[asterisk-scf-commits] asterisk-scf/release/sip.git branch "authexten" updated.

Commits to the Asterisk SCF project code repositories asterisk-scf-commits at lists.digium.com
Tue Feb 8 17:15:18 CST 2011


branch "authexten" has been updated
       via  f4195acb409cf8ecaac3d63e3c85a52e98bbd9b1 (commit)
       via  dc9a45bea83aa73e62865969c445f2a8212be462 (commit)
      from  5a0a9a73584c42a5f188f3a1436512ccb6a01bbe (commit)

Summary of changes:
 local-slice/SipIf.ice        |    1 +
 src/PJSipManager.cpp         |   50 +++++++++++++---------
 src/PJSipManager.h           |   22 ++--------
 src/PJSipSessionModule.cpp   |   93 ++++++++++++++++++++++++++++++++++++++++++
 src/PJSipSessionModule.h     |    1 +
 src/SipSessionManagerApp.cpp |   55 ++++++++++++++++++++++++-
 6 files changed, 182 insertions(+), 40 deletions(-)


- Log -----------------------------------------------------------------
commit f4195acb409cf8ecaac3d63e3c85a52e98bbd9b1
Author: Mark Michelson <mmichelson at digium.com>
Date:   Tue Feb 8 17:13:37 2011 -0600

    Commit some progress towards authentication extension point.
    
    RequestInfo is generated inline in the PJSipSessionModule. The part
    that hasn't been done yet is taking the Digest information and handing
    it to PJSIP so that an authentication challenge can be concocted.

diff --git a/src/PJSipSessionModule.cpp b/src/PJSipSessionModule.cpp
index 3080204..56690e8 100644
--- a/src/PJSipSessionModule.cpp
+++ b/src/PJSipSessionModule.cpp
@@ -29,6 +29,8 @@
 #include "SipStateReplicator.h"
 
 using namespace AsteriskSCF::System::Logging;
+using namespace AsteriskSCF::SIP::ExtensionPoint::V1;
+using namespace AsteriskSCF::System::Hook::V1;
 
 namespace
 {
@@ -423,6 +425,88 @@ pj_status_t PJSipSessionModule::unload()
     return PJ_SUCCESS;
 }
 
+bool PJSipSessionModule::checkAuth(pjsip_rx_data *rdata, pjsip_inv_session *inv)
+{
+    //If there are no hooks, this is simple
+    if (mAuthHooks.empty())
+    {
+        return false;
+    }
+
+    RequestInfoPtr info(new RequestInfo);
+
+    char buf[512];
+    pjsip_name_addr *from = (pjsip_name_addr *)rdata->msg_info.from->uri;
+    info->fromName = std::string(pj_strbuf(&from->display), pj_strlen(&from->display));
+
+    pjsip_uri_print(PJSIP_URI_IN_FROMTO_HDR, from->uri, buf, sizeof(buf));
+    std::string fromURI(buf, strlen(buf));
+    size_t pos = fromURI.find_first_of(';');
+    info->fromURI = fromURI.substr(0, pos);
+
+    info->fromParams;
+
+    pjsip_name_addr *to = (pjsip_name_addr *)rdata->msg_info.to->uri;
+    info->toName = std::string(pj_strbuf(&to->display), pj_strlen(&to->display));
+
+    pjsip_uri_print(PJSIP_URI_IN_FROMTO_HDR, to->uri, buf, sizeof(buf));
+    std::string toURI(buf, strlen(buf));
+    pos = toURI.find_first_of(';');
+    info->toURI = toURI.substr(0, pos);
+
+    info->toParams;
+
+    pjsip_uri *rURI = (pjsip_uri *) pjsip_uri_get_uri(rdata->msg_info.msg->line.req.uri);
+    pjsip_uri_print(PJSIP_URI_IN_REQ_URI, rURI, buf, sizeof(buf));
+    std::string rURIStr(buf, strlen(buf));
+    pos = rURIStr.find_first_of(';');
+    info->requestURI = rURIStr.substr(0, pos);
+
+    info->requestURIParams;
+
+    info->IPAddr = std::string(pj_sockaddr_print((pj_sockaddr_t *) &rdata->pkt_info.src_addr, buf, rdata->pkt_info.src_addr_len, 0), rdata->pkt_info.src_addr_len);
+    info->port = rdata->pkt_info.src_port;
+    std::string transport(rdata->tp_info.transport->type_name);
+    if (transport == "tcp")
+    {
+        info->transport = AsteriskSCF::SIP::ExtensionPoint::V1::TCP;
+    }
+    else if (transport == "tls")
+    {
+        info->transport = AsteriskSCF::SIP::ExtensionPoint::V1::TLS;
+    }
+    else if (transport == "udp")
+    {
+        info->transport = AsteriskSCF::SIP::ExtensionPoint::V1::UDP;
+    }
+
+    //We have our RequestInfo created. Now start calling out to any registered hooks
+    for (std::map<HookId, AuthHookPrx>::iterator iter = mAuthHooks.begin(); iter != mAuthHooks.end(); ++iter)
+    {
+        DigestChallengeSeq digests;
+        HookResult result;
+        result = iter->second->challengeRequest(info, digests);
+        if (result.status == Failed)
+        {
+            lg(Error) << "SIP Authentication hook reported a failure: " << result.info;
+        }
+        else if (result.status == Succeeded) {
+            if (!digests.empty())
+            {
+                pjsip_tx_data *tdata;
+                pjsip_inv_end_session(inv, 401, NULL, &tdata);
+                pjsip_inv_send_msg(inv, tdata);
+                return true;
+            }
+            else
+            {
+                return false;
+            }
+        }
+    }
+    return false;
+}
+
 void PJSipSessionModule::handleNewInvite(pjsip_rx_data *rdata)
 {
     //What do we do here?
@@ -495,6 +579,15 @@ void PJSipSessionModule::handleNewInvite(pjsip_rx_data *rdata)
         pjsip_inv_terminate(inv_session, 500, PJ_FALSE);
     }
 
+    bool authSent = checkAuth(rdata, inv_session);
+
+    // This means we sent a 401 to the requester,
+    // so no need to go any further
+    if (authSent)
+    {
+        return;
+    }
+
     pjsip_uri *from = rdata->msg_info.from->uri;
     std::string callerName("");
     if (PJSIP_URI_SCHEME_IS_SIP(from) || PJSIP_URI_SCHEME_IS_SIPS(from))
diff --git a/src/PJSipSessionModule.h b/src/PJSipSessionModule.h
index 5569170..244ee60 100644
--- a/src/PJSipSessionModule.h
+++ b/src/PJSipSessionModule.h
@@ -86,6 +86,7 @@ private:
     void handleNewInvite(pjsip_rx_data *rdata);
     void handleInviteResponse(pjsip_inv_session *inv, pjsip_rx_data *rdata, pjsip_dialog *dlg);
     void handleRefer(pjsip_inv_session *inv, pjsip_rx_data *rdata);
+    bool checkAuth(pjsip_rx_data *rdata, pjsip_inv_session *inv);
     pjsip_inv_callback mInvCallback;
     pjsip_ua_init_param mUaParam;
     const std::string mName;

commit dc9a45bea83aa73e62865969c445f2a8212be462
Author: Mark Michelson <mmichelson at digium.com>
Date:   Tue Feb 8 11:30:34 2011 -0600

    The infrastructure is now in place for users to register Auth hooks.
    
    The SIP Session Gateway registers the extension point with the
    service locator. The methods for adding and removing hooks is passed
    down to the PJSipManager, which then passes the calls down to the
    individual PJSIP modules. This way a single auth hook will be added
    to all potential SIP modules that may want to use the hook.
    
    The next step is to take the information from an incoming SIP INVITE
    and actually call out to the hook if one exists.

diff --git a/local-slice/SipIf.ice b/local-slice/SipIf.ice
index bf429de..744f6a3 100644
--- a/local-slice/SipIf.ice
+++ b/local-slice/SipIf.ice
@@ -27,6 +27,7 @@ module V1
 {
    const string Version = "V1";
    const string ComponentServiceDiscoveryCategory = "SipSessionManager";
+   const string AuthExtensionPointCategory = "SipAuthExtensionPoint";
 
    // A submodule for our event publication.
    module Event
diff --git a/src/PJSipManager.cpp b/src/PJSipManager.cpp
index 8baa8b4..ba70b3d 100644
--- a/src/PJSipManager.cpp
+++ b/src/PJSipManager.cpp
@@ -22,6 +22,7 @@
 using namespace AsteriskSCF::System::Logging;
 using namespace AsteriskSCF::System::Hook::V1;
 using namespace AsteriskSCF::SIP::ExtensionPoint::V1;
+using namespace AsteriskSCF::Core::Discovery::V1;
 
 namespace
 {
@@ -34,32 +35,40 @@ namespace AsteriskSCF
 namespace SipSessionManager
 {
 
-PJSipManagerAuthExtensionPoint::PJSipManagerAuthExtensionPoint(PJSipSessionModule *sessionModule,
-        PJSipLoggingModule *loggingModule) : mSessionModule(sessionModule), mLoggingModule(loggingModule)
+void PJSipManager::addAuthHook(std::pair<HookId, AuthHookPrx> hook)
 {
+    if (mSessionModule)
+    {
+        mSessionModule->addAuthHook(hook);
+    }
+    if (mLoggingModule)
+    {
+        mLoggingModule->addAuthHook(hook);
+    }
 }
 
-HookId PJSipManagerAuthExtensionPoint::addAuthHook(
-        const AuthHookPrx &hook,
-        const RequestTypeSeq &requestTypes)
-{
-    HookId id;
-    id.id = IceUtil::generateUUID();
-    mSessionModule->addAuthHook(std::make_pair(id, hook));
-    mLoggingModule->addAuthHook(std::make_pair(id, hook));
-    return id;
-}
-
-void PJSipManagerAuthExtensionPoint::removeAuthHook(const HookId &id)
+void PJSipManager::removeAuthHook(const HookId &id)
 {
-    mSessionModule->removeAuthHook(id);
-    mLoggingModule->removeAuthHook(id);
+    if (mSessionModule)
+    {
+        mSessionModule->removeAuthHook(id);
+    }
+    if (mLoggingModule)
+    {
+        mLoggingModule->removeAuthHook(id);
+    }
 }
 
-void PJSipManagerAuthExtensionPoint::clearAuthHooks()
+void PJSipManager::clearAuthHooks()
 {
-    mSessionModule->clearAuthHooks();
-    mLoggingModule->clearAuthHooks();
+    if (mSessionModule)
+    {
+        mSessionModule->clearAuthHooks();
+    }
+    if (mLoggingModule)
+    {
+        mLoggingModule->clearAuthHooks();
+    }
 }
 
 static void *monitorThread(void *endpt)
@@ -75,7 +84,7 @@ static void *monitorThread(void *endpt)
     return NULL;
 }
 
-PJSipManager::PJSipManager(Ice::PropertiesPtr props)
+PJSipManager::PJSipManager(const Ice::CommunicatorPtr &ic)
 {
     pj_status_t status = pj_init();
     if (status != PJ_SUCCESS)
@@ -87,6 +96,7 @@ PJSipManager::PJSipManager(Ice::PropertiesPtr props)
     // if necessary.
     pj_caching_pool_init(&mCachingPool, NULL, 1024 * 1024);
     pjsip_endpt_create(&mCachingPool.factory, "SIP", &mEndpoint);
+    Ice::PropertiesPtr props(ic->getProperties());
     setTransports(mEndpoint, props);
     mMemoryPool = pj_pool_create(&mCachingPool.factory, "SIP", 1024, 1024, NULL);
     if (!mMemoryPool)
diff --git a/src/PJSipManager.h b/src/PJSipManager.h
index 0502cbb..2458c6d 100644
--- a/src/PJSipManager.h
+++ b/src/PJSipManager.h
@@ -38,22 +38,6 @@ namespace AsteriskSCF
 namespace SipSessionManager
 {
 
-class PJSipManagerAuthExtensionPoint : public AsteriskSCF::SIP::ExtensionPoint::V1::AuthExtensionPoint
-{
-public:
-    PJSipManagerAuthExtensionPoint(PJSipSessionModule *sessionModule, PJSipLoggingModule *loggingModule);
-    virtual AsteriskSCF::System::Hook::V1::HookId addAuthHook(
-            const AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookPrx &hook,
-            const AsteriskSCF::SIP::ExtensionPoint::V1::RequestTypeSeq &requestTypes);
-    virtual void removeAuthHook(const AsteriskSCF::System::Hook::V1::HookId &id);
-    virtual void clearAuthHooks();
-private:
-    PJSipSessionModule *mSessionModule;
-    PJSipLoggingModule *mLoggingModule;
-};
-
-typedef IceUtil::Handle<PJSipManagerAuthExtensionPoint> PJSipManagerAuthExtensionPointPtr;
-
 /**
  * This class is responsible for providing
  * access to the pjsip_endpt for the Asterisk
@@ -65,7 +49,7 @@ typedef IceUtil::Handle<PJSipManagerAuthExtensionPoint> PJSipManagerAuthExtensio
 class PJSipManager
 {
 public:
-    PJSipManager(Ice::PropertiesPtr props);
+    PJSipManager(const Ice::CommunicatorPtr &ic);
     /**
      * Get a handle to the PJSipEndpoint for operations
      * that may require it
@@ -98,6 +82,9 @@ public:
      * for logging incoming and outgoing SIP messages
      */
     void registerLoggingModule();
+    void addAuthHook(std::pair<AsteriskSCF::System::Hook::V1::HookId, AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookPrx> hook);
+    void removeAuthHook(const AsteriskSCF::System::Hook::V1::HookId &id);
+    void clearAuthHooks();
 private:
     static PJSipManager *mInstance;
     pjsip_endpoint *mEndpoint;
@@ -107,7 +94,6 @@ private:
     pj_caching_pool mCachingPool;
     pj_pool_t *mMemoryPool;
     pjsip_transport *mUdpTransport;
-    PJSipManagerAuthExtensionPointPtr auth;
 
     bool setTransports(pjsip_endpoint *endpoint, Ice::PropertiesPtr props);
 };
diff --git a/src/SipSessionManagerApp.cpp b/src/SipSessionManagerApp.cpp
index 2afe7ab..13ce54b 100644
--- a/src/SipSessionManagerApp.cpp
+++ b/src/SipSessionManagerApp.cpp
@@ -17,6 +17,7 @@
 #include <Ice/Ice.h>
 #include <IceStorm/IceStorm.h>
 #include <IceBox/IceBox.h>
+#include <IceUtil/UUID.h>
 
 #include <boost/thread.hpp>
 #include <boost/shared_ptr.hpp>
@@ -48,8 +49,10 @@ using namespace AsteriskSCF::Core::Routing::V1;
 using namespace AsteriskSCF::Core::Discovery::V1;
 using namespace AsteriskSCF::System::Component::V1;
 using namespace AsteriskSCF::System::Logging;
+using namespace AsteriskSCF::System::Hook::V1;
 using namespace AsteriskSCF::SessionCommunications::V1;
 using namespace AsteriskSCF::SmartProxy;
+using namespace AsteriskSCF::SIP::ExtensionPoint::V1;
 
 namespace
 {
@@ -61,6 +64,40 @@ namespace AsteriskSCF
 namespace SipSessionManager
 {
 
+class SipAuthExtensionPoint : public AuthExtensionPoint
+{
+public:
+    SipAuthExtensionPoint(PJSipManager *manager)
+        : mPJSipManager(manager)
+    {
+    }
+    
+    HookId addAuthHook(
+            const AuthHookPrx &hook,
+            const RequestTypeSeq &requestTypes,
+            const Ice::Current&)
+    {
+        HookId id;
+        id.id = IceUtil::generateUUID();
+        mPJSipManager->addAuthHook(std::make_pair(id, hook));
+        return id;
+    }
+    
+    void removeAuthHook(const HookId &id, const Ice::Current&)
+    {
+        mPJSipManager->removeAuthHook(id);
+    }
+    
+    void clearAuthHooks(const Ice::Current&)
+    {
+        mPJSipManager->clearAuthHooks();
+    }
+private:
+    PJSipManager *mPJSipManager;
+};
+
+typedef IceUtil::Handle<SipAuthExtensionPoint> SipAuthExtensionPointPtr;
+
 /**
  * This private class initializes the startup and controls the shutdown of the component.
  */
@@ -112,6 +149,7 @@ private:
     ServiceLocatorManagementPrx mServiceLocatorManagement;
 
     Discovery::V1::ServiceManagementPrx mComponentServiceManagement;
+    Discovery::V1::ServiceManagementPrx mAuthServiceManagement;
     ReplicaPtr mReplicaService;
     ComponentServicePtr mComponentService;
     PJSipManager *mPJSipManager;
@@ -124,11 +162,13 @@ private:
     AsteriskSCF::SmartProxy::SmartProxy<LocatorRegistryPrx> mRoutingServiceLocatorRegistry;
     boost::shared_ptr<SipSessionManagerEventPublisher> mEventPublisher;
     Routing::V1::EndpointLocatorPtr mEndpointLocator;
+    SipAuthExtensionPointPtr mAuthService;
 };
 
 static const string ComponentServiceId("SipChannelComponent");
 static const string EndpointLocatorObjectId("SipChannelEndpointLocator");
 static const string ReplicaServiceId("SipChannelReplica");
+static const string AuthServiceId("SipAuthExtensionPoint");
 
 /**
  * This class provides implementation for the ComponentService interface, which
@@ -311,7 +351,13 @@ void SipSessionManager::registerWithServiceLocator()
 
         setCategory(mComponentServiceManagement, AsteriskSCF::SIP::V1::ComponentServiceDiscoveryCategory);
 
-        // TBD... We may have other interfaces to publish to the Service Locator.
+        // Hey look we have an Auth extension point to publish!
+        Ice::ObjectPrx authObjPrx = mLocalAdapter->createDirectProxy(mCommunicator->stringToIdentity(AuthServiceId));
+        AuthExtensionPointPrx authPrx = AuthExtensionPointPrx::checkedCast(authObjPrx);
+
+        std::string authServiceGuid("SipAuthExtensionPoint");
+        mAuthServiceManagement = ServiceManagementPrx::uncheckedCast(mServiceLocatorManagement->addService(authPrx, authServiceGuid));
+        setCategory(mAuthServiceManagement, AsteriskSCF::SIP::V1::AuthExtensionPointCategory);
     }
     catch(...)
     {
@@ -491,7 +537,7 @@ void SipSessionManager::initialize(const std::string appName, const Ice::Communi
         mAppName = appName;
 
         // Initialize PJSIP
-        mPJSipManager = new PJSipManager(ic->getProperties());
+        mPJSipManager = new PJSipManager(ic);
         lg(Debug) << "Created PJSIP manager";
 
         //As nice as it is of IceBox to provide us with a communicator,
@@ -537,6 +583,11 @@ void SipSessionManager::initialize(const std::string appName, const Ice::Communi
         mLocalAdapter->add(mComponentService, mCommunicator->stringToIdentity(ComponentServiceId));
         lg(Debug) << "Added component service to object adapter";
 
+        // Create and publish our AuthExtensionPoint
+        mAuthService = new SipAuthExtensionPoint(mPJSipManager);
+        mLocalAdapter->add(mAuthService, mCommunicator->stringToIdentity(AuthServiceId));
+        lg(Debug) << "Added Auth extension point to object adapter";
+
         // Create and publish our state replicator listener interface.
         mReplicatorListener = new SipStateReplicatorListenerI(mEndpointFactory, mPJSipManager);
         mReplicatorListenerProxy = SipStateReplicatorListenerPrx::uncheckedCast(mLocalAdapter->addWithUUID(mReplicatorListener));

-----------------------------------------------------------------------


-- 
asterisk-scf/release/sip.git



More information about the asterisk-scf-commits mailing list