39#define generate_bool_handler_functions(param_name) \
40static const char *param_name ## _map[] = { \
41 [ param_name ## _NOT_SET ] = "not_set", \
42 [ param_name ## _YES ] = "yes", \
43 [ param_name ## _NO ] = "no", \
45enum param_name ## _enum \
46 param_name ## _from_str(const char *value) \
48 if (!strcasecmp(value, param_name ## _map[param_name ## _NOT_SET])) { \
49 return param_name ## _NOT_SET; \
50 } else if (ast_true(value)) { \
51 return param_name ## _YES; \
52 } else if (ast_false(value)) { \
53 return param_name ## _NO; \
55 ast_log(LOG_WARNING, "Unknown " #param_name " response value '%s'\n", value); \
56 return param_name ## _UNKNOWN; \
58const char *param_name ## _to_str(enum param_name ## _enum value) \
60 return ARRAY_IN_BOUNDS(value, param_name ## _map) ? \
61 param_name ## _map[value] : NULL; \
77#define generate_enum_string_functions(param_name, default_value, ...)\
78static struct enum_name_xref_entry param_name ## _map[] = { \
81enum param_name ## _enum param_name ## _from_str( \
85 for (i = 0; i < ARRAY_LEN(param_name ## _map); i++) { \
86 if (strcasecmp(value, param_name ##_map[i].name) == 0) { \
87 return param_name ##_map[i].value; \
90 return param_name ## _ ## default_value; \
92const char *param_name ## _to_str( \
93 enum param_name ## _enum value) \
96 for (i = 0; i < ARRAY_LEN(param_name ## _map); i++) { \
97 if (value == param_name ## _map[i].value) return param_name ## _map[i].name; \
103 {attest_level_NOT_SET,
"not_set"},
104 {attest_level_A,
"A"},
105 {attest_level_B,
"B"},
106 {attest_level_C,
"C"},
110 {endpoint_behavior_OFF,
"off"},
111 {endpoint_behavior_OFF,
"none"},
112 {endpoint_behavior_ATTEST,
"attest"},
113 {endpoint_behavior_VERIFY,
"verify"},
114 {endpoint_behavior_ON,
"on"},
115 {endpoint_behavior_ON,
"both"}
128 || strcmp(
val,
"not_set") == 0) {
151#define print_acl_cert_store(cfg, a, max_name_len) \
153 if (cfg->vcfg_common.acl) { \
154 ast_cli(a->fd, "x5u_acl:\n"); \
155 print_acl(a->fd, cfg->vcfg_common.acl, " "); \
157 ast_cli(a->fd, "%-*s: (none)\n", max_name_len, "x5u_acl"); \
159 if (cfg->vcfg_common.tcs) { \
161 ast_cli(a->fd, "%-*s:\n", max_name_len, "Verification CA certificate store"); \
162 count = crypto_show_cli_store(cfg->vcfg_common.tcs, a->fd); \
163 if (count == 0 && (!ast_strlen_zero(cfg->vcfg_common.ca_path) \
164 || !ast_strlen_zero(cfg->vcfg_common.crl_path))) { \
165 ast_cli(a->fd, " Note: Certs in ca_path or crl_path won't show until used.\n"); \
168 ast_cli(a->fd, "%-*s: (none)\n", max_name_len, "Verification CA certificate store"); \
178 const char *title =
NULL;
179 const char *cfg_name =
NULL;
180 int max_name_len = 0;
183 ast_cli(
a->fd,
"No stir/shaken configuration found\n");
188 title = cli_data->
title;
192 max_name_len = strlen(title);
197 max_name_len += strlen(cfg_name) + 2 ;
207 int nlen = strlen(i->
name);
208 max_name_len = (nlen > max_name_len) ? nlen : max_name_len;
211 ast_cli(
a->fd,
"\n==============================================================================\n");
215 ast_cli(
a->fd,
"%s: %s\n", title, cfg_name);
217 ast_cli(
a->fd,
"------------------------------------------------------------------------------\n");
235 ast_cli(
a->fd,
"---------------------------------------------\n\n"); \
244 int wordlen = strlen(
word);
270 size_t len = tn ? strlen(tn) : 0;
271 char *new_tn = dest_tn;
283 for (i = 0; i <
len; i++) {
284 if (isdigit(*s) || *s ==
'#' || *s ==
'*') {
308 const char *errmsg =
NULL;
312 e->
command =
"stir_shaken verify certificate_file";
314 "Usage: stir_shaken verify certificate_file <certificate_file> [ <profile> ]\n"
315 " Verify an external certificate file against the global or profile verification store\n";
332 ast_cli(
a->fd,
"Profile %s doesn't exist\n",
a->argv[4]);
335 if (!profile->vcfg_common.tcs) {
336 ast_cli(
a->fd,
"Profile %s doesn't have a certificate store\n",
a->argv[4]);
339 tcs = profile->vcfg_common.tcs;
343 ast_cli(
a->fd,
"No verification store found\n");
346 tcs = vs_cfg->vcfg_common.tcs;
351 ast_cli(
a->fd,
"Failed to load certificate from %s. See log for details\n",
a->argv[3]);
356 ast_cli(
a->fd,
"Certificate %s trusted\n",
a->argv[3]);
358 ast_cli(
a->fd,
"Certificate %s NOT trusted: %s\n",
a->argv[3], errmsg);
struct stasis_message_type * ast_named_acl_change_type(void)
a stasis_message_type for changes against a named ACL or the set of all named ACLs
void ast_ha_output(int fd, const struct ast_ha *ha, const char *prefix)
output an HA to the provided fd
Asterisk main include file. File version handling, generic pbx functions.
#define ast_strdup(str)
A wrapper for strdup()
#define ast_malloc(len)
A wrapper for malloc()
#define ao2_iterator_next(iter)
struct ao2_iterator ao2_iterator_init(struct ao2_container *c, int flags) attribute_warn_unused_result
Create an iterator for a container.
#define ao2_ref(o, delta)
Reference/unreference an object and return the old refcount.
void ao2_iterator_destroy(struct ao2_iterator *iter)
Destroy a container iterator.
int as_load()
Load the stir/shaken attestation service.
int as_unload()
Load the stir/shaken attestation service.
int as_reload()
Load the stir/shaken attestation service.
Standard Command Line Interface.
int ast_cli_unregister_multiple(struct ast_cli_entry *e, int len)
Unregister multiple commands.
#define AST_CLI_DEFINE(fn, txt,...)
int ast_cli_completion_add(char *value)
Add a result to a request for completion options.
void ast_cli(int fd, const char *fmt,...)
#define ast_cli_register_multiple(e, len)
Register multiple commands.
int config_object_cli_show(void *obj, void *arg, void *data, int flags)
Output configuration settings to the Asterisk CLI.
char * config_object_tab_complete_name(const char *word, struct ao2_container *container)
Tab completion for name matching with STIR/SHAKEN CLI commands.
static const char * translate_value(const char *val)
int common_config_unload(void)
static struct ast_cli_entry cli_commands[]
static char * cli_verify_cert(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
struct stasis_subscription * named_acl_changed_sub
int common_config_reload(void)
char * canonicalize_tn_alloc(const char *tn)
Canonicalize a TN into nre buffer.
int common_config_load(void)
static void named_acl_changed_cb(void *data, struct stasis_subscription *sub, struct stasis_message *message)
#define generate_enum_string_functions(param_name, default_value,...)
static struct ast_sorcery * sorcery
char * canonicalize_tn(const char *tn, char *dest_tn)
Canonicalize a TN.
#define generate_bool_handler_functions(param_name)
#define print_acl_cert_store(cfg, a, max_name_len)
static void print_acl(int fd, struct ast_acl_list *acl_list, const char *prefix)
struct ast_sorcery * get_sorcery(void)
Retrieve the stir/shaken sorcery context.
@ config_object_type_profile
@ config_object_type_verification
struct verification_cfg * vs_get_cfg(void)
int tn_config_unload(void)
struct profile_cfg * profile_get_cfg(const char *id)
struct ao2_container * profile_get_all(void)
int tn_config_reload(void)
int crypto_is_cert_trusted(struct crypto_cert_store *store, X509 *cert, const char **err_msg)
Check if the cert is trusted.
X509 * crypto_load_cert_from_file(const char *filename)
Load an X509 Cert from a file.
static int len(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t buflen)
#define SCOPE_EXIT_RTN_VALUE(__return_value,...)
#define SCOPE_ENTER(level,...)
static char prefix[MAX_PREFIX]
struct ast_variable * ast_variable_list_sort(struct ast_variable *head)
Performs an in-place sort on the variable list by ascending name.
void ast_variables_destroy(struct ast_variable *var)
Free variable list.
Support for logging to various files, console and syslog Configuration in file logger....
#define AST_LIST_TRAVERSE(head, var, field)
Loops over (traverses) the entries in a list.
#define AST_LIST_LOCK(head)
Locks a list.
#define AST_LIST_UNLOCK(head)
Attempts to unlock a list.
Asterisk module definitions.
@ AST_MODULE_LOAD_SUCCESS
@ AST_MODULE_LOAD_DECLINE
Module has failed to load, may be in an inconsistent state.
struct stasis_forward * sub
struct ao2_container * container
@ stir_shaken_failure_action_CONTINUE
@ stir_shaken_failure_action_CONTINUE_RETURN_REASON
@ stir_shaken_failure_action_REJECT_REQUEST
Security Event Reporting API.
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
#define ast_sorcery_unref(sorcery)
Decrease the reference count of a sorcery structure.
const char * ast_sorcery_object_get_id(const void *object)
Get the unique identifier of a sorcery object.
const char * ast_sorcery_object_get_type(const void *object)
Get the type of a sorcery object.
@ AST_HANDLER_ONLY_STRING
Use string handler only.
#define ast_sorcery_open()
Open a new sorcery structure.
struct ast_variable * ast_sorcery_objectset_create2(const struct ast_sorcery *sorcery, const void *object, enum ast_sorcery_field_handler_flags flags)
Create an object set (KVP list) for an object.
Stasis Message Bus API. See Stasis Message Bus API for detailed documentation.
struct stasis_message_type * stasis_message_type(const struct stasis_message *msg)
Get the message type for a stasis_message.
int stasis_subscription_accept_message_type(struct stasis_subscription *subscription, const struct stasis_message_type *type)
Indicate to a subscription that we are interested in a message type.
struct stasis_subscription * stasis_unsubscribe(struct stasis_subscription *subscription)
Cancel a subscription.
#define stasis_subscribe(topic, callback, data)
int ast_strings_equal(const char *str1, const char *str2)
Compare strings for equality checking for NULL.
#define S_OR(a, b)
returns the equivalent of logic or for strings: first one if not empty, otherwise second one.
static force_inline int attribute_pure ast_strlen_zero(const char *s)
When we need to walk through a container, we use an ao2_iterator to keep track of the current positio...
Wrapper for an ast_acl linked list.
an ast_acl is a linked list node of ast_ha structs which may have names.
struct ast_acl::@180 list
descriptor for a cli entry.
Full structure for sorcery.
Structure for variables, used for configurations and for channel variables.
struct ast_variable * next
enum config_object_type object_type
ao2 object wrapper for X509_STORE that provides locking and refcounting
Profile configuration for stir/shaken.
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
int vs_load()
Load the stir/shaken verification service.
int vs_unload()
Unload the stir/shaken verification service.
int vs_reload()
Reload the stir/shaken verification service.
