_list_path", "", transport_tls_file_handler, ca_list_path_to_str, NULL, 0, 0);
1419         ast_sorcery_object_field_register_custom(sorcery, "transport", "cert_file", "", transport_tls_file_handler, cert_file_to_str, NULL, 0, 0);
1420         ast_sorcery_object_field_register_custom(sorcery, "transport", "priv_key_file", "", transport_tls_file_handler, privkey_file_to_str, NULL, 0, 0);
1421
1422         ast_sorcery_object_field_register(sorcery, "transport", "password", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, password));
1423         ast_sorcery_object_field_register(sorcery, "transport", "external_signaling_address", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, external_signaling_address));
1424         ast_sorcery_object_field_register(sorcery, "transport", "external_signaling_port", "0", OPT_UINT_T, PARSE_IN_RANGE, FLDSET(struct ast_sip_transport, external_signaling_port), 0, 65535);
1425         ast_sorcery_object_field_register(sorcery, "transport", "external_media_address", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, external_media_address));
1426         ast_sorcery_object_field_register(sorcery, "transport", "domain", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, domain));
1427         ast_sorcery_object_field_register_custom(sorcery, "transport", "verify_server", "", transport_tls_bool_handler, verify_server_to_str, NULL, 0, 0);
1428         ast_sorcery_object_field_register_custom(sorcery, "transport", "verify_client", "", transport_tls_bool_handler, verify_client_to_str, NULL, 0, 0);
1429         ast_sorcery_object_field_register_custom(sorcery, "transport", "require_client_cert", "", transport_tls_bool_handler, require_client_cert_to_str, NULL, 0, 0);
1430         ast_sorcery_object_field_register_custom(sorcery, "transport", "method", "", transport_tls_method_handler, tls_method_to_str, NULL, 0, 0);
1431         ast_sorcery_object_field_register_custom(sorcery, "transport", "cipher", "", transport_tls_cipher_handler, transport_tls_cipher_to_str, NULL, 0, 0);
1432         ast_sorcery_object_field_register_custom(sorcery, "transport", "local_net", "", transport_localnet_handler, localnet_to_str, localnet_to_vl, 0, 0);
1433         ast_sorcery_object_field_register_custom(sorcery, "transport", "tos", "0", transport_tos_handler, tos_to_str, NULL, 0, 0);
1434         ast_sorcery_object_field_register(sorcery, "transport", "cos", "0", OPT_UINT_T, 0, FLDSET(struct ast_sip_transport, cos));
1435         ast_sorcery_object_field_register(sorcery, "transport", "websocket_write_timeout", AST_DEFAULT_WEBSOCKET_WRITE_TIMEOUT_STR, OPT_INT_T, PARSE_IN_RANGE, FLDSET(struct ast_sip_transport, write_timeout), 1, INT_MAX);
1436         ast_sorcery_object_field_register(sorcery, "transport", "allow_reload", "no", OPT_BOOL_T, 1, FLDSET(struct ast_sip_transport, allow_reload));
1437         ast_sorcery_object_field_register(sorcery, "transport", "symmetric_transport", "no", OPT_BOOL_T, 1, FLDSET(struct ast_sip_transport, symmetric_transport));
1438
1439         ast_sip_register_endpoint_formatter(&endpoint_transport_formatter);
1440
1441         cli_formatter = ao2_alloc(sizeof(struct ast_sip_cli_formatter_entry), NULL);
1442         if (!cli_formatter) {
1443                 ast_log(LOG_ERROR, "Unable to allocate memory for cli formatter\n");
1444                 return -1;
1445         }
1446         cli_formatter->name = "transport";
1447         cli_formatter->print_header = cli_print_header;
1448         cli_formatter->print_body = cli_print_body;
1449         cli_formatter->get_container = cli_get_container;
1450         cli_formatter->iterate = cli_iterate;
1451         cli_formatter->get_id = ast_sorcery_object_get_id;
1452         cli_formatter->retrieve_by_id = cli_retrieve_by_id;
1453
1454         ast_sip_register_cli_formatter(cli_formatter);
1455         ast_cli_register_multiple(cli_commands, ARRAY_LEN(cli_commands));
1456
1457         /* trigger load of transports from realtime by trying to revrieve them all */
1458         transports = ast_sorcery_retrieve_by_fields(sorcery, "transport", AST_RETRIEVE_FLAG_ALL | AST_RETRIEVE_FLAG_MULTIPLE, NULL);
1459         ao2_cleanup(transports);
1460
1461         return 0;
1462 }
1463
1464 int ast_sip_destroy_sorcery_transport(void)
1465 {
1466         ast_cli_unregister_multiple(cli_commands, ARRAY_LEN(cli_commands));
1467         ast_sip_unregister_cli_formatter(cli_formatter);
1468
1469         ast_sip_unregister_endpoint_formatter(&endpoint_transport_formatter);
1470
1471         ao2_ref(transport_states, -1);
1472         transport_states = NULL;
1473
1474         return 0;
1475 }