[svn-commits] mmichelson: branch group/pimp_my_sip r384920 - in /team/group/pimp_my_sip: ./...
SVN commits to the Digium repositories
svn-commits at lists.digium.com
Mon Apr 8 10:18:23 CDT 2013
Author: mmichelson
Date: Mon Apr 8 10:18:18 2013
New Revision: 384920
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=384920
Log:
Add outbound authentication support.
This adds module outbound authentication and a digest module that uses
PJSIP's auth_client API.
Added:
team/group/pimp_my_sip/res/res_sip/sip_outbound_auth.c
- copied unchanged from r384913, team/mmichelson/outbound_auth/res/res_sip/sip_outbound_auth.c
team/group/pimp_my_sip/res/res_sip_outbound_authenticator_digest.c
- copied unchanged from r384913, team/mmichelson/outbound_auth/res/res_sip_outbound_authenticator_digest.c
Modified:
team/group/pimp_my_sip/ (props changed)
team/group/pimp_my_sip/channels/chan_gulp.c
team/group/pimp_my_sip/include/asterisk/res_sip.h
team/group/pimp_my_sip/res/res_sip.c
team/group/pimp_my_sip/res/res_sip.exports.in
team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h
team/group/pimp_my_sip/res/res_sip/location.c
team/group/pimp_my_sip/res/res_sip/sip_configuration.c
team/group/pimp_my_sip/res/res_sip/sip_distributor.c
team/group/pimp_my_sip/res/res_sip/sip_options.c
team/group/pimp_my_sip/res/res_sip_authenticator_digest.c
team/group/pimp_my_sip/res/res_sip_session.c
Propchange: team/group/pimp_my_sip/
------------------------------------------------------------------------------
automerge-propname = outbound_auth-integrated
Propchange: team/group/pimp_my_sip/
------------------------------------------------------------------------------
outbound_auth-integrated = /team/group/pimp_my_sip:1-384900
Modified: team/group/pimp_my_sip/channels/chan_gulp.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/channels/chan_gulp.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/channels/chan_gulp.c (original)
+++ team/group/pimp_my_sip/channels/chan_gulp.c Mon Apr 8 10:18:18 2013
@@ -682,8 +682,19 @@
};
struct ast_sip_session *session = data;
- if (ast_sip_send_request("INFO", &body, session->inv_session->dlg, NULL) != PJ_SUCCESS) {
+ struct pjsip_tx_data *tdata;
+
+ if (ast_sip_create_request("INFO", session->inv_session->dlg, session->endpoint, NULL, &tdata)) {
+ ast_log(LOG_ERROR, "Could not create text video update INFO request\n");
+ return -1;
+ }
+ if (ast_sip_add_body(tdata, &body)) {
+ ast_log(LOG_ERROR, "Could not add body to text video update INFO request\n");
+ return -1;
+ }
+ if (ast_sip_send_request(tdata, session->inv_session->dlg, session->endpoint)) {
ast_log(LOG_ERROR, "Could not send text video update INFO request\n");
+ return -1;
}
return 0;
Modified: team/group/pimp_my_sip/include/asterisk/res_sip.h
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/include/asterisk/res_sip.h?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/include/asterisk/res_sip.h (original)
+++ team/group/pimp_my_sip/include/asterisk/res_sip.h Mon Apr 8 10:18:18 2013
@@ -266,7 +266,7 @@
/*! Musiconhold class to suggest that the other side use when placing on hold */
AST_STRING_FIELD(mohsuggest);
/*! Optional external media address to use in SDP */
- AST_STRING_FIELD(external_media_address);
+ AST_STRING_FIELD(external_media_address);
);
/*! Identification information for this endpoint */
struct ast_party_id id;
@@ -278,10 +278,14 @@
struct ast_codec_pref prefs;
/*! Configured codecs */
struct ast_format_cap *codecs;
- /*! Names of authentication credentials */
- const char **sip_auths;
+ /*! Names of inbound authentication credentials */
+ const char **sip_inbound_auths;
/*! Number of configured auths */
- size_t num_auths;
+ size_t num_inbound_auths;
+ /*! Names of outbound authentication credentials */
+ const char **sip_outbound_auths;
+ /*! Number of configured outbound auths */
+ size_t num_outbound_auths;
/*! DTMF mode to use with this endpoint */
enum ast_sip_dtmf_mode dtmf;
/*! Whether IPv6 RTP is enabled or not */
@@ -334,13 +338,13 @@
/*!
* \brief An interchangeable way of handling digest authentication for SIP.
- *
+ *
* An authenticator is responsible for filling in the callbacks provided below. Each is called from a publicly available
* function in res_sip. The authenticator can use configuration or other local policy to determine whether authentication
* should take place and what credentials should be used when challenging and authenticating a request.
*/
struct ast_sip_authenticator {
- /*!
+ /*!
* \brief Check if a request requires authentication
* See ast_sip_requires_authentication for more details
*/
@@ -357,7 +361,28 @@
enum ast_sip_check_auth_result (*check_authentication)(struct ast_sip_endpoint *endpoint,
pjsip_rx_data *rdata, pjsip_tx_data *tdata);
};
-
+
+/*!
+ * \brief an interchangeable way of responding to authentication challenges
+ *
+ * An outbound authenticator takes incoming challenges and formulates a new SIP request with
+ * credentials.
+ */
+struct ast_sip_outbound_authenticator {
+ /*!
+ * \brief Create a new request with authentication credentials
+ *
+ * \param endpoint The SIP endpoint with which Asterisk is communicating
+ * \param challenge The SIP response with authentication challenge(s)
+ * \param tsx The transaction in which the challenge was received
+ * \param new_request The new SIP request with challenge response(s)
+ * \retval 0 Successfully created new request
+ * \retval -1 Failed to create a new request
+ */
+ int (*create_request_with_auth)(const struct ast_sip_endpoint *endpoint, struct pjsip_rx_data *challenge,
+ struct pjsip_transaction *tsx, struct pjsip_tx_data **new_request);
+};
+
/*!
* \brief An entity responsible for identifying the source of a SIP message
*/
@@ -383,7 +408,7 @@
* \retval -1 Failure
*/
int ast_sip_register_service(pjsip_module *module);
-
+
/*!
* This is the opposite of ast_sip_register_service(). Unregistering a
* service means that PJSIP will no longer call into the module any more.
@@ -392,7 +417,7 @@
* \param module The PJSIP module to unregister
*/
void ast_sip_unregister_service(pjsip_module *module);
-
+
/*!
* \brief Register a SIP authenticator
*
@@ -409,7 +434,7 @@
* \retval -1 Failure
*/
int ast_sip_register_authenticator(struct ast_sip_authenticator *auth);
-
+
/*!
* \brief Unregister a SIP authenticator
*
@@ -419,7 +444,29 @@
* \param auth The authenticator to unregister
*/
void ast_sip_unregister_authenticator(struct ast_sip_authenticator *auth);
-
+
+ /*!
+ * \brief Register an outbound SIP authenticator
+ *
+ * An outbound authenticator is responsible for creating responses to
+ * authentication challenges by remote endpoints.
+ *
+ * \param auth The authenticator to register
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+int ast_sip_register_outbound_authenticator(struct ast_sip_outbound_authenticator *outbound_auth);
+
+/*!
+ * \brief Unregister an outbound SIP authenticator
+ *
+ * When there is no outbound authenticator registered, authentication challenges
+ * will be handled as any other final response would be.
+ *
+ * \param auth The authenticator to unregister
+ */
+void ast_sip_unregister_outbound_authenticator(struct ast_sip_outbound_authenticator *auth);
+
/*!
* \brief Register a SIP endpoint identifier
*
@@ -442,7 +489,7 @@
* \retval -1 Failure
*/
int ast_sip_register_endpoint_identifier(struct ast_sip_endpoint_identifier *identifier);
-
+
/*!
* \brief Unregister a SIP endpoint identifier
*
@@ -513,14 +560,32 @@
struct ast_sip_aor *ast_sip_location_retrieve_aor(const char *aor_name);
/*!
+ * \brief Retrieve the first bound contact for an AOR
+ *
+ * \param aor Pointer to the AOR
+ * \retval NULL if no contacts available
+ * \retval non-NULL if contacts available
+ */
+struct ast_sip_contact *ast_sip_location_retrieve_first_aor_contact(const struct ast_sip_aor *aor);
+
+/*!
* \brief Retrieve all contacts currently available for an AOR
*
* \param aor Pointer to the AOR
*
- * \param NULL if no contacts available
- * \param non-NULL if contacts available
+ * \retval NULL if no contacts available
+ * \retval non-NULL if contacts available
*/
struct ao2_container *ast_sip_location_retrieve_aor_contacts(const struct ast_sip_aor *aor);
+
+/*!
+ * \brief Retrieve the first bound contact from a list of AORs
+ *
+ * \param aor_list A comma-separated list of AOR names
+ * \retval NULL if no contacts available
+ * \retval non-NULL if contacts available
+ */
+struct ast_sip_contact *ast_sip_location_retrieve_contact_from_aor_list(const char *aor_list);
/*!
* \brief Retrieve a named contact
@@ -583,6 +648,41 @@
* \retval 0 success
*/
int ast_sip_initialize_sorcery_auth(struct ast_sorcery *sorcery);
+
+/*!
+ * \brief Callback called when an outbound request with authentication credentials is to be sent in dialog
+ *
+ * This callback will have the created request on it. The callback's purpose is to do any extra
+ * housekeeping that needs to be done as well as to send the request out.
+ *
+ * This callback is only necessary if working with a PJSIP API that sits between the application
+ * and the dialog layer.
+ *
+ * \param dlg The dialog to which the request belongs
+ * \param tdata The created request to be sent out
+ * \param user_data Data supplied with the callback
+ *
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+typedef int (*ast_sip_dialog_outbound_auth_cb)(pjsip_dialog *dlg, pjsip_tx_data *tdata, void *user_data);
+
+/*!
+ * \brief Set up outbound authentication on a SIP dialog
+ *
+ * This sets up the infrastructure so that all requests associated with a created dialog
+ * can be re-sent with authentication credentials if the original request is challenged.
+ *
+ * \param dlg The dialog on which requests will be authenticated
+ * \param endpoint The endpoint whom this dialog pertains to
+ * \param cb Callback to call to send requests with authentication
+ * \param user_data Data to be provided to the callback when it is called
+ *
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+int ast_sip_dialog_setup_outbound_authentication(pjsip_dialog *dlg, const struct ast_sip_endpoint *endpoint,
+ ast_sip_dialog_outbound_auth_cb cb, void *user_data);
/*!
* \brief Initialize the distributor module
@@ -636,7 +736,7 @@
* Servants are where the bulk of SIP work should be performed. These threads
* exist in order to do the work that Asterisk threads and PJSIP threads hand
* off to them. Servant threads register themselves with PJLIB, meaning that
- * they are capable of calling PJSIP and PJLIB functions if they wish.
+ * they are capable of calling PJSIP and PJLIB functions if they wish.
*
* \par Serializer
*
@@ -682,6 +782,18 @@
* \param endpoint The endpoint that this dialog is communicating with
*/
void ast_sip_dialog_set_endpoint(pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint);
+
+/*!
+ * \brief Get the endpoint associated with this dialog
+ *
+ * This function increases the refcount of the endpoint by one. Release
+ * the reference once you are finished with the endpoint.
+ *
+ * \param dlg The SIP dialog from which to retrieve the endpoint
+ * \retval NULL No endpoint associated with this dialog
+ * \retval non-NULL The endpoint.
+ */
+struct ast_sip_endpoint *ast_sip_dialog_get_endpoint(pjsip_dialog *dlg);
/*!
* \brief Pushes a task to SIP servants
@@ -753,26 +865,50 @@
pjsip_dialog *ast_sip_create_dialog(const struct ast_sip_endpoint *endpoint, const char *aor_name, const char *request_user);
/*!
- * \brief General purpose method for sending a SIP request
- *
- * Its typical use would be to send one-off messages such as an out of dialog
+ * \brief General purpose method for creating a SIP request
+ *
+ * Its typical use would be to create one-off requests such as an out of dialog
* SIP MESSAGE.
*
- * The request can either be sent in- or out-of-dialog. If sent in-dialog, the
- * dlg parameter MUST be present. If sent out-of-dialog the endpoint parameter
+ * The request can either be in- or out-of-dialog. If in-dialog, the
+ * dlg parameter MUST be present. If out-of-dialog the endpoint parameter
* MUST be present. If both are present, then we will assume that the message
* is to be sent in-dialog.
*
+ * The uri parameter can be specified if the request should be sent to an explicit
+ * URI rather than one configured on the endpoint.
+ *
* \param method The method of the SIP request to send
- * \param body The message body for the SIP request
- * \dlg Optional. If specified, the dialog on which to send the message.
- * \endpoint Optional. If specified, the request will be sent out-of-dialog to the endpoint.
- * \retval 0 Success
- * \retval -1 Failure
- */
-int ast_sip_send_request(const char *method, const struct ast_sip_body *body,
- struct pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint);
-
+ * \param dlg Optional. If specified, the dialog on which to request the message.
+ * \param endpoint Optional. If specified, the request will be created out-of-dialog
+ * to the endpoint.
+ * \param uri Optional. If specified, the request will be sent to this URI rather
+ * than one configured for the endpoint.
+ * \param[out] tdata The newly-created request
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+int ast_sip_create_request(const char *method, struct pjsip_dialog *dlg,
+ struct ast_sip_endpoint *endpoint, const char *uri, pjsip_tx_data **tdata);
+
+/*!
+ * \brief General purpose method for sending a SIP request
+ *
+ * This is a companion function for \ref ast_sip_create_request. The request
+ * created there can be passed to this function, though any request may be
+ * passed in.
+ *
+ * This will automatically set up handling outbound authentication challenges if
+ * they arrive.
+ *
+ * \param tdata The request to send
+ * \param dlg Optional. If specified, the dialog on which the request should be sent
+ * \param endpoint Optional. If specified, the request is sent out-of-dialog to the endpoint.
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+int ast_sip_send_request(pjsip_tx_data *tdata, struct pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint);
+
/*!
* \brief Determine if an incoming request requires authentication
*
@@ -788,7 +924,7 @@
* \retval 0 The request does not require authentication
*/
int ast_sip_requires_authentication(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata);
-
+
/*!
* \brief Method to determine authentication status of an incoming request
*
@@ -804,7 +940,18 @@
*/
enum ast_sip_check_auth_result ast_sip_check_authentication(struct ast_sip_endpoint *endpoint,
pjsip_rx_data *rdata, pjsip_tx_data *tdata);
-
+
+/*!
+ * \brief Create a response to an authentication challenge
+ *
+ * This will call into an outbound authenticator's create_request_with_auth callback
+ * to create a new request with authentication credentials. See the create_request_with_auth
+ * callback in the \ref ast_sip_outbound_authenticator structure for details about
+ * the parameters and return values.
+ */
+int ast_sip_create_request_with_auth(const struct ast_sip_endpoint *endpoint, pjsip_rx_data *challenge,
+ pjsip_transaction *tsx, pjsip_tx_data **new_request);
+
/*!
* \brief Determine the endpoint that has sent a SIP message
*
@@ -818,7 +965,7 @@
* \retval non-NULL The matching endpoint
*/
struct ast_sip_endpoint *ast_sip_identify_endpoint(pjsip_rx_data *rdata);
-
+
/*!
* \brief Add a header to an outbound SIP message
*
@@ -829,7 +976,7 @@
* \retval -1 Failure
*/
int ast_sip_add_header(pjsip_tx_data *tdata, const char *name, const char *value);
-
+
/*!
* \brief Add a body to an outbound SIP message
*
@@ -842,7 +989,7 @@
* \retval -1 Failure
*/
int ast_sip_add_body(pjsip_tx_data *tdata, const struct ast_sip_body *body);
-
+
/*!
* \brief Add a multipart body to an outbound SIP message
*
@@ -855,7 +1002,7 @@
* \retval -1 Failure
*/
int ast_sip_add_body_multipart(pjsip_tx_data *tdata, const struct ast_sip_body *bodies[], int num_bodies);
-
+
/*!
* \brief Append body data to a SIP message
*
@@ -903,4 +1050,24 @@
*/
struct ast_sip_endpoint *ast_pjsip_rdata_get_endpoint(pjsip_rx_data *rdata);
+/*!
+ * \brief Retrieve relevant SIP auth structures from sorcery
+ *
+ * \param auth_names The sorcery IDs of auths to retrieve
+ * \param num_auths The number of auths to retrieve
+ * \param[out] out The retrieved auths are stored here
+ */
+int ast_sip_retrieve_auths(const char *auth_names[], size_t num_auths, struct ast_sip_auth **out);
+
+/*!
+ * \brief Clean up retrieved auth structures from memory
+ *
+ * Call this function once you have completed operating on auths
+ * retrieved from \ref ast_sip_retrieve_auths
+ *
+ * \param auths An array of auth structures to clean up
+ * \param num_auths The number of auths in the array
+ */
+void ast_sip_cleanup_auths(struct ast_sip_auth *auths[], size_t num_auths);
+
#endif /* _RES_SIP_H */
Modified: team/group/pimp_my_sip/res/res_sip.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip.c (original)
+++ team/group/pimp_my_sip/res/res_sip.c Mon Apr 8 10:18:18 2013
@@ -130,6 +130,42 @@
return registered_authenticator->check_authentication(endpoint, rdata, tdata);
}
+static struct ast_sip_outbound_authenticator *registered_outbound_authenticator;
+
+int ast_sip_register_outbound_authenticator(struct ast_sip_outbound_authenticator *auth)
+{
+ if (registered_outbound_authenticator) {
+ ast_log(LOG_WARNING, "Outbound authenticator %p is already registered. Cannot register a new one\n", registered_outbound_authenticator);
+ return -1;
+ }
+ registered_outbound_authenticator = auth;
+ ast_debug(1, "Registered SIP outbound authenticator module %p\n", auth);
+ ast_module_ref(ast_module_info->self);
+ return 0;
+}
+
+void ast_sip_unregister_outbound_authenticator(struct ast_sip_outbound_authenticator *auth)
+{
+ if (registered_outbound_authenticator != auth) {
+ ast_log(LOG_WARNING, "Trying to unregister outbound authenticator %p but outbound authenticator %p registered\n",
+ auth, registered_outbound_authenticator);
+ return;
+ }
+ registered_outbound_authenticator = NULL;
+ ast_debug(1, "Unregistered SIP outbound authenticator %p\n", auth);
+ ast_module_unref(ast_module_info->self);
+}
+
+int ast_sip_create_request_with_auth(const struct ast_sip_endpoint *endpoint, pjsip_rx_data *challenge,
+ pjsip_transaction *tsx, pjsip_tx_data **new_request)
+{
+ if (!registered_outbound_authenticator) {
+ ast_log(LOG_WARNING, "No SIP outbound authenticator registered. Cannot respond to authentication challenge\n");
+ return -1;
+ }
+ return registered_outbound_authenticator->create_request_with_auth(endpoint, challenge, tsx, new_request);
+}
+
struct endpoint_identifier_list {
struct ast_sip_endpoint_identifier *identifier;
AST_RWLIST_ENTRY(endpoint_identifier_list) list;
@@ -199,6 +235,15 @@
pjsip_sip_uri *sip_uri;
pjsip_transport_type_e type = PJSIP_TRANSPORT_UNSPECIFIED;
int local_port;
+ char uuid_str[AST_UUID_STR_LEN];
+
+ if (!user) {
+ RAII_VAR(struct ast_uuid *, uuid, ast_uuid_generate(), ast_free_ptr);
+ if (!uuid) {
+ return -1;
+ }
+ user = ast_uuid_to_str(uuid, uuid_str, sizeof(uuid_str));
+ }
/* Parse the provided target URI so we can determine what transport it will end up using */
pj_strdup_with_null(pool, &tmp, target);
@@ -255,47 +300,54 @@
return 0;
}
+static int sip_get_tpselector_from_endpoint(const struct ast_sip_endpoint *endpoint, pjsip_tpselector *selector)
+{
+ RAII_VAR(struct ast_sip_transport *, transport, NULL, ao2_cleanup);
+ const char *transport_name = endpoint->transport;
+
+ if (ast_strlen_zero(transport_name)) {
+ return 0;
+ }
+
+ transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_name);
+
+ if (!transport || !transport->state) {
+ return -1;
+ }
+
+ if (transport->type == AST_SIP_TRANSPORT_UDP) {
+ selector->type = PJSIP_TPSELECTOR_TRANSPORT;
+ selector->u.transport = transport->state->transport;
+ } else if (transport->type == AST_SIP_TRANSPORT_TCP || transport->type == AST_SIP_TRANSPORT_TLS) {
+ selector->type = PJSIP_TPSELECTOR_LISTENER;
+ selector->u.listener = transport->state->factory;
+ } else {
+ return -1;
+ }
+
+ return 0;
+}
+
pjsip_dialog *ast_sip_create_dialog(const struct ast_sip_endpoint *endpoint, const char *uri, const char *request_user)
{
- RAII_VAR(struct ast_uuid *, uuid, ast_uuid_generate(), ast_free_ptr);
- char uuid_str[AST_UUID_STR_LEN];
pj_str_t local_uri = { "sip:temp at temp", 13 }, remote_uri;
pjsip_dialog *dlg = NULL;
- const char *transport_name = endpoint->transport, *outbound_proxy = endpoint->outbound_proxy;
+ const char *outbound_proxy = endpoint->outbound_proxy;
pjsip_tpselector selector = { .type = PJSIP_TPSELECTOR_NONE, };
static const pj_str_t HCONTACT = { "Contact", 7 };
- if (!uuid) {
- return NULL;
- }
-
pj_cstr(&remote_uri, uri);
if (pjsip_dlg_create_uac(pjsip_ua_instance(), &local_uri, NULL, &remote_uri, NULL, &dlg) != PJ_SUCCESS) {
return NULL;
}
- if (!ast_strlen_zero(transport_name)) {
- RAII_VAR(struct ast_sip_transport *, transport, ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_name), ao2_cleanup);
-
- if (!transport || !transport->state) {
- pjsip_dlg_terminate(dlg);
- return NULL;
- }
-
- if (transport->type == AST_SIP_TRANSPORT_UDP) {
- selector.type = PJSIP_TPSELECTOR_TRANSPORT;
- selector.u.transport = transport->state->transport;
- } else if (transport->type == AST_SIP_TRANSPORT_TCP || transport->type == AST_SIP_TRANSPORT_TLS) {
- selector.type = PJSIP_TPSELECTOR_LISTENER;
- selector.u.listener = transport->state->factory;
- } else {
- pjsip_dlg_terminate(dlg);
- return NULL;
- }
- }
-
- if (sip_dialog_create_from(dlg->pool, &local_uri, ast_uuid_to_str(uuid, uuid_str, AST_UUID_STR_LEN), &remote_uri, &selector)) {
+ if (sip_get_tpselector_from_endpoint(endpoint, &selector)) {
+ pjsip_dlg_terminate(dlg);
+ return NULL;
+ }
+
+ if (sip_dialog_create_from(dlg->pool, &local_uri, NULL, &remote_uri, &selector)) {
pjsip_dlg_terminate(dlg);
return NULL;
}
@@ -368,47 +420,75 @@
return NULL;
}
-static int send_in_dialog_request(const pjsip_method *method, const struct ast_sip_body *body, struct pjsip_dialog *dlg)
-{
- pj_status_t status;
- pjsip_tx_data *tdata;
-
- status = pjsip_dlg_create_request(dlg, method, -1, &tdata);
- if (status != PJ_SUCCESS) {
+static int create_in_dialog_request(const pjsip_method *method, struct pjsip_dialog *dlg, pjsip_tx_data **tdata)
+{
+ if (pjsip_dlg_create_request(dlg, method, -1, tdata) != PJ_SUCCESS) {
ast_log(LOG_WARNING, "Unable to create in-dialog request.\n");
return -1;
}
- if (body) {
- ast_sip_add_body(tdata, body);
- }
-
- status = pjsip_dlg_send_request(dlg, tdata, -1, NULL);
- if (status != PJ_SUCCESS) {
- ast_log(LOG_WARNING, "Unable to send in-dialog request.\n");
- return -1;
- }
-
- return 0;
-}
-
-static int send_out_of_dialog_request(const pjsip_method *method, const struct ast_sip_body *body, struct ast_sip_endpoint *endpoint)
-{
- /*XXX Stub
- *
- * We need to get the destination from the endpoint and then call
- * pjsip_endpt_create_request to create the request.
- *
- * We can then add the body as necessary and transmit with
- * pjsip_endpt_send_request_stateless(). The end.
- *
- * It's hard to really get started though without an ast_sip_endpoint
- * structure to work with
+ return 0;
+}
+
+static int create_out_of_dialog_request(const pjsip_method *method, struct ast_sip_endpoint *endpoint,
+ const char *uri, pjsip_tx_data **tdata)
+{
+ RAII_VAR(struct ast_sip_contact *, contact, NULL, ao2_cleanup);
+ pj_str_t remote_uri;
+ pj_str_t from;
+ pj_pool_t *pool;
+ pjsip_tpselector selector = { .type = PJSIP_TPSELECTOR_NONE, };
+
+ if (ast_strlen_zero(uri)) {
+ contact = ast_sip_location_retrieve_contact_from_aor_list(endpoint->aors);
+ if (!contact || ast_strlen_zero(contact->uri)) {
+ ast_log(LOG_ERROR, "Unable to retrieve contact for endpoint %s\n",
+ ast_sorcery_object_get_id(endpoint));
+ return -1;
+ }
+
+ pj_cstr(&remote_uri, contact->uri);
+ } else {
+ pj_cstr(&remote_uri, uri);
+ }
+
+ if (sip_get_tpselector_from_endpoint(endpoint, &selector)) {
+ ast_log(LOG_ERROR, "Unable to retrieve PJSIP transport selector for endpoint %s\n",
+ ast_sorcery_object_get_id(endpoint));
+ return -1;
+ }
+
+ pool = pjsip_endpt_create_pool(ast_sip_get_pjsip_endpoint(), "Outbound request", 256, 256);
+
+ if (!pool) {
+ ast_log(LOG_ERROR, "Unable to create PJLIB memory pool\n");
+ return -1;
+ }
+
+ if (sip_dialog_create_from(pool, &from, NULL, &remote_uri, &selector)) {
+ ast_log(LOG_ERROR, "Unable to create From header for %.*s request to endpoint %s\n",
+ (int) pj_strlen(&method->name), pj_strbuf(&method->name), ast_sorcery_object_get_id(endpoint));
+ pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
+ return -1;
+ }
+
+ if (pjsip_endpt_create_request(ast_sip_get_pjsip_endpoint(), method, &remote_uri,
+ &from, &remote_uri, &from, NULL, -1, NULL, tdata) != PJ_SUCCESS) {
+ ast_log(LOG_ERROR, "Unable to create outbound %.*s request to endpoint %s\n",
+ (int) pj_strlen(&method->name), pj_strbuf(&method->name), ast_sorcery_object_get_id(endpoint));
+ pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
+ return -1;
+ }
+
+ /* We can release this pool since request creation copied all the necessary
+ * data into the outbound request's pool
*/
- return 0;
-}
-
-int ast_sip_send_request(const char *method, const struct ast_sip_body *body, struct pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint)
+ pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
+ return 0;
+}
+
+int ast_sip_create_request(const char *method, struct pjsip_dialog *dlg,
+ struct ast_sip_endpoint *endpoint, const char *uri, pjsip_tx_data **tdata)
{
const pjsip_method *pmethod = get_pjsip_method(method);
@@ -418,9 +498,60 @@
}
if (dlg) {
- return send_in_dialog_request(pmethod, body, dlg);
+ return create_in_dialog_request(pmethod, dlg, tdata);
} else {
- return send_out_of_dialog_request(pmethod, body, endpoint);
+ return create_out_of_dialog_request(pmethod, endpoint, uri, tdata);
+ }
+}
+
+static int send_in_dialog_request(pjsip_tx_data *tdata, struct pjsip_dialog *dlg)
+{
+ if (pjsip_dlg_send_request(dlg, tdata, -1, NULL) != PJ_SUCCESS) {
+ ast_log(LOG_WARNING, "Unable to send in-dialog request.\n");
+ return -1;
+ }
+ return 0;
+}
+
+static void send_request_cb(void *token, pjsip_event *e)
+{
+ RAII_VAR(struct ast_sip_endpoint *, endpoint, token, ao2_cleanup);
+ pjsip_transaction *tsx = e->body.tsx_state.tsx;
+ pjsip_rx_data *challenge = e->body.tsx_state.src.rdata;
+ pjsip_tx_data *tdata;
+
+ if (tsx->status_code != 401 && tsx->status_code != 407) {
+ return;
+ }
+
+ ast_sip_create_request_with_auth(endpoint, challenge, tsx, &tdata);
+
+ pjsip_endpt_send_request(ast_sip_get_pjsip_endpoint(), tdata, -1, NULL, NULL);
+}
+
+static int send_out_of_dialog_request(pjsip_tx_data *tdata, struct ast_sip_endpoint *endpoint)
+{
+ ao2_ref(endpoint, +1);
+ if (pjsip_endpt_send_request(ast_sip_get_pjsip_endpoint(), tdata, -1, endpoint, send_request_cb) != PJ_SUCCESS) {
+ ast_log(LOG_ERROR, "Error attempting to send outbound %.*s request to endpoint %s\n",
+ (int) pj_strlen(&tdata->msg->line.req.method.name),
+ pj_strbuf(&tdata->msg->line.req.method.name),
+ ast_sorcery_object_get_id(endpoint));
+ ao2_ref(endpoint, -1);
+ return -1;
+ }
+
+ return 0;
+}
+
+int ast_sip_send_request(pjsip_tx_data *tdata, struct pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint)
+{
+ ast_assert(tdata->msg->type == PJSIP_REQUEST_MSG);
+
+ if (dlg) {
+ return send_in_dialog_request(tdata, dlg);
+ } else {
+ return send_out_of_dialog_request(tdata, endpoint);
}
}
@@ -701,6 +832,11 @@
goto error;
}
+ if (ast_sip_initialize_outbound_authentication()) {
+ ast_log(LOG_ERROR, "Failed to initialize outbound authentication. Aborting load\n");
+ goto error;
+ }
+
ast_res_sip_init_options_handling(0);
return AST_MODULE_LOAD_SUCCESS;
Modified: team/group/pimp_my_sip/res/res_sip.exports.in
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip.exports.in?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip.exports.in (original)
+++ team/group/pimp_my_sip/res/res_sip.exports.in Mon Apr 8 10:18:18 2013
@@ -4,16 +4,22 @@
LINKER_SYMBOL_PREFIXast_sip_unregister_service;
LINKER_SYMBOL_PREFIXast_sip_register_authenticator;
LINKER_SYMBOL_PREFIXast_sip_unregister_authenticator;
+ LINKER_SYMBOL_PREFIXast_sip_register_outbound_authenticator;
+ LINKER_SYMBOL_PREFIXast_sip_unregister_outbound_authenticator;
LINKER_SYMBOL_PREFIXast_sip_register_endpoint_identifier;
LINKER_SYMBOL_PREFIXast_sip_unregister_endpoint_identifier;
LINKER_SYMBOL_PREFIXast_sip_create_serializer;
LINKER_SYMBOL_PREFIXast_sip_push_task;
LINKER_SYMBOL_PREFIXast_sip_push_task_synchronous;
+ LINKER_SYMBOL_PREFIXast_sip_create_request;
LINKER_SYMBOL_PREFIXast_sip_send_request;
LINKER_SYMBOL_PREFIXast_sip_requires_authentication;
LINKER_SYMBOL_PREFIXast_sip_authenticate_request;
LINKER_SYMBOL_PREFIXast_sip_get_authentication_credentials;
LINKER_SYMBOL_PREFIXast_sip_check_authentication;
+ LINKER_SYMBOL_PREFIXast_sip_create_auth_challenge_response;
+ LINKER_SYMBOL_PREFIXast_sip_set_outbound_authentication_credentials;
+ LINKER_SYMBOL_PREFIXast_sip_dialog_setup_outbound_authentication;
LINKER_SYMBOL_PREFIXast_sip_add_digest_to_challenge;
LINKER_SYMBOL_PREFIXast_sip_identify_endpoint;
LINKER_SYMBOL_PREFIXast_sip_add_header;
@@ -26,6 +32,8 @@
LINKER_SYMBOL_PREFIXast_sip_get_sorcery;
LINKER_SYMBOL_PREFIXast_sip_create_dialog;
LINKER_SYMBOL_PREFIXast_sip_location_retrieve_aor;
+ LINKER_SYMBOL_PREFIXast_sip_location_retrieve_first_aor_contact;
+ LINKER_SYMBOL_PREFIXast_sip_location_retrieve_contact_from_aor_list;
LINKER_SYMBOL_PREFIXast_sip_location_retrieve_aor_contacts;
LINKER_SYMBOL_PREFIXast_sip_location_retrieve_contact;
LINKER_SYMBOL_PREFIXast_sip_location_add_contact;
@@ -35,6 +43,9 @@
LINKER_SYMBOL_PREFIXast_sip_thread_is_servant;
LINKER_SYMBOL_PREFIXast_sip_dialog_set_serializer;
LINKER_SYMBOL_PREFIXast_sip_dialog_set_endpoint;
+ LINKER_SYMBOL_PREFIXast_sip_dialog_get_endpoint;
+ LINKER_SYMBOL_PREFIXast_sip_retrieve_auths;
+ LINKER_SYMBOL_PREFIXast_sip_cleanup_auths;
local:
*;
};
Modified: team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h (original)
+++ team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h Mon Apr 8 10:18:18 2013
@@ -40,6 +40,14 @@
int ast_res_sip_init_options_handling(int reload);
/*!
+ * \brief Initialize outbound authentication support
+ *
+ * \retval 0 Success
+ * \retval non-zero Failure
+ */
+int ast_sip_initialize_outbound_authentication(void);
+
+/*!
* \brief Get the current defined endpoints
*
* \retval The current endpoints loaded by res_sip
Modified: team/group/pimp_my_sip/res/res_sip/location.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip/location.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip/location.c (original)
+++ team/group/pimp_my_sip/res/res_sip/location.c Mon Apr 8 10:18:18 2013
@@ -93,6 +93,26 @@
return 0;
}
+/*! \brief Simple callback function which returns immediately, used to grab the first contact of an AOR */
+static int contact_find_first(void *obj, void *arg, int flags)
+{
+ return CMP_MATCH | CMP_STOP;
+}
+
+struct ast_sip_contact *ast_sip_location_retrieve_first_aor_contact(const struct ast_sip_aor *aor)
+{
+ RAII_VAR(struct ao2_container *, contacts, NULL, ao2_cleanup);
+ struct ast_sip_contact *contact;
+
+ contacts = ast_sip_location_retrieve_aor_contacts(aor);
+ if (!contacts || (ao2_container_count(contacts) == 0)) {
+ return NULL;
+ }
+
+ contact = ao2_callback(contacts, OBJ_NOLOCK, contact_find_first, NULL);
+ return contact;
+}
+
struct ao2_container *ast_sip_location_retrieve_aor_contacts(const struct ast_sip_aor *aor)
{
/* Give enough space for ^ at the beginning and ;@ at the end, since that is our object naming scheme */
@@ -114,6 +134,35 @@
}
return contacts;
+}
+
+struct ast_sip_contact *ast_sip_location_retrieve_contact_from_aor_list(const char *aor_list)
+{
+ char *aor_name;
+ char *rest;
+ struct ast_sip_contact *contact = NULL;
+
+ /* If the location is still empty we have nowhere to go */
+ if (ast_strlen_zero(aor_list) || !(rest = ast_strdupa(aor_list))) {
+ ast_log(LOG_WARNING, "Unable to determine contacts from empty aor list\n");
+ return NULL;
+ }
+
+ while ((aor_name = strsep(&rest, ","))) {
+ RAII_VAR(struct ast_sip_aor *, aor, ast_sip_location_retrieve_aor(aor_name), ao2_cleanup);
+ RAII_VAR(struct ao2_container *, contacts, NULL, ao2_cleanup);
+
+ if (!aor) {
+ continue;
+ }
+ contact = ast_sip_location_retrieve_first_aor_contact(aor);
+ /* If a valid contact is available use its URI for dialing */
+ if (contact) {
+ break;
+ }
+ }
+
+ return contact;
}
struct ast_sip_contact *ast_sip_location_retrieve_contact(const char *contact_name)
Modified: team/group/pimp_my_sip/res/res_sip/sip_configuration.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip/sip_configuration.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip/sip_configuration.c (original)
+++ team/group/pimp_my_sip/res/res_sip/sip_configuration.c Mon Apr 8 10:18:18 2013
@@ -115,45 +115,66 @@
return 0;
}
-static void destroy_endpoint_auths(const struct ast_sip_endpoint *endpoint)
+static void destroy_auths(const char **auths, size_t num_auths)
{
int i;
- for (i = 0; i < endpoint->num_auths; ++i) {
- ast_free((char *) endpoint->sip_auths[i]);
- }
- ast_free(endpoint->sip_auths);
+ for (i = 0; i < num_auths; ++i) {
+ ast_free((char *) auths[i]);
+ }
+ ast_free(auths);
}
#define AUTH_INCREMENT 4
-static int auth_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
-{
- char *auths = ast_strdupa(var->value);
+static const char **auth_alloc(const char *value, size_t *num_auths)
+{
+ char *auths = ast_strdupa(value);
char *val;
- struct ast_sip_endpoint *endpoint = obj;
int num_alloced = 0;
+ const char **alloced_auths = NULL;
while ((val = strsep(&auths, ","))) {
- if (endpoint->num_auths >= num_alloced) {
+ if (*num_auths >= num_alloced) {
size_t size;
num_alloced += AUTH_INCREMENT;
size = num_alloced * sizeof(char *);
- endpoint->sip_auths = ast_realloc(endpoint->sip_auths, size);
- if (!endpoint->sip_auths) {
+ alloced_auths = ast_realloc(alloced_auths, size);
+ if (!alloced_auths) {
goto failure;
}
}
- endpoint->sip_auths[endpoint->num_auths] = ast_strdup(val);
- if (!endpoint->sip_auths[endpoint->num_auths]) {
+ alloced_auths[*num_auths] = ast_strdup(val);
+ if (!alloced_auths[*num_auths]) {
goto failure;
}
- ++endpoint->num_auths;
- }
- return 0;
+ ++(*num_auths);
+ }
+ return alloced_auths;
failure:
- destroy_endpoint_auths(endpoint);
- return -1;
+ destroy_auths(alloced_auths, *num_auths);
+ return NULL;
+}
+
+static int inbound_auth_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
+{
+ struct ast_sip_endpoint *endpoint = obj;
+
+ endpoint->sip_inbound_auths = auth_alloc(var->value, &endpoint->num_inbound_auths);
+ if (!endpoint->sip_inbound_auths) {
+ return -1;
+ }
+ return 0;
+}
+static int outbound_auth_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
+{
+ struct ast_sip_endpoint *endpoint = obj;
+
+ endpoint->sip_outbound_auths = auth_alloc(var->value, &endpoint->num_outbound_auths);
+ if (!endpoint->sip_outbound_auths) {
+ return -1;
+ }
+ return 0;
}
static int ident_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
@@ -268,8 +289,9 @@
ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "timers", "yes", timers_handler, NULL, 0, 0);
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "timers_min_se", "90", OPT_UINT_T, 0, FLDSET(struct ast_sip_endpoint, min_se));
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "timers_sess_expires", "1800", OPT_UINT_T, 0, FLDSET(struct ast_sip_endpoint, sess_expires));
+ ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "auth", "", inbound_auth_handler, NULL, 0, 0);
+ ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "outbound_auth", "", outbound_auth_handler, NULL, 0, 0);
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "aors", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_endpoint, aors));
- ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "auth", "", auth_handler, NULL, 0, 0);
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "external_media_address", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_endpoint, external_media_address));
ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "identify_by", "username,location", ident_handler, NULL, 0, 0);
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "direct_media", "yes", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, direct_media));
@@ -326,7 +348,8 @@
if (endpoint->codecs) {
ast_format_cap_destroy(endpoint->codecs);
}
- destroy_endpoint_auths(endpoint);
+ destroy_auths(endpoint->sip_inbound_auths, endpoint->num_inbound_auths);
+ destroy_auths(endpoint->sip_outbound_auths, endpoint->num_outbound_auths);
}
void *ast_sip_endpoint_alloc(const char *name)
@@ -355,6 +378,29 @@
return endpoints;
}
+int ast_sip_retrieve_auths(const char *auth_names[], size_t num_auths, struct ast_sip_auth **out)
+{
+ int i;
+
+ for (i = 0; i < num_auths; ++i) {
+ out[i] = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), SIP_SORCERY_AUTH_TYPE, auth_names[i]);
+ if (!out[i]) {
+ ast_log(LOG_NOTICE, "Couldn't find auth '%s'. Cannot authenticate\n", auth_names[i]);
+ return -1;
+ }
+ }
+
+ return 0;
+}
+
+void ast_sip_cleanup_auths(struct ast_sip_auth *auths[], size_t num_auths)
+{
+ int i;
+ for (i = 0; i < num_auths; ++i) {
+ ao2_cleanup(auths[i]);
+ }
+}
+
struct ast_sorcery *ast_sip_get_sorcery(void)
{
return sip_sorcery;
Modified: team/group/pimp_my_sip/res/res_sip/sip_distributor.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip/sip_distributor.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip/sip_distributor.c (original)
+++ team/group/pimp_my_sip/res/res_sip/sip_distributor.c Mon Apr 8 10:18:18 2013
@@ -68,6 +68,16 @@
dist = distributor_dialog_data_alloc(dlg);
}
dist->endpoint = endpoint;
+}
+
+struct ast_sip_endpoint *ast_sip_dialog_get_endpoint(pjsip_dialog *dlg)
+{
[... 275 lines stripped ...]
More information about the svn-commits
mailing list