[asterisk-dev] Academic Asterisk Adventure

Shawn Van Every vanevery at walking-productions.com
Thu Jan 4 12:35:19 MST 2007 

Tzafrir,

Thanks for your comments..  More inline with yours:

> Message: 6
> Date: Wed, 3 Jan 2007 07:54:51 +0200
> From: Tzafrir Cohen <tzafrir.cohen at xorcom.com>
> Subject: Re: [asterisk-dev] Academic Asterisk Adventure
> To: asterisk-dev at lists.digium.com
> Message-ID: <20070103055450.GS31960 at xorcom.com>
> Content-Type: text/plain; charset=utf-8
>
> Nice projects!

Thanks!

>
> See reply inline,
>
> On Tue, Jan 02, 2007 at 09:06:12PM -0500, Shawn Van Every wrote:
>
> <snip>
>
> suexec has a very ctrict security model and heavily relies on
> public_html. And anyway, even of the external half of the script will
> run as the user, an AGI script is not a one-shot process like a CGI
> script:
>
> an AGI process can control the flow of an Asterisk channel. So even if
> is not running as the user Asterisk, it stil runs Asterisk and has
> almost the same powers as any arbitrary dialplan.
>

Right, makes sense.

>
>>
>> The next major problem we had was in developing dialplans and editing
>> other Asterisk configuration files. At first, I setup an extensions
>> file for each student that was included (using #include) in the main
>> Asterisk extensions.conf file. Unfortunately, we ran up against a
>> hard limit to the number of includes that Asterisk would handle and
>> half of the files never got included.
>>
>
> I never ran into this. I had a config file for Asterisk that for a  
> silly
> reason #include-d subdir/*.conf and that subdir had more than 20 files
> (aleit short).
>
> Could you please give a minimal configuration that breaks #include ?

Sorry, didn't keep the conf around.

As I recall, here is the limit I am referring to:
http://www.asterisk.org/doxygen/1.2/ 
config_8c.html#13b758c853676572d46d939c9b2d3bdc

#define MAX_INCLUDE_LEVEL   10
Definition at line 75 of file config.c.
Referenced by ast_config_new().


>
>
>>
>> <snip>
>
> Wow, why not use #exec instead of an external script, then?

Ahh..  I introduced them to the dialplan before the console so the  
reloads were happening through a web/manager interface.

>
>
>> This worked reasonably
>> well but didn’t have any error checking so that if one user’s
>> extensions file had errors or if they used a context that was named
>> the same as another user problems would arise.
>>
>
> That' asterisk's job. However Asterisk is not well-designed for
> multi-user setup.

Is it possible to run a config file parser external to the asterisk  
core to check for errors?

Any chance that a "check config file" without an actual reload could  
be an option in the console?

>
>
>>
>> This is probably a harder problem to solve in the current design of
>> Asterisk. I am interested in hearing other’s thoughts on how these
>> problem could be solved. My thoughts are that Asterisk could somehow
>> take some pointers from Apache and allow individual users to have a
>> set of configuration files that get included at run time when their
>> extension is entered. Something similar to the concept of a
>> public_html directory. Asterisk when told to go to a specific user’s
>> context would look in a specific directory and include the dialplan
>> from there.
>>
>
> Technically implementing that wouldn't be such a problem, I guess.  
> But I
> don't see the point in it.
>
> Asterisk is not designed for a muti-user setup. public_html is  
> designed
> to let apache serve the user's files. User's configuration to Asterisk
> is closer to not only allowing CGI scripts from public_html, but also
> php (unlimited arbitrary code in the context of the web server. Ignore
> safe_mode for now).
>
> If you can inject an arbitrary dialplan you can easily:
>
> 1. Get Asterisk into a loop
>
> 2. Get Asterisk to run an arbitrary command as the user Asterisk
>    (through System or AGI)
>

I understand the hesitation.  It does seem like taking some time to  
consider how asterisk might work in a mult-user setup is worthwhile.   
IMHO it seems that one way to really encourage people to experiment  
with telephony is to give them an easy route to do so.  If Asterisk  
could be setup and managed by an online hosting provider in a similar  
manner to how unix and apache are managed this would enable a huge  
amount of experimentation.

I realize that this isn't an easy task.  Just something to think about.

Thanks again..

-shawn




> -- 
>                Tzafrir Cohen
> icq#16849755                    jabber:tzafrir at jabber.org
> +972-50-7952406           mailto:tzafrir.cohen at xorcom.com
> http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir

More information about the asterisk-dev mailing list