/src/resiprocate/resip/stack/InteropHelper.hxx
Line | Count | Source |
1 | | #ifndef INTEROP_HELPER_HXX |
2 | | #define INTEROP_HELPER_HXX |
3 | | |
4 | | namespace resip |
5 | | { |
6 | | |
7 | | /** |
8 | | This class is intended to encapsulate what version/s of various drafts are |
9 | | supported by the stack. This also allows for configurable version support at |
10 | | runtime. |
11 | | */ |
12 | | class InteropHelper |
13 | | { |
14 | | public: |
15 | 0 | static bool getRportEnabled() {return rport;} |
16 | 0 | static void setRportEnabled(bool enable) {rport=enable;} |
17 | | |
18 | 0 | static int getOutboundVersion() {return theOutboundVersion;} |
19 | 0 | static void setOutboundVersion(int version) {theOutboundVersion=version;} |
20 | 0 | static bool getOutboundSupported() {return isOutboundSupported;} |
21 | 0 | static void setOutboundSupported(bool supported) {isOutboundSupported=supported;} |
22 | | |
23 | | // If this value is set, then DUM/repro will populate a Flow-Timer header in a |
24 | | // successful registration reponse |
25 | 0 | static unsigned int getFlowTimerSeconds() {return flowTimerSeconds;} |
26 | 0 | static void setFlowTimerSeconds(unsigned int seconds) {flowTimerSeconds=seconds;} |
27 | | |
28 | | // Only relevant if setFlowTimerSeconds is set to value greater than 0. |
29 | | // Specifies the amount of time beyond the FlowTimer time, before the stack |
30 | | // will consider any Flow-Timer based connection to be in a bad state. This |
31 | | // is used by the ConnectionManager garbage collection logic to cleanup |
32 | | // flow-timer based connections for which we are no-longer receiving keepalives. |
33 | 0 | static unsigned int getFlowTimerGracePeriodSeconds() {return flowTimerGracePeriodSeconds;} |
34 | 0 | static void setFlowTimerGracePeriodSeconds(unsigned int seconds) {flowTimerGracePeriodSeconds=seconds;} |
35 | | |
36 | | // .bwc. If this is enabled, we will record-route with flow tokens |
37 | | // whenever possible. This will make things work with endpoints that don't |
38 | | // use NAT traversal tricks. However, this will break several things: |
39 | | // 1) Target-refreshes won't work. |
40 | | // 2) Proxies that do not record-route may be implicitly included in the |
41 | | // route-set by this proxy, because a flow token may point to them. |
42 | | // 3) Third-party registrations won't work. |
43 | 0 | static bool getRRTokenHackEnabled(){return useRRTokenHack;} |
44 | 0 | static void setRRTokenHackEnabled(bool enabled) {useRRTokenHack=enabled;} |
45 | | |
46 | | // If EnableFlowTokens is enabled, then by default flow tokens are only used for inbound |
47 | | // Record-Routes if the client is directly connected(ie: has only a single Via header).If you |
48 | | // enable this setting then inbound flow tokens will be used for non-directly connected clients |
49 | | // as well(ie: any number of Via headers). |
50 | | // This is particularly useful for TLS based connections between two SIP proxies, to help ensure |
51 | | // a single TLS connection per dialog.Avoiding an issue where a UAC request may be using an IP |
52 | | // addresses in it's TLS based Record-Route but is presenting a certificate that does not contain |
53 | | // the IP address. |
54 | 0 | static bool getAllowInboundFlowTokensForNonDirectClients() { return allowInboundFlowTokensForNonDirectClients; } |
55 | 0 | static void setAllowInboundFlowTokensForNonDirectClients(bool enabled) { allowInboundFlowTokensForNonDirectClients = enabled; } |
56 | | |
57 | | enum ClientNATDetectionMode |
58 | | { |
59 | | ClientNATDetectionDisabled, |
60 | | ClientNATDetectionEnabled, |
61 | | ClientNATDetectionPrivateToPublicOnly |
62 | | }; |
63 | | |
64 | | // If this is enabled, and we have clients not explicitly supporting outbound |
65 | | // that we detect to be behind a NAT device, we will record-route with flow tokens |
66 | | // whenever possible. However, this will break several things: |
67 | | // 1) Target-refreshes won't work. |
68 | | // 2) Proxies that do not record-route may be implicitly included in the |
69 | | // route-set by this proxy, because a flow token may point to them. |
70 | | // 3) Third-party registrations won't work. |
71 | 0 | static InteropHelper::ClientNATDetectionMode getClientNATDetectionMode(){return clientNATDetection;} |
72 | 0 | static void setClientNATDetectionMode(InteropHelper::ClientNATDetectionMode mode) {clientNATDetection=mode;} |
73 | | |
74 | | // There are cases where the first hop in a particular network supports the concept of outbound |
75 | | // and ensures all messaging for a client is delivered over the same connection used for |
76 | | // registration. This could be a SBC or other NAT traversal aid router that uses the Path |
77 | | // header. However such endpoints may not be 100% compliant with outbound RFC and may not |
78 | | // include a ;ob parameter in the path header. This parameter is required in order for repro |
79 | | // to have knowledge that the first hop does support outbound, and it will reject registrations |
80 | | // that appear to be using outboud (ie. instanceId and regId) with a 439 (First Hop Lacks Outbound |
81 | | // Support). In this case it can be desirable when using repro as the registrar to not reject |
82 | | // REGISTRATION requests that contain an instanceId and regId with a 439. |
83 | | // If this setting is enabled, then repro will assume the first hop supports outbound |
84 | | // and not return this error. |
85 | 0 | static bool getAssumeFirstHopSupportsOutboundEnabled(){return assumeFirstHopSupportsOutbound;} |
86 | 0 | static void setAssumeFirstHopSupportsOutboundEnabled(bool enabled) {assumeFirstHopSupportsOutbound=enabled;} |
87 | | |
88 | | // AssumeFirstHopSupportsOutbound only relaxes the Outbound logic for registrations from clients who send the |
89 | | // instance-id and reg-id parameters. If the registrations pass through an edge proxy or SBC with the |
90 | | // useRRTokenHack or clientNATDetection hacks enabled before reaching the registration server, |
91 | | // the registration server can also potentially accept registrations that have come through that proxy with Path headers. |
92 | | // If this setting is enabled, repro will assume the first hop supports outbound or flow token hacks |
93 | | // and will not reject registrations with the 439 error. |
94 | 0 | static bool getAssumeFirstHopSupportsFlowTokensEnabled(){return assumeFirstHopSupportsFlowTokens;} |
95 | 0 | static void setAssumeFirstHopSupportsFlowTokensEnabled(bool enabled) {assumeFirstHopSupportsFlowTokens=enabled;} |
96 | | |
97 | | private: |
98 | | InteropHelper(); |
99 | | ~InteropHelper(); |
100 | | |
101 | | static bool rport; |
102 | | static int theOutboundVersion; |
103 | | static bool isOutboundSupported; |
104 | | static unsigned int flowTimerSeconds; |
105 | | static unsigned int flowTimerGracePeriodSeconds; |
106 | | static bool useRRTokenHack; |
107 | | static bool allowInboundFlowTokensForNonDirectClients; |
108 | | static ClientNATDetectionMode clientNATDetection; |
109 | | static bool assumeFirstHopSupportsOutbound; |
110 | | static bool assumeFirstHopSupportsFlowTokens; |
111 | | }; |
112 | | } |
113 | | |
114 | | #endif |
115 | | |
116 | | /* ==================================================================== |
117 | | * The Vovida Software License, Version 1.0 |
118 | | * |
119 | | * Copyright (c) 2000 |
120 | | * |
121 | | * Redistribution and use in source and binary forms, with or without |
122 | | * modification, are permitted provided that the following conditions |
123 | | * are met: |
124 | | * |
125 | | * 1. Redistributions of source code must retain the above copyright |
126 | | * notice, this list of conditions and the following disclaimer. |
127 | | * |
128 | | * 2. Redistributions in binary form must reproduce the above copyright |
129 | | * notice, this list of conditions and the following disclaimer in |
130 | | * the documentation and/or other materials provided with the |
131 | | * distribution. |
132 | | * |
133 | | * 3. The names "VOCAL", "Vovida Open Communication Application Library", |
134 | | * and "Vovida Open Communication Application Library (VOCAL)" must |
135 | | * not be used to endorse or promote products derived from this |
136 | | * software without prior written permission. For written |
137 | | * permission, please contact vocal@vovida.org. |
138 | | * |
139 | | * 4. Products derived from this software may not be called "VOCAL", nor |
140 | | * may "VOCAL" appear in their name, without prior written |
141 | | * permission of Vovida Networks, Inc. |
142 | | * |
143 | | * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED |
144 | | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
145 | | * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND |
146 | | * NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL VOVIDA |
147 | | * NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT DAMAGES |
148 | | * IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL, |
149 | | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, |
150 | | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR |
151 | | * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
152 | | * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
153 | | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE |
154 | | * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH |
155 | | * DAMAGE. |
156 | | * |
157 | | * ==================================================================== |
158 | | * |
159 | | * This software consists of voluntary contributions made by Vovida |
160 | | * Networks, Inc. and many individuals on behalf of Vovida Networks, |
161 | | * Inc. For more information on Vovida Networks, Inc., please see |
162 | | * <http://www.vovida.org/>. |
163 | | * |
164 | | */ |
165 | | |