config_auth.c

Go to the documentation of this file.
00001 /*
00002  * Asterisk -- An open source telephony toolkit.
00003  *
00004  * Copyright (C) 2013, Digium, Inc.
00005  *
00006  * Mark Michelson <mmichelson@digium.com>
00007  *
00008  * See http://www.asterisk.org for more information about
00009  * the Asterisk project. Please do not directly contact
00010  * any of the maintainers of this project for assistance;
00011  * the project provides a web site, mailing lists and IRC
00012  * channels for your use.
00013  *
00014  * This program is free software, distributed under the terms of
00015  * the GNU General Public License Version 2. See the LICENSE file
00016  * at the top of the source tree.
00017  */
00018 
00019 #include "asterisk.h"
00020 
00021 #include <pjsip.h>
00022 #include <pjlib.h>
00023 #include "asterisk/res_pjsip.h"
00024 #include "asterisk/logger.h"
00025 #include "asterisk/sorcery.h"
00026 #include "asterisk/cli.h"
00027 #include "include/res_pjsip_private.h"
00028 #include "asterisk/res_pjsip_cli.h"
00029 
00030 static void auth_destroy(void *obj)
00031 {
00032    struct ast_sip_auth *auth = obj;
00033    ast_string_field_free_memory(auth);
00034 }
00035 
00036 static void *auth_alloc(const char *name)
00037 {
00038    struct ast_sip_auth *auth = ast_sorcery_generic_alloc(sizeof(*auth), auth_destroy);
00039 
00040    if (!auth) {
00041       return NULL;
00042    }
00043 
00044    if (ast_string_field_init(auth, 64)) {
00045       ao2_cleanup(auth);
00046       return NULL;
00047    }
00048 
00049    return auth;
00050 }
00051 
00052 static int auth_type_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
00053 {
00054    struct ast_sip_auth *auth = obj;
00055    if (!strcasecmp(var->value, "userpass")) {
00056       auth->type = AST_SIP_AUTH_TYPE_USER_PASS;
00057    } else if (!strcasecmp(var->value, "md5")) {
00058       auth->type = AST_SIP_AUTH_TYPE_MD5;
00059    } else {
00060       ast_log(LOG_WARNING, "Unknown authentication storage type '%s' specified for %s\n",
00061             var->value, var->name);
00062       return -1;
00063    }
00064    return 0;
00065 }
00066 
00067 static const char *auth_types_map[] = {
00068    [AST_SIP_AUTH_TYPE_USER_PASS] = "userpass",
00069    [AST_SIP_AUTH_TYPE_MD5] = "md5"
00070 };
00071 
00072 const char *ast_sip_auth_type_to_str(enum ast_sip_auth_type type)
00073 {
00074    return ARRAY_IN_BOUNDS(type, auth_types_map) ?
00075       auth_types_map[type] : "";
00076 }
00077 
00078 static int auth_type_to_str(const void *obj, const intptr_t *args, char **buf)
00079 {
00080    const struct ast_sip_auth *auth = obj;
00081    *buf = ast_strdup(ast_sip_auth_type_to_str(auth->type));
00082    return 0;
00083 }
00084 
00085 static int auth_apply(const struct ast_sorcery *sorcery, void *obj)
00086 {
00087    struct ast_sip_auth *auth = obj;
00088    int res = 0;
00089 
00090    if (ast_strlen_zero(auth->auth_user)) {
00091       ast_log(LOG_ERROR, "No authentication username for auth '%s'\n",
00092             ast_sorcery_object_get_id(auth));
00093       return -1;
00094    }
00095 
00096    switch (auth->type) {
00097    case AST_SIP_AUTH_TYPE_MD5:
00098       if (ast_strlen_zero(auth->md5_creds)) {
00099          ast_log(LOG_ERROR, "'md5' authentication specified but no md5_cred "
00100                "specified for auth '%s'\n", ast_sorcery_object_get_id(auth));
00101          res = -1;
00102       } else if (strlen(auth->md5_creds) != PJSIP_MD5STRLEN) {
00103          ast_log(LOG_ERROR, "'md5' authentication requires digest of size '%d', but "
00104             "digest is '%d' in size for auth '%s'\n", PJSIP_MD5STRLEN, (int)strlen(auth->md5_creds),
00105             ast_sorcery_object_get_id(auth));
00106          res = -1;
00107       }
00108       break;
00109    case AST_SIP_AUTH_TYPE_USER_PASS:
00110    case AST_SIP_AUTH_TYPE_ARTIFICIAL:
00111       break;
00112    }
00113 
00114    return res;
00115 }
00116 
00117 int ast_sip_for_each_auth(const struct ast_sip_auth_vector *vector,
00118            ao2_callback_fn on_auth, void *arg)
00119 {
00120    int i;
00121 
00122    if (!vector || !AST_VECTOR_SIZE(vector)) {
00123       return 0;
00124    }
00125 
00126    for (i = 0; i < AST_VECTOR_SIZE(vector); ++i) {
00127       /* AST_VECTOR_GET is safe to use since the vector is immutable */
00128       RAII_VAR(struct ast_sip_auth *, auth, ast_sorcery_retrieve_by_id(
00129              ast_sip_get_sorcery(), SIP_SORCERY_AUTH_TYPE,
00130              AST_VECTOR_GET(vector,i)), ao2_cleanup);
00131 
00132       if (!auth) {
00133          continue;
00134       }
00135 
00136       if (on_auth(auth, arg, 0)) {
00137          return -1;
00138       }
00139    }
00140 
00141    return 0;
00142 }
00143 
00144 static int sip_auth_to_ami(const struct ast_sip_auth *auth,
00145             struct ast_str **buf)
00146 {
00147    return ast_sip_sorcery_object_to_ami(auth, buf);
00148 }
00149 
00150 static int format_ami_auth_handler(void *obj, void *arg, int flags)
00151 {
00152    const struct ast_sip_auth *auth = obj;
00153    struct ast_sip_ami *ami = arg;
00154    const struct ast_sip_endpoint *endpoint = ami->arg;
00155    RAII_VAR(struct ast_str *, buf,
00156        ast_sip_create_ami_event("AuthDetail", ami), ast_free);
00157 
00158    if (!buf) {
00159       return -1;
00160    }
00161 
00162    if (sip_auth_to_ami(auth, &buf)) {
00163       return -1;
00164    }
00165 
00166    if (endpoint) {
00167       ast_str_append(&buf, 0, "EndpointName: %s\r\n",
00168              ast_sorcery_object_get_id(endpoint));
00169    }
00170 
00171    astman_append(ami->s, "%s\r\n", ast_str_buffer(buf));
00172    ami->count++;
00173 
00174    return 0;
00175 }
00176 
00177 int ast_sip_format_auths_ami(const struct ast_sip_auth_vector *auths,
00178               struct ast_sip_ami *ami)
00179 {
00180    return ast_sip_for_each_auth(auths, format_ami_auth_handler, ami);
00181 }
00182 
00183 static int format_ami_endpoint_auth(const struct ast_sip_endpoint *endpoint,
00184                 struct ast_sip_ami *ami)
00185 {
00186    ami->arg = (void *)endpoint;
00187    if (ast_sip_format_auths_ami(&endpoint->inbound_auths, ami)) {
00188       return -1;
00189    }
00190 
00191    return ast_sip_format_auths_ami(&endpoint->outbound_auths, ami);
00192 }
00193 
00194 static struct ast_sip_endpoint_formatter endpoint_auth_formatter = {
00195    .format_ami = format_ami_endpoint_auth
00196 };
00197 
00198 static struct ao2_container *cli_get_container(void)
00199 {
00200    RAII_VAR(struct ao2_container *, container, NULL, ao2_cleanup);
00201    struct ao2_container *s_container;
00202 
00203    container = ast_sorcery_retrieve_by_fields(ast_sip_get_sorcery(), "auth",
00204       AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL);
00205    if (!container) {
00206       return NULL;
00207    }
00208 
00209    s_container = ao2_container_alloc_list(AO2_ALLOC_OPT_LOCK_NOLOCK, 0,
00210       ast_sorcery_object_id_sort, ast_sorcery_object_id_compare);
00211    if (!s_container) {
00212       return NULL;
00213    }
00214 
00215    if (ao2_container_dup(s_container, container, 0)) {
00216       ao2_ref(s_container, -1);
00217       return NULL;
00218    }
00219 
00220    return s_container;
00221 }
00222 
00223 static int cli_iterator(void *container, ao2_callback_fn callback, void *args)
00224 {
00225    return ast_sip_for_each_auth(container, callback, args);
00226 }
00227 
00228 static void *cli_retrieve_by_id(const char *id)
00229 {
00230    return ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), SIP_SORCERY_AUTH_TYPE, id);
00231 }
00232 
00233 static int cli_print_header(void *obj, void *arg, int flags)
00234 {
00235    struct ast_sip_cli_context *context = arg;
00236    int indent = CLI_INDENT_TO_SPACES(context->indent_level);
00237    int filler = CLI_MAX_WIDTH - indent - 20;
00238 
00239    ast_assert(context->output_buffer != NULL);
00240 
00241    ast_str_append(&context->output_buffer, 0,
00242       "%*s:  <AuthId/UserName%*.*s>\n", indent, "I/OAuth", filler, filler,
00243       CLI_HEADER_FILLER);
00244 
00245    return 0;
00246 }
00247 
00248 static int cli_print_body(void *obj, void *arg, int flags)
00249 {
00250    struct ast_sip_auth *auth = obj;
00251    struct ast_sip_cli_context *context = arg;
00252    char title[32];
00253 
00254    ast_assert(context->output_buffer != NULL);
00255 
00256    snprintf(title, sizeof(title), "%sAuth",
00257       context->auth_direction ? context->auth_direction : "");
00258 
00259    ast_str_append(&context->output_buffer, 0, "%*s:  %s/%s\n",
00260       CLI_INDENT_TO_SPACES(context->indent_level), title,
00261       ast_sorcery_object_get_id(auth), auth->auth_user);
00262 
00263    if (context->show_details
00264       || (context->show_details_only_level_0 && context->indent_level == 0)) {
00265       ast_str_append(&context->output_buffer, 0, "\n");
00266       ast_sip_cli_print_sorcery_objectset(auth, context, 0);
00267    }
00268 
00269    return 0;
00270 }
00271 
00272 static struct ast_cli_entry cli_commands[] = {
00273    AST_CLI_DEFINE(ast_sip_cli_traverse_objects, "List PJSIP Auths",
00274       .command = "pjsip list auths",
00275       .usage = "Usage: pjsip list auths\n"
00276              "       List the configured PJSIP Auths\n"),
00277    AST_CLI_DEFINE(ast_sip_cli_traverse_objects, "Show PJSIP Auths",
00278       .command = "pjsip show auths",
00279       .usage = "Usage: pjsip show auths\n"
00280              "       Show the configured PJSIP Auths\n"),
00281    AST_CLI_DEFINE(ast_sip_cli_traverse_objects, "Show PJSIP Auth",
00282       .command = "pjsip show auth",
00283       .usage = "Usage: pjsip show auth <id>\n"
00284              "       Show the configured PJSIP Auth\n"),
00285 };
00286 
00287 static struct ast_sip_cli_formatter_entry *cli_formatter;
00288 
00289 /*! \brief Initialize sorcery with auth support */
00290 int ast_sip_initialize_sorcery_auth(void)
00291 {
00292    struct ast_sorcery *sorcery = ast_sip_get_sorcery();
00293 
00294    ast_sorcery_apply_default(sorcery, SIP_SORCERY_AUTH_TYPE, "config", "pjsip.conf,criteria=type=auth");
00295 
00296    if (ast_sorcery_object_register(sorcery, SIP_SORCERY_AUTH_TYPE, auth_alloc, NULL, auth_apply)) {
00297       return -1;
00298    }
00299 
00300    ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "type", "",
00301          OPT_NOOP_T, 0, 0);
00302    ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "username",
00303          "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_auth, auth_user));
00304    ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "password",
00305          "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_auth, auth_pass));
00306    ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "md5_cred",
00307          "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_auth, md5_creds));
00308    ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "realm",
00309          "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_auth, realm));
00310    ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "nonce_lifetime",
00311          "32", OPT_UINT_T, 0, FLDSET(struct ast_sip_auth, nonce_lifetime));
00312    ast_sorcery_object_field_register_custom(sorcery, SIP_SORCERY_AUTH_TYPE, "auth_type",
00313          "userpass", auth_type_handler, auth_type_to_str, NULL, 0, 0);
00314 
00315    internal_sip_register_endpoint_formatter(&endpoint_auth_formatter);
00316 
00317    cli_formatter = ao2_alloc(sizeof(struct ast_sip_cli_formatter_entry), NULL);
00318    if (!cli_formatter) {
00319       ast_log(LOG_ERROR, "Unable to allocate memory for cli formatter\n");
00320       return -1;
00321    }
00322    cli_formatter->name = SIP_SORCERY_AUTH_TYPE;
00323    cli_formatter->print_header = cli_print_header;
00324    cli_formatter->print_body = cli_print_body;
00325    cli_formatter->get_container = cli_get_container;
00326    cli_formatter->iterate = cli_iterator;
00327    cli_formatter->get_id = ast_sorcery_object_get_id;
00328    cli_formatter->retrieve_by_id = cli_retrieve_by_id;
00329 
00330    ast_sip_register_cli_formatter(cli_formatter);
00331    ast_cli_register_multiple(cli_commands, ARRAY_LEN(cli_commands));
00332 
00333    return 0;
00334 }
00335 
00336 int ast_sip_destroy_sorcery_auth(void)
00337 {
00338    ast_cli_unregister_multiple(cli_commands, ARRAY_LEN(cli_commands));
00339    ast_sip_unregister_cli_formatter(cli_formatter);
00340    internal_sip_unregister_endpoint_formatter(&endpoint_auth_formatter);
00341 
00342    return 0;
00343 }

Generated on Thu Apr 16 06:27:31 2015 for Asterisk - The Open Source Telephony Project by  doxygen 1.5.6