[svn-commits] mmichelson: branch group/pimp_my_sip r384920 - in /team/group/pimp_my_sip: ./...

SVN commits to the Digium repositories svn-commits at lists.digium.com
Mon Apr 8 10:18:23 CDT 2013


Author: mmichelson
Date: Mon Apr  8 10:18:18 2013
New Revision: 384920

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=384920
Log:
Add outbound authentication support.

This adds module outbound authentication and a digest module that uses
PJSIP's auth_client API.


Added:
    team/group/pimp_my_sip/res/res_sip/sip_outbound_auth.c
      - copied unchanged from r384913, team/mmichelson/outbound_auth/res/res_sip/sip_outbound_auth.c
    team/group/pimp_my_sip/res/res_sip_outbound_authenticator_digest.c
      - copied unchanged from r384913, team/mmichelson/outbound_auth/res/res_sip_outbound_authenticator_digest.c
Modified:
    team/group/pimp_my_sip/   (props changed)
    team/group/pimp_my_sip/channels/chan_gulp.c
    team/group/pimp_my_sip/include/asterisk/res_sip.h
    team/group/pimp_my_sip/res/res_sip.c
    team/group/pimp_my_sip/res/res_sip.exports.in
    team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h
    team/group/pimp_my_sip/res/res_sip/location.c
    team/group/pimp_my_sip/res/res_sip/sip_configuration.c
    team/group/pimp_my_sip/res/res_sip/sip_distributor.c
    team/group/pimp_my_sip/res/res_sip/sip_options.c
    team/group/pimp_my_sip/res/res_sip_authenticator_digest.c
    team/group/pimp_my_sip/res/res_sip_session.c

Propchange: team/group/pimp_my_sip/
------------------------------------------------------------------------------
    automerge-propname = outbound_auth-integrated

Propchange: team/group/pimp_my_sip/
------------------------------------------------------------------------------
    outbound_auth-integrated = /team/group/pimp_my_sip:1-384900

Modified: team/group/pimp_my_sip/channels/chan_gulp.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/channels/chan_gulp.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/channels/chan_gulp.c (original)
+++ team/group/pimp_my_sip/channels/chan_gulp.c Mon Apr  8 10:18:18 2013
@@ -682,8 +682,19 @@
 	};
 
 	struct ast_sip_session *session = data;
-	if (ast_sip_send_request("INFO", &body, session->inv_session->dlg, NULL) != PJ_SUCCESS) {
+	struct pjsip_tx_data *tdata;
+
+	if (ast_sip_create_request("INFO", session->inv_session->dlg, session->endpoint, NULL, &tdata)) {
+		ast_log(LOG_ERROR, "Could not create text video update INFO request\n");
+		return -1;
+	}
+	if (ast_sip_add_body(tdata, &body)) {
+		ast_log(LOG_ERROR, "Could not add body to text video update INFO request\n");
+		return -1;
+	}
+	if (ast_sip_send_request(tdata, session->inv_session->dlg, session->endpoint)) {
 		ast_log(LOG_ERROR, "Could not send text video update INFO request\n");
+		return -1;
 	}
 
 	return 0;

Modified: team/group/pimp_my_sip/include/asterisk/res_sip.h
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/include/asterisk/res_sip.h?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/include/asterisk/res_sip.h (original)
+++ team/group/pimp_my_sip/include/asterisk/res_sip.h Mon Apr  8 10:18:18 2013
@@ -266,7 +266,7 @@
                 /*! Musiconhold class to suggest that the other side use when placing on hold */
                 AST_STRING_FIELD(mohsuggest);
 		/*! Optional external media address to use in SDP */
-		AST_STRING_FIELD(external_media_address);       
+		AST_STRING_FIELD(external_media_address);
 	);
 	/*! Identification information for this endpoint */
 	struct ast_party_id id;
@@ -278,10 +278,14 @@
 	struct ast_codec_pref prefs;
 	/*! Configured codecs */
 	struct ast_format_cap *codecs;
-	/*! Names of authentication credentials */
-	const char **sip_auths;
+	/*! Names of inbound authentication credentials */
+	const char **sip_inbound_auths;
 	/*! Number of configured auths */
-	size_t num_auths;
+	size_t num_inbound_auths;
+	/*! Names of outbound authentication credentials */
+	const char **sip_outbound_auths;
+	/*! Number of configured outbound auths */
+	size_t num_outbound_auths;
 	/*! DTMF mode to use with this endpoint */
 	enum ast_sip_dtmf_mode dtmf;
 	/*! Whether IPv6 RTP is enabled or not */
@@ -334,13 +338,13 @@
 
 /*!
  * \brief An interchangeable way of handling digest authentication for SIP.
- * 
+ *
  * An authenticator is responsible for filling in the callbacks provided below. Each is called from a publicly available
  * function in res_sip. The authenticator can use configuration or other local policy to determine whether authentication
  * should take place and what credentials should be used when challenging and authenticating a request.
  */
 struct ast_sip_authenticator {
-    /*! 
+    /*!
      * \brief Check if a request requires authentication
      * See ast_sip_requires_authentication for more details
      */
@@ -357,7 +361,28 @@
 	enum ast_sip_check_auth_result (*check_authentication)(struct ast_sip_endpoint *endpoint,
 			pjsip_rx_data *rdata, pjsip_tx_data *tdata);
 };
- 
+
+/*!
+ * \brief an interchangeable way of responding to authentication challenges
+ *
+ * An outbound authenticator takes incoming challenges and formulates a new SIP request with
+ * credentials.
+ */
+struct ast_sip_outbound_authenticator {
+	/*!
+	 * \brief Create a new request with authentication credentials
+	 *
+	 * \param endpoint The SIP endpoint with which Asterisk is communicating
+	 * \param challenge The SIP response with authentication challenge(s)
+	 * \param tsx The transaction in which the challenge was received
+	 * \param new_request The new SIP request with challenge response(s)
+	 * \retval 0 Successfully created new request
+	 * \retval -1 Failed to create a new request
+	 */
+	int (*create_request_with_auth)(const struct ast_sip_endpoint *endpoint, struct pjsip_rx_data *challenge,
+			struct pjsip_transaction *tsx, struct pjsip_tx_data **new_request);
+};
+
 /*!
  * \brief An entity responsible for identifying the source of a SIP message
  */
@@ -383,7 +408,7 @@
  * \retval -1 Failure
  */
 int ast_sip_register_service(pjsip_module *module);
- 
+
 /*!
  * This is the opposite of ast_sip_register_service().  Unregistering a
  * service means that PJSIP will no longer call into the module any more.
@@ -392,7 +417,7 @@
  * \param module The PJSIP module to unregister
  */
 void ast_sip_unregister_service(pjsip_module *module);
- 
+
 /*!
  * \brief Register a SIP authenticator
  *
@@ -409,7 +434,7 @@
  * \retval -1 Failure
  */
 int ast_sip_register_authenticator(struct ast_sip_authenticator *auth);
- 
+
 /*!
  * \brief Unregister a SIP authenticator
  *
@@ -419,7 +444,29 @@
  * \param auth The authenticator to unregister
  */
 void ast_sip_unregister_authenticator(struct ast_sip_authenticator *auth);
- 
+
+ /*!
+ * \brief Register an outbound SIP authenticator
+ *
+ * An outbound authenticator is responsible for creating responses to
+ * authentication challenges by remote endpoints.
+ *
+ * \param auth The authenticator to register
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+int ast_sip_register_outbound_authenticator(struct ast_sip_outbound_authenticator *outbound_auth);
+
+/*!
+ * \brief Unregister an outbound SIP authenticator
+ *
+ * When there is no outbound authenticator registered, authentication challenges
+ * will be handled as any other final response would be.
+ *
+ * \param auth The authenticator to unregister
+ */
+void ast_sip_unregister_outbound_authenticator(struct ast_sip_outbound_authenticator *auth);
+
 /*!
  * \brief Register a SIP endpoint identifier
  *
@@ -442,7 +489,7 @@
  * \retval -1 Failure
  */
 int ast_sip_register_endpoint_identifier(struct ast_sip_endpoint_identifier *identifier);
- 
+
 /*!
  * \brief Unregister a SIP endpoint identifier
  *
@@ -513,14 +560,32 @@
 struct ast_sip_aor *ast_sip_location_retrieve_aor(const char *aor_name);
 
 /*!
+ * \brief Retrieve the first bound contact for an AOR
+ *
+ * \param aor Pointer to the AOR
+ * \retval NULL if no contacts available
+ * \retval non-NULL if contacts available
+ */
+struct ast_sip_contact *ast_sip_location_retrieve_first_aor_contact(const struct ast_sip_aor *aor);
+
+/*!
  * \brief Retrieve all contacts currently available for an AOR
  *
  * \param aor Pointer to the AOR
  *
- * \param NULL if no contacts available
- * \param non-NULL if contacts available
+ * \retval NULL if no contacts available
+ * \retval non-NULL if contacts available
  */
 struct ao2_container *ast_sip_location_retrieve_aor_contacts(const struct ast_sip_aor *aor);
+
+/*!
+ * \brief Retrieve the first bound contact from a list of AORs
+ *
+ * \param aor_list A comma-separated list of AOR names
+ * \retval NULL if no contacts available
+ * \retval non-NULL if contacts available
+ */
+struct ast_sip_contact *ast_sip_location_retrieve_contact_from_aor_list(const char *aor_list);
 
 /*!
  * \brief Retrieve a named contact
@@ -583,6 +648,41 @@
  * \retval 0 success
  */
 int ast_sip_initialize_sorcery_auth(struct ast_sorcery *sorcery);
+
+/*!
+ * \brief Callback called when an outbound request with authentication credentials is to be sent in dialog
+ *
+ * This callback will have the created request on it. The callback's purpose is to do any extra
+ * housekeeping that needs to be done as well as to send the request out.
+ *
+ * This callback is only necessary if working with a PJSIP API that sits between the application
+ * and the dialog layer.
+ *
+ * \param dlg The dialog to which the request belongs
+ * \param tdata The created request to be sent out
+ * \param user_data Data supplied with the callback
+ *
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+typedef int (*ast_sip_dialog_outbound_auth_cb)(pjsip_dialog *dlg, pjsip_tx_data *tdata, void *user_data);
+
+/*!
+ * \brief Set up outbound authentication on a SIP dialog
+ *
+ * This sets up the infrastructure so that all requests associated with a created dialog
+ * can be re-sent with authentication credentials if the original request is challenged.
+ *
+ * \param dlg The dialog on which requests will be authenticated
+ * \param endpoint The endpoint whom this dialog pertains to
+ * \param cb Callback to call to send requests with authentication
+ * \param user_data Data to be provided to the callback when it is called
+ *
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+int ast_sip_dialog_setup_outbound_authentication(pjsip_dialog *dlg, const struct ast_sip_endpoint *endpoint,
+		ast_sip_dialog_outbound_auth_cb cb, void *user_data);
 
 /*!
  * \brief Initialize the distributor module
@@ -636,7 +736,7 @@
  * Servants are where the bulk of SIP work should be performed. These threads
  * exist in order to do the work that Asterisk threads and PJSIP threads hand
  * off to them. Servant threads register themselves with PJLIB, meaning that
- * they are capable of calling PJSIP and PJLIB functions if they wish. 
+ * they are capable of calling PJSIP and PJLIB functions if they wish.
  *
  * \par Serializer
  *
@@ -682,6 +782,18 @@
  * \param endpoint The endpoint that this dialog is communicating with
  */
 void ast_sip_dialog_set_endpoint(pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint);
+
+/*!
+ * \brief Get the endpoint associated with this dialog
+ *
+ * This function increases the refcount of the endpoint by one. Release
+ * the reference once you are finished with the endpoint.
+ *
+ * \param dlg The SIP dialog from which to retrieve the endpoint
+ * \retval NULL No endpoint associated with this dialog
+ * \retval non-NULL The endpoint.
+ */
+struct ast_sip_endpoint *ast_sip_dialog_get_endpoint(pjsip_dialog *dlg);
 
 /*!
  * \brief Pushes a task to SIP servants
@@ -753,26 +865,50 @@
  pjsip_dialog *ast_sip_create_dialog(const struct ast_sip_endpoint *endpoint, const char *aor_name, const char *request_user);
 
 /*!
- * \brief General purpose method for sending a SIP request
- *
- * Its typical use would be to send one-off messages such as an out of dialog
+ * \brief General purpose method for creating a SIP request
+ *
+ * Its typical use would be to create one-off requests such as an out of dialog
  * SIP MESSAGE.
  *
- * The request can either be sent in- or out-of-dialog. If sent in-dialog, the
- * dlg parameter MUST be present. If sent out-of-dialog the endpoint parameter
+ * The request can either be in- or out-of-dialog. If in-dialog, the
+ * dlg parameter MUST be present. If out-of-dialog the endpoint parameter
  * MUST be present. If both are present, then we will assume that the message
  * is to be sent in-dialog.
  *
+ * The uri parameter can be specified if the request should be sent to an explicit
+ * URI rather than one configured on the endpoint.
+ *
  * \param method The method of the SIP request to send
- * \param body The message body for the SIP request
- * \dlg Optional. If specified, the dialog on which to send the message.
- * \endpoint Optional. If specified, the request will be sent out-of-dialog to the endpoint.
- * \retval 0 Success
- * \retval -1 Failure
- */
-int ast_sip_send_request(const char *method, const struct ast_sip_body *body,
-		struct pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint);
- 
+ * \param dlg Optional. If specified, the dialog on which to request the message.
+ * \param endpoint Optional. If specified, the request will be created out-of-dialog
+ * to the endpoint.
+ * \param uri Optional. If specified, the request will be sent to this URI rather
+ * than one configured for the endpoint.
+ * \param[out] tdata The newly-created request
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+int ast_sip_create_request(const char *method, struct pjsip_dialog *dlg,
+		struct ast_sip_endpoint *endpoint, const char *uri, pjsip_tx_data **tdata);
+
+/*!
+ * \brief General purpose method for sending a SIP request
+ *
+ * This is a companion function for \ref ast_sip_create_request. The request
+ * created there can be passed to this function, though any request may be
+ * passed in.
+ *
+ * This will automatically set up handling outbound authentication challenges if
+ * they arrive.
+ *
+ * \param tdata The request to send
+ * \param dlg Optional. If specified, the dialog on which the request should be sent
+ * \param endpoint Optional. If specified, the request is sent out-of-dialog to the endpoint.
+ * \retval 0 Success
+ * \retval -1 Failure
+ */
+int ast_sip_send_request(pjsip_tx_data *tdata, struct pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint);
+
 /*!
  * \brief Determine if an incoming request requires authentication
  *
@@ -788,7 +924,7 @@
  * \retval 0 The request does not require authentication
  */
 int ast_sip_requires_authentication(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata);
- 
+
 /*!
  * \brief Method to determine authentication status of an incoming request
  *
@@ -804,7 +940,18 @@
  */
 enum ast_sip_check_auth_result ast_sip_check_authentication(struct ast_sip_endpoint *endpoint,
 		pjsip_rx_data *rdata, pjsip_tx_data *tdata);
- 
+
+/*!
+ * \brief Create a response to an authentication challenge
+ *
+ * This will call into an outbound authenticator's create_request_with_auth callback
+ * to create a new request with authentication credentials. See the create_request_with_auth
+ * callback in the \ref ast_sip_outbound_authenticator structure for details about
+ * the parameters and return values.
+ */
+int ast_sip_create_request_with_auth(const struct ast_sip_endpoint *endpoint, pjsip_rx_data *challenge,
+		pjsip_transaction *tsx, pjsip_tx_data **new_request);
+
 /*!
  * \brief Determine the endpoint that has sent a SIP message
  *
@@ -818,7 +965,7 @@
  * \retval non-NULL The matching endpoint
  */
 struct ast_sip_endpoint *ast_sip_identify_endpoint(pjsip_rx_data *rdata);
- 
+
 /*!
  * \brief Add a header to an outbound SIP message
  *
@@ -829,7 +976,7 @@
  * \retval -1 Failure
  */
 int ast_sip_add_header(pjsip_tx_data *tdata, const char *name, const char *value);
- 
+
 /*!
  * \brief Add a body to an outbound SIP message
  *
@@ -842,7 +989,7 @@
  * \retval -1 Failure
  */
 int ast_sip_add_body(pjsip_tx_data *tdata, const struct ast_sip_body *body);
- 
+
 /*!
  * \brief Add a multipart body to an outbound SIP message
  *
@@ -855,7 +1002,7 @@
  * \retval -1 Failure
  */
 int ast_sip_add_body_multipart(pjsip_tx_data *tdata, const struct ast_sip_body *bodies[], int num_bodies);
- 
+
 /*!
  * \brief Append body data to a SIP message
  *
@@ -903,4 +1050,24 @@
  */
 struct ast_sip_endpoint *ast_pjsip_rdata_get_endpoint(pjsip_rx_data *rdata);
 
+/*!
+ * \brief Retrieve relevant SIP auth structures from sorcery
+ *
+ * \param auth_names The sorcery IDs of auths to retrieve
+ * \param num_auths The number of auths to retrieve
+ * \param[out] out The retrieved auths are stored here
+ */
+int ast_sip_retrieve_auths(const char *auth_names[], size_t num_auths, struct ast_sip_auth **out);
+
+/*!
+ * \brief Clean up retrieved auth structures from memory
+ *
+ * Call this function once you have completed operating on auths
+ * retrieved from \ref ast_sip_retrieve_auths
+ *
+ * \param auths An array of auth structures to clean up
+ * \param num_auths The number of auths in the array
+ */
+void ast_sip_cleanup_auths(struct ast_sip_auth *auths[], size_t num_auths);
+
 #endif /* _RES_SIP_H */

Modified: team/group/pimp_my_sip/res/res_sip.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip.c (original)
+++ team/group/pimp_my_sip/res/res_sip.c Mon Apr  8 10:18:18 2013
@@ -130,6 +130,42 @@
 	return registered_authenticator->check_authentication(endpoint, rdata, tdata);
 }
 
+static struct ast_sip_outbound_authenticator *registered_outbound_authenticator;
+
+int ast_sip_register_outbound_authenticator(struct ast_sip_outbound_authenticator *auth)
+{
+	if (registered_outbound_authenticator) {
+		ast_log(LOG_WARNING, "Outbound authenticator %p is already registered. Cannot register a new one\n", registered_outbound_authenticator);
+		return -1;
+	}
+	registered_outbound_authenticator = auth;
+	ast_debug(1, "Registered SIP outbound authenticator module %p\n", auth);
+	ast_module_ref(ast_module_info->self);
+	return 0;
+}
+
+void ast_sip_unregister_outbound_authenticator(struct ast_sip_outbound_authenticator *auth)
+{
+	if (registered_outbound_authenticator != auth) {
+		ast_log(LOG_WARNING, "Trying to unregister outbound authenticator %p but outbound authenticator %p registered\n",
+				auth, registered_outbound_authenticator);
+		return;
+	}
+	registered_outbound_authenticator = NULL;
+	ast_debug(1, "Unregistered SIP outbound authenticator %p\n", auth);
+	ast_module_unref(ast_module_info->self);
+}
+
+int ast_sip_create_request_with_auth(const struct ast_sip_endpoint *endpoint, pjsip_rx_data *challenge,
+		pjsip_transaction *tsx, pjsip_tx_data **new_request)
+{
+	if (!registered_outbound_authenticator) {
+		ast_log(LOG_WARNING, "No SIP outbound authenticator registered. Cannot respond to authentication challenge\n");
+		return -1;
+	}
+	return registered_outbound_authenticator->create_request_with_auth(endpoint, challenge, tsx, new_request);
+}
+
 struct endpoint_identifier_list {
 	struct ast_sip_endpoint_identifier *identifier;
 	AST_RWLIST_ENTRY(endpoint_identifier_list) list;
@@ -199,6 +235,15 @@
 	pjsip_sip_uri *sip_uri;
 	pjsip_transport_type_e type = PJSIP_TRANSPORT_UNSPECIFIED;
 	int local_port;
+	char uuid_str[AST_UUID_STR_LEN];
+
+	if (!user) {
+		RAII_VAR(struct ast_uuid *, uuid, ast_uuid_generate(), ast_free_ptr);
+		if (!uuid) {
+			return -1;
+		}
+		user = ast_uuid_to_str(uuid, uuid_str, sizeof(uuid_str));
+	}
 
 	/* Parse the provided target URI so we can determine what transport it will end up using */
 	pj_strdup_with_null(pool, &tmp, target);
@@ -255,47 +300,54 @@
 	return 0;
 }
 
+static int sip_get_tpselector_from_endpoint(const struct ast_sip_endpoint *endpoint, pjsip_tpselector *selector)
+{
+	RAII_VAR(struct ast_sip_transport *, transport, NULL, ao2_cleanup);
+	const char *transport_name = endpoint->transport;
+
+	if (ast_strlen_zero(transport_name)) {
+		return 0;
+	}
+
+	transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_name);
+
+	if (!transport || !transport->state) {
+		return -1;
+	}
+
+	if (transport->type == AST_SIP_TRANSPORT_UDP) {
+		selector->type = PJSIP_TPSELECTOR_TRANSPORT;
+		selector->u.transport = transport->state->transport;
+	} else if (transport->type == AST_SIP_TRANSPORT_TCP || transport->type == AST_SIP_TRANSPORT_TLS) {
+		selector->type = PJSIP_TPSELECTOR_LISTENER;
+		selector->u.listener = transport->state->factory;
+	} else {
+		return -1;
+	}
+
+	return 0;
+}
+
 pjsip_dialog *ast_sip_create_dialog(const struct ast_sip_endpoint *endpoint, const char *uri, const char *request_user)
 {
-	RAII_VAR(struct ast_uuid *, uuid, ast_uuid_generate(), ast_free_ptr);
-	char uuid_str[AST_UUID_STR_LEN];
 	pj_str_t local_uri = { "sip:temp at temp", 13 }, remote_uri;
 	pjsip_dialog *dlg = NULL;
-	const char *transport_name = endpoint->transport, *outbound_proxy = endpoint->outbound_proxy;
+	const char *outbound_proxy = endpoint->outbound_proxy;
 	pjsip_tpselector selector = { .type = PJSIP_TPSELECTOR_NONE, };
 	static const pj_str_t HCONTACT = { "Contact", 7 };
 
-	if (!uuid) {
-		return NULL;
-	}
-
 	pj_cstr(&remote_uri, uri);
 
 	if (pjsip_dlg_create_uac(pjsip_ua_instance(), &local_uri, NULL, &remote_uri, NULL, &dlg) != PJ_SUCCESS) {
 		return NULL;
 	}
 
-	if (!ast_strlen_zero(transport_name)) {
-		RAII_VAR(struct ast_sip_transport *, transport, ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_name), ao2_cleanup);
-
-		if (!transport || !transport->state) {
-			pjsip_dlg_terminate(dlg);
-			return NULL;
-		}
-
-		if (transport->type == AST_SIP_TRANSPORT_UDP) {
-			selector.type = PJSIP_TPSELECTOR_TRANSPORT;
-			selector.u.transport = transport->state->transport;
-		} else if (transport->type == AST_SIP_TRANSPORT_TCP || transport->type == AST_SIP_TRANSPORT_TLS) {
-			selector.type = PJSIP_TPSELECTOR_LISTENER;
-			selector.u.listener = transport->state->factory;
-		} else {
-			pjsip_dlg_terminate(dlg);
-			return NULL;
-		}
-	}
-
-	if (sip_dialog_create_from(dlg->pool, &local_uri, ast_uuid_to_str(uuid, uuid_str, AST_UUID_STR_LEN), &remote_uri, &selector)) {
+	if (sip_get_tpselector_from_endpoint(endpoint, &selector)) {
+		pjsip_dlg_terminate(dlg);
+		return NULL;
+	}
+
+	if (sip_dialog_create_from(dlg->pool, &local_uri, NULL, &remote_uri, &selector)) {
 		pjsip_dlg_terminate(dlg);
 		return NULL;
 	}
@@ -368,47 +420,75 @@
 	return NULL;
 }
 
-static int send_in_dialog_request(const pjsip_method *method, const struct ast_sip_body *body, struct pjsip_dialog *dlg)
-{
-	pj_status_t status;
-	pjsip_tx_data *tdata;
-
-	status = pjsip_dlg_create_request(dlg, method, -1, &tdata);
-	if (status != PJ_SUCCESS) {
+static int create_in_dialog_request(const pjsip_method *method, struct pjsip_dialog *dlg, pjsip_tx_data **tdata)
+{
+	if (pjsip_dlg_create_request(dlg, method, -1, tdata) != PJ_SUCCESS) {
 		ast_log(LOG_WARNING, "Unable to create in-dialog request.\n");
 		return -1;
 	}
 
-	if (body) {
-		ast_sip_add_body(tdata, body);
-	}
-
-	status = pjsip_dlg_send_request(dlg, tdata, -1, NULL);
-	if (status != PJ_SUCCESS) {
-		ast_log(LOG_WARNING, "Unable to send in-dialog request.\n");
-		return -1;
-	}
-
-	return 0;
-}
-
-static int send_out_of_dialog_request(const pjsip_method *method, const struct ast_sip_body *body, struct ast_sip_endpoint *endpoint)
-{
-	/*XXX Stub
-	 *
-	 * We need to get the destination from the endpoint and then call
-	 * pjsip_endpt_create_request to create the request.
-	 * 
-	 * We can then add the body as necessary and transmit with
-	 * pjsip_endpt_send_request_stateless(). The end.
-	 *
-	 * It's hard to really get started though without an ast_sip_endpoint
-	 * structure to work with
+	return 0;
+}
+
+static int create_out_of_dialog_request(const pjsip_method *method, struct ast_sip_endpoint *endpoint,
+		const char *uri, pjsip_tx_data **tdata)
+{
+	RAII_VAR(struct ast_sip_contact *, contact, NULL, ao2_cleanup);
+	pj_str_t remote_uri;
+	pj_str_t from;
+	pj_pool_t *pool;
+	pjsip_tpselector selector = { .type = PJSIP_TPSELECTOR_NONE, };
+
+	if (ast_strlen_zero(uri)) {
+		contact = ast_sip_location_retrieve_contact_from_aor_list(endpoint->aors);
+		if (!contact || ast_strlen_zero(contact->uri)) {
+			ast_log(LOG_ERROR, "Unable to retrieve contact for endpoint %s\n",
+					ast_sorcery_object_get_id(endpoint));
+			return -1;
+		}
+
+		pj_cstr(&remote_uri, contact->uri);
+	} else {
+		pj_cstr(&remote_uri, uri);
+	}
+
+	if (sip_get_tpselector_from_endpoint(endpoint, &selector)) {
+		ast_log(LOG_ERROR, "Unable to retrieve PJSIP transport selector for endpoint %s\n",
+				ast_sorcery_object_get_id(endpoint));
+		return -1;
+	}
+
+	pool = pjsip_endpt_create_pool(ast_sip_get_pjsip_endpoint(), "Outbound request", 256, 256);
+
+	if (!pool) {
+		ast_log(LOG_ERROR, "Unable to create PJLIB memory pool\n");
+		return -1;
+	}
+
+	if (sip_dialog_create_from(pool, &from, NULL, &remote_uri, &selector)) {
+		ast_log(LOG_ERROR, "Unable to create From header for %.*s request to endpoint %s\n",
+				(int) pj_strlen(&method->name), pj_strbuf(&method->name), ast_sorcery_object_get_id(endpoint));
+		pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
+		return -1;
+	}
+
+	if (pjsip_endpt_create_request(ast_sip_get_pjsip_endpoint(), method, &remote_uri,
+			&from, &remote_uri, &from, NULL, -1, NULL, tdata) != PJ_SUCCESS) {
+		ast_log(LOG_ERROR, "Unable to create outbound %.*s request to endpoint %s\n",
+				(int) pj_strlen(&method->name), pj_strbuf(&method->name), ast_sorcery_object_get_id(endpoint));
+		pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
+		return -1;
+	}
+
+	/* We can release this pool since request creation copied all the necessary
+	 * data into the outbound request's pool
 	 */
-	return 0;
-}
-
-int ast_sip_send_request(const char *method, const struct ast_sip_body *body, struct pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint)
+	pjsip_endpt_release_pool(ast_sip_get_pjsip_endpoint(), pool);
+	return 0;
+}
+
+int ast_sip_create_request(const char *method, struct pjsip_dialog *dlg,
+		struct ast_sip_endpoint *endpoint, const char *uri, pjsip_tx_data **tdata)
 {
 	const pjsip_method *pmethod = get_pjsip_method(method);
 
@@ -418,9 +498,60 @@
 	}
 
 	if (dlg) {
-		return send_in_dialog_request(pmethod, body, dlg);
+		return create_in_dialog_request(pmethod, dlg, tdata);
 	} else {
-		return send_out_of_dialog_request(pmethod, body, endpoint);
+		return create_out_of_dialog_request(pmethod, endpoint, uri, tdata);
+	}
+}
+
+static int send_in_dialog_request(pjsip_tx_data *tdata, struct pjsip_dialog *dlg)
+{
+	if (pjsip_dlg_send_request(dlg, tdata, -1, NULL) != PJ_SUCCESS) {
+		ast_log(LOG_WARNING, "Unable to send in-dialog request.\n");
+		return -1;
+	}
+	return 0;
+}
+
+static void send_request_cb(void *token, pjsip_event *e)
+{
+	RAII_VAR(struct ast_sip_endpoint *, endpoint, token, ao2_cleanup);
+	pjsip_transaction *tsx = e->body.tsx_state.tsx;
+	pjsip_rx_data *challenge = e->body.tsx_state.src.rdata;
+	pjsip_tx_data *tdata;
+
+	if (tsx->status_code != 401 && tsx->status_code != 407) {
+		return;
+	}
+
+	ast_sip_create_request_with_auth(endpoint, challenge, tsx, &tdata);
+
+	pjsip_endpt_send_request(ast_sip_get_pjsip_endpoint(), tdata, -1, NULL, NULL);
+}
+
+static int send_out_of_dialog_request(pjsip_tx_data *tdata, struct ast_sip_endpoint *endpoint)
+{
+	ao2_ref(endpoint, +1);
+	if (pjsip_endpt_send_request(ast_sip_get_pjsip_endpoint(), tdata, -1, endpoint, send_request_cb) != PJ_SUCCESS) {
+		ast_log(LOG_ERROR, "Error attempting to send outbound %.*s request to endpoint %s\n",
+				(int) pj_strlen(&tdata->msg->line.req.method.name),
+				pj_strbuf(&tdata->msg->line.req.method.name),
+				ast_sorcery_object_get_id(endpoint));
+		ao2_ref(endpoint, -1);
+		return -1;
+	}
+
+	return 0;
+}
+
+int ast_sip_send_request(pjsip_tx_data *tdata, struct pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint)
+{
+	ast_assert(tdata->msg->type == PJSIP_REQUEST_MSG);
+
+	if (dlg) {
+		return send_in_dialog_request(tdata, dlg);
+	} else {
+		return send_out_of_dialog_request(tdata, endpoint);
 	}
 }
 
@@ -701,6 +832,11 @@
 		goto error;
 	}
 
+	if (ast_sip_initialize_outbound_authentication()) {
+		ast_log(LOG_ERROR, "Failed to initialize outbound authentication. Aborting load\n");
+		goto error;
+	}
+
 	ast_res_sip_init_options_handling(0);
 
 return AST_MODULE_LOAD_SUCCESS;

Modified: team/group/pimp_my_sip/res/res_sip.exports.in
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip.exports.in?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip.exports.in (original)
+++ team/group/pimp_my_sip/res/res_sip.exports.in Mon Apr  8 10:18:18 2013
@@ -4,16 +4,22 @@
 		LINKER_SYMBOL_PREFIXast_sip_unregister_service;
 		LINKER_SYMBOL_PREFIXast_sip_register_authenticator;
 		LINKER_SYMBOL_PREFIXast_sip_unregister_authenticator;
+		LINKER_SYMBOL_PREFIXast_sip_register_outbound_authenticator;
+		LINKER_SYMBOL_PREFIXast_sip_unregister_outbound_authenticator;
 		LINKER_SYMBOL_PREFIXast_sip_register_endpoint_identifier;
 		LINKER_SYMBOL_PREFIXast_sip_unregister_endpoint_identifier;
 		LINKER_SYMBOL_PREFIXast_sip_create_serializer;
 		LINKER_SYMBOL_PREFIXast_sip_push_task;
 		LINKER_SYMBOL_PREFIXast_sip_push_task_synchronous;
+		LINKER_SYMBOL_PREFIXast_sip_create_request;
 		LINKER_SYMBOL_PREFIXast_sip_send_request;
 		LINKER_SYMBOL_PREFIXast_sip_requires_authentication;
 		LINKER_SYMBOL_PREFIXast_sip_authenticate_request;
 		LINKER_SYMBOL_PREFIXast_sip_get_authentication_credentials;
 		LINKER_SYMBOL_PREFIXast_sip_check_authentication;
+		LINKER_SYMBOL_PREFIXast_sip_create_auth_challenge_response;
+		LINKER_SYMBOL_PREFIXast_sip_set_outbound_authentication_credentials;
+		LINKER_SYMBOL_PREFIXast_sip_dialog_setup_outbound_authentication;
 		LINKER_SYMBOL_PREFIXast_sip_add_digest_to_challenge;
 		LINKER_SYMBOL_PREFIXast_sip_identify_endpoint;
 		LINKER_SYMBOL_PREFIXast_sip_add_header;
@@ -26,6 +32,8 @@
 		LINKER_SYMBOL_PREFIXast_sip_get_sorcery;
 		LINKER_SYMBOL_PREFIXast_sip_create_dialog;
 		LINKER_SYMBOL_PREFIXast_sip_location_retrieve_aor;
+		LINKER_SYMBOL_PREFIXast_sip_location_retrieve_first_aor_contact;
+		LINKER_SYMBOL_PREFIXast_sip_location_retrieve_contact_from_aor_list;
 		LINKER_SYMBOL_PREFIXast_sip_location_retrieve_aor_contacts;
 		LINKER_SYMBOL_PREFIXast_sip_location_retrieve_contact;
 		LINKER_SYMBOL_PREFIXast_sip_location_add_contact;
@@ -35,6 +43,9 @@
 		LINKER_SYMBOL_PREFIXast_sip_thread_is_servant;
 		LINKER_SYMBOL_PREFIXast_sip_dialog_set_serializer;
 		LINKER_SYMBOL_PREFIXast_sip_dialog_set_endpoint;
+		LINKER_SYMBOL_PREFIXast_sip_dialog_get_endpoint;
+		LINKER_SYMBOL_PREFIXast_sip_retrieve_auths;
+		LINKER_SYMBOL_PREFIXast_sip_cleanup_auths;
 	local:
 		*;
 };

Modified: team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h (original)
+++ team/group/pimp_my_sip/res/res_sip/include/res_sip_private.h Mon Apr  8 10:18:18 2013
@@ -40,6 +40,14 @@
 int ast_res_sip_init_options_handling(int reload);
 
 /*!
+ * \brief Initialize outbound authentication support
+ *
+ * \retval 0 Success
+ * \retval non-zero Failure
+ */
+int ast_sip_initialize_outbound_authentication(void);
+
+/*!
  * \brief Get the current defined endpoints
  *
  * \retval The current endpoints loaded by res_sip

Modified: team/group/pimp_my_sip/res/res_sip/location.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip/location.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip/location.c (original)
+++ team/group/pimp_my_sip/res/res_sip/location.c Mon Apr  8 10:18:18 2013
@@ -93,6 +93,26 @@
 	return 0;
 }
 
+/*! \brief Simple callback function which returns immediately, used to grab the first contact of an AOR */
+static int contact_find_first(void *obj, void *arg, int flags)
+{
+	return CMP_MATCH | CMP_STOP;
+}
+
+struct ast_sip_contact *ast_sip_location_retrieve_first_aor_contact(const struct ast_sip_aor *aor)
+{
+	RAII_VAR(struct ao2_container *, contacts, NULL, ao2_cleanup);
+	struct ast_sip_contact *contact;
+
+	contacts = ast_sip_location_retrieve_aor_contacts(aor);
+	if (!contacts || (ao2_container_count(contacts) == 0)) {
+		return NULL;
+	}
+
+	contact = ao2_callback(contacts, OBJ_NOLOCK, contact_find_first, NULL);
+	return contact;
+}
+
 struct ao2_container *ast_sip_location_retrieve_aor_contacts(const struct ast_sip_aor *aor)
 {
 	/* Give enough space for ^ at the beginning and ;@ at the end, since that is our object naming scheme */
@@ -114,6 +134,35 @@
 	}
 
 	return contacts;
+}
+
+struct ast_sip_contact *ast_sip_location_retrieve_contact_from_aor_list(const char *aor_list)
+{
+	char *aor_name;
+	char *rest;
+	struct ast_sip_contact *contact = NULL;
+
+	/* If the location is still empty we have nowhere to go */
+	if (ast_strlen_zero(aor_list) || !(rest = ast_strdupa(aor_list))) {
+		ast_log(LOG_WARNING, "Unable to determine contacts from empty aor list\n");
+		return NULL;
+	}
+
+	while ((aor_name = strsep(&rest, ","))) {
+		RAII_VAR(struct ast_sip_aor *, aor, ast_sip_location_retrieve_aor(aor_name), ao2_cleanup);
+		RAII_VAR(struct ao2_container *, contacts, NULL, ao2_cleanup);
+
+		if (!aor) {
+			continue;
+		}
+		contact = ast_sip_location_retrieve_first_aor_contact(aor);
+		/* If a valid contact is available use its URI for dialing */
+		if (contact) {
+			break;
+		}
+	}
+
+	return contact;
 }
 
 struct ast_sip_contact *ast_sip_location_retrieve_contact(const char *contact_name)

Modified: team/group/pimp_my_sip/res/res_sip/sip_configuration.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip/sip_configuration.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip/sip_configuration.c (original)
+++ team/group/pimp_my_sip/res/res_sip/sip_configuration.c Mon Apr  8 10:18:18 2013
@@ -115,45 +115,66 @@
 	return 0;
 }
 
-static void destroy_endpoint_auths(const struct ast_sip_endpoint *endpoint)
+static void destroy_auths(const char **auths, size_t num_auths)
 {
 	int i;
-	for (i = 0; i < endpoint->num_auths; ++i) {
-		ast_free((char *) endpoint->sip_auths[i]);
-	}
-	ast_free(endpoint->sip_auths);
+	for (i = 0; i < num_auths; ++i) {
+		ast_free((char *) auths[i]);
+	}
+	ast_free(auths);
 }
 
 #define AUTH_INCREMENT 4
 
-static int auth_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
-{
-	char *auths = ast_strdupa(var->value);
+static const char **auth_alloc(const char *value, size_t *num_auths)
+{
+	char *auths = ast_strdupa(value);
 	char *val;
-	struct ast_sip_endpoint *endpoint = obj;
 	int num_alloced = 0;
+	const char **alloced_auths = NULL;
 
 	while ((val = strsep(&auths, ","))) {
-		if (endpoint->num_auths >= num_alloced) {
+		if (*num_auths >= num_alloced) {
 			size_t size;
 			num_alloced += AUTH_INCREMENT;
 			size = num_alloced * sizeof(char *);
-			endpoint->sip_auths = ast_realloc(endpoint->sip_auths, size);
-			if (!endpoint->sip_auths) {
+			alloced_auths = ast_realloc(alloced_auths, size);
+			if (!alloced_auths) {
 				goto failure;
 			}
 		}
-		endpoint->sip_auths[endpoint->num_auths] = ast_strdup(val);
-		if (!endpoint->sip_auths[endpoint->num_auths]) {
+		alloced_auths[*num_auths] = ast_strdup(val);
+		if (!alloced_auths[*num_auths]) {
 			goto failure;
 		}
-		++endpoint->num_auths;
-	}
-	return 0;
+		++(*num_auths);
+	}
+	return alloced_auths;
 
 failure:
-	destroy_endpoint_auths(endpoint);
-	return -1;
+	destroy_auths(alloced_auths, *num_auths);
+	return NULL;
+}
+
+static int inbound_auth_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
+{
+	struct ast_sip_endpoint *endpoint = obj;
+
+	endpoint->sip_inbound_auths = auth_alloc(var->value, &endpoint->num_inbound_auths);
+	if (!endpoint->sip_inbound_auths) {
+		return -1;
+	}
+	return 0;
+}
+static int outbound_auth_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
+{
+	struct ast_sip_endpoint *endpoint = obj;
+
+	endpoint->sip_outbound_auths = auth_alloc(var->value, &endpoint->num_outbound_auths);
+	if (!endpoint->sip_outbound_auths) {
+		return -1;
+	}
+	return 0;
 }
 
 static int ident_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
@@ -268,8 +289,9 @@
 	ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "timers", "yes", timers_handler, NULL, 0, 0);
 	ast_sorcery_object_field_register(sip_sorcery, "endpoint", "timers_min_se", "90", OPT_UINT_T, 0, FLDSET(struct ast_sip_endpoint, min_se));
 	ast_sorcery_object_field_register(sip_sorcery, "endpoint", "timers_sess_expires", "1800", OPT_UINT_T, 0, FLDSET(struct ast_sip_endpoint, sess_expires));
+	ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "auth", "", inbound_auth_handler, NULL, 0, 0);
+	ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "outbound_auth", "", outbound_auth_handler, NULL, 0, 0);
 	ast_sorcery_object_field_register(sip_sorcery, "endpoint", "aors", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_endpoint, aors));
-	ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "auth", "", auth_handler, NULL, 0, 0);
 	ast_sorcery_object_field_register(sip_sorcery, "endpoint", "external_media_address", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_endpoint, external_media_address));
 	ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "identify_by", "username,location", ident_handler, NULL, 0, 0);
 	ast_sorcery_object_field_register(sip_sorcery, "endpoint", "direct_media", "yes", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, direct_media));
@@ -326,7 +348,8 @@
 	if (endpoint->codecs) {
 		ast_format_cap_destroy(endpoint->codecs);
 	}
-	destroy_endpoint_auths(endpoint);
+	destroy_auths(endpoint->sip_inbound_auths, endpoint->num_inbound_auths);
+	destroy_auths(endpoint->sip_outbound_auths, endpoint->num_outbound_auths);
 }
 
 void *ast_sip_endpoint_alloc(const char *name)
@@ -355,6 +378,29 @@
 	return endpoints;
 }
 
+int ast_sip_retrieve_auths(const char *auth_names[], size_t num_auths, struct ast_sip_auth **out)
+{
+	int i;
+
+	for (i = 0; i < num_auths; ++i) {
+		out[i] = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), SIP_SORCERY_AUTH_TYPE, auth_names[i]);
+		if (!out[i]) {
+			ast_log(LOG_NOTICE, "Couldn't find auth '%s'. Cannot authenticate\n", auth_names[i]);
+			return -1;
+		}
+	}
+
+	return 0;
+}
+
+void ast_sip_cleanup_auths(struct ast_sip_auth *auths[], size_t num_auths)
+{
+	int i;
+	for (i = 0; i < num_auths; ++i) {
+		ao2_cleanup(auths[i]);
+	}
+}
+
 struct ast_sorcery *ast_sip_get_sorcery(void)
 {
 	return sip_sorcery;

Modified: team/group/pimp_my_sip/res/res_sip/sip_distributor.c
URL: http://svnview.digium.com/svn/asterisk/team/group/pimp_my_sip/res/res_sip/sip_distributor.c?view=diff&rev=384920&r1=384919&r2=384920
==============================================================================
--- team/group/pimp_my_sip/res/res_sip/sip_distributor.c (original)
+++ team/group/pimp_my_sip/res/res_sip/sip_distributor.c Mon Apr  8 10:18:18 2013
@@ -68,6 +68,16 @@
 		dist = distributor_dialog_data_alloc(dlg);
 	}
 	dist->endpoint = endpoint;
+}
+
+struct ast_sip_endpoint *ast_sip_dialog_get_endpoint(pjsip_dialog *dlg)
+{

[... 275 lines stripped ...]



More information about the svn-commits mailing list