Asterisk - The Open Source Telephony Project GIT-master-27fb039
Loading...
Searching...
No Matches
Data Structures | Macros | Functions | Variables
common_config.c File Reference
#include "asterisk.h"
#include "asterisk/cli.h"
#include "asterisk/logger.h"
#include "asterisk/module.h"
#include "asterisk/utils.h"
#include "asterisk/stasis.h"
#include "asterisk/security_events.h"
#include "stir_shaken.h"
Include dependency graph for common_config.c:

Go to the source code of this file.

Data Structures

struct  enum_name_xref_entry
 

Macros

#define AST_API_MODULE
 
#define generate_bool_handler_functions(param_name)
 
#define generate_enum_string_functions(param_name, default_value, ...)
 
#define print_acl_cert_store(cfg, a, max_name_len)
 

Functions

char * canonicalize_tn (const char *tn, char *dest_tn)
 Canonicalize a TN.
 
char * canonicalize_tn_alloc (const char *tn)
 Canonicalize a TN into nre buffer.
 
static char * cli_verify_cert (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
 
int common_config_load (void)
 
int common_config_reload (void)
 
int common_config_unload (void)
 
int config_object_cli_show (void *obj, void *arg, void *data, int flags)
 Output configuration settings to the Asterisk CLI.
 
char * config_object_tab_complete_name (const char *word, struct ao2_container *container)
 Tab completion for name matching with STIR/SHAKEN CLI commands.
 
 generate_bool_handler_functions (check_tn_cert_public_url)
 
 generate_bool_handler_functions (ignore_sip_date_header)
 
 generate_bool_handler_functions (load_system_certs)
 
 generate_bool_handler_functions (relax_x5u_path_restrictions)
 
 generate_bool_handler_functions (relax_x5u_port_scheme_restrictions)
 
 generate_bool_handler_functions (send_mky)
 
 generate_bool_handler_functions (use_rfc9410_responses)
 
 generate_enum_string_functions (attest_level, UNKNOWN, {attest_level_NOT_SET, "not_set"}, {attest_level_A, "A"}, {attest_level_B, "B"}, {attest_level_C, "C"},)
 
 generate_enum_string_functions (endpoint_behavior, OFF, {endpoint_behavior_OFF, "off"}, {endpoint_behavior_OFF, "none"}, {endpoint_behavior_ATTEST, "attest"}, {endpoint_behavior_VERIFY, "verify"}, {endpoint_behavior_ON, "on"}, {endpoint_behavior_ON, "both"})
 
 generate_enum_string_functions (stir_shaken_failure_action, CONTINUE, {stir_shaken_failure_action_CONTINUE, "continue"}, {stir_shaken_failure_action_REJECT_REQUEST, "reject_request"}, {stir_shaken_failure_action_CONTINUE_RETURN_REASON, "continue_return_reason"},)
 
struct ast_sorceryget_sorcery (void)
 Retrieve the stir/shaken sorcery context.
 
static void named_acl_changed_cb (void *data, struct stasis_subscription *sub, struct stasis_message *message)
 
static void print_acl (int fd, struct ast_acl_list *acl_list, const char *prefix)
 
static const char * translate_value (const char *val)
 

Variables

static struct ast_cli_entry cli_commands []
 
struct stasis_subscriptionnamed_acl_changed_sub = NULL
 
static struct ast_sorcerysorcery
 

Macro Definition Documentation

◆ AST_API_MODULE

#define AST_API_MODULE

Definition at line 28 of file common_config.c.

◆ generate_bool_handler_functions

#define generate_bool_handler_functions (   param_name)

Definition at line 39 of file common_config.c.

40 { \
41 [ param_name ## _NOT_SET ] = "not_set", \
42 [ param_name ## _YES ] = "yes", \
43 [ param_name ## _NO ] = "no", \
44}; \
45enum param_name ## _enum \
46 param_name ## _from_str(const char *value) \
47{ \
48 if (!strcasecmp(value, param_name ## _map[param_name ## _NOT_SET])) { \
49 return param_name ## _NOT_SET; \
50 } else if (ast_true(value)) { \
51 return param_name ## _YES; \
52 } else if (ast_false(value)) { \
53 return param_name ## _NO; \
54 } \
55 ast_log(LOG_WARNING, "Unknown " #param_name " response value '%s'\n", value); \
56 return param_name ## _UNKNOWN; \
57}\
58const char *param_name ## _to_str(enum param_name ## _enum value) \
59{ \
60 return ARRAY_IN_BOUNDS(value, param_name ## _map) ? \
61 param_name ## _map[value] : NULL; \
62}
LOG_WARNING
#define LOG_WARNING
Definition include/asterisk/logger.h:280
NULL
#define NULL
Definition resample.c:96
ast_true
int attribute_pure ast_true(const char *val)
Make sure something is true. Determine if a string containing a boolean value is "true"....
Definition utils.c:2235
ast_false
int attribute_pure ast_false(const char *val)
Make sure something is false. Determine if a string containing a boolean value is "false"....
Definition utils.c:2252
value
int value
Definition syslog.c:37
ARRAY_IN_BOUNDS
#define ARRAY_IN_BOUNDS(v, a)
Checks to see if value is within the bounds of the given array.
Definition utils.h:727

◆ generate_enum_string_functions

#define generate_enum_string_functions (   param_name,
  default_value,
  ... 
)

Definition at line 78 of file common_config.c.

79 { \
80 __VA_ARGS__ \
81} ; \
82enum param_name ## _enum param_name ## _from_str( \
83 const char *value) \
84{ \
85 int i; \
86 for (i = 0; i < ARRAY_LEN(param_name ## _map); i++) { \
87 if (strcasecmp(value, param_name ##_map[i].name) == 0) { \
88 return param_name ##_map[i].value; \
89 } \
90 } \
91 return param_name ## _ ## default_value; \
92} \
93const char *param_name ## _to_str( \
94 enum param_name ## _enum value) \
95{ \
96 int i; \
97 for (i = 0; i < ARRAY_LEN(param_name ## _map); i++) { \
98 if (value == param_name ## _map[i].value) return param_name ## _map[i].name; \
99 } \
100 return NULL; \
101}
name
static const char name[]
Definition format_mp3.c:68
_
#define _(msgid)
Definition main/stdtime/private.h:319
ARRAY_LEN
#define ARRAY_LEN(a)
Definition utils.h:706

◆ print_acl_cert_store

#define print_acl_cert_store (   cfg,
  a,
  max_name_len 
)

Definition at line 152 of file common_config.c.

153 { \
154 if (cfg->vcfg_common.acl) { \
155 ast_cli(a->fd, "x5u_acl:\n"); \
156 print_acl(a->fd, cfg->vcfg_common.acl, " "); \
157 } else { \
158 ast_cli(a->fd, "%-*s: (none)\n", max_name_len, "x5u_acl"); \
159 }\
160 if (cfg->vcfg_common.tcs) { \
161 int count = 0; \
162 ast_cli(a->fd, "%-*s:\n", max_name_len, "Verification CA certificate store"); \
163 count = crypto_show_cli_store(cfg->vcfg_common.tcs, a->fd); \
164 if (count == 0 && (!ast_strlen_zero(cfg->vcfg_common.ca_path) \
165 || !ast_strlen_zero(cfg->vcfg_common.crl_path))) { \
166 ast_cli(a->fd, " Note: Certs in ca_path or crl_path won't show until used.\n"); \
167 } \
168 } else { \
169 ast_cli(a->fd, "%-*s: (none)\n", max_name_len, "Verification CA certificate store"); \
170 } \
171})
crypto_show_cli_store
int crypto_show_cli_store(struct crypto_cert_store *store, int fd)
Dump a cert store to the asterisk CLI.
Definition crypto_utils.c:754
ast_strlen_zero
static force_inline int attribute_pure ast_strlen_zero(const char *s)
Definition strings.h:65
a
static struct test_val a
Definition test_linkedlists.c:46

Function Documentation

◆ canonicalize_tn()

char * canonicalize_tn ( const char *  tn,
char *  dest_tn 
)

Canonicalize a TN.

Parameters
tnTN to canonicalize
dest_tnPointer to destination buffer to receive the new TN
Return values
dest_tnor NULL on failure

Definition at line 267 of file common_config.c.

268{
269 int i;
270 const char *s = tn;
271 size_t len = tn ? strlen(tn) : 0;
272 char *new_tn = dest_tn;
273 SCOPE_ENTER(3, "tn: %s\n", S_OR(tn, "(null)"));
274
275 if (ast_strlen_zero(tn)) {
276 *dest_tn = '\0';
277 SCOPE_EXIT_RTN_VALUE(NULL, "Empty TN\n");
278 }
279
280 if (!dest_tn) {
281 SCOPE_EXIT_RTN_VALUE(NULL, "No destination buffer\n");
282 }
283
284 for (i = 0; i < len; i++) {
285 if (isdigit(*s) || *s == '#' || *s == '*') { /* Only characters allowed */
286 *new_tn++ = *s;
287 }
288 s++;
289 }
290 *new_tn = '\0';
291 SCOPE_EXIT_RTN_VALUE(dest_tn, "Canonicalized '%s' -> '%s'\n", tn, dest_tn);
292}
len
static int len(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t buflen)
Definition func_strings.c:1669
SCOPE_EXIT_RTN_VALUE
#define SCOPE_EXIT_RTN_VALUE(__return_value,...)
Definition include/asterisk/logger.h:1036
SCOPE_ENTER
#define SCOPE_ENTER(level,...)
Definition include/asterisk/logger.h:1008
S_OR
#define S_OR(a, b)
returns the equivalent of logic or for strings: first one if not empty, otherwise second one.
Definition strings.h:80

References ast_strlen_zero(), len(), NULL, S_OR, SCOPE_ENTER, and SCOPE_EXIT_RTN_VALUE.

Referenced by canonicalize_tn_alloc().

◆ canonicalize_tn_alloc()

char * canonicalize_tn_alloc ( const char *  tn)

Canonicalize a TN into nre buffer.

Parameters
tnTN to canonicalize
Return values
dest_tn(which must be freed with ast_free) or NULL on failure

Definition at line 294 of file common_config.c.

295{
296 char *canon_tn = ast_strlen_zero(tn) ? NULL : ast_malloc(strlen(tn) + 1);
297 if (!canon_tn) {
298 return NULL;
299 }
300 return canonicalize_tn(tn, canon_tn);
301}
ast_malloc
#define ast_malloc(len)
A wrapper for malloc()
Definition astmm.h:191
canonicalize_tn
char * canonicalize_tn(const char *tn, char *dest_tn)
Canonicalize a TN.
Definition common_config.c:267

References ast_malloc, ast_strlen_zero(), canonicalize_tn(), and NULL.

Referenced by ast_stir_shaken_as_ctx_create(), and ast_stir_shaken_vs_ctx_create().

◆ cli_verify_cert()

static char * cli_verify_cert ( struct ast_cli_entry e,
int  cmd,
struct ast_cli_args a 
)
static

Definition at line 303 of file common_config.c.

304{
305 RAII_VAR(struct profile_cfg *, profile, NULL, ao2_cleanup);
306 RAII_VAR(struct verification_cfg *, vs_cfg, NULL, ao2_cleanup);
307 struct crypto_cert_store *tcs;
308 X509 *cert = NULL;
309 STACK_OF(X509) *cert_chain = NULL;
310 const char *errmsg = NULL;
311
312 switch(cmd) {
313 case CLI_INIT:
314 e->command = "stir_shaken verify certificate_file";
315 e->usage =
316 "Usage: stir_shaken verify certificate_file <certificate_file> [ <profile> ]\n"
317 " Verify an external certificate file against the global or profile verification store\n";
318 return NULL;
319 case CLI_GENERATE:
320 if (a->pos == 4) {
321 return config_object_tab_complete_name(a->word, profile_get_all());
322 } else {
323 return NULL;
324 }
325 }
326
327 if (a->argc < 4) {
328 return CLI_SHOWUSAGE;
329 }
330
331 if (a->argc == 5) {
332 profile = profile_get_cfg(a->argv[4]);
333 if (!profile) {
334 ast_cli(a->fd, "Profile %s doesn't exist\n", a->argv[4]);
335 return CLI_SUCCESS;
336 }
337 if (!profile->vcfg_common.tcs) {
338 ast_cli(a->fd,"Profile %s doesn't have a certificate store\n", a->argv[4]);
339 return CLI_SUCCESS;
340 }
341 tcs = profile->vcfg_common.tcs;
342 } else {
343 vs_cfg = vs_get_cfg();
344 if (!vs_cfg) {
345 ast_cli(a->fd, "No verification store found\n");
346 return CLI_SUCCESS;
347 }
348 tcs = vs_cfg->vcfg_common.tcs;
349 }
350
351 cert = crypto_load_cert_chain_from_file(a->argv[3], &cert_chain);
352 if (!cert) {
353 ast_cli(a->fd, "Failed to load certificate from %s. See log for details\n", a->argv[3]);
354 return CLI_SUCCESS;
355 }
356
357 if (crypto_is_cert_trusted(tcs, cert, cert_chain, &errmsg)) {
358 ast_cli(a->fd, "Certificate %s trusted\n", a->argv[3]);
359 } else {
360 ast_cli(a->fd, "Certificate %s NOT trusted: %s\n", a->argv[3], errmsg);
361 }
362 X509_free(cert);
363 if (cert_chain) {
364 sk_X509_pop_free(cert_chain, X509_free);
365 }
366
367 return CLI_SUCCESS;
368}
ao2_cleanup
#define ao2_cleanup(obj)
Definition astobj2.h:1934
CLI_SHOWUSAGE
#define CLI_SHOWUSAGE
Definition cli.h:45
CLI_SUCCESS
#define CLI_SUCCESS
Definition cli.h:44
ast_cli
void ast_cli(int fd, const char *fmt,...)
Definition clicompat.c:6
CLI_INIT
@ CLI_INIT
Definition cli.h:152
CLI_GENERATE
@ CLI_GENERATE
Definition cli.h:153
config_object_tab_complete_name
char * config_object_tab_complete_name(const char *word, struct ao2_container *container)
Tab completion for name matching with STIR/SHAKEN CLI commands.
Definition common_config.c:241
vs_get_cfg
struct verification_cfg * vs_get_cfg(void)
Definition verification_config.c:55
profile_get_cfg
struct profile_cfg * profile_get_cfg(const char *id)
Definition profile_config.c:113
profile_get_all
struct ao2_container * profile_get_all(void)
Definition profile_config.c:107
crypto_load_cert_chain_from_file
X509 * crypto_load_cert_chain_from_file(const char *filename, STACK_OF(X509) **cert_chain)
Load an X509 Cert and any chained certs from a file.
Definition crypto_utils.c:203
crypto_is_cert_trusted
int crypto_is_cert_trusted(struct crypto_cert_store *store, X509 *cert, STACK_OF(X509) *cert_chain, const char **err_msg)
Check if the cert is trusted.
Definition crypto_utils.c:829
ast_cli_entry::command
char * command
Definition cli.h:186
ast_cli_entry::usage
const char * usage
Definition cli.h:177
crypto_cert_store
ao2 object wrapper for X509_STORE that provides locking and refcounting
Definition crypto_utils.h:191
crypto_cert_store::STACK_OF
STACK_OF(X509_CRL) *crl_stack
profile_cfg
Profile configuration for stir/shaken.
Definition common_config.h:421
verification_cfg
Definition common_config.h:399
RAII_VAR
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
Definition utils.h:981

References a, ao2_cleanup, ast_cli(), CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, config_object_tab_complete_name(), crypto_is_cert_trusted(), crypto_load_cert_chain_from_file(), NULL, profile_get_all(), profile_get_cfg(), RAII_VAR, crypto_cert_store::STACK_OF(), ast_cli_entry::usage, and vs_get_cfg().

◆ common_config_load()

int common_config_load ( void  )

Definition at line 425 of file common_config.c.

426{
427 SCOPE_ENTER(2, "Stir Shaken Load\n");
428
429 if (!(sorcery = ast_sorcery_open())) {
430 common_config_unload();
431 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken sorcery load failed\n");
432 }
433
434 if (vs_load()) {
435 common_config_unload();
436 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken VS load failed\n");
437 }
438
439 if (as_load()) {
440 common_config_unload();
441 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken AS load failed\n");
442 }
443
444 if (tn_config_load()) {
445 common_config_unload();
446 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken TN load failed\n");
447 }
448
449 if (profile_load()) {
450 common_config_unload();
451 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken profile load failed\n");
452 }
453
454 if (!named_acl_changed_sub) {
455 named_acl_changed_sub = stasis_subscribe(ast_security_topic(),
456 named_acl_changed_cb, NULL);
457 if (!named_acl_changed_sub) {
458 common_config_unload();
459 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken acl change subscribe failed\n");
460 }
461 stasis_subscription_accept_message_type(
462 named_acl_changed_sub, ast_named_acl_change_type());
463 }
464
465 ast_cli_register_multiple(cli_commands, ARRAY_LEN(cli_commands));
466
467 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_SUCCESS, "Stir Shaken Load Done\n");
468}
ast_named_acl_change_type
struct stasis_message_type * ast_named_acl_change_type(void)
a stasis_message_type for changes against a named ACL or the set of all named ACLs
as_load
int as_load()
Load the stir/shaken attestation service.
Definition attestation.c:440
ast_cli_register_multiple
#define ast_cli_register_multiple(e, len)
Register multiple commands.
Definition cli.h:265
common_config_unload
int common_config_unload(void)
Definition common_config.c:396
cli_commands
static struct ast_cli_entry cli_commands[]
Definition common_config.c:370
named_acl_changed_sub
struct stasis_subscription * named_acl_changed_sub
Definition common_config.c:32
named_acl_changed_cb
static void named_acl_changed_cb(void *data, struct stasis_subscription *sub, struct stasis_message *message)
Definition common_config.c:415
sorcery
static struct ast_sorcery * sorcery
Definition common_config.c:31
profile_load
int profile_load(void)
Definition profile_config.c:440
tn_config_load
int tn_config_load(void)
Definition tn_config.c:268
AST_MODULE_LOAD_SUCCESS
@ AST_MODULE_LOAD_SUCCESS
Definition module.h:70
AST_MODULE_LOAD_DECLINE
@ AST_MODULE_LOAD_DECLINE
Module has failed to load, may be in an inconsistent state.
Definition module.h:78
ast_security_topic
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
Definition main/security_events.c:425
ast_sorcery_open
#define ast_sorcery_open()
Open a new sorcery structure.
Definition sorcery.h:406
stasis_subscription_accept_message_type
int stasis_subscription_accept_message_type(struct stasis_subscription *subscription, const struct stasis_message_type *type)
Indicate to a subscription that we are interested in a message type.
Definition stasis.c:1090
stasis_subscribe
#define stasis_subscribe(topic, callback, data)
Definition stasis.h:649
vs_load
int vs_load()
Load the stir/shaken verification service.
Definition verification.c:1122

References ARRAY_LEN, as_load(), ast_cli_register_multiple, AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, ast_named_acl_change_type(), ast_security_topic(), ast_sorcery_open, cli_commands, common_config_unload(), named_acl_changed_cb(), named_acl_changed_sub, NULL, profile_load(), SCOPE_ENTER, SCOPE_EXIT_RTN_VALUE, sorcery, stasis_subscribe, stasis_subscription_accept_message_type(), tn_config_load(), and vs_load().

Referenced by load_module().

◆ common_config_reload()

int common_config_reload ( void  )

Definition at line 374 of file common_config.c.

375{
376 SCOPE_ENTER(2, "Stir Shaken Reload\n");
377 if (vs_reload()) {
378 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken VS Reload failed\n");
379 }
380
381 if (as_reload()) {
382 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken AS Reload failed\n");
383 }
384
385 if (tn_config_reload()) {
386 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken TN Reload failed\n");
387 }
388
389 if (profile_reload()) {
390 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_DECLINE, "Stir Shaken Profile Reload failed\n");
391 }
392
393 SCOPE_EXIT_RTN_VALUE(AST_MODULE_LOAD_SUCCESS, "Stir Shaken Reload Done\n");
394}
as_reload
int as_reload()
Load the stir/shaken attestation service.
Definition attestation.c:427
tn_config_reload
int tn_config_reload(void)
Definition tn_config.c:253
profile_reload
int profile_reload(void)
Definition profile_config.c:424
vs_reload
int vs_reload()
Reload the stir/shaken verification service.
Definition verification.c:1105

References as_reload(), AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, profile_reload(), SCOPE_ENTER, SCOPE_EXIT_RTN_VALUE, tn_config_reload(), and vs_reload().

Referenced by named_acl_changed_cb(), and reload_module().

◆ common_config_unload()

int common_config_unload ( void  )

Definition at line 396 of file common_config.c.

397{
398 ast_cli_unregister_multiple(cli_commands, ARRAY_LEN(cli_commands));
399
400 profile_unload();
401 tn_config_unload();
402 as_unload();
403 vs_unload();
404
405 if (named_acl_changed_sub) {
406 stasis_unsubscribe(named_acl_changed_sub);
407 named_acl_changed_sub = NULL;
408 }
409 ast_sorcery_unref(sorcery);
410 sorcery = NULL;
411
412 return 0;
413}
ast_cli_unregister_multiple
void ast_cli_unregister_multiple(void)
Definition ael_main.c:408
as_unload
int as_unload()
Load the stir/shaken attestation service.
Definition attestation.c:434
profile_unload
int profile_unload(void)
Definition profile_config.c:432
tn_config_unload
int tn_config_unload(void)
Definition tn_config.c:260
ast_sorcery_unref
#define ast_sorcery_unref(sorcery)
Decrease the reference count of a sorcery structure.
Definition sorcery.h:1500
stasis_unsubscribe
struct stasis_subscription * stasis_unsubscribe(struct stasis_subscription *subscription)
Cancel a subscription.
Definition stasis.c:1038
vs_unload
int vs_unload()
Unload the stir/shaken verification service.
Definition verification.c:1112

References ARRAY_LEN, as_unload(), ast_cli_unregister_multiple(), ast_sorcery_unref, cli_commands, named_acl_changed_sub, NULL, profile_unload(), sorcery, stasis_unsubscribe(), tn_config_unload(), and vs_unload().

Referenced by common_config_load(), and unload_module().

◆ config_object_cli_show()

int config_object_cli_show ( void *  obj,
void *  arg,
void *  data,
int  flags 
)

Output configuration settings to the Asterisk CLI.

Parameters
objA sorcery object containing configuration data
argAsterisk CLI argument object
flagsao2 container flags
Return values
0

Definition at line 173 of file common_config.c.

174{
175 struct ast_cli_args *a = arg;
176 struct config_object_cli_data *cli_data = data;
177 struct ast_variable *options;
178 struct ast_variable *i;
179 const char *title = NULL;
180 const char *cfg_name = NULL;
181 int max_name_len = 0;
182
183 if (!obj) {
184 ast_cli(a->fd, "No stir/shaken configuration found\n");
185 return 0;
186 }
187
188 if (!ast_strlen_zero(cli_data->title)) {
189 title = cli_data->title;
190 } else {
191 title = ast_sorcery_object_get_type(obj);
192 }
193 max_name_len = strlen(title);
194
195 if (cli_data->object_type == config_object_type_profile
196 || cli_data->object_type == config_object_type_tn) {
197 cfg_name = ast_sorcery_object_get_id(obj);
198 max_name_len += strlen(cfg_name) + 2 /* ": " */;
199 }
200
201 options = ast_variable_list_sort(ast_sorcery_objectset_create2(
202 get_sorcery(), obj, AST_HANDLER_ONLY_STRING));
203 if (!options) {
204 return 0;
205 }
206
207 for (i = options; i; i = i->next) {
208 int nlen = strlen(i->name);
209 max_name_len = (nlen > max_name_len) ? nlen : max_name_len;
210 }
211
212 ast_cli(a->fd, "\n==============================================================================\n");
213 if (ast_strlen_zero(cfg_name)) {
214 ast_cli(a->fd, "%s\n", title);
215 } else {
216 ast_cli(a->fd, "%s: %s\n", title, cfg_name);
217 }
218 ast_cli(a->fd, "------------------------------------------------------------------------------\n");
219
220 for (i = options; i; i = i->next) {
221 if (!ast_strings_equal(i->name, "x5u_acl")) {
222 ast_cli(a->fd, "%-*s: %s\n", max_name_len, i->name,
223 translate_value(i->value));
224 }
225 }
226
227 ast_variables_destroy(options);
228
229 if (cli_data->object_type == config_object_type_profile) {
230 struct profile_cfg *cfg = obj;
231 print_acl_cert_store(cfg, a, max_name_len);
232 } else if (cli_data->object_type == config_object_type_verification) {
233 struct verification_cfg *cfg = obj;
234 print_acl_cert_store(cfg, a, max_name_len);
235 }
236 ast_cli(a->fd, "---------------------------------------------\n\n"); \
237
238 return 0;
239}
translate_value
static const char * translate_value(const char *val)
Definition common_config.c:125
print_acl_cert_store
#define print_acl_cert_store(cfg, a, max_name_len)
Definition common_config.c:152
get_sorcery
struct ast_sorcery * get_sorcery(void)
Retrieve the stir/shaken sorcery context.
Definition common_config.c:34
config_object_type_tn
@ config_object_type_tn
Definition common_config.h:564
config_object_type_profile
@ config_object_type_profile
Definition common_config.h:563
config_object_type_verification
@ config_object_type_verification
Definition common_config.h:562
ast_variable_list_sort
struct ast_variable * ast_variable_list_sort(struct ast_variable *head)
Performs an in-place sort on the variable list by ascending name.
Definition main/config.c:707
ast_variables_destroy
void ast_variables_destroy(struct ast_variable *var)
Free variable list.
Definition extconf.c:1260
ast_sorcery_object_get_id
const char * ast_sorcery_object_get_id(const void *object)
Get the unique identifier of a sorcery object.
Definition sorcery.c:2381
ast_sorcery_object_get_type
const char * ast_sorcery_object_get_type(const void *object)
Get the type of a sorcery object.
Definition sorcery.c:2393
AST_HANDLER_ONLY_STRING
@ AST_HANDLER_ONLY_STRING
Use string handler only.
Definition sorcery.h:137
ast_sorcery_objectset_create2
struct ast_variable * ast_sorcery_objectset_create2(const struct ast_sorcery *sorcery, const void *object, enum ast_sorcery_field_handler_flags flags)
Create an object set (KVP list) for an object.
Definition sorcery.c:1575
ast_strings_equal
int ast_strings_equal(const char *str1, const char *str2)
Compare strings for equality checking for NULL.
Definition strings.c:238
ast_cli_args
Definition cli.h:158
ast_variable
Structure for variables, used for configurations and for channel variables.
Definition include/asterisk/config.h:83
ast_variable::value
const char * value
Definition include/asterisk/config.h:87
ast_variable::name
const char * name
Definition include/asterisk/config.h:85
ast_variable::next
struct ast_variable * next
Definition include/asterisk/config.h:90
config_object_cli_data
Definition common_config.h:567
config_object_cli_data::title
const char * title
Definition common_config.h:568
config_object_cli_data::object_type
enum config_object_type object_type
Definition common_config.h:569
options
static struct test_options options
Definition test_http_media_cache.c:63

References a, ast_cli(), AST_HANDLER_ONLY_STRING, ast_sorcery_object_get_id(), ast_sorcery_object_get_type(), ast_sorcery_objectset_create2(), ast_strings_equal(), ast_strlen_zero(), ast_variable_list_sort(), ast_variables_destroy(), config_object_type_profile, config_object_type_tn, config_object_type_verification, get_sorcery(), ast_variable::name, ast_variable::next, NULL, config_object_cli_data::object_type, options, print_acl_cert_store, config_object_cli_data::title, translate_value(), and ast_variable::value.

Referenced by attestation_show(), cli_eprofile_show(), cli_eprofile_show_all(), cli_profile_show(), cli_profile_show_all(), cli_tn_show(), cli_tn_show_all(), and cli_verification_show().

◆ config_object_tab_complete_name()

char * config_object_tab_complete_name ( const char *  word,
struct ao2_container container 
)

Tab completion for name matching with STIR/SHAKEN CLI commands.

Parameters
wordThe word to tab complete on
containerThe sorcery container to iterate through
Return values
Thetab completion options

Definition at line 241 of file common_config.c.

242{
243 void *obj;
244 struct ao2_iterator it;
245 int wordlen = strlen(word);
246 int ret;
247
248 it = ao2_iterator_init(container, 0);
249 while ((obj = ao2_iterator_next(&it))) {
250 if (!strncasecmp(word, ast_sorcery_object_get_id(obj), wordlen)) {
251 ret = ast_cli_completion_add(ast_strdup(ast_sorcery_object_get_id(obj)));
252 if (ret) {
253 ao2_ref(obj, -1);
254 break;
255 }
256 }
257 ao2_ref(obj, -1);
258 }
259 ao2_iterator_destroy(&it);
260
261 return NULL;
262}
ast_strdup
#define ast_strdup(str)
A wrapper for strdup()
Definition astmm.h:241
ao2_iterator_next
#define ao2_iterator_next(iter)
Definition astobj2.h:1911
ao2_iterator_init
struct ao2_iterator ao2_iterator_init(struct ao2_container *c, int flags) attribute_warn_unused_result
Create an iterator for a container.
Definition astobj2_container.c:485
ao2_ref
#define ao2_ref(o, delta)
Reference/unreference an object and return the old refcount.
Definition astobj2.h:459
ao2_iterator_destroy
void ao2_iterator_destroy(struct ao2_iterator *iter)
Destroy a container iterator.
Definition astobj2_container.c:534
ast_cli_completion_add
int ast_cli_completion_add(char *value)
Add a result to a request for completion options.
Definition main/cli.c:2737
word
short word
Definition codecs/gsm/inc/private.h:12
container
struct ao2_container * container
Definition res_fax.c:603
ao2_iterator
When we need to walk through a container, we use an ao2_iterator to keep track of the current positio...
Definition astobj2.h:1821

References ao2_iterator_destroy(), ao2_iterator_init(), ao2_iterator_next, ao2_ref, ast_cli_completion_add(), ast_sorcery_object_get_id(), ast_strdup, container, and NULL.

Referenced by cli_eprofile_show(), cli_profile_show(), cli_tn_show(), and cli_verify_cert().

◆ generate_bool_handler_functions() [1/7]

generate_bool_handler_functions ( check_tn_cert_public_url  )

◆ generate_bool_handler_functions() [2/7]

generate_bool_handler_functions ( ignore_sip_date_header  )

◆ generate_bool_handler_functions() [3/7]

generate_bool_handler_functions ( load_system_certs  )

◆ generate_bool_handler_functions() [4/7]

generate_bool_handler_functions ( relax_x5u_path_restrictions  )

◆ generate_bool_handler_functions() [5/7]

generate_bool_handler_functions ( relax_x5u_port_scheme_restrictions  )

◆ generate_bool_handler_functions() [6/7]

generate_bool_handler_functions ( send_mky  )

◆ generate_bool_handler_functions() [7/7]

generate_bool_handler_functions ( use_rfc9410_responses  )

◆ generate_enum_string_functions() [1/3]

generate_enum_string_functions ( attest_level  ,
UNKNOWN  ,
{attest_level_NOT_SET, "not_set"}  ,
{attest_level_A, "A"}  ,
{attest_level_B, "B"}  ,
{attest_level_C, "C"}   
)

◆ generate_enum_string_functions() [2/3]

generate_enum_string_functions ( endpoint_behavior  ,
OFF  ,
{endpoint_behavior_OFF, "off"}  ,
{endpoint_behavior_OFF, "none"}  ,
{endpoint_behavior_ATTEST, "attest"}  ,
{endpoint_behavior_VERIFY, "verify"}  ,
{endpoint_behavior_ON, "on"}  ,
{endpoint_behavior_ON, "both"}   
)

◆ generate_enum_string_functions() [3/3]

generate_enum_string_functions ( stir_shaken_failure_action  ,
CONTINUE  ,
{stir_shaken_failure_action_CONTINUE, "continue"}  ,
{stir_shaken_failure_action_REJECT_REQUEST, "reject_request"}  ,
{stir_shaken_failure_action_CONTINUE_RETURN_REASON, "continue_return_reason"}   
)

References stir_shaken_failure_action_CONTINUE.

◆ get_sorcery()

struct ast_sorcery * get_sorcery ( void  )

Retrieve the stir/shaken sorcery context.

Return values
Thestir/shaken sorcery context

Definition at line 34 of file common_config.c.

35{
36 return sorcery;
37}

References sorcery.

Referenced by as_config_load(), as_config_reload(), as_get_cfg(), as_is_config_loaded(), config_object_cli_show(), create_effective_profile(), eprofile_get_all(), eprofile_get_cfg(), get_tn_all(), profile_get_all(), profile_get_cfg(), profile_load(), profile_reload(), tn_config_load(), tn_config_reload(), tn_get_cfg(), tn_get_etn(), vs_config_load(), vs_config_reload(), vs_get_cfg(), and vs_is_config_loaded().

◆ named_acl_changed_cb()

static void named_acl_changed_cb ( void *  data,
struct stasis_subscription sub,
struct stasis_message message 
)
static

Definition at line 415 of file common_config.c.

417{
418 if (stasis_message_type(message) != ast_named_acl_change_type()) {
419 return;
420 }
421 ast_log(LOG_NOTICE, "Named acl changed. Reloading verification and profile\n");
422 common_config_reload();
423}
ast_log
#define ast_log
Definition astobj2.c:42
common_config_reload
int common_config_reload(void)
Definition common_config.c:374
LOG_NOTICE
#define LOG_NOTICE
Definition include/asterisk/logger.h:269
stasis_message_type
Definition stasis_message.c:38

References ast_log, ast_named_acl_change_type(), common_config_reload(), and LOG_NOTICE.

Referenced by common_config_load().

◆ print_acl()

static void print_acl ( int  fd,
struct ast_acl_list acl_list,
const char *  prefix 
)
static

Definition at line 136 of file common_config.c.

137{
138 struct ast_acl *acl;
139
140 AST_LIST_LOCK(acl_list);
141 AST_LIST_TRAVERSE(acl_list, acl, list) {
142 if (ast_strlen_zero(acl->name)) {
143 ast_cli(fd, "%s(permit/deny)\n", prefix);
144 } else {
145 ast_cli(fd, "%s%s\n", prefix, acl->name);
146 }
147 ast_ha_output(fd, acl->acl, prefix);
148 }
149 AST_LIST_UNLOCK(acl_list);
150}
ast_ha_output
void ast_ha_output(int fd, const struct ast_ha *ha, const char *prefix)
output an HA to the provided fd
Definition acl.c:1103
prefix
static char prefix[MAX_PREFIX]
Definition http.c:144
AST_LIST_TRAVERSE
#define AST_LIST_TRAVERSE(head, var, field)
Loops over (traverses) the entries in a list.
Definition linkedlists.h:491
AST_LIST_LOCK
#define AST_LIST_LOCK(head)
Locks a list.
Definition linkedlists.h:40
AST_LIST_UNLOCK
#define AST_LIST_UNLOCK(head)
Attempts to unlock a list.
Definition linkedlists.h:140
ast_acl
an ast_acl is a linked list node of ast_ha structs which may have names.
Definition acl.h:67
ast_acl::acl
struct ast_ha * acl
Definition acl.h:68
ast_acl::list
struct ast_acl::@191 list

References ast_acl::acl, ast_cli(), ast_ha_output(), AST_LIST_LOCK, AST_LIST_TRAVERSE, AST_LIST_UNLOCK, ast_strlen_zero(), ast_acl::list, and prefix.

◆ translate_value()

static const char * translate_value ( const char *  val)
static

Definition at line 125 of file common_config.c.

126{
127 if (val[0] == '0'
128 || val[0] == '\0'
129 || strcmp(val, "not_set") == 0) {
130 return "";
131 }
132
133 return val;
134}

Referenced by config_object_cli_show().

Variable Documentation

◆ cli_commands

struct ast_cli_entry cli_commands[]
static
Initial value:
= {
{ .handler = cli_verify_cert , .summary = "Verify a certificate file against the global or a profile verification store" ,},
}
cli_verify_cert
static char * cli_verify_cert(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
Definition common_config.c:303

Definition at line 370 of file common_config.c.

370 {
371 AST_CLI_DEFINE(cli_verify_cert, "Verify a certificate file against the global or a profile verification store"),
372};
AST_CLI_DEFINE
#define AST_CLI_DEFINE(fn, txt,...)
Definition cli.h:197

Referenced by common_config_load(), and common_config_unload().

◆ named_acl_changed_sub

struct stasis_subscription* named_acl_changed_sub = NULL

Definition at line 32 of file common_config.c.

Referenced by common_config_load(), and common_config_unload().

◆ sorcery

struct ast_sorcery* sorcery
static

Definition at line 31 of file common_config.c.

Referenced by common_config_load(), common_config_unload(), and get_sorcery().

Generated on Wed Oct 29 2025 20:04:41 for Asterisk - The Open Source Telephony Project by doxygen 1.9.8