[asterisk-commits] jrose: trunk r337600 - in /trunk: ./ channels/ channels/sip/ channels/sip/inc...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Thu Sep 22 11:35:27 CDT 2011


Author: jrose
Date: Thu Sep 22 11:35:20 2011
New Revision: 337600

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=337600
Log:
Merged revisions 337595,337597 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/branches/10

........
  r337595 | jrose | 2011-09-22 10:35:50 -0500 (Thu, 22 Sep 2011) | 12 lines
  
  Generate Security events in chan_sip using new Security Events Framework
  
  Security Events Framework was added in 1.8 and support was added for AMI to generate
  events at that time. This patch adds support for chan_sip to generate security events.
  
  (closes issue ASTERISK-18264)
  Reported by: Michael L. Young
  Patches:
       security_events_chan_sip_v4.patch (license #5026) by Michael L. Young
  Review: https://reviewboard.asterisk.org/r/1362/
........
  r337597 | jrose | 2011-09-22 10:47:05 -0500 (Thu, 22 Sep 2011) | 10 lines
  
  Forgot to svn add new files to r337595
  
  Part of Generating security events for chan_sip
  
  (issue ASTERISK-18264)
  Reported by: Michael L. Young
  Patches:
      security_events_chan_sip_v4.patch (License #5026) by Michael L. Young
  Reviewboard: https://reviewboard.asterisk.org/r/1362/
........

Added:
    trunk/channels/sip/include/security_events.h   (with props)
    trunk/channels/sip/security_events.c   (with props)
Modified:
    trunk/   (props changed)
    trunk/CHANGES
    trunk/channels/chan_sip.c
    trunk/channels/sip/include/sip.h
    trunk/configs/logger.conf.sample
    trunk/include/asterisk/event_defs.h
    trunk/include/asterisk/security_events_defs.h
    trunk/main/event.c
    trunk/main/security_events.c

Propchange: trunk/
------------------------------------------------------------------------------
Binary property 'branch-10-merged' - no diff available.

Modified: trunk/CHANGES
URL: http://svnview.digium.com/svn/asterisk/trunk/CHANGES?view=diff&rev=337600&r1=337599&r2=337600
==============================================================================
--- trunk/CHANGES (original)
+++ trunk/CHANGES Thu Sep 22 11:35:20 2011
@@ -214,6 +214,7 @@
 -----------
  * Add T38 support for REJECTED state where T.38 Negotiation is explicitly rejected.
  * Add option encryption_taglen to set auth taglen only 32 and 80 are supported currently.
+ * SIP now generates security events using the Security Events Framework for REGISTER and INVITE.
 
 Queue changes
 -------------

Modified: trunk/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/trunk/channels/chan_sip.c?view=diff&rev=337600&r1=337599&r2=337600
==============================================================================
--- trunk/channels/chan_sip.c (original)
+++ trunk/channels/chan_sip.c Thu Sep 22 11:35:20 2011
@@ -276,6 +276,7 @@
 #include "asterisk/xml.h"
 #include "sip/include/dialog.h"
 #include "sip/include/dialplan_functions.h"
+#include "sip/include/security_events.h"
 
 
 /*** DOCUMENTATION
@@ -1434,7 +1435,6 @@
 static void set_peer_defaults(struct sip_peer *peer);
 static struct sip_peer *temp_peer(const char *name);
 static void register_peer_exten(struct sip_peer *peer, int onoff);
-static struct sip_peer *find_peer(const char *peer, struct ast_sockaddr *addr, int realtime, int forcenamematch, int devstate_only, int transport);
 static int sip_poke_peer_s(const void *data);
 static enum parse_register_result parse_register_contact(struct sip_pvt *pvt, struct sip_peer *p, struct sip_request *req);
 static void reg_source_db(struct sip_peer *peer);
@@ -1471,7 +1471,6 @@
 static unsigned int parse_allowed_methods(struct sip_request *req);
 static unsigned int set_pvt_allowed_methods(struct sip_pvt *pvt, struct sip_request *req);
 static int parse_request(struct sip_request *req);
-static const char *get_header(const struct sip_request *req, const char *name);
 static const char *referstatus2str(enum referstatus rstatus) attribute_pure;
 static int method_match(enum sipmethod id, const char *name);
 static void parse_copy(struct sip_request *dst, const struct sip_request *src);
@@ -1628,6 +1627,7 @@
  */
 struct ast_channel_tech sip_tech_info;
 
+/*------- CC Support -------- */
 static int sip_cc_agent_init(struct ast_cc_agent *agent, struct ast_channel *chan);
 static int sip_cc_agent_start_offer_timer(struct ast_cc_agent *agent);
 static int sip_cc_agent_stop_offer_timer(struct ast_cc_agent *agent);
@@ -2064,7 +2064,7 @@
 
 static int sip_get_cc_information(struct sip_request *req, char *subscribe_uri, size_t size, enum ast_cc_service_type *service)
 {
-	char *call_info = ast_strdupa(get_header(req, "Call-Info"));
+	char *call_info = ast_strdupa(sip_get_header(req, "Call-Info"));
 	char *uri;
 	char *purpose;
 	char *service_str;
@@ -2308,18 +2308,18 @@
 	else if (!(peer->transports & tmpl->socket.type)) {\
 		ast_log(LOG_ERROR, \
 			"'%s' is not a valid transport for '%s'. we only use '%s'! ending call.\n", \
-			get_transport(tmpl->socket.type), peer->name, get_transport_list(peer->transports) \
+			sip_get_transport(tmpl->socket.type), peer->name, get_transport_list(peer->transports) \
 			); \
 		ret = 1; \
 	} else if (peer->socket.type & SIP_TRANSPORT_TLS) { \
 		ast_log(LOG_WARNING, \
 			"peer '%s' HAS NOT USED (OR SWITCHED TO) TLS in favor of '%s' (but this was allowed in sip.conf)!\n", \
-			peer->name, get_transport(tmpl->socket.type) \
+			peer->name, sip_get_transport(tmpl->socket.type) \
 		); \
 	} else { \
 		ast_debug(1, \
 			"peer '%s' has contacted us over %s even though we prefer %s.\n", \
-			peer->name, get_transport(tmpl->socket.type), get_transport(peer->socket.type) \
+			peer->name, sip_get_transport(tmpl->socket.type), sip_get_transport(peer->socket.type) \
 		); \
 	}\
 	(ret); \
@@ -2695,7 +2695,7 @@
 			copy_request(&reqcpy, &req);
 			parse_request(&reqcpy);
 			/* In order to know how much to read, we need the content-length header */
-			if (sscanf(get_header(&reqcpy, "Content-Length"), "%30d", &cl)) {
+			if (sscanf(sip_get_header(&reqcpy, "Content-Length"), "%30d", &cl)) {
 				while (cl > 0) {
 					size_t bytes_read;
 					if (!tcptls_session->client && !authenticated ) {
@@ -2825,8 +2825,8 @@
 }
 
 #ifdef REF_DEBUG
-#define ref_peer(arg1,arg2) _ref_peer((arg1),(arg2), __FILE__, __LINE__, __PRETTY_FUNCTION__)
-#define unref_peer(arg1,arg2) _unref_peer((arg1),(arg2), __FILE__, __LINE__, __PRETTY_FUNCTION__)
+#define sip_ref_peer(arg1,arg2) _ref_peer((arg1),(arg2), __FILE__, __LINE__, __PRETTY_FUNCTION__)
+#define sip_unref_peer(arg1,arg2) _unref_peer((arg1),(arg2), __FILE__, __LINE__, __PRETTY_FUNCTION__)
 static struct sip_peer *_ref_peer(struct sip_peer *peer, char *tag, char *file, int line, const char *func)
 {
 	if (peer)
@@ -2848,13 +2848,13 @@
  * By handling them this way, we don't have to declare the
  * destructor on each call, which removes the chance of errors.
  */
-static void *unref_peer(struct sip_peer *peer, char *tag)
+void *sip_unref_peer(struct sip_peer *peer, char *tag)
 {
 	ao2_t_ref(peer, -1, tag);
 	return NULL;
 }
 
-static struct sip_peer *ref_peer(struct sip_peer *peer, char *tag)
+struct sip_peer *sip_ref_peer(struct sip_peer *peer, char *tag)
 {
 	ao2_t_ref(peer, 1, tag);
 	return peer;
@@ -2865,11 +2865,11 @@
 {
 	if (peer->pokeexpire != -1) {
 		AST_SCHED_DEL_UNREF(sched, peer->pokeexpire,
-				unref_peer(peer, "removing poke peer ref"));
+				sip_unref_peer(peer, "removing poke peer ref"));
 	}
 	if (peer->expire != -1) {
 		AST_SCHED_DEL_UNREF(sched, peer->expire,
-				unref_peer(peer, "remove register expire ref"));
+				sip_unref_peer(peer, "remove register expire ref"));
 	}
 }
 
@@ -3289,7 +3289,7 @@
 }
 
 /*! \brief Return transport as string */
-static inline const char *get_transport(enum sip_transport t)
+const char *sip_get_transport(enum sip_transport t)
 {
 	switch (t) {
 	case SIP_TRANSPORT_UDP:
@@ -3342,7 +3342,7 @@
 		set_socket_transport(&p->socket, p->outboundproxy->transport);
 	}
 
-	return get_transport(p->socket.type);
+	return sip_get_transport(p->socket.type);
 }
 
 /*!
@@ -3515,7 +3515,7 @@
 	} else if (!ast_sockaddr_is_any(&bindaddr)) {
 		ast_sockaddr_copy(us, &bindaddr);
 	}
-	ast_debug(3, "Setting SIP_TRANSPORT_%s with address %s\n", get_transport(p->socket.type), ast_sockaddr_stringify(us));
+	ast_debug(3, "Setting SIP_TRANSPORT_%s with address %s\n", sip_get_transport(p->socket.type), ast_sockaddr_stringify(us));
 }
 
 /*! \brief Append to SIP dialog history with arg list  */
@@ -4167,7 +4167,7 @@
 	if (p->do_history) {
 		struct sip_request tmp = { .rlPart1 = 0, };
 		parse_copy(&tmp, req);
-		append_history(p, reliable ? "TxRespRel" : "TxResp", "%s / %s - %s", tmp.data->str, get_header(&tmp, "CSeq"),
+		append_history(p, reliable ? "TxRespRel" : "TxResp", "%s / %s - %s", tmp.data->str, sip_get_header(&tmp, "CSeq"),
 			(tmp.method == SIP_RESPONSE || tmp.method == SIP_UNKNOWN) ? REQ_OFFSET_TO_STR(&tmp, rlPart2) : sip_methods[tmp.method].text);
 		deinit_req(&tmp);
 	}
@@ -4215,7 +4215,7 @@
 	if (p->do_history) {
 		struct sip_request tmp = { .rlPart1 = 0, };
 		parse_copy(&tmp, req);
-		append_history(p, reliable ? "TxReqRel" : "TxReq", "%s / %s - %s", tmp.data->str, get_header(&tmp, "CSeq"), sip_methods[tmp.method].text);
+		append_history(p, reliable ? "TxReqRel" : "TxReq", "%s / %s - %s", tmp.data->str, sip_get_header(&tmp, "CSeq"), sip_methods[tmp.method].text);
 		deinit_req(&tmp);
 	}
 	res = (reliable) ?
@@ -4855,9 +4855,9 @@
 		ast_copy_flags(&peer->flags[1], &global_flags[1], SIP_PAGE2_RTAUTOCLEAR|SIP_PAGE2_RTCACHEFRIENDS);
 		if (ast_test_flag(&global_flags[1], SIP_PAGE2_RTAUTOCLEAR)) {
 			AST_SCHED_REPLACE_UNREF(peer->expire, sched, sip_cfg.rtautoclear * 1000, expire_register, peer,
-					unref_peer(_data, "remove registration ref"),
-					unref_peer(peer, "remove registration ref"),
-					ref_peer(peer, "add registration ref"));
+					sip_unref_peer(_data, "remove registration ref"),
+					sip_unref_peer(peer, "remove registration ref"),
+					sip_ref_peer(peer, "add registration ref"));
 		}
 		ao2_t_link(peers, peer, "link peer into peers table");
 		if (!ast_sockaddr_isnull(&peer->addr)) {
@@ -4917,7 +4917,7 @@
  * \note Avoid using this function in new functions if there is a way to avoid it,
  * since it might cause a database lookup.
  */
-static struct sip_peer *find_peer(const char *peer, struct ast_sockaddr *addr, int realtime, int which_objects, int devstate_only, int transport)
+struct sip_peer *sip_find_peer(const char *peer, struct ast_sockaddr *addr, int realtime, int which_objects, int devstate_only, int transport)
 {
 	struct sip_peer *p = NULL;
 	struct sip_peer tmp_peer;
@@ -4945,13 +4945,13 @@
 			switch (which_objects) {
 			case FINDUSERS:
 				if (!(p->type & SIP_TYPE_USER)) {
-					unref_peer(p, "Wrong type of realtime SIP endpoint");
+					sip_unref_peer(p, "Wrong type of realtime SIP endpoint");
 					return NULL;
 				}
 				break;
 			case FINDPEERS:
 				if (!(p->type & SIP_TYPE_PEER)) {
-					unref_peer(p, "Wrong type of realtime SIP endpoint");
+					sip_unref_peer(p, "Wrong type of realtime SIP endpoint");
 					return NULL;
 				}
 				break;
@@ -5321,7 +5321,7 @@
 
 	dialog->timer_t1 = global_t1; /* Default SIP retransmission timer T1 (RFC 3261) */
 	dialog->timer_b = global_timer_b; /* Default SIP transaction timer B (RFC 3261) */
-	peer = find_peer(peername, NULL, TRUE, FINDPEERS, FALSE, 0);
+	peer = sip_find_peer(peername, NULL, TRUE, FINDPEERS, FALSE, 0);
 
 	if (peer) {
 		int res;
@@ -5332,8 +5332,8 @@
 		if (!ast_sockaddr_isnull(remote_address)) {
 			ast_sockaddr_copy(&dialog->sa, remote_address);
 		}
-		dialog->relatedpeer = ref_peer(peer, "create_addr: setting dialog's relatedpeer pointer");
-		unref_peer(peer, "create_addr: unref peer from find_peer hashtab lookup");
+		dialog->relatedpeer = sip_ref_peer(peer, "create_addr: setting dialog's relatedpeer pointer");
+		sip_unref_peer(peer, "create_addr: unref peer from sip_find_peer hashtab lookup");
 		return res;
 	}
 
@@ -5669,7 +5669,7 @@
 		p->relatedpeer->call = dialog_unref(p->relatedpeer->call, "unset the relatedpeer->call field in tandem with relatedpeer field itself");
 	
 	if (p->relatedpeer)
-		p->relatedpeer = unref_peer(p->relatedpeer,"unsetting a dialog relatedpeer field in sip_destroy");
+		p->relatedpeer = sip_unref_peer(p->relatedpeer,"unsetting a dialog relatedpeer field in sip_destroy");
 	
 	if (p->registry) {
 		if (p->registry->call == p)
@@ -5810,7 +5810,7 @@
 
 	/* Check the list of devices */
 	if (fup->relatedpeer) {
-		p = ref_peer(fup->relatedpeer, "ref related peer for update_call_counter");
+		p = sip_ref_peer(fup->relatedpeer, "ref related peer for update_call_counter");
 		inuse = &p->inUse;
 		call_limit = &p->call_limit;
 		inringing = &p->inRinging;
@@ -5878,7 +5878,7 @@
 		if (*call_limit > 0 ) {
 			if (*inuse >= *call_limit) {
 				ast_log(LOG_NOTICE, "Call %s %s '%s' rejected due to usage limit of %d\n", outgoing ? "to" : "from", "peer", name, *call_limit);
-				unref_peer(p, "update_call_counter: unref peer p, call limit exceeded");
+				sip_unref_peer(p, "update_call_counter: unref peer p, call limit exceeded");
 				return -1;
 			}
 		}
@@ -5928,7 +5928,7 @@
 
 	if (p) {
 		ast_devstate_changed(AST_DEVICE_UNKNOWN, "SIP/%s", p->name);
-		unref_peer(p, "update_call_counter: unref_peer from call counter");
+		sip_unref_peer(p, "update_call_counter: sip_unref_peer from call counter");
 	}
 	return 0;
 }
@@ -7227,14 +7227,14 @@
 		}
 	}
 
-	/* Don't return NULL, so get_header is always a valid pointer */
+	/* Don't return NULL, so sip_get_header is always a valid pointer */
 	return "";
 }
 
 /*! \brief Get header from SIP request
 	\return Always return something, so don't check for NULL because it won't happen :-)
 */
-static const char *get_header(const struct sip_request *req, const char *name)
+const char *sip_get_header(const struct sip_request *req, const char *name)
 {
 	int start = 0;
 	return __get_header(req, name, &start);
@@ -7499,11 +7499,11 @@
 	 * some information about it in the dialog. */
 	if (req) {
 		struct sip_via *via;
-		const char *cseq = get_header(req, "Cseq");
+		const char *cseq = sip_get_header(req, "Cseq");
 		unsigned int seqno;
 
 		/* get branch parameter from initial Request that started this dialog */
-		via = parse_via(get_header(req, "Via"));
+		via = parse_via(sip_get_header(req, "Via"));
 		if (via) {
 			/* only store the branch if it begins with the magic prefix "z9hG4bK", otherwise
 			 * it is not useful to us to have it */
@@ -7641,7 +7641,7 @@
  */
 static int process_via(struct sip_pvt *p, const struct sip_request *req)
 {
-	struct sip_via *via = parse_via(get_header(req, "Via"));
+	struct sip_via *via = parse_via(sip_get_header(req, "Via"));
 
 	if (!via) {
 		ast_log(LOG_ERROR, "error processing via header\n");
@@ -7958,14 +7958,14 @@
 {
 	char totag[128];
 	char fromtag[128];
-	const char *callid = get_header(req, "Call-ID");
-	const char *from = get_header(req, "From");
-	const char *to = get_header(req, "To");
-	const char *cseq = get_header(req, "Cseq");
+	const char *callid = sip_get_header(req, "Call-ID");
+	const char *from = sip_get_header(req, "From");
+	const char *to = sip_get_header(req, "To");
+	const char *cseq = sip_get_header(req, "Cseq");
 	struct sip_pvt *sip_pvt_ptr;
 	unsigned int seqno;
 	/* Call-ID, to, from and Cseq are required by RFC 3261. (Max-forwards and via too - ignored now) */
-	/* get_header always returns non-NULL so we must use ast_strlen_zero() */
+	/* sip_get_header always returns non-NULL so we must use ast_strlen_zero() */
 	if (ast_strlen_zero(callid) || ast_strlen_zero(to) ||
 			ast_strlen_zero(from) || ast_strlen_zero(cseq) ||
 			(sscanf(cseq, "%30u", &seqno) != 1)) {
@@ -8038,14 +8038,14 @@
 		args.seqno = seqno;
 		/* get via header information. */
 		args.ruri = REQ_OFFSET_TO_STR(req, rlPart2);
-		via = parse_via(get_header(req, "Via"));
+		via = parse_via(sip_get_header(req, "Via"));
 		if (via) {
 			args.viasentby = via->sent_by;
 			args.viabranch = via->branch;
 		}
 		/* determine if this is a Request with authentication credentials. */
-		if (!ast_strlen_zero(get_header(req, "Authorization")) ||
-			!ast_strlen_zero(get_header(req, "Proxy-Authorization"))) {
+		if (!ast_strlen_zero(sip_get_header(req, "Authorization")) ||
+			!ast_strlen_zero(sip_get_header(req, "Proxy-Authorization"))) {
 			args.authentication_present = 1;
 		}
 		/* if it is a response, get the response code */
@@ -8293,7 +8293,7 @@
  */
 static unsigned int parse_allowed_methods(struct sip_request *req)
 {
-	char *allow = ast_strdupa(get_header(req, "Allow"));
+	char *allow = ast_strdupa(sip_get_header(req, "Allow"));
 	unsigned int allowed_methods = SIP_UNKNOWN;
 
 	if (ast_strlen_zero(allow)) {
@@ -8301,7 +8301,7 @@
 		 * place the phone's allowed methods in an Allow header. Instead, they place the
 		 * allowed methods in a methods= parameter in the Contact header.
 		 */
-		char *contact = ast_strdupa(get_header(req, "Contact"));
+		char *contact = ast_strdupa(sip_get_header(req, "Contact"));
 		char *methods = strstr(contact, ";methods=");
 
 		if (ast_strlen_zero(methods)) {
@@ -8506,7 +8506,7 @@
 	int found_application_sdp = FALSE;
 	int found_end_of_headers = FALSE;
 
-	content_length = get_header(req, "Content-Length");
+	content_length = sip_get_header(req, "Content-Length");
 
 	if (!ast_strlen_zero(content_length)) {
 		if (sscanf(content_length, "%30u", &x) != 1) {
@@ -8520,7 +8520,7 @@
 			return 0;
 	}
 
-	content_type = get_header(req, "Content-Type");
+	content_type = sip_get_header(req, "Content-Type");
 
 	/* if the body contains only SDP, this is easy */
 	if (!strncasecmp(content_type, "application/sdp", 15)) {
@@ -9820,7 +9820,7 @@
 /*! \brief Copy one header field from one request to another */
 static int copy_header(struct sip_request *req, const struct sip_request *orig, const char *field)
 {
-	const char *tmp = get_header(orig, field);
+	const char *tmp = sip_get_header(orig, field);
 
 	if (!ast_strlen_zero(tmp)) /* Add what we're responding to */
 		return add_header(req, field, tmp);
@@ -10154,7 +10154,7 @@
 	if (msg[0] == '1' || msg[0] == '2')
 		copy_all_header(resp, req, "Record-Route");
 	copy_header(resp, req, "From");
-	ot = get_header(req, "To");
+	ot = sip_get_header(req, "To");
 	if (!strcasestr(ot, "tag=") && strncmp(msg, "100", 3)) {
 		/* Add the proper tag if we don't have it already.  If they have specified
 		   their tag, use it.  Otherwise, use our own tag */
@@ -10277,7 +10277,7 @@
 	else {
 		char *n;
 		/* We have no URI, use To: or From:  header as URI (depending on direction) */
-		ast_copy_string(stripped, get_header(orig, is_outbound ? "To" : "From"),
+		ast_copy_string(stripped, sip_get_header(orig, is_outbound ? "To" : "From"),
 				sizeof(stripped));
 		n = get_in_brackets(stripped);
 		c = remove_uri_parameters(n);
@@ -10293,8 +10293,8 @@
 	}
 	add_header_max_forwards(p, req);
 
-	ot = get_header(orig, "To");
-	of = get_header(orig, "From");
+	ot = sip_get_header(orig, "To");
+	of = sip_get_header(orig, "From");
 
 	/* Add tag *unless* this is a CANCEL, in which case we need to send it exactly
 	   as our original request, including tag (or presumably lack thereof) */
@@ -10358,8 +10358,8 @@
 	struct sip_request resp;
 	int seqno = 0;
 
-	if (reliable && (sscanf(get_header(req, "CSeq"), "%30d ", &seqno) != 1)) {
-		ast_log(LOG_WARNING, "Unable to determine sequence number from '%s'\n", get_header(req, "CSeq"));
+	if (reliable && (sscanf(sip_get_header(req, "CSeq"), "%30d ", &seqno) != 1)) {
+		ast_log(LOG_WARNING, "Unable to determine sequence number from '%s'\n", sip_get_header(req, "CSeq"));
 		return -1;
 	}
 	respprep(&resp, p, msg, req);
@@ -10592,8 +10592,8 @@
 	char tmp[512];
 	int seqno = 0;
 
-	if (reliable && (sscanf(get_header(req, "CSeq"), "%30d ", &seqno) != 1)) {
-		ast_log(LOG_WARNING, "Unable to determine sequence number from '%s'\n", get_header(req, "CSeq"));
+	if (reliable && (sscanf(sip_get_header(req, "CSeq"), "%30d ", &seqno) != 1)) {
+		ast_log(LOG_WARNING, "Unable to determine sequence number from '%s'\n", sip_get_header(req, "CSeq"));
 		return -1;
 	}
 	/* Choose Realm */
@@ -10673,14 +10673,14 @@
 	    !AST_LIST_EMPTY(&domain_list))
 	{
 		/* Check From header first */
-		if (!get_domain(get_header(req, "From"), domain, sizeof(domain))) {
+		if (!get_domain(sip_get_header(req, "From"), domain, sizeof(domain))) {
 			if (check_sip_domain(domain, NULL, 0)) {
 				ast_string_field_set(p, realm, domain);
 				return;
 			}
 		}
 		/* Check To header */
-		if (!get_domain(get_header(req, "To"), domain, sizeof(domain))) {
+		if (!get_domain(sip_get_header(req, "To"), domain, sizeof(domain))) {
 			if (check_sip_domain(domain, NULL, 0)) {
 				ast_string_field_set(p, realm, domain);
 				return;
@@ -11572,8 +11572,8 @@
 	struct sip_request resp;
 	int seqno;
 
-	if (sscanf(get_header(req, "CSeq"), "%30d ", &seqno) != 1) {
-		ast_log(LOG_WARNING, "Unable to get seqno from '%s'\n", get_header(req, "CSeq"));
+	if (sscanf(sip_get_header(req, "CSeq"), "%30d ", &seqno) != 1) {
+		ast_log(LOG_WARNING, "Unable to get seqno from '%s'\n", sip_get_header(req, "CSeq"));
 		return -1;
 	}
 	respprep(&resp, p, msg, req);
@@ -11653,8 +11653,8 @@
 {
 	struct sip_request resp;
 	int seqno;
-	if (sscanf(get_header(req, "CSeq"), "%30d ", &seqno) != 1) {
-		ast_log(LOG_WARNING, "Unable to get seqno from '%s'\n", get_header(req, "CSeq"));
+	if (sscanf(sip_get_header(req, "CSeq"), "%30d ", &seqno) != 1) {
+		ast_log(LOG_WARNING, "Unable to get seqno from '%s'\n", sip_get_header(req, "CSeq"));
 		return -1;
 	}
 	respprep(&resp, p, msg, req);
@@ -11797,7 +11797,7 @@
 	char stripped[SIPBUFSIZE];
 	char *c;
 
-	ast_copy_string(stripped, get_header(req, "Contact"), sizeof(stripped));
+	ast_copy_string(stripped, sip_get_header(req, "Contact"), sizeof(stripped));
 	c = get_in_brackets(stripped);
 	/* Cut the URI at the at sign after the @, not in the username part */
 	c = remove_uri_parameters(c);
@@ -11819,7 +11819,7 @@
 	} else {
 		ast_string_field_build(p, our_contact, "<sip:%s%s%s;transport=%s>", user,
 			ast_strlen_zero(user) ? "" : "@", ast_sockaddr_stringify_remote(&p->ourip),
-			get_transport(p->socket.type));
+			sip_get_transport(p->socket.type));
 	}
 }
 
@@ -12590,7 +12590,7 @@
 
 	subscriptiontype = find_subscription_type(p->subscribed);
 
-	ast_copy_string(from, get_header(&p->initreq, "From"), sizeof(from));
+	ast_copy_string(from, sip_get_header(&p->initreq, "From"), sizeof(from));
 	c = get_in_brackets(from);
 	if (strncasecmp(c, "sip:", 4) && strncasecmp(c, "sips:", 5)) {
 		ast_log(LOG_WARNING, "Huh?  Not a SIP header (%s)?\n", c);
@@ -12599,7 +12599,7 @@
 
 	mfrom = remove_uri_parameters(c);
 
-	ast_copy_string(to, get_header(&p->initreq, "To"), sizeof(to));
+	ast_copy_string(to, sip_get_header(&p->initreq, "To"), sizeof(to));
 	c = get_in_brackets(to);
 	if (strncasecmp(c, "sip:", 4) && strncasecmp(c, "sips:", 5)) {
 		ast_log(LOG_WARNING, "Huh?  Not a SIP header (%s)?\n", c);
@@ -12684,13 +12684,13 @@
 		if (p->socket.type == SIP_TRANSPORT_UDP) {
 			ast_str_append(&out, 0, "Message-Account: sip:%s@%s:%d\r\n", exten, domain, ourport);
 		} else {
-			ast_str_append(&out, 0, "Message-Account: sip:%s@%s:%d;transport=%s\r\n", exten, domain, ourport, get_transport(p->socket.type));
+			ast_str_append(&out, 0, "Message-Account: sip:%s@%s:%d;transport=%s\r\n", exten, domain, ourport, sip_get_transport(p->socket.type));
 		}
 	} else {
 		if (p->socket.type == SIP_TRANSPORT_UDP) {
 			ast_str_append(&out, 0, "Message-Account: sip:%s@%s\r\n", exten, domain);
 		} else {
-			ast_str_append(&out, 0, "Message-Account: sip:%s@%s;transport=%s\r\n", exten, domain, get_transport(p->socket.type));
+			ast_str_append(&out, 0, "Message-Account: sip:%s@%s;transport=%s\r\n", exten, domain, sip_get_transport(p->socket.type));
 		}
 	}
 	/* Cisco has a bug in the SIP stack where it can't accept the
@@ -12962,12 +12962,12 @@
 		/* If the registration has timed out, maybe the IP changed.  Force a refresh. */
 		ast_dnsmgr_refresh(r->dnsmgr);
 		/* If we are resolving a peer, we have to make sure the refreshed address gets copied */
-		if ((peer = find_peer(r->hostname, NULL, TRUE, FINDPEERS, FALSE, 0))) {
+		if ((peer = sip_find_peer(r->hostname, NULL, TRUE, FINDPEERS, FALSE, 0))) {
 			ast_sockaddr_copy(&peer->addr, &r->us);
 			if (r->portno) {
 				ast_sockaddr_set_port(&peer->addr, r->portno);
 			}
-			peer = unref_peer(peer, "unref after find_peer");
+			peer = sip_unref_peer(peer, "unref after sip_find_peer");
 		}
 	}
 
@@ -13048,12 +13048,12 @@
 
 	if (r->dnsmgr == NULL) {
 		char transport[MAXHOSTNAMELEN];
-		peer = find_peer(r->hostname, NULL, TRUE, FINDPEERS, FALSE, 0);
-		snprintf(transport, sizeof(transport), "_%s._%s",get_srv_service(r->transport), get_srv_protocol(r->transport)); /* have to use static get_transport function */
+		peer = sip_find_peer(r->hostname, NULL, TRUE, FINDPEERS, FALSE, 0);
+		snprintf(transport, sizeof(transport), "_%s._%s",get_srv_service(r->transport), get_srv_protocol(r->transport)); /* have to use static sip_get_transport function */
 		r->us.ss.ss_family = get_address_family_filter(&bindaddr); /* Filter address family */
 		ast_dnsmgr_lookup(peer ? peer->tohost : r->hostname, &r->us, &r->dnsmgr, sip_cfg.srvlookup ? transport : NULL);
 		if (peer) {
-			peer = unref_peer(peer, "removing peer ref for dnsmgr_lookup");
+			peer = sip_unref_peer(peer, "removing peer ref for dnsmgr_lookup");
 		}
 	}
 
@@ -13090,11 +13090,11 @@
 		/* It is possible that DNS is unavailable at the time the peer is created. Here, if
 		 * we've updated the address in the registry, we copy it to the peer so that
 		 * create_addr() can copy it to the dialog via create_addr_from_peer */
-		if ((peer = find_peer(r->hostname, NULL, TRUE, FINDPEERS, FALSE, 0))) {
+		if ((peer = sip_find_peer(r->hostname, NULL, TRUE, FINDPEERS, FALSE, 0))) {
 			if (ast_sockaddr_isnull(&peer->addr) && !(ast_sockaddr_isnull(&r->us))) {
 				ast_sockaddr_copy(&peer->addr, &r->us);
 			}
-			peer = unref_peer(peer, "unref after find_peer");
+			peer = sip_unref_peer(peer, "unref after sip_find_peer");
 		}
 
 		/* Find address to hostname */
@@ -13348,9 +13348,9 @@
 
 	/* Are we transfering an inbound or outbound call ? */
 	if (ast_test_flag(&p->flags[0], SIP_OUTGOING))  {
-		of = get_header(&p->initreq, "To");
+		of = sip_get_header(&p->initreq, "To");
 	} else {
-		of = get_header(&p->initreq, "From");
+		of = sip_get_header(&p->initreq, "From");
 	}
 
 	ast_copy_string(from, of, sizeof(from));
@@ -13491,7 +13491,7 @@
 }
 
 /*! \brief return the request and response header for a 401 or 407 code */
-static void auth_headers(enum sip_auth_type code, char **header, char **respheader)
+void sip_auth_headers(enum sip_auth_type code, char **header, char **respheader)
 {
 	if (code == WWW_AUTH) {			/* 401 */
 		*header = "WWW-Authenticate";
@@ -13518,7 +13518,7 @@
 		if(!build_reply_digest(p, sipmethod, digest, sizeof(digest))) {
 			char *dummy, *response;
 			enum sip_auth_type code = p->options ? p->options->auth_type : PROXY_AUTH; /* XXX force 407 if unknown */
-			auth_headers(code, &dummy, &response);
+			sip_auth_headers(code, &dummy, &response);
 			add_header(&resp, response, digest);
 		} else {
 			ast_log(LOG_WARNING, "No authentication available for call %s\n", p->callid);
@@ -13620,7 +13620,7 @@
 	 * in order to unlink from the peers_by_ip container correctly */
 	memset(&peer->addr, 0, sizeof(peer->addr));
 
-	unref_peer(peer, "removing peer ref for expire_register");
+	sip_unref_peer(peer, "removing peer ref for expire_register");
 
 	return 0;
 }
@@ -13635,17 +13635,17 @@
 
 	foundpeer = ao2_find(peers, peer, OBJ_POINTER);
 	if (!foundpeer) {
-		unref_peer(peer, "removing poke peer ref");
+		sip_unref_peer(peer, "removing poke peer ref");
 		return 0;
 	} else if (foundpeer->name != peer->name) {
-		unref_peer(foundpeer, "removing above peer ref");
-		unref_peer(peer, "removing poke peer ref");
+		sip_unref_peer(foundpeer, "removing above peer ref");
+		sip_unref_peer(peer, "removing poke peer ref");
 		return 0;
 	}
 
-	unref_peer(foundpeer, "removing above peer ref");
+	sip_unref_peer(foundpeer, "removing above peer ref");
 	sip_poke_peer(peer, 0);
-	unref_peer(peer, "removing poke peer ref");
+	sip_unref_peer(peer, "removing poke peer ref");
 
 	return 0;
 }
@@ -13701,16 +13701,16 @@
 	if (sipsock < 0) {
 		/* SIP isn't up yet, so schedule a poke only, pretty soon */
 		AST_SCHED_REPLACE_UNREF(peer->pokeexpire, sched, ast_random() % 5000 + 1, sip_poke_peer_s, peer,
-				unref_peer(_data, "removing poke peer ref"),
-				unref_peer(peer, "removing poke peer ref"),
-				ref_peer(peer, "adding poke peer ref"));
+				sip_unref_peer(_data, "removing poke peer ref"),
+				sip_unref_peer(peer, "removing poke peer ref"),
+				sip_ref_peer(peer, "adding poke peer ref"));
 	} else {
 		sip_poke_peer(peer, 0);
 	}
 	AST_SCHED_REPLACE_UNREF(peer->expire, sched, (expire + 10) * 1000, expire_register, peer,
-			unref_peer(_data, "remove registration ref"),
-			unref_peer(peer, "remove registration ref"),
-			ref_peer(peer, "add registration ref"));
+			sip_unref_peer(_data, "remove registration ref"),
+			sip_unref_peer(peer, "remove registration ref"),
+			sip_ref_peer(peer, "add registration ref"));
 	register_peer_exten(peer, TRUE);
 }
 
@@ -13721,7 +13721,7 @@
 	char *c;
 
 	/* Look for brackets */
-	ast_copy_string(contact, get_header(req, "Contact"), sizeof(contact));
+	ast_copy_string(contact, sip_get_header(req, "Contact"), sizeof(contact));
 	c = get_in_brackets(contact);
 
 	/* Save full contact to call pvt for later bye or re-invite */
@@ -13821,7 +13821,7 @@
 {
 	char contact[SIPBUFSIZE];
 	char data[SIPBUFSIZE];
-	const char *expires = get_header(req, "Expires");
+	const char *expires = sip_get_header(req, "Expires");
 	int expire = atoi(expires);
 	char *curi, *domain, *transport;
 	int transport_type;
@@ -13888,9 +13888,9 @@
 	} else if (!strcasecmp(curi, "*") || !expire) {	/* Unregister this peer */
 		/* This means remove all registrations and return OK */
 		AST_SCHED_DEL_UNREF(sched, peer->expire,
-				unref_peer(peer, "remove register expire ref"));
+				sip_unref_peer(peer, "remove register expire ref"));
 		ast_verb(3, "Unregistered SIP '%s'\n", peer->name);
-		expire_register(ref_peer(peer,"add ref for explicit expire_register"));
+		expire_register(sip_ref_peer(peer,"add ref for explicit expire_register"));
 		return PARSE_REGISTER_UPDATE;
 	}
 
@@ -13985,7 +13985,7 @@
 	}
 
 	AST_SCHED_DEL_UNREF(sched, peer->expire,
-			unref_peer(peer, "remove register expire ref"));
+			sip_unref_peer(peer, "remove register expire ref"));
 
 	if (expire > max_expiry) {
 		expire = max_expiry;
@@ -13997,9 +13997,9 @@
 		peer->expire = -1;
 	} else {
 		peer->expire = ast_sched_add(sched, (expire + 10) * 1000, expire_register,
-				ref_peer(peer, "add registration ref"));
+				sip_ref_peer(peer, "add registration ref"));
 		if (peer->expire == -1) {
-			unref_peer(peer, "remote registration ref");
+			sip_unref_peer(peer, "remote registration ref");
 		}
 	}
 	pvt->expiry = expire;
@@ -14019,7 +14019,7 @@
 	register_peer_exten(peer, 1);
 	
 	/* Save User agent */
-	useragent = get_header(req, "User-Agent");
+	useragent = sip_get_header(req, "User-Agent");
 	if (strcasecmp(useragent, peer->useragent)) {
 		ast_string_field_set(peer, useragent, useragent);
 		ast_verb(4, "Saved useragent \"%s\" for peer %s\n", peer->useragent, peer->name);
@@ -14121,7 +14121,7 @@
 	if (!head || (!ast_strlen_zero(head->hop) && strstr(head->hop, ";lr") == NULL) ) {
 		/* 2nd append the Contact: if there is one */
 		/* Can be multiple Contact headers, comma separated values - we just take the first */
-		contact = get_header(req, "Contact");
+		contact = sip_get_header(req, "Contact");
 		if (!ast_strlen_zero(contact)) {
 			ast_debug(2, "build_route: Contact hop: %s\n", contact);
 			/* Look for <: delimited address */
@@ -14172,8 +14172,33 @@
 	}
 }
 
-AST_THREADSTORAGE(check_auth_buf);
-#define CHECK_AUTH_BUF_INITLEN   256
+/*! \brief Takes the digest response and parses it */
+void sip_digest_parser(char *c, struct digestkeys *keys)
+{
+        struct digestkeys *i = i;
+
+        while(c && *(c = ast_skip_blanks(c)) ) { /* lookup for keys */
+                for (i = keys; i->key != NULL; i++) {
+                        const char *separator = ",";    /* default */
+
+                        if (strncasecmp(c, i->key, strlen(i->key)) != 0) {
+                                continue;
+                        }
+                        /* Found. Skip keyword, take text in quotes or up to the separator. */
+                        c += strlen(i->key);
+                        if (*c == '"') { /* in quotes. Skip first and look for last */
+                                c++;
+                                separator = "\"";
+                        }
+                        i->s = c;
+                        strsep(&c, separator);
+                        break;
+                }
+                if (i->key == NULL) { /* not found, jump after space or comma */
+			strsep(&c, " ,");
+		}
+        }
+}
 
 /*! \brief  Check user authorization from peer definition
 	Some actions, like REGISTER and INVITEs from peers require
@@ -14197,11 +14222,7 @@
 	int res;
 
 	/* table of recognised keywords, and their value in the digest */
-	enum keys { K_RESP, K_URI, K_USER, K_NONCE, K_LAST };
-	struct x {
-		const char *key;
-		const char *s;
-	} *i, keys[] = {
+	struct digestkeys keys[] = {
 		[K_RESP] = { "response=", "" },
 		[K_URI] = { "uri=", "" },
 		[K_USER] = { "username=", "" },
@@ -14210,8 +14231,9 @@
 	};
 
 	/* Always OK if no secret */
-	if (ast_strlen_zero(secret) && ast_strlen_zero(md5secret))
+	if (ast_strlen_zero(secret) && ast_strlen_zero(md5secret)) {
 		return AUTH_SUCCESSFUL;
+	}
 
 	/* Always auth with WWW-auth since we're NOT a proxy */
 	/* Using proxy-auth in a B2BUA may block proxy authorization in the same transaction */
@@ -14219,11 +14241,11 @@
 
 	/*
 	 * Note the apparent swap of arguments below, compared to other
-	 * usages of auth_headers().
+	 * usages of sip_auth_headers().
 	 */
-	auth_headers(WWW_AUTH, &respheader, &reqheader);
-
-	authtoken =  get_header(req, reqheader);	
+	sip_auth_headers(WWW_AUTH, &respheader, &reqheader);
+
+	authtoken =  sip_get_header(req, reqheader);	
 	if (ignore && !ast_strlen_zero(p->randdata) && ast_strlen_zero(authtoken)) {
 		/* This is a retransmitted invite/register/etc, don't reconstruct authentication
 		   information */
@@ -14262,27 +14284,7 @@
 
 	c = buf->str;
 
-	while(c && *(c = ast_skip_blanks(c)) ) { /* lookup for keys */
-		for (i = keys; i->key != NULL; i++) {
-			const char *separator = ",";	/* default */
-
-			if (strncasecmp(c, i->key, strlen(i->key)) != 0) {
-				continue;
-			}
-			/* Found. Skip keyword, take text in quotes or up to the separator. */
-			c += strlen(i->key);
-			if (*c == '"') { /* in quotes. Skip first and look for last */
-				c++;
-				separator = "\"";
-			}
-			i->s = c;
-			strsep(&c, separator);
-			break;
-		}
-		if (i->key == NULL) { /* not found, jump after space or comma */
-			strsep(&c, " ,");
-		}
-	}
+	sip_digest_parser(c, keys);
 
 	/* Verify that digest username matches  the username we auth as */
 	if (strcmp(username, keys[K_USER].s)) {
@@ -14328,7 +14330,7 @@
 	if (wrongnonce) {
 		if (good_response) {
 			if (sipdebug)
-				ast_log(LOG_NOTICE, "Correct auth, but based on stale nonce received from '%s'\n", get_header(req, "From"));
+				ast_log(LOG_NOTICE, "Correct auth, but based on stale nonce received from '%s'\n", sip_get_header(req, "From"));
 			/* We got working auth token, based on stale nonce . */
 			set_nonce_randdata(p, 0);
 			transmit_response_with_auth(p, response, req, p->randdata, reliable, respheader, TRUE);
@@ -14336,12 +14338,12 @@
 			/* Everything was wrong, so give the device one more try with a new challenge */
 			if (!req->ignore) {
 				if (sipdebug) {
-					ast_log(LOG_NOTICE, "Bad authentication received from '%s'\n", get_header(req, "To"));
+					ast_log(LOG_NOTICE, "Bad authentication received from '%s'\n", sip_get_header(req, "To"));
 				}
 				set_nonce_randdata(p, 1);
 			} else {
 				if (sipdebug) {
-					ast_log(LOG_NOTICE, "Duplicate authentication received from '%s'\n", get_header(req, "To"));
+					ast_log(LOG_NOTICE, "Duplicate authentication received from '%s'\n", sip_get_header(req, "To"));
 				}
 			}
 			transmit_response_with_auth(p, response, req, p->randdata, reliable, respheader, FALSE);
@@ -14487,7 +14489,7 @@
 		reqheader = "Authorization";
 		respheader = "WWW-Authenticate";
 	}
-	authtoken = get_header(req, reqheader);
+	authtoken = sip_get_header(req, reqheader);
 	if (req->ignore && !ast_strlen_zero(p->randdata) && ast_strlen_zero(authtoken)) {
 		/* This is a retransmitted invite/register/etc, don't reconstruct authentication
 		 * information */
@@ -14593,7 +14595,7 @@
 
 	terminate_uri(uri2);
 
-	ast_copy_string(tmp, get_header(req, "To"), sizeof(tmp));
+	ast_copy_string(tmp, sip_get_header(req, "To"), sizeof(tmp));
 
 	c = get_in_brackets(tmp);
 	c = remove_uri_parameters(c);
@@ -14620,11 +14622,11 @@
 	build_contact(p);
 	if (req->ignore) {
 		/* Expires is a special case, where we only want to load the peer if this isn't a deregistration attempt */
-		const char *expires = get_header(req, "Expires");
+		const char *expires = sip_get_header(req, "Expires");
 		int expire = atoi(expires);
 
 		if (ast_strlen_zero(expires)) { /* No expires header; look in Contact */
-			if ((expires = strcasestr(get_header(req, "Contact"), ";expires="))) {
+			if ((expires = strcasestr(sip_get_header(req, "Contact"), ";expires="))) {
 				expire = atoi(expires + 9);
 			}
 		}
@@ -14633,12 +14635,12 @@
 			return 0;
 		}
 	}
-	peer = find_peer(name, NULL, TRUE, FINDPEERS, FALSE, 0);
+	peer = sip_find_peer(name, NULL, TRUE, FINDPEERS, FALSE, 0);
 
 	if (!(peer && ast_apply_ha(peer->ha, addr))) {
 		/* Peer fails ACL check */
 		if (peer) {
-			unref_peer(peer, "register_verify: unref_peer: from find_peer operation");
+			sip_unref_peer(peer, "register_verify: sip_unref_peer: from sip_find_peer operation");
 			peer = NULL;
 			res = AUTH_ACL_FAILED;
 		} else {
@@ -14830,7 +14832,7 @@
 		}
 	}
 	if (peer) {
-		unref_peer(peer, "register_verify: unref_peer: tossing stack peer pointer at end of func");
+		sip_unref_peer(peer, "register_verify: sip_unref_peer: tossing stack peer pointer at end of func");
 	}
 
 	return res;
@@ -14879,7 +14881,7 @@
 	int callingpres = AST_PRES_ALLOWED_USER_NUMBER_NOT_SCREENED;
 	char *start = NULL, *end = NULL, *uri = NULL;
 
-	ast_copy_string(pai, get_header(req, "P-Asserted-Identity"), sizeof(pai));
+	ast_copy_string(pai, sip_get_header(req, "P-Asserted-Identity"), sizeof(pai));
 
 	if (ast_strlen_zero(pai)) {
 		return 0;
@@ -14931,7 +14933,7 @@
 		return 0;
 	}
 
-	ast_copy_string(privacy, get_header(req, "Privacy"), sizeof(privacy));
+	ast_copy_string(privacy, sip_get_header(req, "Privacy"), sizeof(privacy));
 	if (!ast_strlen_zero(privacy) && strncmp(privacy, "id", 2)) {
 		callingpres = AST_PRES_PROHIB_USER_NUMBER_NOT_SCREENED;
 	}
@@ -14974,7 +14976,7 @@
 	req = oreq;
 	if (!req)
 		req = &p->initreq;
-	ast_copy_string(tmp, get_header(req, "Remote-Party-ID"), sizeof(tmp));
+	ast_copy_string(tmp, sip_get_header(req, "Remote-Party-ID"), sizeof(tmp));
 	if (ast_strlen_zero(tmp)) {
 		return get_pai(p, req);
 	}
@@ -15063,7 +15065,7 @@
 
 	req = oreq ? oreq : &p->initreq;
 
-	ast_copy_string(tmp, get_header(req, "Diversion"), sizeof(tmp));
+	ast_copy_string(tmp, sip_get_header(req, "Diversion"), sizeof(tmp));
 	if (ast_strlen_zero(tmp))
 		return -1;
 
@@ -15193,7 +15195,7 @@
 	/* XXX Why is this done in get_destination? Isn't it already done?
 	   Needs to be checked
         */
-	ast_copy_string(tmpf, get_header(req, "From"), sizeof(tmpf));
+	ast_copy_string(tmpf, sip_get_header(req, "From"), sizeof(tmpf));

[... 2414 lines stripped ...]



More information about the asterisk-commits mailing list