[asterisk-commits] kmoore: branch kmoore/stasis-channel_events r384296 - in /team/kmoore/stasis-...
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Thu Mar 28 13:48:32 CDT 2013
Author: kmoore
Date: Thu Mar 28 13:48:27 2013
New Revision: 384296
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=384296
Log:
Multiple revisions 384235,384286,384291-384292
........
r384235 | dlee | 2013-03-27 22:40:43 -0500 (Wed, 27 Mar 2013) | 2 lines
Merged revisions 383799-384219 from http://svn.asterisk.org/svn/asterisk/trunk
........
r384286 | dlee | 2013-03-28 12:36:16 -0500 (Thu, 28 Mar 2013) | 1 line
Margins
........
r384291 | dlee | 2013-03-28 13:20:31 -0500 (Thu, 28 Mar 2013) | 6 lines
Dramatically changed how app registration work.
Now, instead of sending commands down the websocket, connections specify
thier applications via get parameters. This means the WebSocket is now
strictly events only; there are no commands to confuse things any more.
........
r384292 | dlee | 2013-03-28 13:30:09 -0500 (Thu, 28 Mar 2013) | 5 lines
Break the world. Stasis message type accessors should now all be named correctly.
........
Merged revisions 384261 from http://svn.asterisk.org/svn/asterisk/trunk
........
Merged revisions 384235,384286,384291-384292 from http://svn.asterisk.org/svn/asterisk/team/dlee/stasis-app
Modified:
team/kmoore/stasis-channel_events/ (props changed)
team/kmoore/stasis-channel_events/apps/app_meetme.c
team/kmoore/stasis-channel_events/apps/app_stasis.c
team/kmoore/stasis-channel_events/apps/app_voicemail.c
team/kmoore/stasis-channel_events/channels/chan_dahdi.c
team/kmoore/stasis-channel_events/channels/chan_iax2.c
team/kmoore/stasis-channel_events/channels/chan_mgcp.c
team/kmoore/stasis-channel_events/channels/chan_sip.c
team/kmoore/stasis-channel_events/channels/chan_skinny.c
team/kmoore/stasis-channel_events/channels/chan_unistim.c
team/kmoore/stasis-channel_events/channels/sig_pri.c
team/kmoore/stasis-channel_events/channels/sip/include/sip.h
team/kmoore/stasis-channel_events/channels/sip/security_events.c
team/kmoore/stasis-channel_events/include/asterisk/app.h
team/kmoore/stasis-channel_events/include/asterisk/channel.h
team/kmoore/stasis-channel_events/include/asterisk/stasis.h
team/kmoore/stasis-channel_events/main/app.c
team/kmoore/stasis-channel_events/main/cdr.c
team/kmoore/stasis-channel_events/main/channel.c
team/kmoore/stasis-channel_events/main/format_pref.c
team/kmoore/stasis-channel_events/main/http.c
team/kmoore/stasis-channel_events/main/manager_channels.c
team/kmoore/stasis-channel_events/main/pbx.c
team/kmoore/stasis-channel_events/main/sorcery.c
team/kmoore/stasis-channel_events/main/stasis.c
team/kmoore/stasis-channel_events/main/stasis_cache.c
team/kmoore/stasis-channel_events/pbx/pbx_realtime.c
team/kmoore/stasis-channel_events/res/res_format_attr_h264.c
team/kmoore/stasis-channel_events/res/res_jabber.c
team/kmoore/stasis-channel_events/res/res_rtp_asterisk.c
team/kmoore/stasis-channel_events/res/res_stasis_websocket.c
team/kmoore/stasis-channel_events/res/res_xmpp.c
team/kmoore/stasis-channel_events/tests/test_stasis.c
Propchange: team/kmoore/stasis-channel_events/
------------------------------------------------------------------------------
Binary property 'branch-11-merged' - no diff available.
Propchange: team/kmoore/stasis-channel_events/
------------------------------------------------------------------------------
--- svnmerge-integrated (original)
+++ svnmerge-integrated Thu Mar 28 13:48:27 2013
@@ -1,1 +1,1 @@
-/team/dlee/stasis-app:1-383941
+/team/dlee/stasis-app:1-384294
Modified: team/kmoore/stasis-channel_events/apps/app_meetme.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/apps/app_meetme.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/apps/app_meetme.c (original)
+++ team/kmoore/stasis-channel_events/apps/app_meetme.c Thu Mar 28 13:48:27 2013
@@ -5926,7 +5926,16 @@
ringing_trunk = sla_choose_ringing_trunk(ringing_station->station, &s_trunk_ref, 1);
ast_mutex_unlock(&sla.lock);
if (!ringing_trunk) {
+ /* This case happens in a bit of a race condition. If two stations answer
+ * the outbound call at the same time, the first one will get connected to
+ * the trunk. When the second one gets here, it will not see any trunks
+ * ringing so we have no idea what to conect it to. So, we just hang up
+ * on it. */
ast_debug(1, "Found no ringing trunk for station '%s' to answer!\n", ringing_station->station->name);
+ ast_dial_join(ringing_station->station->dial);
+ ast_dial_destroy(ringing_station->station->dial);
+ ringing_station->station->dial = NULL;
+ ast_free(ringing_station);
break;
}
/* Track the channel that answered this trunk */
Modified: team/kmoore/stasis-channel_events/apps/app_stasis.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/apps/app_stasis.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/apps/app_stasis.c (original)
+++ team/kmoore/stasis-channel_events/apps/app_stasis.c Thu Mar 28 13:48:27 2013
@@ -323,7 +323,7 @@
static void sub_handler(void *data, struct stasis_subscription *sub, struct stasis_topic *topic, struct stasis_message *message)
{
struct app *app = data;
- if (ast_channel_snapshot() == stasis_message_type(message)) {
+ if (ast_channel_snapshot_type() == stasis_message_type(message)) {
RAII_VAR(struct ast_json *, msg, NULL, ast_json_unref);
struct ast_channel_snapshot *snapshot = stasis_message_data(message);
@@ -333,7 +333,7 @@
}
app_send(app, msg);
}
- if (ast_channel_blob() == stasis_message_type(message)) {
+ if (ast_channel_blob_type() == stasis_message_type(message)) {
RAII_VAR(struct ast_json *, msg, NULL, ast_json_unref);
struct ast_channel_blob *obj = stasis_message_data(message);
Modified: team/kmoore/stasis-channel_events/apps/app_voicemail.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/apps/app_voicemail.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/apps/app_voicemail.c (original)
+++ team/kmoore/stasis-channel_events/apps/app_voicemail.c Thu Mar 28 13:48:27 2013
@@ -12627,7 +12627,7 @@
{
struct stasis_subscription_change *change;
/* Only looking for subscription change notices here */
- if (stasis_message_type(msg) != stasis_subscription_change()) {
+ if (stasis_message_type(msg) != stasis_subscription_change_type()) {
return;
}
@@ -12656,7 +12656,7 @@
mwi_sub_sub = stasis_subscribe(stasis_mwi_topic_all(), mwi_event_cb, NULL);
if (mwi_sub_sub) {
- struct ao2_container *cached = stasis_cache_dump(stasis_mwi_topic_cached(), stasis_subscription_change());
+ struct ao2_container *cached = stasis_cache_dump(stasis_mwi_topic_cached(), stasis_subscription_change_type());
if (cached) {
ao2_callback(cached, OBJ_MULTIPLE | OBJ_NODATA, dump_cache, NULL);
}
Modified: team/kmoore/stasis-channel_events/channels/chan_dahdi.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/chan_dahdi.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/chan_dahdi.c (original)
+++ team/kmoore/stasis-channel_events/channels/chan_dahdi.c Thu Mar 28 13:48:27 2013
@@ -5414,7 +5414,7 @@
}
ast_str_set(&uniqueid, 0, "%s@%s", mailbox, context);
- mwi_message = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_message(), ast_str_buffer(uniqueid));
+ mwi_message = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_type(), ast_str_buffer(uniqueid));
if (mwi_message) {
struct stasis_mwi_state *mwi_state = stasis_message_data(mwi_message);
Modified: team/kmoore/stasis-channel_events/channels/chan_iax2.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/chan_iax2.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/chan_iax2.c (original)
+++ team/kmoore/stasis-channel_events/channels/chan_iax2.c Thu Mar 28 13:48:27 2013
@@ -8755,7 +8755,7 @@
}
ast_str_set(&uniqueid, 0, "%s@%s", mailbox, context);
- msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_message(), ast_str_buffer(uniqueid));
+ msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_type(), ast_str_buffer(uniqueid));
if (msg) {
struct stasis_mwi_state *mwi_state = stasis_message_data(msg);
Modified: team/kmoore/stasis-channel_events/channels/chan_mgcp.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/chan_mgcp.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/chan_mgcp.c (original)
+++ team/kmoore/stasis-channel_events/channels/chan_mgcp.c Thu Mar 28 13:48:27 2013
@@ -507,7 +507,7 @@
ast_str_set(&uniqueid, 0, "%s@%s", mbox, cntx);
- msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_message(), ast_str_buffer(uniqueid));
+ msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_type(), ast_str_buffer(uniqueid));
if (msg) {
struct stasis_mwi_state *mwi_state = stasis_message_data(msg);
Modified: team/kmoore/stasis-channel_events/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/chan_sip.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/chan_sip.c (original)
+++ team/kmoore/stasis-channel_events/channels/chan_sip.c Thu Mar 28 13:48:27 2013
@@ -1009,6 +1009,11 @@
static struct ao2_container *peers;
static struct ao2_container *peers_by_ip;
+/*! \brief A bogus peer, to be used when authentication should fail */
+static struct sip_peer *bogus_peer;
+/*! \brief We can recognise the bogus peer by this invalid MD5 hash */
+#define BOGUS_PEER_MD5SECRET "intentionally_invalid_md5_string"
+
/*! \brief The register list: Other SIP proxies we register with and receive calls from */
static struct ast_register_list {
ASTOBJ_CONTAINER_COMPONENTS(struct sip_registry);
@@ -1157,7 +1162,7 @@
static int transmit_response_with_auth(struct sip_pvt *p, const char *msg, const struct sip_request *req, const char *rand, enum xmittype reliable, const char *header, int stale);
static int transmit_provisional_response(struct sip_pvt *p, const char *msg, const struct sip_request *req, int with_sdp);
static int transmit_response_with_allow(struct sip_pvt *p, const char *msg, const struct sip_request *req, enum xmittype reliable);
-static void transmit_fake_auth_response(struct sip_pvt *p, int sipmethod, struct sip_request *req, enum xmittype reliable);
+static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, enum xmittype reliable);
static int transmit_request(struct sip_pvt *p, int sipmethod, uint32_t seqno, enum xmittype reliable, int newbranch);
static int transmit_request_with_auth(struct sip_pvt *p, int sipmethod, uint32_t seqno, enum xmittype reliable, int newbranch);
static int transmit_publish(struct sip_epa_entry *epa_entry, enum sip_publish_type publish_type, const char * const explicit_uri);
@@ -16131,7 +16136,9 @@
ast_verb(3, "Registered SIP '%s' at %s\n", peer->name,
ast_sockaddr_stringify(&peer->addr));
}
+ sip_pvt_unlock(pvt);
sip_poke_peer(peer, 0);
+ sip_pvt_lock(pvt);
register_peer_exten(peer, 1);
/* Save User agent */
@@ -16477,6 +16484,7 @@
char a1_hash[256];
char resp_hash[256]="";
char *c;
+ int is_bogus_peer = 0;
int wrongnonce = FALSE;
int good_response;
const char *usednonce = p->nonce;
@@ -16548,8 +16556,14 @@
sip_digest_parser(c, keys);
+ /* We cannot rely on the bogus_peer having a bad md5 value. Someone could
+ * use it to construct valid auth. */
+ if (md5secret && strcmp(md5secret, BOGUS_PEER_MD5SECRET) == 0) {
+ is_bogus_peer = 1;
+ }
+
/* Verify that digest username matches the username we auth as */
- if (strcmp(username, keys[K_USER].s)) {
+ if (strcmp(username, keys[K_USER].s) && !is_bogus_peer) {
ast_log(LOG_WARNING, "username mismatch, have <%s>, digest has <%s>\n",
username, keys[K_USER].s);
/* Oops, we're trying something here */
@@ -16588,7 +16602,8 @@
}
good_response = keys[K_RESP].s &&
- !strncasecmp(keys[K_RESP].s, resp_hash, strlen(resp_hash));
+ !strncasecmp(keys[K_RESP].s, resp_hash, strlen(resp_hash)) &&
+ !is_bogus_peer; /* lastly, check that the peer isn't the fake peer */
if (wrongnonce) {
if (good_response) {
if (sipdebug)
@@ -16653,7 +16668,7 @@
ao2_cleanup(peer);
return;
}
- if (stasis_mwi_state_message() == stasis_message_type(msg)) {
+ if (stasis_mwi_state_type() == stasis_message_type(msg)) {
sip_send_mwi_to_peer(peer, 0);
}
}
@@ -16819,13 +16834,13 @@
/*! \brief Send a fake 401 Unauthorized response when the administrator
wants to hide the names of local devices from fishers
*/
-static void transmit_fake_auth_response(struct sip_pvt *p, int sipmethod, struct sip_request *req, enum xmittype reliable)
+static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, enum xmittype reliable)
{
/* We have to emulate EXACTLY what we'd get with a good peer
* and a bad password, or else we leak information. */
- const char *response = "407 Proxy Authentication Required";
- const char *reqheader = "Proxy-Authorization";
- const char *respheader = "Proxy-Authenticate";
+ const char *response = "401 Unauthorized";
+ const char *reqheader = "Authorization";
+ const char *respheader = "WWW-Authenticate";
const char *authtoken;
struct ast_str *buf;
char *c;
@@ -16840,36 +16855,31 @@
[K_LAST] = { NULL, NULL}
};
- if (sipmethod == SIP_REGISTER || sipmethod == SIP_SUBSCRIBE) {
- response = "401 Unauthorized";
- reqheader = "Authorization";
- respheader = "WWW-Authenticate";
- }
authtoken = sip_get_header(req, reqheader);
if (req->ignore && !ast_strlen_zero(p->nonce) && ast_strlen_zero(authtoken)) {
/* This is a retransmitted invite/register/etc, don't reconstruct authentication
* information */
- transmit_response_with_auth(p, response, req, p->nonce, 0, respheader, 0);
+ transmit_response_with_auth(p, response, req, p->nonce, reliable, respheader, 0);
/* Schedule auto destroy in 32 seconds (according to RFC 3261) */
sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
return;
} else if (ast_strlen_zero(p->nonce) || ast_strlen_zero(authtoken)) {
/* We have no auth, so issue challenge and request authentication */
build_nonce(p, 1);
- transmit_response_with_auth(p, response, req, p->nonce, 0, respheader, 0);
+ transmit_response_with_auth(p, response, req, p->nonce, reliable, respheader, 0);
/* Schedule auto destroy in 32 seconds */
sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
return;
}
if (!(buf = ast_str_thread_get(&check_auth_buf, CHECK_AUTH_BUF_INITLEN))) {
- transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
+ __transmit_response(p, "403 Forbidden", &p->initreq, reliable);
return;
}
/* Make a copy of the response and parse it */
if (ast_str_set(&buf, 0, "%s", authtoken) == AST_DYNSTR_BUILD_FAILED) {
- transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
+ __transmit_response(p, "403 Forbidden", &p->initreq, reliable);
return;
}
@@ -16907,7 +16917,7 @@
/* Schedule auto destroy in 32 seconds */
sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
} else {
- transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
+ __transmit_response(p, "403 Forbidden", &p->initreq, reliable);
}
}
@@ -17017,7 +17027,7 @@
if (!AST_LIST_EMPTY(&domain_list)) {
if (!check_sip_domain(domain, NULL, 0)) {
if (sip_cfg.alwaysauthreject) {
- transmit_fake_auth_response(p, SIP_REGISTER, &p->initreq, XMIT_UNRELIABLE);
+ transmit_fake_auth_response(p, &p->initreq, XMIT_UNRELIABLE);
} else {
transmit_response(p, "404 Not found (unknown domain)", &p->initreq);
}
@@ -17043,6 +17053,13 @@
}
}
peer = sip_find_peer(name, NULL, TRUE, FINDPEERS, FALSE, 0);
+
+ /* If we don't want username disclosure, use the bogus_peer when a user
+ * is not found. */
+ if (!peer && sip_cfg.alwaysauthreject && sip_cfg.autocreatepeer == AUTOPEERS_DISABLED) {
+ peer = bogus_peer;
+ sip_ref_peer(peer, "register_verify: ref the bogus_peer");
+ }
if (!(peer && ast_apply_acl(peer->acl, addr, "SIP Peer ACL: "))) {
/* Peer fails ACL check */
@@ -17135,7 +17152,7 @@
switch (parse_register_contact(p, peer, req)) {
case PARSE_REGISTER_DENIED:
ast_log(LOG_WARNING, "Registration denied because of contact ACL\n");
- transmit_response_with_date(p, "403 Forbidden (ACL)", req);
+ transmit_response_with_date(p, "403 Forbidden", req);
res = 0;
break;
case PARSE_REGISTER_FAILED:
@@ -17163,9 +17180,9 @@
}
if (!res) {
if (send_mwi) {
- ao2_unlock(p);
+ sip_pvt_unlock(p);
sip_send_mwi_to_peer(peer, 0);
- ao2_lock(p);
+ sip_pvt_lock(p);
} else {
update_peer_lastmsgssent(peer, -1, 0);
}
@@ -17175,7 +17192,7 @@
switch (res) {
case AUTH_SECRET_FAILED:
/* Wrong password in authentication. Go away, don't try again until you fixed it */
- transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
+ transmit_response(p, "403 Forbidden", &p->initreq);
if (global_authfailureevents) {
const char *peer_addr = ast_strdupa(ast_sockaddr_stringify_addr(addr));
const char *peer_port = ast_strdupa(ast_sockaddr_stringify_port(addr));
@@ -17198,7 +17215,7 @@
case AUTH_PEER_NOT_DYNAMIC:
case AUTH_ACL_FAILED:
if (sip_cfg.alwaysauthreject) {
- transmit_fake_auth_response(p, SIP_REGISTER, &p->initreq, XMIT_UNRELIABLE);
+ transmit_fake_auth_response(p, &p->initreq, XMIT_UNRELIABLE);
if (global_authfailureevents) {
const char *peer_addr = ast_strdupa(ast_sockaddr_stringify_addr(addr));
const char *peer_port = ast_strdupa(ast_sockaddr_stringify_port(addr));
@@ -18237,7 +18254,19 @@
ast_verbose("No matching peer for '%s' from '%s'\n",
of, ast_sockaddr_stringify(&p->recv));
}
- return AUTH_DONT_KNOW;
+
+ /* If you don't mind, we can return 404s for devices that do
+ * not exist: username disclosure. If we allow guests, there
+ * is no way around that. */
+ if (sip_cfg.allowguest || !sip_cfg.alwaysauthreject) {
+ return AUTH_DONT_KNOW;
+ }
+
+ /* If you do mind, we use a peer that will never authenticate.
+ * This ensures that we follow the same code path as regular
+ * auth: less chance for username disclosure. */
+ peer = bogus_peer;
+ sip_ref_peer(peer, "sip_ref_peer: check_peer_ok: must ref bogus_peer so unreffing it does not fail");
}
/* build_peer, called through sip_find_peer, is not able to check the
@@ -18260,9 +18289,10 @@
sip_unref_peer(peer, "sip_unref_peer: check_peer_ok: from sip_find_peer call, early return of AUTH_ACL_FAILED");
return AUTH_ACL_FAILED;
}
- if (debug)
+ if (debug && peer != bogus_peer) {
ast_verbose("Found peer '%s' for '%s' from %s\n",
peer->name, of, ast_sockaddr_stringify(&p->recv));
+ }
/* XXX what about p->prefs = peer->prefs; ? */
/* Set Frame packetization */
@@ -18545,8 +18575,6 @@
} else {
res = AUTH_RTP_FAILED;
}
- } else if (sip_cfg.alwaysauthreject) {
- res = AUTH_FAKE_AUTH; /* reject with fake authorization request */
} else {
res = AUTH_SECRET_FAILED; /* we don't want any guests, authentication will fail */
}
@@ -18681,13 +18709,8 @@
return;
}
if (res < 0) { /* Something failed in authentication */
- if (res == AUTH_FAKE_AUTH) {
- ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", sip_get_header(req, "From"));
- transmit_fake_auth_response(p, SIP_MESSAGE, req, XMIT_UNRELIABLE);
- } else {
- ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From"));
- transmit_response(p, "403 Forbidden", req);
- }
+ ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From"));
+ transmit_response(p, "403 Forbidden", req);
sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
return;
}
@@ -24845,13 +24868,8 @@
return 0;
}
if (res < 0) { /* Something failed in authentication */
- if (res == AUTH_FAKE_AUTH) {
- ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", sip_get_header(req, "From"));
- transmit_fake_auth_response(p, SIP_OPTIONS, req, XMIT_UNRELIABLE);
- } else {
- ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From"));
- transmit_response(p, "403 Forbidden", req);
- }
+ ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From"));
+ transmit_response(p, "403 Forbidden", req);
sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
return 0;
}
@@ -25496,13 +25514,8 @@
goto request_invite_cleanup;
}
if (res < 0) { /* Something failed in authentication */
- if (res == AUTH_FAKE_AUTH) {
- ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", sip_get_header(req, "From"));
- transmit_fake_auth_response(p, SIP_INVITE, req, XMIT_RELIABLE);
- } else {
- ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From"));
- transmit_response_reliable(p, "403 Forbidden", req);
- }
+ ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From"));
+ transmit_response_reliable(p, "403 Forbidden", req);
p->invitestate = INV_COMPLETED;
sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
goto request_invite_cleanup;
@@ -25670,7 +25683,7 @@
/* Session-Timers */
if ((p->sipoptions & SIP_OPT_TIMER)) {
- enum st_refresher_param st_ref_param;
+ enum st_refresher_param st_ref_param = SESSION_TIMER_REFRESHER_PARAM_UNKNOWN;
/* The UAC has requested session-timers for this session. Negotiate
the session refresh interval and who will be the refresher */
@@ -27545,18 +27558,13 @@
return -1;
}
- auth_result = check_user(p, req, SIP_PUBLISH, uri, XMIT_RELIABLE, addr);
+ auth_result = check_user(p, req, SIP_PUBLISH, uri, XMIT_UNRELIABLE, addr);
if (auth_result == AUTH_CHALLENGE_SENT) {
p->lastinvite = seqno;
return 0;
} else if (auth_result < 0) {
- if (auth_result == AUTH_FAKE_AUTH) {
- ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", sip_get_header(req, "From"));
- transmit_fake_auth_response(p, SIP_INVITE, req, XMIT_RELIABLE);
- } else {
- ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From"));
- transmit_response_reliable(p, "403 Forbidden", req);
- }
+ ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From"));
+ transmit_response(p, "403 Forbidden", req);
sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
ast_string_field_set(p, theirtag, NULL);
return 0;
@@ -27768,19 +27776,14 @@
* use if !req->ignore, because then we'll end up sending
* a 200 OK if someone retransmits without sending auth */
if (p->subscribed == NONE || resubscribe) {
- res = check_user_full(p, req, SIP_SUBSCRIBE, e, 0, addr, &authpeer);
+ res = check_user_full(p, req, SIP_SUBSCRIBE, e, XMIT_UNRELIABLE, addr, &authpeer);
/* if an authentication response was sent, we are done here */
if (res == AUTH_CHALLENGE_SENT) /* authpeer = NULL here */
return 0;
if (res != AUTH_SUCCESSFUL) {
- if (res == AUTH_FAKE_AUTH) {
- ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", sip_get_header(req, "From"));
- transmit_fake_auth_response(p, SIP_SUBSCRIBE, req, XMIT_UNRELIABLE);
- } else {
- ast_log(LOG_NOTICE, "Failed to authenticate device %s for SUBSCRIBE\n", sip_get_header(req, "From"));
- transmit_response_reliable(p, "403 Forbidden", req);
- }
+ ast_log(LOG_NOTICE, "Failed to authenticate device %s for SUBSCRIBE\n", sip_get_header(req, "From"));
+ transmit_response(p, "403 Forbidden", req);
pvt_set_needdestroy(p, "authentication failed");
return 0;
@@ -28846,7 +28849,7 @@
ast_str_reset(uniqueid);
ast_str_set(&uniqueid, 0, "%s@%s", mailbox->mailbox, S_OR(mailbox->context, "default"));
- msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_message(), ast_str_buffer(uniqueid));
+ msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_type(), ast_str_buffer(uniqueid));
if (!msg) {
continue;
}
@@ -29611,6 +29614,9 @@
\note This is done with 60 seconds between each ping,
unless forced by cli or manager. If peer is unreachable,
we check every 10th second by default.
+\note Do *not* hold a pvt lock while calling this function.
+ This function calls sip_alloc, which can cause a deadlock
+ if another sip_pvt is held.
*/
static int sip_poke_peer(struct sip_peer *peer, int force)
{
@@ -33310,6 +33316,7 @@
/*! \brief Force reload of module from cli */
static char *sip_reload(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
{
+ static struct sip_peer *tmp_peer, *new_peer;
switch (cmd) {
case CLI_INIT:
@@ -33331,6 +33338,18 @@
}
ast_mutex_unlock(&sip_reload_lock);
restart_monitor();
+
+ tmp_peer = bogus_peer;
+ /* Create new bogus peer possibly with new global settings. */
+ if ((new_peer = temp_peer("(bogus_peer)"))) {
+ ast_string_field_set(new_peer, md5secret, BOGUS_PEER_MD5SECRET);
+ ast_clear_flag(&new_peer->flags[0], SIP_INSECURE);
+ bogus_peer = new_peer;
+ ao2_t_ref(tmp_peer, -1, "unref the old bogus_peer during reload");
+ } else {
+ ast_log(LOG_ERROR, "Could not update the fake authentication peer.\n");
+ /* You probably have bigger (memory?) issues to worry about though.. */
+ }
return CLI_SUCCESS;
}
@@ -34559,6 +34578,17 @@
return AST_MODULE_LOAD_DECLINE;
}
+ /* Initialize bogus peer. Can be done first after reload_config() */
+ if (!(bogus_peer = temp_peer("(bogus_peer)"))) {
+ ast_log(LOG_ERROR, "Unable to create bogus_peer for authentication\n");
+ io_context_destroy(io);
+ ast_sched_context_destroy(sched);
+ return AST_MODULE_LOAD_FAILURE;
+ }
+ /* Make sure the auth will always fail. */
+ ast_string_field_set(bogus_peer, md5secret, BOGUS_PEER_MD5SECRET);
+ ast_clear_flag(&bogus_peer->flags[0], SIP_INSECURE);
+
/* Prepare the version that does not require DTMF BEGIN frames.
* We need to use tricks such as memcpy and casts because the variable
* has const fields.
@@ -34574,6 +34604,7 @@
/* Make sure we can register our sip channel type */
if (ast_channel_register(&sip_tech)) {
ast_log(LOG_ERROR, "Unable to register channel type 'SIP'\n");
+ ao2_t_ref(bogus_peer, -1, "unref the bogus_peer");
io_context_destroy(io);
ast_sched_context_destroy(sched);
return AST_MODULE_LOAD_FAILURE;
@@ -34836,6 +34867,8 @@
ast_debug(2, "TCP/TLS thread container did not become empty :(\n");
}
+ ao2_t_ref(bogus_peer, -1, "unref the bogus_peer");
+
ao2_t_ref(peers, -1, "unref the peers table");
ao2_t_ref(peers_by_ip, -1, "unref the peers_by_ip table");
ao2_t_ref(dialogs, -1, "unref the dialogs table");
Modified: team/kmoore/stasis-channel_events/channels/chan_skinny.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/chan_skinny.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/chan_skinny.c (original)
+++ team/kmoore/stasis-channel_events/channels/chan_skinny.c Thu Mar 28 13:48:27 2013
@@ -3518,7 +3518,7 @@
return;
}
- if (msg && stasis_mwi_state_message() == stasis_message_type(msg)) {
+ if (msg && stasis_mwi_state_type() == stasis_message_type(msg)) {
struct stasis_mwi_state *mwi_state = stasis_message_data(msg);
l->newmsgs = mwi_state->new_msgs;
}
@@ -6254,12 +6254,14 @@
struct ast_channel *c;
int event;
int instance;
+#ifdef AST_DEVMODE
int callreference;
- /*int res = 0;*/
+ /* This is only used in AST_DEVMODE, as an argument to SKINNY_DEBUG */
+ callreference = letohl(req->data.stimulus.callreference);
+#endif
event = letohl(req->data.stimulus.stimulus);
instance = letohl(req->data.stimulus.stimulusInstance);
- callreference = letohl(req->data.stimulus.callreference);
/* Note that this call should be using the passed in instance and callreference */
sub = find_subchannel_by_instance_reference(d, d->lastlineinstance, d->lastcallreference);
@@ -7111,13 +7113,6 @@
case SOFTKEY_ENDCALL:
SKINNY_DEBUG(DEBUG_PACKET, 3, "Received SOFTKEY_ENDCALL from %s, inst %d, callref %d\n",
d->name, instance, callreference);
-
- if (l->transfer && sub && sub->xferor && ast_channel_state(sub->owner) >= AST_STATE_RING) {
- /* We're allowed to transfer, we have two active calls and
- we made at least one of the calls. Let's try and transfer */
- handle_transfer_button(sub);
- return 0;
- }
ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Skinny/%s", l->name);
Modified: team/kmoore/stasis-channel_events/channels/chan_unistim.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/chan_unistim.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/chan_unistim.c (original)
+++ team/kmoore/stasis-channel_events/channels/chan_unistim.c Thu Mar 28 13:48:27 2013
@@ -5513,7 +5513,7 @@
ast_str_set(&uniqueid, 0, "%s@%s", mailbox, context);
- msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_message(), ast_str_buffer(uniqueid));
+ msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_type(), ast_str_buffer(uniqueid));
if (msg) {
struct stasis_mwi_state *mwi_state = stasis_message_data(msg);
Modified: team/kmoore/stasis-channel_events/channels/sig_pri.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/sig_pri.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/sig_pri.c (original)
+++ team/kmoore/stasis-channel_events/channels/sig_pri.c Thu Mar 28 13:48:27 2013
@@ -6410,6 +6410,10 @@
snprintf(calledtonstr, sizeof(calledtonstr), "%d", e->ring.calledplan);
pbx_builtin_setvar_helper(c, "CALLEDTON", calledtonstr);
+ ast_channel_lock(c);
+ ast_channel_dialed(c)->number.plan = e->ring.calledplan;
+ ast_channel_unlock(c);
+
if (e->ring.redirectingreason >= 0) {
/* This is now just a status variable. Use REDIRECTING() dialplan function. */
pbx_builtin_setvar_helper(c, "PRIREDIRECTREASON", redirectingreason2str(e->ring.redirectingreason));
@@ -6548,6 +6552,9 @@
snprintf(calledtonstr, sizeof(calledtonstr), "%d", e->ring.calledplan);
pbx_builtin_setvar_helper(c, "CALLEDTON", calledtonstr);
+ ast_channel_lock(c);
+ ast_channel_dialed(c)->number.plan = e->ring.calledplan;
+ ast_channel_unlock(c);
sig_pri_handle_subcmds(pri, chanpos, e->e, e->ring.subcmds,
e->ring.call);
@@ -8761,7 +8768,7 @@
int idx;
struct stasis_mwi_state *mwi_state;
- if (stasis_mwi_state_message() != stasis_message_type(msg)) {
+ if (stasis_mwi_state_type() != stasis_message_type(msg)) {
return;
}
@@ -8819,7 +8826,7 @@
ast_str_reset(uniqueid);
ast_str_set(&uniqueid, 0, "%s@%s", pri->mbox[idx].number, pri->mbox[idx].context);
- msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_message(), ast_str_buffer(uniqueid));
+ msg = stasis_cache_get(stasis_mwi_topic_cached(), stasis_mwi_state_type(), ast_str_buffer(uniqueid));
if (!msg) {
/* No cached event for this mailbox. */
continue;
Modified: team/kmoore/stasis-channel_events/channels/sip/include/sip.h
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/sip/include/sip.h?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/sip/include/sip.h (original)
+++ team/kmoore/stasis-channel_events/channels/sip/include/sip.h Thu Mar 28 13:48:27 2013
@@ -507,7 +507,6 @@
AUTH_SECRET_FAILED = -1,
AUTH_USERNAME_MISMATCH = -2,
AUTH_NOT_FOUND = -3, /*!< returned by register_verify */
- AUTH_FAKE_AUTH = -4,
AUTH_UNKNOWN_DOMAIN = -5,
AUTH_PEER_NOT_DYNAMIC = -6,
AUTH_ACL_FAILED = -7,
Modified: team/kmoore/stasis-channel_events/channels/sip/security_events.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/channels/sip/security_events.c?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/channels/sip/security_events.c (original)
+++ team/kmoore/stasis-channel_events/channels/sip/security_events.c Thu Mar 28 13:48:27 2013
@@ -342,9 +342,6 @@
/* with sip_cfg.alwaysauthreject on, generates 2 events */
sip_report_invalid_peer(p);
break;
- case AUTH_FAKE_AUTH:
- sip_report_invalid_peer(p);
- break;
case AUTH_UNKNOWN_DOMAIN:
snprintf(aclname, sizeof(aclname), "domain_must_match");
sip_report_failed_acl(p, aclname);
Modified: team/kmoore/stasis-channel_events/include/asterisk/app.h
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/include/asterisk/app.h?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/include/asterisk/app.h (original)
+++ team/kmoore/stasis-channel_events/include/asterisk/app.h Thu Mar 28 13:48:27 2013
@@ -1120,6 +1120,10 @@
int old_msgs,
struct ast_eid *eid);
+/*! \addtogroup StasisTopicsAndMessages
+ * @{
+ */
+
/*!
* \brief The structure that contains MWI state
* \since 12
@@ -1166,7 +1170,9 @@
* \retval NULL if it has not been allocated
* \since 12
*/
-struct stasis_message_type *stasis_mwi_state_message(void);
+struct stasis_message_type *stasis_mwi_state_type(void);
+
+/*! @} */
/*!
* \brief Initialize the application core
Modified: team/kmoore/stasis-channel_events/include/asterisk/channel.h
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/include/asterisk/channel.h?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/include/asterisk/channel.h (original)
+++ team/kmoore/stasis-channel_events/include/asterisk/channel.h Thu Mar 28 13:48:27 2013
@@ -4106,6 +4106,31 @@
/*!
* \since 12
+ * \brief Sets the variables to be stored in the \a manager_vars field of all
+ * snapshots.
+ * \param varc Number of variable names.
+ * \param vars Array of variable names.
+ */
+void ast_channel_set_manager_vars(size_t varc, char **vars);
+
+/*!
+ * \since 12
+ * \brief Gets the variables for a given channel, as specified by ast_channel_set_manager_vars().
+ *
+ * The returned variable list is an AO2 object, so ao2_cleanup() to free it.
+ *
+ * \param chan Channel to get variables for.
+ * \return List of channel variables.
+ * \return \c NULL on error
+ */
+struct varshead *ast_channel_get_manager_vars(struct ast_channel *chan);
+
+/*! \addtogroup StasisTopicsAndMessages
+ * @{
+ */
+
+/*!
+ * \since 12
* \brief Structure representing a snapshot of channel state.
*
* While not enforced programmatically, this object is shared across multiple
@@ -4157,32 +4182,11 @@
/*!
* \since 12
- * \brief Sets the variables to be stored in the \a manager_vars field of all
- * snapshots.
- * \param varc Number of variable names.
- * \param vars Array of variable names.
- */
-void ast_channel_set_manager_vars(size_t varc, char **vars);
-
-/*!
- * \since 12
- * \brief Gets the variables for a given channel, as specified by ast_channel_set_manager_vars().
- *
- * The returned variable list is an AO2 object, so ao2_cleanup() to free it.
- *
- * \param chan Channel to get variables for.
- * \return List of channel variables.
- * \return \c NULL on error
- */
-struct varshead *ast_channel_get_manager_vars(struct ast_channel *chan);
-
-/*!
- * \since 12
* \brief Message type for \ref ast_channel_snapshot.
*
* \retval Message type for \ref ast_channel_snapshot.
*/
-struct stasis_message_type *ast_channel_snapshot(void);
+struct stasis_message_type *ast_channel_snapshot_type(void);
/*!
* \since 12
@@ -4243,7 +4247,7 @@
*
* \retval Message type for \ref ast_channel_blob messages.
*/
-struct stasis_message_type *ast_channel_blob(void);
+struct stasis_message_type *ast_channel_blob_type(void);
/*!
* \since 12
@@ -4253,7 +4257,7 @@
* \return Type field value from the blob.
* \return \c NULL on error.
*/
-const char *ast_channel_blob_type(struct ast_channel_blob *obj);
+const char *ast_channel_blob_json_type(struct ast_channel_blob *obj);
/*!
* \since 12
@@ -4287,6 +4291,8 @@
struct stasis_message *ast_channel_blob_create(struct ast_channel *chan,
struct ast_json *blob);
+/*! @} */
+
/*!
* \since 12
* \brief Publish a \ref ast_channel_varset for a channel.
Modified: team/kmoore/stasis-channel_events/include/asterisk/stasis.h
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/stasis-channel_events/include/asterisk/stasis.h?view=diff&rev=384296&r1=384295&r2=384296
==============================================================================
--- team/kmoore/stasis-channel_events/include/asterisk/stasis.h (original)
+++ team/kmoore/stasis-channel_events/include/asterisk/stasis.h Thu Mar 28 13:48:27 2013
@@ -356,6 +356,10 @@
*/
int stasis_subscription_final_message(struct stasis_subscription *sub, struct stasis_message *msg);
+/*! \addtogroup StasisTopicsAndMessages
+ * @{
+ */
+
/*!
* \brief Holds details about changes to subscriptions for the specified topic
* \since 12
@@ -373,7 +377,9 @@
* \return The stasis_message_type for subscription change notices
* \since 12
*/
-struct stasis_message_type *stasis_subscription_change(void);
+struct stasis_message_type *stasis_subscription_change_type(void);
+
+/*! @} */
/*!
* \brief Pool for topic aggregation
@@ -398,20 +404,16 @@
/*! @} */
-/*! @{ */
-
-/*!
- * \brief A topic wrapper, which caches certain messages.
- * \since 12
- */
-struct stasis_caching_topic;
+/*! \addtogroup StasisTopicsAndMessages
+ * @{
+ */
/*!
* \brief Message type for cache update messages.
* \return Message type for cache update messages.
* \since 12
*/
-struct stasis_message_type *stasis_cache_update(void);
+struct stasis_message_type *stasis_cache_update_type(void);
/*!
* \brief Cache update message
@@ -438,6 +440,16 @@
*/
struct stasis_message *stasis_cache_clear_create(struct stasis_message_type *type, const char *id);
+/*! @} */
+
+/*! @{ */
+
+/*!
+ * \brief A topic wrapper, which caches certain messages.
+ * \since 12
+ */
+struct stasis_caching_topic;
+
/*!
* \brief Callback extract a unique identity from a snapshot message.
*
@@ -533,4 +545,11 @@
/*! @} */
+/*!
+ * \defgroup StasisTopicsAndMessages Stasis topics, and their messages.
+ *
+ * This group contains the topics, messages and corresponding message types
+ * found within Asterisk.
+ */
+
#endif /* _ASTERISK_STASIS_H */
[... 981 lines stripped ...]
More information about the asterisk-commits
mailing list