Asterisk - The Open Source Telephony Project GIT-master-8b8a8c1
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Properties Macros Modules Pages
Macros | Functions | Variables
profile_config.c File Reference
#include "asterisk.h"
#include "asterisk/cli.h"
#include "asterisk/sorcery.h"
#include "asterisk/acl.h"
#include "asterisk/stasis.h"
#include "asterisk/security_events.h"
#include "stir_shaken.h"
Include dependency graph for profile_config.c:

Go to the source code of this file.

Macros

#define CONFIG_TYPE   "profile"
 
#define DEFAULT_attest_level   attest_level_NOT_SET
 
#define DEFAULT_ca_file   NULL
 
#define DEFAULT_ca_path   NULL
 
#define DEFAULT_cert_cache_dir   NULL
 
#define DEFAULT_check_tn_cert_public_url   check_tn_cert_public_url_NOT_SET
 
#define DEFAULT_crl_file   NULL
 
#define DEFAULT_crl_path   NULL
 
#define DEFAULT_curl_timeout   0
 
#define DEFAULT_endpoint_behavior   endpoint_behavior_OFF
 
#define DEFAULT_ignore_sip_date_header   ignore_sip_date_header_NOT_SET
 
#define DEFAULT_load_system_certs   load_system_certs_NOT_SET
 
#define DEFAULT_max_cache_entry_age   0
 
#define DEFAULT_max_cache_size   0
 
#define DEFAULT_max_date_header_age   0
 
#define DEFAULT_max_iat_age   0
 
#define DEFAULT_private_key_file   NULL
 
#define DEFAULT_public_cert_url   NULL
 
#define DEFAULT_relax_x5u_path_restrictions   relax_x5u_path_restrictions_NOT_SET
 
#define DEFAULT_relax_x5u_port_scheme_restrictions   relax_x5u_port_scheme_restrictions_NOT_SET
 
#define DEFAULT_send_mky   send_mky_NOT_SET
 
#define DEFAULT_stir_shaken_failure_action   stir_shaken_failure_action_NOT_SET
 
#define DEFAULT_unknown_tn_attest_level   attest_level_NOT_SET
 
#define DEFAULT_untrusted_cert_file   NULL
 
#define DEFAULT_untrusted_cert_path   NULL
 
#define DEFAULT_use_rfc9410_responses   use_rfc9410_responses_NOT_SET
 

Functions

static char * cli_eprofile_show (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
 
static char * cli_eprofile_show_all (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
 
static char * cli_profile_show (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
 
static char * cli_profile_show_all (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
 
static struct profile_cfgcreate_effective_profile (struct profile_cfg *base_profile)
 
static int eprofile_apply (const struct ast_sorcery *sorcery, void *obj)
 
struct ao2_containereprofile_get_all (void)
 
struct profile_cfgeprofile_get_cfg (const char *id)
 
 generate_acfg_common_sorcery_handlers (profile_cfg)
 
 generate_sorcery_enum_from_str (profile_cfg,, endpoint_behavior, UNKNOWN)
 
 generate_sorcery_enum_from_str_ex (profile_cfg,, unknown_tn_attest_level, attest_level, UNKNOWN)
 
 generate_sorcery_enum_to_str (profile_cfg,, endpoint_behavior)
 
 generate_sorcery_enum_to_str_ex (profile_cfg,, unknown_tn_attest_level, attest_level)
 
 generate_vcfg_common_sorcery_handlers (profile_cfg)
 
static void * profile_alloc (const char *name)
 
static int profile_apply (const struct ast_sorcery *sorcery, void *obj)
 
static void profile_destructor (void *obj)
 
struct ao2_containerprofile_get_all (void)
 
struct profile_cfgprofile_get_cfg (const char *id)
 
int profile_load (void)
 
int profile_reload (void)
 
int profile_unload (void)
 

Variables

static struct ast_cli_entry stir_shaken_profile_cli []
 

Macro Definition Documentation

◆ CONFIG_TYPE

#define CONFIG_TYPE   "profile"

Definition at line 29 of file profile_config.c.

◆ DEFAULT_attest_level

#define DEFAULT_attest_level   attest_level_NOT_SET

Definition at line 57 of file profile_config.c.

◆ DEFAULT_ca_file

#define DEFAULT_ca_file   NULL

Definition at line 33 of file profile_config.c.

◆ DEFAULT_ca_path

#define DEFAULT_ca_path   NULL

Definition at line 34 of file profile_config.c.

◆ DEFAULT_cert_cache_dir

#define DEFAULT_cert_cache_dir   NULL

Definition at line 39 of file profile_config.c.

◆ DEFAULT_check_tn_cert_public_url

#define DEFAULT_check_tn_cert_public_url   check_tn_cert_public_url_NOT_SET

Definition at line 54 of file profile_config.c.

◆ DEFAULT_crl_file

#define DEFAULT_crl_file   NULL

Definition at line 35 of file profile_config.c.

◆ DEFAULT_crl_path

#define DEFAULT_crl_path   NULL

Definition at line 36 of file profile_config.c.

◆ DEFAULT_curl_timeout

#define DEFAULT_curl_timeout   0

Definition at line 41 of file profile_config.c.

◆ DEFAULT_endpoint_behavior

#define DEFAULT_endpoint_behavior   endpoint_behavior_OFF

Definition at line 31 of file profile_config.c.

◆ DEFAULT_ignore_sip_date_header

#define DEFAULT_ignore_sip_date_header   ignore_sip_date_header_NOT_SET

Definition at line 52 of file profile_config.c.

◆ DEFAULT_load_system_certs

#define DEFAULT_load_system_certs   load_system_certs_NOT_SET

Definition at line 51 of file profile_config.c.

◆ DEFAULT_max_cache_entry_age

#define DEFAULT_max_cache_entry_age   0

Definition at line 44 of file profile_config.c.

◆ DEFAULT_max_cache_size

#define DEFAULT_max_cache_size   0

Definition at line 45 of file profile_config.c.

◆ DEFAULT_max_date_header_age

#define DEFAULT_max_date_header_age   0

Definition at line 43 of file profile_config.c.

◆ DEFAULT_max_iat_age

#define DEFAULT_max_iat_age   0

Definition at line 42 of file profile_config.c.

◆ DEFAULT_private_key_file

#define DEFAULT_private_key_file   NULL

Definition at line 55 of file profile_config.c.

◆ DEFAULT_public_cert_url

#define DEFAULT_public_cert_url   NULL

Definition at line 56 of file profile_config.c.

◆ DEFAULT_relax_x5u_path_restrictions

#define DEFAULT_relax_x5u_path_restrictions   relax_x5u_path_restrictions_NOT_SET

Definition at line 50 of file profile_config.c.

◆ DEFAULT_relax_x5u_port_scheme_restrictions

#define DEFAULT_relax_x5u_port_scheme_restrictions   relax_x5u_port_scheme_restrictions_NOT_SET

Definition at line 49 of file profile_config.c.

◆ DEFAULT_send_mky

#define DEFAULT_send_mky   send_mky_NOT_SET

Definition at line 59 of file profile_config.c.

◆ DEFAULT_stir_shaken_failure_action

#define DEFAULT_stir_shaken_failure_action   stir_shaken_failure_action_NOT_SET

Definition at line 47 of file profile_config.c.

◆ DEFAULT_unknown_tn_attest_level

#define DEFAULT_unknown_tn_attest_level   attest_level_NOT_SET

Definition at line 58 of file profile_config.c.

◆ DEFAULT_untrusted_cert_file

#define DEFAULT_untrusted_cert_file   NULL

Definition at line 37 of file profile_config.c.

◆ DEFAULT_untrusted_cert_path

#define DEFAULT_untrusted_cert_path   NULL

Definition at line 38 of file profile_config.c.

◆ DEFAULT_use_rfc9410_responses

#define DEFAULT_use_rfc9410_responses   use_rfc9410_responses_NOT_SET

Definition at line 48 of file profile_config.c.

Function Documentation

◆ cli_eprofile_show()

static char * cli_eprofile_show ( struct ast_cli_entry e,
int  cmd,
struct ast_cli_args a 
)
static

Definition at line 342 of file profile_config.c.

343{
344 struct profile_cfg *profile;
345 struct config_object_cli_data data = {
346 .title = "Effective Profile",
347 .object_type = config_object_type_profile,
348 };
349
350 switch(cmd) {
351 case CLI_INIT:
352 e->command = "stir_shaken show eprofile";
353 e->usage =
354 "Usage: stir_shaken show eprofile <id>\n"
355 " Show the stir/shaken eprofile settings for a given id\n";
356 return NULL;
357 case CLI_GENERATE:
358 if (a->pos == 3) {
359 return config_object_tab_complete_name(a->word, eprofile_get_all());
360 } else {
361 return NULL;
362 }
363 }
364
365 if (a->argc != 4) {
366 return CLI_SHOWUSAGE;
367 }
368
369 profile = eprofile_get_cfg(a->argv[3]);
370 if (!profile) {
371 ast_log(LOG_ERROR,"Effective Profile %s doesn't exist\n", a->argv[3]);
372 return CLI_FAILURE;
373 }
374 config_object_cli_show(profile, a, &data, 0);
375
376 ao2_cleanup(profile);
377
378 return CLI_SUCCESS;
379}
ast_log
#define ast_log
Definition: astobj2.c:42
ao2_cleanup
#define ao2_cleanup(obj)
Definition: astobj2.h:1934
CLI_SHOWUSAGE
#define CLI_SHOWUSAGE
Definition: cli.h:45
CLI_SUCCESS
#define CLI_SUCCESS
Definition: cli.h:44
CLI_INIT
@ CLI_INIT
Definition: cli.h:152
CLI_GENERATE
@ CLI_GENERATE
Definition: cli.h:153
CLI_FAILURE
#define CLI_FAILURE
Definition: cli.h:46
config_object_cli_show
int config_object_cli_show(void *obj, void *arg, void *data, int flags)
Output configuration settings to the Asterisk CLI.
Definition: common_config.c:173
config_object_tab_complete_name
char * config_object_tab_complete_name(const char *word, struct ao2_container *container)
Tab completion for name matching with STIR/SHAKEN CLI commands.
Definition: common_config.c:241
config_object_type_profile
@ config_object_type_profile
Definition: common_config.h:563
LOG_ERROR
#define LOG_ERROR
Definition: include/asterisk/logger.h:289
eprofile_get_cfg
struct profile_cfg * eprofile_get_cfg(const char *id)
Definition: profile_config.c:127
eprofile_get_all
struct ao2_container * eprofile_get_all(void)
Definition: profile_config.c:121
NULL
#define NULL
Definition: resample.c:96
ast_cli_entry::command
char * command
Definition: cli.h:186
ast_cli_entry::usage
const char * usage
Definition: cli.h:177
config_object_cli_data
Definition: common_config.h:567
config_object_cli_data::title
const char * title
Definition: common_config.h:568
profile_cfg
Profile configuration for stir/shaken.
Definition: common_config.h:421
a
static struct test_val a
Definition: test_linkedlists.c:46

References a, ao2_cleanup, ast_log, CLI_FAILURE, CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, config_object_cli_show(), config_object_tab_complete_name(), config_object_type_profile, eprofile_get_all(), eprofile_get_cfg(), LOG_ERROR, NULL, config_object_cli_data::title, and ast_cli_entry::usage.

◆ cli_eprofile_show_all()

static char * cli_eprofile_show_all ( struct ast_cli_entry e,
int  cmd,
struct ast_cli_args a 
)
static

Definition at line 381 of file profile_config.c.

382{
383 struct ao2_container *container;
384 struct config_object_cli_data data = {
385 .title = "Effective Profile",
386 .object_type = config_object_type_profile,
387 };
388
389 switch(cmd) {
390 case CLI_INIT:
391 e->command = "stir_shaken show eprofiles";
392 e->usage =
393 "Usage: stir_shaken show eprofiles\n"
394 " Show all eprofiles for stir/shaken\n";
395 return NULL;
396 case CLI_GENERATE:
397 return NULL;
398 }
399
400 if (a->argc != 3) {
401 return CLI_SHOWUSAGE;
402 }
403
404 container = eprofile_get_all();
405 if (!container || ao2_container_count(container) == 0) {
406 ast_cli(a->fd, "No stir/shaken eprofiles found\n");
407 ao2_cleanup(container);
408 return CLI_SUCCESS;
409 }
410
411 ao2_callback_data(container, OBJ_NODATA, config_object_cli_show, a, &data);
412 ao2_ref(container, -1);
413
414 return CLI_SUCCESS;
415}
ao2_container_count
int ao2_container_count(struct ao2_container *c)
Returns the number of elements in a container.
Definition: astobj2_container.c:34
ao2_callback_data
#define ao2_callback_data(container, flags, cb_fn, arg, data)
Definition: astobj2.h:1723
ao2_ref
#define ao2_ref(o, delta)
Reference/unreference an object and return the old refcount.
Definition: astobj2.h:459
OBJ_NODATA
@ OBJ_NODATA
Definition: astobj2.h:1044
ast_cli
void ast_cli(int fd, const char *fmt,...)
Definition: clicompat.c:6
container
struct ao2_container * container
Definition: res_fax.c:531
ao2_container
Generic container type.
Definition: astobj2_container_private.h:270

References a, ao2_callback_data, ao2_cleanup, ao2_container_count(), ao2_ref, ast_cli(), CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, config_object_cli_show(), config_object_type_profile, container, eprofile_get_all(), NULL, OBJ_NODATA, config_object_cli_data::title, and ast_cli_entry::usage.

◆ cli_profile_show()

static char * cli_profile_show ( struct ast_cli_entry e,
int  cmd,
struct ast_cli_args a 
)
static

Definition at line 267 of file profile_config.c.

268{
269 struct profile_cfg *profile;
270 struct config_object_cli_data data = {
271 .title = "Profile",
272 .object_type = config_object_type_profile,
273 };
274
275 switch(cmd) {
276 case CLI_INIT:
277 e->command = "stir_shaken show profile";
278 e->usage =
279 "Usage: stir_shaken show profile <id>\n"
280 " Show the stir/shaken profile settings for a given id\n";
281 return NULL;
282 case CLI_GENERATE:
283 if (a->pos == 3) {
284 return config_object_tab_complete_name(a->word, profile_get_all());
285 } else {
286 return NULL;
287 }
288 }
289
290 if (a->argc != 4) {
291 return CLI_SHOWUSAGE;
292 }
293
294 profile = profile_get_cfg(a->argv[3]);
295 if (!profile) {
296 ast_log(LOG_ERROR,"Profile %s doesn't exist\n", a->argv[3]);
297 return CLI_FAILURE;
298 }
299 config_object_cli_show(profile, a, &data, 0);
300
301 ao2_cleanup(profile);
302
303 return CLI_SUCCESS;
304}
profile_get_cfg
struct profile_cfg * profile_get_cfg(const char *id)
Definition: profile_config.c:113
profile_get_all
struct ao2_container * profile_get_all(void)
Definition: profile_config.c:107

References a, ao2_cleanup, ast_log, CLI_FAILURE, CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, config_object_cli_show(), config_object_tab_complete_name(), config_object_type_profile, LOG_ERROR, NULL, profile_get_all(), profile_get_cfg(), config_object_cli_data::title, and ast_cli_entry::usage.

◆ cli_profile_show_all()

static char * cli_profile_show_all ( struct ast_cli_entry e,
int  cmd,
struct ast_cli_args a 
)
static

Definition at line 306 of file profile_config.c.

307{
308 struct ao2_container *container;
309 struct config_object_cli_data data = {
310 .title = "Profile",
311 .object_type = config_object_type_profile,
312 };
313
314 switch(cmd) {
315 case CLI_INIT:
316 e->command = "stir_shaken show profiles";
317 e->usage =
318 "Usage: stir_shaken show profiles\n"
319 " Show all profiles for stir/shaken\n";
320 return NULL;
321 case CLI_GENERATE:
322 return NULL;
323 }
324
325 if (a->argc != 3) {
326 return CLI_SHOWUSAGE;
327 }
328
329 container = profile_get_all();
330 if (!container || ao2_container_count(container) == 0) {
331 ast_cli(a->fd, "No stir/shaken profiles found\n");
332 ao2_cleanup(container);
333 return CLI_SUCCESS;
334 }
335
336 ao2_callback_data(container, OBJ_NODATA, config_object_cli_show, a, &data);
337 ao2_ref(container, -1);
338
339 return CLI_SUCCESS;
340}

References a, ao2_callback_data, ao2_cleanup, ao2_container_count(), ao2_ref, ast_cli(), CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, config_object_cli_show(), config_object_type_profile, container, NULL, OBJ_NODATA, profile_get_all(), config_object_cli_data::title, and ast_cli_entry::usage.

◆ create_effective_profile()

static struct profile_cfg * create_effective_profile ( struct profile_cfg base_profile)
static

Definition at line 135 of file profile_config.c.

137{
138 struct profile_cfg *eprofile;
139 struct profile_cfg *existing_eprofile;
140 RAII_VAR(struct attestation_cfg*, acfg, as_get_cfg(), ao2_cleanup);
141 RAII_VAR(struct verification_cfg*, vcfg, vs_get_cfg(), ao2_cleanup);
142 const char *id = ast_sorcery_object_get_id(base_profile);
143 int rc = 0;
144
145 eprofile = ast_sorcery_alloc(get_sorcery(), "eprofile", id);
146 if (!eprofile) {
147 ast_log(LOG_ERROR, "%s: Unable to allocate memory for effective profile\n", id);
148 return NULL;
149 }
150
151 rc = vs_copy_cfg_common(id, &eprofile->vcfg_common,
152 &vcfg->vcfg_common);
153 if (rc != 0) {
154 ao2_cleanup(eprofile);
155 return NULL;
156 }
157
158 rc = vs_copy_cfg_common(id, &eprofile->vcfg_common,
159 &base_profile->vcfg_common);
160 if (rc != 0) {
161 ao2_cleanup(eprofile);
162 return NULL;
163 }
164
165 rc = as_copy_cfg_common(id, &eprofile->acfg_common,
166 &acfg->acfg_common);
167 if (rc != 0) {
168 ao2_cleanup(eprofile);
169 return NULL;
170 }
171
172 cfg_enum_copy_ex(eprofile, acfg, unknown_tn_attest_level,
173 attest_level_NOT_SET, attest_level_UNKNOWN);
174
175 rc = as_copy_cfg_common(id, &eprofile->acfg_common,
176 &base_profile->acfg_common);
177 if (rc != 0) {
178 ao2_cleanup(eprofile);
179 return NULL;
180 }
181
182 cfg_enum_copy_ex(eprofile, base_profile, unknown_tn_attest_level,
183 attest_level_NOT_SET, attest_level_UNKNOWN);
184
185
186 eprofile->endpoint_behavior = base_profile->endpoint_behavior;
187
188 if (eprofile->endpoint_behavior == endpoint_behavior_ON) {
189 if (acfg->global_disable && vcfg->global_disable) {
190 eprofile->endpoint_behavior = endpoint_behavior_OFF;
191 } else if (acfg->global_disable && !vcfg->global_disable) {
192 eprofile->endpoint_behavior = endpoint_behavior_VERIFY;
193 } else if (!acfg->global_disable && vcfg->global_disable) {
194 eprofile->endpoint_behavior = endpoint_behavior_ATTEST;
195 }
196 } else if (eprofile->endpoint_behavior == endpoint_behavior_ATTEST
197 && acfg->global_disable) {
198 eprofile->endpoint_behavior = endpoint_behavior_OFF;
199 } else if (eprofile->endpoint_behavior == endpoint_behavior_VERIFY
200 && vcfg->global_disable) {
201 eprofile->endpoint_behavior = endpoint_behavior_OFF;
202 }
203
204 existing_eprofile = ast_sorcery_retrieve_by_id(get_sorcery(), "eprofile", id);
205 if (existing_eprofile) {
206 ao2_cleanup(existing_eprofile);
207 ast_sorcery_update(get_sorcery(), eprofile);
208 } else {
209 ast_sorcery_create(get_sorcery(), eprofile);
210 }
211
212 /*
213 * This triggers eprofile_apply. We _could_ just call
214 * eprofile_apply directly but this seems more keeping
215 * with how sorcery works.
216 */
217 ast_sorcery_objectset_apply(get_sorcery(), eprofile, NULL);
218
219 return eprofile;
220}
as_get_cfg
struct attestation_cfg * as_get_cfg(void)
Definition: attestation_config.c:43
as_copy_cfg_common
int as_copy_cfg_common(const char *id, struct attestation_cfg_common *cfg_dst, struct attestation_cfg_common *cfg_src)
Definition: attestation_config.c:113
get_sorcery
struct ast_sorcery * get_sorcery(void)
Retrieve the stir/shaken sorcery context.
Definition: common_config.c:34
vs_get_cfg
struct verification_cfg * vs_get_cfg(void)
Definition: verification_config.c:55
vs_copy_cfg_common
int vs_copy_cfg_common(const char *id, struct verification_cfg_common *cfg_dst, struct verification_cfg_common *cfg_src)
Definition: verification_config.c:124
cfg_enum_copy_ex
#define cfg_enum_copy_ex(__cfg_dst, __cfg_src, __field, __not_set, __unknown)
cfg_enum_copy
Definition: common_config.h:277
ast_sorcery_object_get_id
const char * ast_sorcery_object_get_id(const void *object)
Get the unique identifier of a sorcery object.
Definition: sorcery.c:2317
ast_sorcery_create
int ast_sorcery_create(const struct ast_sorcery *sorcery, void *object)
Create and potentially persist an object using an available wizard.
Definition: sorcery.c:2062
ast_sorcery_retrieve_by_id
void * ast_sorcery_retrieve_by_id(const struct ast_sorcery *sorcery, const char *type, const char *id)
Retrieve an object using its unique identifier.
Definition: sorcery.c:1853
ast_sorcery_alloc
void * ast_sorcery_alloc(const struct ast_sorcery *sorcery, const char *type, const char *id)
Allocate an object.
Definition: sorcery.c:1744
ast_sorcery_update
int ast_sorcery_update(const struct ast_sorcery *sorcery, void *object)
Update an object.
Definition: sorcery.c:2150
ast_sorcery_objectset_apply
int ast_sorcery_objectset_apply(const struct ast_sorcery *sorcery, void *object, struct ast_variable *objectset)
Apply an object set (KVP list) to an object.
Definition: sorcery.c:1632
attestation_cfg
Definition: common_config.h:322
profile_cfg::endpoint_behavior
enum endpoint_behavior_enum endpoint_behavior
Definition: common_config.h:432
profile_cfg::acfg_common
struct attestation_cfg_common acfg_common
Definition: common_config.h:430
profile_cfg::eprofile
struct profile_cfg * eprofile
Definition: common_config.h:434
profile_cfg::unknown_tn_attest_level
enum attest_level_enum unknown_tn_attest_level
Definition: common_config.h:433
profile_cfg::vcfg_common
struct verification_cfg_common vcfg_common
Definition: common_config.h:431
verification_cfg
Definition: common_config.h:399
RAII_VAR
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
Definition: utils.h:941

References profile_cfg::acfg_common, ao2_cleanup, as_copy_cfg_common(), as_get_cfg(), ast_log, ast_sorcery_alloc(), ast_sorcery_create(), ast_sorcery_object_get_id(), ast_sorcery_objectset_apply(), ast_sorcery_retrieve_by_id(), ast_sorcery_update(), cfg_enum_copy_ex, profile_cfg::endpoint_behavior, profile_cfg::eprofile, get_sorcery(), LOG_ERROR, NULL, RAII_VAR, profile_cfg::unknown_tn_attest_level, profile_cfg::vcfg_common, vs_copy_cfg_common(), and vs_get_cfg().

Referenced by profile_apply().

◆ eprofile_apply()

static int eprofile_apply ( const struct ast_sorcery sorcery,
void *  obj 
)
static

Definition at line 245 of file profile_config.c.

246{
247 struct profile_cfg *cfg = obj;
248 const char *id = ast_sorcery_object_get_id(cfg);
249
250 if (PROFILE_ALLOW_VERIFY(cfg) && !cfg->vcfg_common.tcs) {
251 ast_log(LOG_ERROR, "%s: Neither this profile nor default"
252 " verification options specify ca_file or ca_path\n", id);
253 return -1;
254 }
255
256 return 0;
257}
PROFILE_ALLOW_VERIFY
#define PROFILE_ALLOW_VERIFY(__profile)
Definition: common_config.h:449
verification_cfg_common::tcs
struct crypto_cert_store * tcs
Definition: common_config.h:372

References ast_log, ast_sorcery_object_get_id(), LOG_ERROR, PROFILE_ALLOW_VERIFY, verification_cfg_common::tcs, and profile_cfg::vcfg_common.

Referenced by profile_load().

◆ eprofile_get_all()

struct ao2_container * eprofile_get_all ( void  )

Definition at line 121 of file profile_config.c.

122{
123 return ast_sorcery_retrieve_by_fields(get_sorcery(), "eprofile",
124 AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL);
125}
AST_RETRIEVE_FLAG_MULTIPLE
@ AST_RETRIEVE_FLAG_MULTIPLE
Return all matching objects.
Definition: sorcery.h:120
AST_RETRIEVE_FLAG_ALL
@ AST_RETRIEVE_FLAG_ALL
Perform no matching, return all objects.
Definition: sorcery.h:123
ast_sorcery_retrieve_by_fields
void * ast_sorcery_retrieve_by_fields(const struct ast_sorcery *sorcery, const char *type, unsigned int flags, struct ast_variable *fields)
Retrieve an object or multiple objects using specific fields.
Definition: sorcery.c:1897

References AST_RETRIEVE_FLAG_ALL, AST_RETRIEVE_FLAG_MULTIPLE, ast_sorcery_retrieve_by_fields(), get_sorcery(), and NULL.

Referenced by cli_eprofile_show(), and cli_eprofile_show_all().

◆ eprofile_get_cfg()

struct profile_cfg * eprofile_get_cfg ( const char *  id)

Definition at line 127 of file profile_config.c.

128{
129 if (ast_strlen_zero(id)) {
130 return NULL;
131 }
132 return ast_sorcery_retrieve_by_id(get_sorcery(), "eprofile", id);
133}
ast_strlen_zero
static force_inline int attribute_pure ast_strlen_zero(const char *s)
Definition: strings.h:65

References ast_sorcery_retrieve_by_id(), ast_strlen_zero(), get_sorcery(), and NULL.

Referenced by ast_stir_shaken_as_ctx_create(), ast_stir_shaken_vs_ctx_create(), and cli_eprofile_show().

◆ generate_acfg_common_sorcery_handlers()

generate_acfg_common_sorcery_handlers ( profile_cfg  )

◆ generate_sorcery_enum_from_str()

generate_sorcery_enum_from_str ( profile_cfg  ,
endpoint_behavior  ,
UNKNOWN   
)

◆ generate_sorcery_enum_from_str_ex()

generate_sorcery_enum_from_str_ex ( profile_cfg  ,
unknown_tn_attest_level  ,
attest_level  ,
UNKNOWN   
)

◆ generate_sorcery_enum_to_str()

generate_sorcery_enum_to_str ( profile_cfg  ,
endpoint_behavior   
)

◆ generate_sorcery_enum_to_str_ex()

generate_sorcery_enum_to_str_ex ( profile_cfg  ,
unknown_tn_attest_level  ,
attest_level   
)

◆ generate_vcfg_common_sorcery_handlers()

generate_vcfg_common_sorcery_handlers ( profile_cfg  )

◆ profile_alloc()

static void * profile_alloc ( const char *  name)
static

Definition at line 74 of file profile_config.c.

75{
76 struct profile_cfg *profile;
77
78 profile = ast_sorcery_generic_alloc(sizeof(*profile), profile_destructor);
79 if (!profile) {
80 return NULL;
81 }
82
83 if (ast_string_field_init(profile, 2048)) {
84 ao2_ref(profile, -1);
85 return NULL;
86 }
87
88 /*
89 * The memory for the commons actually comes from cfg
90 * due to the weirdness of the STRFLDSET macro used with
91 * sorcery. We just use a token amount of memory in
92 * this call so the initialize doesn't fail.
93 */
94 if (ast_string_field_init(&profile->acfg_common, 8)) {
95 ao2_ref(profile, -1);
96 return NULL;
97 }
98
99 if (ast_string_field_init(&profile->vcfg_common, 8)) {
100 ao2_ref(profile, -1);
101 return NULL;
102 }
103
104 return profile;
105}
profile_destructor
static void profile_destructor(void *obj)
Definition: profile_config.c:61
ast_sorcery_generic_alloc
void * ast_sorcery_generic_alloc(size_t size, ao2_destructor_fn destructor)
Allocate a generic sorcery capable object.
Definition: sorcery.c:1728
ast_string_field_init
#define ast_string_field_init(x, size)
Initialize a field pool and fields.
Definition: stringfields.h:359

References profile_cfg::acfg_common, ao2_ref, ast_sorcery_generic_alloc(), ast_string_field_init, NULL, profile_destructor(), and profile_cfg::vcfg_common.

Referenced by profile_load().

◆ profile_apply()

static int profile_apply ( const struct ast_sorcery sorcery,
void *  obj 
)
static

Definition at line 222 of file profile_config.c.

223{
224 struct profile_cfg *cfg = obj;
225 const char *id = ast_sorcery_object_get_id(cfg);
226
227 if (PROFILE_ALLOW_ATTEST(cfg)
228 && as_check_common_config(id, &cfg->acfg_common) != 0) {
229 return -1;
230 }
231
232 if (PROFILE_ALLOW_VERIFY(cfg)
233 && vs_check_common_config(id, &cfg->vcfg_common) !=0) {
234 return -1;
235 }
236
237 cfg->eprofile = create_effective_profile(cfg);
238 if (!cfg->eprofile) {
239 return -1;
240 }
241
242 return 0;
243}
as_check_common_config
int as_check_common_config(const char *id, struct attestation_cfg_common *acfg_common)
Definition: attestation_config.c:139
PROFILE_ALLOW_ATTEST
#define PROFILE_ALLOW_ATTEST(__profile)
Definition: common_config.h:445
vs_check_common_config
int vs_check_common_config(const char *id, struct verification_cfg_common *vcfg_common)
Definition: verification_config.c:167
create_effective_profile
static struct profile_cfg * create_effective_profile(struct profile_cfg *base_profile)
Definition: profile_config.c:135

References profile_cfg::acfg_common, as_check_common_config(), ast_sorcery_object_get_id(), create_effective_profile(), profile_cfg::eprofile, PROFILE_ALLOW_ATTEST, PROFILE_ALLOW_VERIFY, profile_cfg::vcfg_common, and vs_check_common_config().

Referenced by profile_load().

◆ profile_destructor()

static void profile_destructor ( void *  obj)
static

Definition at line 61 of file profile_config.c.

62{
63 struct profile_cfg *cfg = obj;
64 ast_string_field_free_memory(cfg);
65
66 acfg_cleanup(&cfg->acfg_common);
67 vcfg_cleanup(&cfg->vcfg_common);
68
69 ao2_cleanup(cfg->eprofile);
70
71 return;
72}
acfg_cleanup
void acfg_cleanup(struct attestation_cfg_common *acfg_common)
Definition: attestation_config.c:68
vcfg_cleanup
void vcfg_cleanup(struct verification_cfg_common *cfg)
Definition: verification_config.c:77
ast_string_field_free_memory
#define ast_string_field_free_memory(x)
free all memory - to be called before destroying the object
Definition: stringfields.h:374

References acfg_cleanup(), profile_cfg::acfg_common, ao2_cleanup, ast_string_field_free_memory, profile_cfg::eprofile, vcfg_cleanup(), and profile_cfg::vcfg_common.

Referenced by profile_alloc().

◆ profile_get_all()

struct ao2_container * profile_get_all ( void  )

Definition at line 107 of file profile_config.c.

108{
109 return ast_sorcery_retrieve_by_fields(get_sorcery(), CONFIG_TYPE,
110 AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL);
111}
CONFIG_TYPE
#define CONFIG_TYPE
Definition: profile_config.c:29

References AST_RETRIEVE_FLAG_ALL, AST_RETRIEVE_FLAG_MULTIPLE, ast_sorcery_retrieve_by_fields(), CONFIG_TYPE, get_sorcery(), and NULL.

Referenced by cli_profile_show(), cli_profile_show_all(), and cli_verify_cert().

◆ profile_get_cfg()

struct profile_cfg * profile_get_cfg ( const char *  id)

Definition at line 113 of file profile_config.c.

114{
115 if (ast_strlen_zero(id)) {
116 return NULL;
117 }
118 return ast_sorcery_retrieve_by_id(get_sorcery(), CONFIG_TYPE, id);
119}

References ast_sorcery_retrieve_by_id(), ast_strlen_zero(), CONFIG_TYPE, get_sorcery(), and NULL.

Referenced by cli_profile_show(), and cli_verify_cert().

◆ profile_load()

int profile_load ( void  )

Definition at line 440 of file profile_config.c.

441{
442 struct ast_sorcery *sorcery = get_sorcery();
443 enum ast_sorcery_apply_result apply_rc;
444
445 /*
446 * eprofile MUST be registered first because profile needs it.
447 */
448 apply_rc = ast_sorcery_apply_default(sorcery, "eprofile", "memory", NULL);
449 if (apply_rc != AST_SORCERY_APPLY_SUCCESS) {
450 abort();
451 }
452 if (ast_sorcery_internal_object_register(sorcery, "eprofile",
453 profile_alloc, NULL, eprofile_apply)) {
454 ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", "eprofile");
455 return -1;
456 }
457
458 ast_sorcery_object_field_register_nodoc(sorcery, "eprofile", "type", "", OPT_NOOP_T, 0, 0);
459 enum_option_register(sorcery, "eprofile", endpoint_behavior, _nodoc);
460 enum_option_register_ex(sorcery, "eprofile", unknown_tn_attest_level,
461 unknown_tn_attest_level, attest_level,_nodoc);
462
463 register_common_verification_fields(sorcery, profile_cfg, "eprofile", _nodoc);
464 register_common_attestation_fields(sorcery, profile_cfg, "eprofile", _nodoc);
465
466 /*
467 * Now we can do profile
468 */
469 ast_sorcery_apply_default(sorcery, CONFIG_TYPE, "config", "stir_shaken.conf,criteria=type=profile");
470 if (ast_sorcery_object_register(sorcery, CONFIG_TYPE, profile_alloc,
471 NULL, profile_apply)) {
472 ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", CONFIG_TYPE);
473 return -1;
474 }
475
476 ast_sorcery_object_field_register(sorcery, CONFIG_TYPE, "type", "", OPT_NOOP_T, 0, 0);
477 enum_option_register(sorcery, CONFIG_TYPE, endpoint_behavior,);
478 enum_option_register_ex(sorcery, CONFIG_TYPE, unknown_tn_attest_level,
479 unknown_tn_attest_level, attest_level,);
480
481 register_common_verification_fields(sorcery, profile_cfg, CONFIG_TYPE,);
482 register_common_attestation_fields(sorcery, profile_cfg, CONFIG_TYPE,);
483
484 ast_sorcery_load_object(sorcery, CONFIG_TYPE);
485 ast_sorcery_load_object(sorcery, "eprofile");
486
487 ast_cli_register_multiple(stir_shaken_profile_cli,
488 ARRAY_LEN(stir_shaken_profile_cli));
489
490 return 0;
491}
ast_cli_register_multiple
#define ast_cli_register_multiple(e, len)
Register multiple commands.
Definition: cli.h:265
register_common_verification_fields
#define register_common_verification_fields(sorcery, object, CONFIG_TYPE, nodoc)
Definition: common_config.h:516
register_common_attestation_fields
#define register_common_attestation_fields(sorcery, object, CONFIG_TYPE, nodoc)
Definition: common_config.h:547
enum_option_register
#define enum_option_register(sorcery, CONFIG_TYPE, name, nodoc)
Definition: common_config.h:513
enum_option_register_ex
#define enum_option_register_ex(sorcery, CONFIG_TYPE, name, field, function_prefix, nodoc)
Definition: common_config.h:508
OPT_NOOP_T
@ OPT_NOOP_T
Type for a default handler that should do nothing.
Definition: config_options.h:399
eprofile_apply
static int eprofile_apply(const struct ast_sorcery *sorcery, void *obj)
Definition: profile_config.c:245
profile_alloc
static void * profile_alloc(const char *name)
Definition: profile_config.c:74
stir_shaken_profile_cli
static struct ast_cli_entry stir_shaken_profile_cli[]
Definition: profile_config.c:417
profile_apply
static int profile_apply(const struct ast_sorcery *sorcery, void *obj)
Definition: profile_config.c:222
sorcery
static struct ast_sorcery * sorcery
Definition: res/ari/config.c:38
ast_sorcery_object_field_register_nodoc
#define ast_sorcery_object_field_register_nodoc(sorcery, type, name, default_val, opt_type, flags,...)
Register a field within an object without documentation.
Definition: sorcery.h:987
ast_sorcery_object_register
#define ast_sorcery_object_register(sorcery, type, alloc, transform, apply)
Register an object type.
Definition: sorcery.h:837
ast_sorcery_load_object
void ast_sorcery_load_object(const struct ast_sorcery *sorcery, const char *type)
Inform any wizards of a specific object type to load persistent objects.
Definition: sorcery.c:1393
ast_sorcery_internal_object_register
#define ast_sorcery_internal_object_register(sorcery, type, alloc, transform, apply)
Register an internal, hidden object type.
Definition: sorcery.h:867
ast_sorcery_object_field_register
#define ast_sorcery_object_field_register(sorcery, type, name, default_val, opt_type, flags,...)
Register a field within an object.
Definition: sorcery.h:955
ast_sorcery_apply_default
#define ast_sorcery_apply_default(sorcery, type, name, data)
Definition: sorcery.h:476
ast_sorcery_apply_result
ast_sorcery_apply_result
Definition: sorcery.h:423
AST_SORCERY_APPLY_SUCCESS
@ AST_SORCERY_APPLY_SUCCESS
Definition: sorcery.h:427
ast_sorcery
Full structure for sorcery.
Definition: sorcery.c:230
ARRAY_LEN
#define ARRAY_LEN(a)
Definition: utils.h:666

References ARRAY_LEN, ast_cli_register_multiple, ast_log, ast_sorcery_apply_default, AST_SORCERY_APPLY_SUCCESS, ast_sorcery_internal_object_register, ast_sorcery_load_object(), ast_sorcery_object_field_register, ast_sorcery_object_field_register_nodoc, ast_sorcery_object_register, CONFIG_TYPE, enum_option_register, enum_option_register_ex, eprofile_apply(), get_sorcery(), LOG_ERROR, NULL, OPT_NOOP_T, profile_alloc(), profile_apply(), register_common_attestation_fields, register_common_verification_fields, sorcery, and stir_shaken_profile_cli.

Referenced by common_config_load().

◆ profile_reload()

int profile_reload ( void  )

Definition at line 424 of file profile_config.c.

425{
426 struct ast_sorcery *sorcery = get_sorcery();
427 ast_sorcery_force_reload_object(sorcery, CONFIG_TYPE);
428 ast_sorcery_force_reload_object(sorcery, "eprofile");
429 return 0;
430}
ast_sorcery_force_reload_object
void ast_sorcery_force_reload_object(const struct ast_sorcery *sorcery, const char *type)
Inform any wizards of a specific object type to reload persistent objects even if no changes determin...
Definition: sorcery.c:1457

References ast_sorcery_force_reload_object(), CONFIG_TYPE, get_sorcery(), and sorcery.

Referenced by common_config_reload().

◆ profile_unload()

int profile_unload ( void  )

Definition at line 432 of file profile_config.c.

433{
434 ast_cli_unregister_multiple(stir_shaken_profile_cli,
435 ARRAY_LEN(stir_shaken_profile_cli));
436
437 return 0;
438}
ast_cli_unregister_multiple
int ast_cli_unregister_multiple(struct ast_cli_entry *e, int len)
Unregister multiple commands.
Definition: clicompat.c:30

References ARRAY_LEN, ast_cli_unregister_multiple(), and stir_shaken_profile_cli.

Referenced by common_config_unload().

Variable Documentation

◆ stir_shaken_profile_cli

struct ast_cli_entry stir_shaken_profile_cli[]
static

Definition at line 417 of file profile_config.c.

Referenced by profile_load(), and profile_unload().

Generated on Wed Jun 25 2025 20:04:52 for Asterisk - The Open Source Telephony Project by doxygen 1.9.4