Asterisk - The Open Source Telephony Project GIT-master-754dea3
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Properties Macros Modules Pages
pjsip_distributor.c
Go to the documentation of this file.
1/*
2 * Asterisk -- An open source telephony toolkit.
3 *
4 * Copyright (C) 2013, Digium, Inc.
5 *
6 * Mark Michelson <mmichelson@digium.com>
7 *
8 * See http://www.asterisk.org for more information about
9 * the Asterisk project. Please do not directly contact
10 * any of the maintainers of this project for assistance;
11 * the project provides a web site, mailing lists and IRC
12 * channels for your use.
13 *
14 * This program is free software, distributed under the terms of
15 * the GNU General Public License Version 2. See the LICENSE file
16 * at the top of the source tree.
17 */
18
19#include "asterisk.h"
20
21#include <pjsip.h>
22
23#include "asterisk/res_pjsip.h"
24#include "asterisk/acl.h"
27#include "asterisk/threadpool.h"
29
30static int distribute(void *data);
31static pj_bool_t distributor(pjsip_rx_data *rdata);
32static pj_status_t record_serializer(pjsip_tx_data *tdata);
33
34static pjsip_module distributor_mod = {
35 .name = {"Request Distributor", 19},
36 .priority = PJSIP_MOD_PRIORITY_TSX_LAYER - 6,
37 .on_tx_request = record_serializer,
38 .on_rx_request = distributor,
39 .on_rx_response = distributor,
40};
41
43
44#define DEFAULT_SUSPECTS_BUCKETS 53
45
47static unsigned int unidentified_count;
48static unsigned int unidentified_period;
49static unsigned int unidentified_prune_interval;
52
54 struct timeval first_seen;
55 int count;
56 char src_name[];
57};
58
59/*! Number of serializers in pool if one not otherwise known. (Best if prime number) */
60#define DISTRIBUTOR_POOL_SIZE 31
61
62/*! Pool of serializers to use if not supplied. */
64
65/*!
66 * \internal
67 * \brief Record the task's serializer name on the tdata structure.
68 * \since 14.0.0
69 *
70 * \param tdata The outgoing message.
71 *
72 * \retval PJ_SUCCESS.
73 */
74static pj_status_t record_serializer(pjsip_tx_data *tdata)
75{
77
79 if (serializer) {
80 const char *name;
81
84 && (!tdata->mod_data[distributor_mod.id]
85 || strcmp(tdata->mod_data[distributor_mod.id], name))) {
86 char *tdata_name;
87
88 /* The serializer in use changed. */
89 tdata_name = pj_pool_alloc(tdata->pool, strlen(name) + 1);
90 strcpy(tdata_name, name);/* Safe */
91
92 tdata->mod_data[distributor_mod.id] = tdata_name;
93 }
94 }
95
96 return PJ_SUCCESS;
97}
98
99/*!
100 * \internal
101 * \brief Find the request tdata to get the serializer it used.
102 * \since 14.0.0
103 *
104 * \param rdata The incoming message.
105 *
106 * \retval serializer on success.
107 * \retval NULL on error or could not find the serializer.
108 */
109static struct ast_taskprocessor *find_request_serializer(pjsip_rx_data *rdata)
110{
112 pj_str_t tsx_key;
113 pjsip_transaction *tsx;
114
115 pjsip_tsx_create_key(rdata->tp_info.pool, &tsx_key, PJSIP_ROLE_UAC,
116 &rdata->msg_info.cseq->method, rdata);
117
118 tsx = pjsip_tsx_layer_find_tsx(&tsx_key, PJ_TRUE);
119 if (!tsx) {
120 ast_debug(1, "Could not find transaction for %s.\n",
121 pjsip_rx_data_get_info(rdata));
122 return NULL;
123 }
124 ast_debug(3, "Found transaction %s for %s.\n",
125 tsx->obj_name, pjsip_rx_data_get_info(rdata));
126
127 if (tsx->last_tx) {
128 const char *serializer_name;
129
130 serializer_name = tsx->last_tx->mod_data[distributor_mod.id];
131 if (!ast_strlen_zero(serializer_name)) {
133 if (serializer) {
134 ast_debug(3, "Found serializer %s on transaction %s\n",
135 serializer_name, tsx->obj_name);
136 }
137 }
138 }
139
140#ifdef HAVE_PJ_TRANSACTION_GRP_LOCK
141 pj_grp_lock_release(tsx->grp_lock);
142#else
143 pj_mutex_unlock(tsx->mutex);
144#endif
145
146 return serializer;
147}
148
149/*! Dialog-specific information the distributor uses */
151 /*! dialog_associations ao2 container key */
152 pjsip_dialog *dlg;
153 /*! Serializer to distribute tasks to for this dialog */
155 /*! Endpoint associated with this dialog */
157};
158
159#define DIALOG_ASSOCIATIONS_BUCKETS 251
160
162
163/*!
164 * \internal
165 * \brief Compute a hash value on an arbitrary buffer.
166 * \since 13.17.0
167 *
168 * \param[in] pos The buffer to add to the hash
169 * \param[in] len The buffer length to add to the hash
170 * \param[in] hash The hash value to add to
171 *
172 * \details
173 * This version of the function is for when you need to compute a
174 * hash of more than one buffer.
175 *
176 * This famous hash algorithm was written by Dan Bernstein and is
177 * commonly used.
178 *
179 * \sa http://www.cse.yorku.ca/~oz/hash.html
180 */
181static int buf_hash_add(const char *pos, size_t len, int hash)
182{
183 while (len--) {
184 hash = hash * 33 ^ *pos++;
185 }
186
187 return hash;
188}
189
190/*!
191 * \internal
192 * \brief Compute a hash value on an arbitrary buffer.
193 * \since 13.17.0
194 *
195 * \param[in] pos The buffer to add to the hash
196 * \param[in] len The buffer length to add to the hash
197 *
198 * \details
199 * This version of the function is for when you need to compute a
200 * hash of more than one buffer.
201 *
202 * This famous hash algorithm was written by Dan Bernstein and is
203 * commonly used.
204 *
205 * \sa http://www.cse.yorku.ca/~oz/hash.html
206 */
207static int buf_hash(const char *pos, size_t len)
208{
209 return buf_hash_add(pos, len, 5381);
210}
211
212static int dialog_associations_hash(const void *obj, int flags)
213{
214 const struct distributor_dialog_data *object;
215 union {
216 const pjsip_dialog *dlg;
217 const char buf[sizeof(pjsip_dialog *)];
218 } key;
219
220 switch (flags & OBJ_SEARCH_MASK) {
221 case OBJ_SEARCH_KEY:
222 key.dlg = obj;
223 break;
225 object = obj;
226 key.dlg = object->dlg;
227 break;
228 default:
229 /* Hash can only work on something with a full key. */
230 ast_assert(0);
231 return 0;
232 }
233 return ast_str_hash_restrict(buf_hash(key.buf, sizeof(key.buf)));
234}
235
236static int dialog_associations_cmp(void *obj, void *arg, int flags)
237{
238 const struct distributor_dialog_data *object_left = obj;
239 const struct distributor_dialog_data *object_right = arg;
240 const pjsip_dialog *right_key = arg;
241 int cmp = 0;
242
243 switch (flags & OBJ_SEARCH_MASK) {
245 right_key = object_right->dlg;
246 /* Fall through */
247 case OBJ_SEARCH_KEY:
248 if (object_left->dlg == right_key) {
249 cmp = CMP_MATCH;
250 }
251 break;
253 /* There is no such thing for this container. */
254 ast_assert(0);
255 break;
256 default:
257 cmp = 0;
258 break;
259 }
260 return cmp;
261}
262
264{
265 struct distributor_dialog_data *dist;
266
269 if (!dist) {
270 if (serializer) {
271 dist = ao2_alloc(sizeof(*dist), NULL);
272 if (dist) {
273 dist->dlg = dlg;
274 dist->serializer = serializer;
276 ao2_ref(dist, -1);
277 }
278 }
279 } else {
280 ao2_lock(dist);
281 dist->serializer = serializer;
282 if (!dist->serializer && !dist->endpoint) {
284 }
285 ao2_unlock(dist);
286 ao2_ref(dist, -1);
287 }
289}
290
292{
293 struct distributor_dialog_data *dist;
294
297 if (!dist) {
298 if (endpoint) {
299 dist = ao2_alloc(sizeof(*dist), NULL);
300 if (dist) {
301 dist->dlg = dlg;
302 dist->endpoint = endpoint;
304 ao2_ref(dist, -1);
305 }
306 }
307 } else {
308 ao2_lock(dist);
309 dist->endpoint = endpoint;
310 if (!dist->serializer && !dist->endpoint) {
312 }
313 ao2_unlock(dist);
314 ao2_ref(dist, -1);
315 }
317}
318
320{
321 struct distributor_dialog_data *dist;
322 struct ast_sip_endpoint *endpoint;
323
325 if (dist) {
326 ao2_lock(dist);
327 endpoint = ao2_bump(dist->endpoint);
328 ao2_unlock(dist);
329 ao2_ref(dist, -1);
330 } else {
331 endpoint = NULL;
332 }
333 return endpoint;
334}
335
336static pjsip_dialog *find_dialog(pjsip_rx_data *rdata)
337{
338 pj_str_t tsx_key;
339 pjsip_transaction *tsx;
340 pjsip_dialog *dlg;
341 pj_str_t *local_tag;
342 pj_str_t *remote_tag;
343
344 if (!rdata->msg_info.msg) {
345 return NULL;
346 }
347
348 if (rdata->msg_info.msg->type == PJSIP_REQUEST_MSG) {
349 local_tag = &rdata->msg_info.to->tag;
350 remote_tag = &rdata->msg_info.from->tag;
351 } else {
352 local_tag = &rdata->msg_info.from->tag;
353 remote_tag = &rdata->msg_info.to->tag;
354 }
355
356 /* We can only call the convenient method for
357 * 1) responses
358 * 2) non-CANCEL requests
359 * 3) CANCEL requests with a to-tag
360 */
361 if (rdata->msg_info.msg->type == PJSIP_RESPONSE_MSG ||
362 pjsip_method_cmp(&rdata->msg_info.msg->line.req.method, &pjsip_cancel_method) ||
363 rdata->msg_info.to->tag.slen != 0) {
364 dlg = pjsip_ua_find_dialog(&rdata->msg_info.cid->id, local_tag,
365 remote_tag, PJ_FALSE);
366 if (dlg) {
367 return dlg;
368 }
369 }
370
371 /*
372 * There may still be a matching dialog if this is
373 * 1) an incoming CANCEL request without a to-tag
374 * 2) an incoming response to a dialog-creating request.
375 */
376 if (rdata->msg_info.msg->type == PJSIP_REQUEST_MSG) {
377 /* CANCEL requests will need to match the INVITE we initially received. Any
378 * other request type will either have been matched already or is not in
379 * dialog
380 */
381 pjsip_tsx_create_key(rdata->tp_info.pool, &tsx_key, PJSIP_ROLE_UAS,
382 pjsip_get_invite_method(), rdata);
383 } else {
384 pjsip_tsx_create_key(rdata->tp_info.pool, &tsx_key, PJSIP_ROLE_UAC,
385 &rdata->msg_info.cseq->method, rdata);
386 }
387
388 tsx = pjsip_tsx_layer_find_tsx(&tsx_key, PJ_TRUE);
389 if (!tsx) {
390 ast_debug(3, "Could not find matching transaction for %s\n",
391 pjsip_rx_data_get_info(rdata));
392 return NULL;
393 }
394
395 dlg = pjsip_tsx_get_dlg(tsx);
396
397#ifdef HAVE_PJ_TRANSACTION_GRP_LOCK
398 pj_grp_lock_release(tsx->grp_lock);
399#else
400 pj_mutex_unlock(tsx->mutex);
401#endif
402
403 return dlg;
404}
405
406/*!
407 * \internal
408 * \brief Compute a hash value on a pjlib string
409 * \since 13.10.0
410 *
411 * \param[in] str The pjlib string to add to the hash
412 * \param[in] hash The hash value to add to
413 *
414 * \details
415 * This version of the function is for when you need to compute a
416 * string hash of more than one string.
417 *
418 * This famous hash algorithm was written by Dan Bernstein and is
419 * commonly used.
420 *
421 * \sa http://www.cse.yorku.ca/~oz/hash.html
422 */
423static int pjstr_hash_add(pj_str_t *str, int hash)
424{
425 return buf_hash_add(pj_strbuf(str), pj_strlen(str), hash);
426}
427
428/*!
429 * \internal
430 * \brief Compute a hash value on a pjlib string
431 * \since 13.10.0
432 *
433 * \param[in] str The pjlib string to hash
434 *
435 * This famous hash algorithm was written by Dan Bernstein and is
436 * commonly used.
437 *
438 * http://www.cse.yorku.ca/~oz/hash.html
439 */
440static int pjstr_hash(pj_str_t *str)
441{
442 return pjstr_hash_add(str, 5381);
443}
444
446{
447 int hash;
448 pj_str_t *remote_tag;
450
451 if (!rdata->msg_info.msg) {
452 return NULL;
453 }
454
455 if (rdata->msg_info.msg->type == PJSIP_REQUEST_MSG) {
456 remote_tag = &rdata->msg_info.from->tag;
457 } else {
458 remote_tag = &rdata->msg_info.to->tag;
459 }
460
461 /* Compute the hash from the SIP message call-id and remote-tag */
462 hash = pjstr_hash(&rdata->msg_info.cid->id);
463 hash = pjstr_hash_add(remote_tag, hash);
464 hash = ast_str_hash_restrict(hash);
465
467 if (serializer) {
468 ast_debug(3, "Calculated serializer %s to use for %s\n",
469 ast_taskprocessor_name(serializer), pjsip_rx_data_get_info(rdata));
470 }
471 return serializer;
472}
473
474static pj_bool_t endpoint_lookup(pjsip_rx_data *rdata);
475
476static pjsip_module endpoint_mod = {
477 .name = {"Endpoint Identifier", 19},
478 .priority = PJSIP_MOD_PRIORITY_TSX_LAYER - 3,
479 .on_rx_request = endpoint_lookup,
480};
481
482static pj_bool_t distributor(pjsip_rx_data *rdata)
483{
484 pjsip_dialog *dlg;
485 struct distributor_dialog_data *dist = NULL;
487 pjsip_rx_data *clone;
488
490 /*
491 * Ignore everything until we are fully booted. Let the
492 * peer retransmit messages until we are ready.
493 */
494 return PJ_TRUE;
495 }
496
497 dlg = find_dialog(rdata);
498 if (dlg) {
499 ast_debug(3, "Searching for serializer associated with dialog %s for %s\n",
500 dlg->obj_name, pjsip_rx_data_get_info(rdata));
502 if (dist) {
503 ao2_lock(dist);
505 ao2_unlock(dist);
506 if (serializer) {
507 ast_debug(3, "Found serializer %s associated with dialog %s\n",
508 ast_taskprocessor_name(serializer), dlg->obj_name);
509 }
510 }
511 }
512
513 if (serializer) {
514 /* We have a serializer so we know where to send the message. */
515 } else if (rdata->msg_info.msg->type == PJSIP_RESPONSE_MSG) {
516 ast_debug(3, "No dialog serializer for %s. Using request transaction as basis.\n",
517 pjsip_rx_data_get_info(rdata));
519 if (!serializer) {
520 /*
521 * Pick a serializer for the unmatched response.
522 * We couldn't determine what serializer originally
523 * sent the request or the serializer is gone.
524 */
526 }
527 } else if (!pjsip_method_cmp(&rdata->msg_info.msg->line.req.method, &pjsip_cancel_method)
528 || !pjsip_method_cmp(&rdata->msg_info.msg->line.req.method, &pjsip_bye_method)) {
529 /* We have a BYE or CANCEL request without a serializer. */
530 pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata,
531 PJSIP_SC_CALL_TSX_DOES_NOT_EXIST, NULL, NULL, NULL);
532 ao2_cleanup(dist);
533 return PJ_TRUE;
534 } else {
539 /*
540 * When taskprocessors get backed up, there is a good chance that
541 * we are being overloaded and need to defer adding new work to
542 * the system. To defer the work we will ignore the request and
543 * rely on the peer's transport layer to retransmit the message.
544 * We usually work off the overload within a few seconds.
545 * If transport is non-UDP we send a 503 response instead.
546 */
547 switch (rdata->tp_info.transport->key.type) {
548 case PJSIP_TRANSPORT_UDP6:
549 case PJSIP_TRANSPORT_UDP:
550 ast_debug(3, "Taskprocessor overload alert: Ignoring '%s'.\n",
551 pjsip_rx_data_get_info(rdata));
552 break;
553 default:
554 ast_debug(3, "Taskprocessor overload on non-udp transport. Received:'%s'. "
555 "Responding with a 503.\n", pjsip_rx_data_get_info(rdata));
556 pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata,
557 PJSIP_SC_SERVICE_UNAVAILABLE, NULL, NULL, NULL);
558 break;
559 }
560 ao2_cleanup(dist);
561 return PJ_TRUE;
562 }
563
564 /* Pick a serializer for the out-of-dialog request. */
566 }
567
568 if (pjsip_rx_data_clone(rdata, 0, &clone) != PJ_SUCCESS) {
570 ao2_cleanup(dist);
571 return PJ_TRUE;
572 }
573
574 if (dist) {
575 ao2_lock(dist);
576 clone->endpt_info.mod_data[endpoint_mod.id] = ao2_bump(dist->endpoint);
577 ao2_unlock(dist);
578 ao2_cleanup(dist);
579 }
580
582 ao2_cleanup(clone->endpt_info.mod_data[endpoint_mod.id]);
583 pjsip_rx_data_free_cloned(clone);
584 }
585
587
588 return PJ_TRUE;
589}
590
592 char *default_algos_uac, char *default_algos_uas)
593{
594 struct ast_sip_auth *fake_auth;
595
597 "artificial");
598 if (!fake_auth) {
599 return NULL;
600 }
601
603 ast_string_field_set(fake_auth, auth_user, "");
604 ast_string_field_set(fake_auth, auth_pass, "");
605
607 &fake_auth->supported_algorithms_uac, "UAC", default_algos_uac);
608
610 &fake_auth->supported_algorithms_uas, "UAS", default_algos_uas);
611
613
614 return fake_auth;
615}
616
617static AO2_GLOBAL_OBJ_STATIC(artificial_auth);
618
620{
622 struct ast_sip_auth *fake_auth;
623 char default_algos_uac[AST_SIP_AUTH_MAX_SUPPORTED_ALGORITHMS_LENGTH + 1];
624 char default_algos_uas[AST_SIP_AUTH_MAX_SUPPORTED_ALGORITHMS_LENGTH + 1];
625
628 sizeof(default_algos_uac));
630 sizeof(default_algos_uas));
631
632 fake_auth = alloc_artificial_auth(default_realm, default_algos_uac,
633 default_algos_uas);
634 if (!fake_auth) {
635 ast_log(LOG_ERROR, "Unable to create artificial auth\n");
636 return -1;
637 }
638 ao2_global_obj_replace_unref(artificial_auth, fake_auth);
639 ao2_cleanup(fake_auth);
640 return 0;
641}
642
644{
645 return ao2_global_obj_ref(artificial_auth);
646}
647
649
651{
653 if (!artificial_endpoint) {
654 return -1;
655 }
656
658 /* Pushing a bogus value into the vector will ensure that
659 * the proper size of the vector is returned. This value is
660 * not actually used anywhere
661 */
663 return 0;
664}
665
667{
669 return artificial_endpoint;
670}
671
672static void log_failed_request(pjsip_rx_data *rdata, char *msg, unsigned int count, unsigned int period)
673{
674 char from_buf[PJSIP_MAX_URL_SIZE];
675 char callid_buf[PJSIP_MAX_URL_SIZE];
676 char method_buf[PJSIP_MAX_URL_SIZE];
677 char src_addr_buf[AST_SOCKADDR_BUFLEN];
678 pjsip_uri_print(PJSIP_URI_IN_FROMTO_HDR, rdata->msg_info.from->uri, from_buf, PJSIP_MAX_URL_SIZE);
679 ast_copy_pj_str(callid_buf, &rdata->msg_info.cid->id, PJSIP_MAX_URL_SIZE);
680 ast_copy_pj_str(method_buf, &rdata->msg_info.msg->line.req.method.name, PJSIP_MAX_URL_SIZE);
681 if (count) {
682 ast_log(LOG_NOTICE, "Request '%s' from '%s' failed for '%s' (callid: %s) - %s"
683 " after %u tries in %.3f ms\n",
684 method_buf, from_buf,
685 pj_sockaddr_print(&rdata->pkt_info.src_addr, src_addr_buf, sizeof(src_addr_buf), 3),
686 callid_buf, msg, count, period / 1000.0);
687 } else {
688 ast_log(LOG_NOTICE, "Request '%s' from '%s' failed for '%s' (callid: %s) - %s\n",
689 method_buf, from_buf,
690 pj_sockaddr_print(&rdata->pkt_info.src_addr, src_addr_buf, sizeof(src_addr_buf), 3),
691 callid_buf, msg);
692 }
693}
694
695static void check_endpoint(pjsip_rx_data *rdata, struct unidentified_request *unid,
696 const char *name)
697{
698 int64_t ms = ast_tvdiff_ms(ast_tvnow(), unid->first_seen);
699
700 ao2_wrlock(unid);
701 unid->count++;
702
703 if (ms < (unidentified_period * 1000) && unid->count >= unidentified_count) {
704 log_failed_request(rdata, "No matching endpoint found", unid->count, ms);
706 }
707 ao2_unlock(unid);
708}
709
710static int apply_endpoint_acl(pjsip_rx_data *rdata, struct ast_sip_endpoint *endpoint);
711static int apply_endpoint_contact_acl(pjsip_rx_data *rdata, struct ast_sip_endpoint *endpoint);
712
713static void apply_acls(pjsip_rx_data *rdata)
714{
715 struct ast_sip_endpoint *endpoint;
716
717 /* Is the endpoint allowed with the source or contact address? */
718 endpoint = rdata->endpt_info.mod_data[endpoint_mod.id];
719 if (endpoint != artificial_endpoint
720 && (apply_endpoint_acl(rdata, endpoint)
721 || apply_endpoint_contact_acl(rdata, endpoint))) {
722 ast_debug(1, "Endpoint '%s' not allowed by ACL\n",
723 ast_sorcery_object_get_id(endpoint));
724
725 /* Replace the rdata endpoint with the artificial endpoint. */
726 ao2_replace(rdata->endpt_info.mod_data[endpoint_mod.id], artificial_endpoint);
727 }
728}
729
730static pj_bool_t endpoint_lookup(pjsip_rx_data *rdata)
731{
732 struct ast_sip_endpoint *endpoint;
733 struct unidentified_request *unid;
734 int is_ack = rdata->msg_info.msg->line.req.method.id == PJSIP_ACK_METHOD;
735
736 endpoint = rdata->endpt_info.mod_data[endpoint_mod.id];
737 if (endpoint) {
738 /*
739 * ao2_find with OBJ_UNLINK always write locks the container before even searching
740 * for the object. Since the majority case is that the object won't be found, do
741 * the find without OBJ_UNLINK to prevent the unnecessary write lock, then unlink
742 * if needed.
743 */
744 unid = ao2_find(unidentified_requests, rdata->pkt_info.src_name, OBJ_SEARCH_KEY);
745 if (unid) {
747 ao2_ref(unid, -1);
748 }
749 apply_acls(rdata);
750 return PJ_FALSE;
751 }
752
753 endpoint = ast_sip_identify_endpoint(rdata);
754 if (endpoint) {
755 unid = ao2_find(unidentified_requests, rdata->pkt_info.src_name, OBJ_SEARCH_KEY);
756 if (unid) {
758 ao2_ref(unid, -1);
759 }
760 }
761
762 if (!endpoint) {
763 /* always use an artificial endpoint - per discussion no reason
764 to have "alwaysauthreject" as an option. It is felt using it
765 was a bug fix and it is not needed since we are not worried about
766 breaking old stuff and we really don't want to enable the discovery
767 of SIP accounts */
769 }
770
771 /* endpoint ref held by mod_data[] */
772 rdata->endpt_info.mod_data[endpoint_mod.id] = endpoint;
773
774 if (endpoint == artificial_endpoint && !is_ack) {
775 char name[AST_UUID_STR_LEN] = "";
776 pjsip_uri *from = rdata->msg_info.from->uri;
777
778 if (ast_sip_is_allowed_uri(from)) {
780 }
781
782 unid = ao2_find(unidentified_requests, rdata->pkt_info.src_name, OBJ_SEARCH_KEY);
783 if (unid) {
784 check_endpoint(rdata, unid, name);
785 ao2_ref(unid, -1);
786 } else if (using_auth_username) {
788 /* Checking again with the write lock held allows us to eliminate the DUPS_REPLACE and sort_fn */
789 unid = ao2_find(unidentified_requests, rdata->pkt_info.src_name,
791 if (unid) {
792 check_endpoint(rdata, unid, name);
793 } else {
794 unid = ao2_alloc_options(sizeof(*unid) + strlen(rdata->pkt_info.src_name) + 1,
796 if (!unid) {
798 pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 500, NULL, NULL, NULL);
799 return PJ_TRUE;
800 }
801 strcpy(unid->src_name, rdata->pkt_info.src_name); /* Safe */
802 unid->first_seen = ast_tvnow();
803 unid->count = 1;
805 }
806 ao2_ref(unid, -1);
808 } else {
809 log_failed_request(rdata, "No matching endpoint found", 0, 0);
811 }
812 }
813
814 apply_acls(rdata);
815 return PJ_FALSE;
816}
817
818static int apply_endpoint_acl(pjsip_rx_data *rdata, struct ast_sip_endpoint *endpoint)
819{
820 struct ast_sockaddr addr;
821
822 if (ast_acl_list_is_empty(endpoint->acl)) {
823 return 0;
824 }
825
826 memset(&addr, 0, sizeof(addr));
827 ast_sockaddr_parse(&addr, rdata->pkt_info.src_name, PARSE_PORT_FORBID);
828 ast_sockaddr_set_port(&addr, rdata->pkt_info.src_port);
829
830 if (ast_apply_acl(endpoint->acl, &addr, "SIP ACL: ") != AST_SENSE_ALLOW) {
831 log_failed_request(rdata, "Not match Endpoint ACL", 0, 0);
832 ast_sip_report_failed_acl(endpoint, rdata, "not_match_endpoint_acl");
833 return 1;
834 }
835 return 0;
836}
837
838static int extract_contact_addr(pjsip_contact_hdr *contact, struct ast_sockaddr **addrs)
839{
840 pjsip_sip_uri *sip_uri;
841 char host[256];
842
843 if (!contact || contact->star) {
844 *addrs = NULL;
845 return 0;
846 }
847
848 if (!PJSIP_URI_SCHEME_IS_SIP(contact->uri) && !PJSIP_URI_SCHEME_IS_SIPS(contact->uri)) {
849 *addrs = NULL;
850 return 0;
851 }
852 sip_uri = pjsip_uri_get_uri(contact->uri);
853 ast_copy_pj_str(host, &sip_uri->host, sizeof(host));
855}
856
857static int apply_endpoint_contact_acl(pjsip_rx_data *rdata, struct ast_sip_endpoint *endpoint)
858{
859 int num_contact_addrs;
860 int forbidden = 0;
861 struct ast_sockaddr *contact_addrs;
862 int i;
863 pjsip_contact_hdr *contact = (pjsip_contact_hdr *)&rdata->msg_info.msg->hdr;
864
866 return 0;
867 }
868
869 while ((contact = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, contact->next))) {
870 num_contact_addrs = extract_contact_addr(contact, &contact_addrs);
871 if (num_contact_addrs <= 0) {
872 continue;
873 }
874 for (i = 0; i < num_contact_addrs; ++i) {
875 if (ast_apply_acl(endpoint->contact_acl, &contact_addrs[i], "SIP Contact ACL: ") != AST_SENSE_ALLOW) {
876 log_failed_request(rdata, "Not match Endpoint Contact ACL", 0, 0);
877 ast_sip_report_failed_acl(endpoint, rdata, "not_match_endpoint_contact_acl");
878 forbidden = 1;
879 break;
880 }
881 }
882 ast_free(contact_addrs);
883 if (forbidden) {
884 /* No use checking other contacts if we already have failed ACL check */
885 break;
886 }
887 }
888
889 return forbidden;
890}
891
892static pj_bool_t authenticate(pjsip_rx_data *rdata)
893{
895 int is_ack = rdata->msg_info.msg->line.req.method.id == PJSIP_ACK_METHOD;
896
897 ast_assert(endpoint != NULL);
898
899 if (is_ack) {
900 return PJ_FALSE;
901 }
902
903 if (ast_sip_requires_authentication(endpoint, rdata)) {
904 pjsip_tx_data *tdata;
905 struct unidentified_request *unid;
906
907 pjsip_endpt_create_response(ast_sip_get_pjsip_endpoint(), rdata, 401, NULL, &tdata);
908 switch (ast_sip_check_authentication(endpoint, rdata, tdata)) {
910 /* Send the 401 we created for them */
911 ast_sip_report_auth_challenge_sent(endpoint, rdata, tdata);
912 if (pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL) != PJ_SUCCESS) {
913 pjsip_tx_data_dec_ref(tdata);
914 }
915 return PJ_TRUE;
917 /* See note in endpoint_lookup about not holding an unnecessary write lock */
918 unid = ao2_find(unidentified_requests, rdata->pkt_info.src_name, OBJ_SEARCH_KEY);
919 if (unid) {
921 ao2_ref(unid, -1);
922 }
923 ast_sip_report_auth_success(endpoint, rdata);
924 break;
926 log_failed_request(rdata, "Failed to authenticate", 0, 0);
928 if (pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL) != PJ_SUCCESS) {
929 pjsip_tx_data_dec_ref(tdata);
930 }
931 return PJ_TRUE;
933 log_failed_request(rdata, "Error to authenticate", 0, 0);
935 pjsip_tx_data_dec_ref(tdata);
936 pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 500, NULL, NULL, NULL);
937 return PJ_TRUE;
938 }
939 pjsip_tx_data_dec_ref(tdata);
940 } else if (endpoint == artificial_endpoint) {
941 /* Uh. Oh. The artificial endpoint couldn't challenge so block the request. */
942 pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 500, NULL, NULL, NULL);
943 return PJ_TRUE;
944 }
945
946 return PJ_FALSE;
947}
948
949static pjsip_module auth_mod = {
950 .name = {"Request Authenticator", 21},
951 .priority = PJSIP_MOD_PRIORITY_APPLICATION - 2,
952 .on_rx_request = authenticate,
953};
954
955static int distribute(void *data)
956{
957 static pjsip_process_rdata_param param = {
958 .start_mod = &distributor_mod,
959 .idx_after_start = 1,
960 };
961 pj_bool_t handled = PJ_FALSE;
962 pjsip_rx_data *rdata = data;
963 int is_request = rdata->msg_info.msg->type == PJSIP_REQUEST_MSG;
964 int is_ack = is_request ? rdata->msg_info.msg->line.req.method.id == PJSIP_ACK_METHOD : 0;
965 struct ast_sip_endpoint *endpoint;
966
967 pjsip_endpt_process_rx_data(ast_sip_get_pjsip_endpoint(), rdata, &param, &handled);
968 if (!handled && is_request && !is_ack) {
969 pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 501, NULL, NULL, NULL);
970 }
971
972 /* The endpoint_mod stores an endpoint reference in the mod_data of rdata. This
973 * is the only appropriate spot to actually decrement the reference.
974 */
975 endpoint = rdata->endpt_info.mod_data[endpoint_mod.id];
976 ao2_cleanup(endpoint);
977 pjsip_rx_data_free_cloned(rdata);
978 return 0;
979}
980
982{
983 struct ast_sip_endpoint *endpoint = rdata->endpt_info.mod_data[endpoint_mod.id];
984 if (endpoint) {
985 ao2_ref(endpoint, +1);
986 }
987 return endpoint;
988}
989
990static int suspects_sort(const void *obj, const void *arg, int flags)
991{
992 const struct unidentified_request *object_left = obj;
993 const struct unidentified_request *object_right = arg;
994 const char *right_key = arg;
995 int cmp;
996
997 switch (flags & OBJ_SEARCH_MASK) {
999 right_key = object_right->src_name;
1000 /* Fall through */
1001 case OBJ_SEARCH_KEY:
1002 cmp = strcmp(object_left->src_name, right_key);
1003 break;
1005 cmp = strncmp(object_left->src_name, right_key, strlen(right_key));
1006 break;
1007 default:
1008 cmp = 0;
1009 break;
1010 }
1011 return cmp;
1012}
1013
1014static int suspects_compare(void *obj, void *arg, int flags)
1015{
1016 const struct unidentified_request *object_left = obj;
1017 const struct unidentified_request *object_right = arg;
1018 const char *right_key = arg;
1019 int cmp = 0;
1020
1021 switch (flags & OBJ_SEARCH_MASK) {
1022 case OBJ_SEARCH_OBJECT:
1023 right_key = object_right->src_name;
1024 /* Fall through */
1025 case OBJ_SEARCH_KEY:
1026 if (strcmp(object_left->src_name, right_key) == 0) {
1027 cmp = CMP_MATCH;
1028 }
1029 break;
1031 if (strncmp(object_left->src_name, right_key, strlen(right_key)) == 0) {
1032 cmp = CMP_MATCH;
1033 }
1034 break;
1035 default:
1036 cmp = 0;
1037 break;
1038 }
1039 return cmp;
1040}
1041
1042static int suspects_hash(const void *obj, int flags)
1043{
1044 const struct unidentified_request *object;
1045 const char *key;
1046
1047 switch (flags & OBJ_SEARCH_MASK) {
1048 case OBJ_SEARCH_KEY:
1049 key = obj;
1050 break;
1051 case OBJ_SEARCH_OBJECT:
1052 object = obj;
1053 key = object->src_name;
1054 break;
1055 default:
1056 /* Hash can only work on something with a full key. */
1057 ast_assert(0);
1058 return 0;
1059 }
1060 return ast_str_hash(key);
1061}
1062
1063static struct ao2_container *cli_unid_get_container(const char *regex)
1064{
1065 struct ao2_container *s_container;
1066
1069 if (!s_container) {
1070 return NULL;
1071 }
1072
1073 if (ao2_container_dup(s_container, unidentified_requests, 0)) {
1074 ao2_ref(s_container, -1);
1075 return NULL;
1076 }
1077
1078 return s_container;
1079}
1080
1081static int cli_unid_iterate(void *container, ao2_callback_fn callback, void *args)
1082{
1083 ao2_callback(container, 0, callback, args);
1084
1085 return 0;
1086}
1087
1088static void *cli_unid_retrieve_by_id(const char *id)
1089{
1091}
1092
1093static const char *cli_unid_get_id(const void *obj)
1094{
1095 const struct unidentified_request *unid = obj;
1096
1097 return unid->src_name;
1098}
1099
1100static int cli_unid_print_header(void *obj, void *arg, int flags)
1101{
1102 struct ast_sip_cli_context *context = arg;
1103 RAII_VAR(struct ast_sip_cli_formatter_entry *, formatter_entry, NULL, ao2_cleanup);
1104
1105 int indent = CLI_INDENT_TO_SPACES(context->indent_level);
1106 int filler = CLI_LAST_TABSTOP - indent - 7;
1107
1108 ast_assert(context->output_buffer != NULL);
1109
1110 ast_str_append(&context->output_buffer, 0,
1111 "%*s: <IP Address%*.*s> <Count> <Age(sec)>\n",
1112 indent, "Request", filler, filler, CLI_HEADER_FILLER);
1113
1114 return 0;
1115}
1116
1117static int cli_unid_print_body(void *obj, void *arg, int flags)
1118{
1119 struct unidentified_request *unid = obj;
1120 struct ast_sip_cli_context *context = arg;
1121 int indent;
1122 int flexwidth;
1123 int64_t ms = ast_tvdiff_ms(ast_tvnow(), unid->first_seen);
1124
1125 ast_assert(context->output_buffer != NULL);
1126
1127 indent = CLI_INDENT_TO_SPACES(context->indent_level);
1128 flexwidth = CLI_LAST_TABSTOP - 4;
1129
1130 ast_str_append(&context->output_buffer, 0, "%*s: %-*.*s %7d %10.3f\n",
1131 indent,
1132 "Request",
1133 flexwidth, flexwidth,
1134 unid->src_name, unid->count, ms / 1000.0);
1135
1136 return 0;
1137}
1138
1139static struct ast_cli_entry cli_commands[] = {
1140 AST_CLI_DEFINE(ast_sip_cli_traverse_objects, "Show PJSIP Unidentified Requests",
1141 .command = "pjsip show unidentified_requests",
1142 .usage = "Usage: pjsip show unidentified_requests\n"
1143 " Show the PJSIP Unidentified Requests\n"),
1144};
1145
1147
1148static int expire_requests(void *object, void *arg, int flags)
1149{
1150 struct unidentified_request *unid = object;
1151 int *maxage = arg;
1152 int64_t ms = ast_tvdiff_ms(ast_tvnow(), unid->first_seen);
1153
1154 if (ms > (*maxage) * 2 * 1000) {
1155 return CMP_MATCH;
1156 }
1157
1158 return 0;
1159}
1160
1161static int prune_task(const void *data)
1162{
1163 unsigned int maxage;
1164
1166 maxage = unidentified_period * 2;
1168
1169 return unidentified_prune_interval * 1000;
1170}
1171
1172static int clean_task(const void *data)
1173{
1174 return 0;
1175}
1176
1177static void global_loaded(const char *object_type)
1178{
1179 char *identifier_order;
1180
1181 /* Update using_auth_username */
1182 identifier_order = ast_sip_get_endpoint_identifier_order();
1183 if (identifier_order) {
1184 char *identify_method;
1185 char *io_copy = ast_strdupa(identifier_order);
1186 int new_using = 0;
1187
1188 ast_free(identifier_order);
1189 while ((identify_method = ast_strip(strsep(&io_copy, ",")))) {
1190 if (!strcmp(identify_method, "auth_username")) {
1191 new_using = 1;
1192 break;
1193 }
1194 }
1195 using_auth_username = new_using;
1196 }
1197
1199
1201
1203
1204 /* Clean out the old task, if any */
1206 /* Have to do something with the return value to shut up the stupid compiler. */
1208 return;
1209 }
1210}
1211
1212/*! \brief Observer which is used to update our interval and default_realm when the global setting changes */
1215};
1216
1217/*!
1218 * \internal
1219 * \brief Shutdown the serializers in the distributor pool.
1220 * \since 13.10.0
1221 */
1223{
1224 int idx;
1225
1226 for (idx = 0; idx < ARRAY_LEN(distributor_pool); ++idx) {
1228 distributor_pool[idx] = NULL;
1229 }
1230}
1231
1232/*!
1233 * \internal
1234 * \brief Setup the serializers in the distributor pool.
1235 * \since 13.10.0
1236 *
1237 * \retval 0 on success.
1238 * \retval -1 on error.
1239 */
1241{
1242 char tps_name[AST_TASKPROCESSOR_MAX_NAME + 1];
1243 int idx;
1244
1245 for (idx = 0; idx < ARRAY_LEN(distributor_pool); ++idx) {
1246 /* Create name with seq number appended. */
1247 ast_taskprocessor_build_name(tps_name, sizeof(tps_name), "pjsip/distributor");
1248
1250 if (!distributor_pool[idx]) {
1251 return -1;
1252 }
1253 }
1254 return 0;
1255}
1256
1258{
1261 if (!unidentified_requests) {
1262 return -1;
1263 }
1264
1268 if (!dialog_associations) {
1270 return -1;
1271 }
1272
1273 if (distributor_pool_setup()) {
1275 return -1;
1276 }
1277
1279 if (!prune_context) {
1281 return -1;
1282 }
1283
1286 return -1;
1287 }
1288
1291
1294 return -1;
1295 }
1296
1299 return -1;
1300 }
1303 return -1;
1304 }
1307 return -1;
1308 }
1309
1312 if (!unid_formatter) {
1314 ast_log(LOG_ERROR, "Unable to allocate memory for unid_formatter\n");
1315 return -1;
1316 }
1317 unid_formatter->name = "unidentified_request";
1325
1327
1328 return 0;
1329}
1330
1332{
1335
1339
1340 ao2_global_obj_release(artificial_auth);
1342
1344
1345 if (prune_context) {
1347 }
1348
1350
1353}
Access Control of various sorts.
enum ast_acl_sense ast_apply_acl(struct ast_acl_list *acl_list, const struct ast_sockaddr *addr, const char *purpose)
Apply a set of rules to a given IP address.
Definition: acl.c:799
@ AST_SENSE_ALLOW
Definition: acl.h:38
int ast_acl_list_is_empty(struct ast_acl_list *acl_list)
Determines if an ACL is empty or if it contains entries.
Definition: acl.c:540
const char * str
Definition: app_jack.c:150
if(!yyg->yy_init)
Definition: ast_expr2f.c:854
char * strsep(char **str, const char *delims)
Asterisk main include file. File version handling, generic pbx functions.
#define ast_free(a)
Definition: astmm.h:180
#define ast_strdup(str)
A wrapper for strdup()
Definition: astmm.h:241
#define ast_strdupa(s)
duplicate a string in memory from the stack
Definition: astmm.h:298
#define ast_log
Definition: astobj2.c:42
int ao2_container_dup(struct ao2_container *dest, struct ao2_container *src, enum search_flags flags)
Copy all object references in the src container into the dest container.
@ CMP_MATCH
Definition: astobj2.h:1027
@ AO2_ALLOC_OPT_LOCK_NOLOCK
Definition: astobj2.h:367
@ AO2_ALLOC_OPT_LOCK_RWLOCK
Definition: astobj2.h:365
#define ao2_wrlock(a)
Definition: astobj2.h:719
#define ao2_global_obj_replace_unref(holder, obj)
Replace an ao2 object in the global holder, throwing away any old object.
Definition: astobj2.h:901
#define ao2_callback(c, flags, cb_fn, arg)
ao2_callback() is a generic function that applies cb_fn() to all objects in a container,...
Definition: astobj2.h:1693
#define ao2_cleanup(obj)
Definition: astobj2.h:1934
#define ao2_unlink(container, obj)
Remove an object from a container.
Definition: astobj2.h:1578
#define ao2_unlink_flags(container, obj, flags)
Remove an object from a container.
Definition: astobj2.h:1600
int() ao2_callback_fn(void *obj, void *arg, int flags)
Type of a generic callback function.
Definition: astobj2.h:1226
#define ao2_link_flags(container, obj, flags)
Add an object to a container.
Definition: astobj2.h:1554
#define ao2_global_obj_ref(holder)
Get a reference to the object stored in the global holder.
Definition: astobj2.h:918
#define ao2_find(container, arg, flags)
Definition: astobj2.h:1736
#define ao2_unlock(a)
Definition: astobj2.h:729
#define ao2_replace(dst, src)
Replace one object reference with another cleaning up the original.
Definition: astobj2.h:501
#define ao2_lock(a)
Definition: astobj2.h:717
#define ao2_ref(o, delta)
Reference/unreference an object and return the old refcount.
Definition: astobj2.h:459
#define ao2_alloc_options(data_size, destructor_fn, options)
Definition: astobj2.h:404
#define ao2_global_obj_release(holder)
Release the ao2 object held in the global holder.
Definition: astobj2.h:859
#define ao2_bump(obj)
Bump refcount on an AO2 object by one, returning the object.
Definition: astobj2.h:480
@ OBJ_SEARCH_PARTIAL_KEY
The arg parameter is a partial search key similar to OBJ_SEARCH_KEY.
Definition: astobj2.h:1116
@ OBJ_SEARCH_OBJECT
The arg parameter is an object of the same type.
Definition: astobj2.h:1087
@ OBJ_NOLOCK
Assume that the ao2_container is already locked.
Definition: astobj2.h:1063
@ OBJ_NODATA
Definition: astobj2.h:1044
@ OBJ_SEARCH_MASK
Search option field mask.
Definition: astobj2.h:1072
@ OBJ_MULTIPLE
Definition: astobj2.h:1049
@ OBJ_UNLINK
Definition: astobj2.h:1039
@ OBJ_SEARCH_KEY
The arg parameter is a search key, but is not an object.
Definition: astobj2.h:1101
#define ao2_container_alloc_list(ao2_options, container_options, sort_fn, cmp_fn)
Allocate and initialize a list container.
Definition: astobj2.h:1327
#define ao2_alloc(data_size, destructor_fn)
Definition: astobj2.h:409
#define ao2_container_alloc_hash(ao2_options, container_options, n_buckets, hash_fn, sort_fn, cmp_fn)
Allocate and initialize a hash container with the desired number of buckets.
Definition: astobj2.h:1303
int ast_cli_unregister_multiple(struct ast_cli_entry *e, int len)
Unregister multiple commands.
Definition: clicompat.c:30
#define AST_CLI_DEFINE(fn, txt,...)
Definition: cli.h:197
#define ast_cli_register_multiple(e, len)
Register multiple commands.
Definition: cli.h:265
enum ast_sip_taskprocessor_overload_trigger ast_sip_get_taskprocessor_overload_trigger(void)
char buf[BUFSIZE]
Definition: eagi_proxy.c:66
static const char name[]
Definition: format_mp3.c:68
static int regex(struct ast_channel *chan, const char *cmd, char *parse, char *buf, size_t len)
static int len(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t buflen)
struct ast_flags ast_options
Definition: options.c:61
@ AST_OPT_FLAG_FULLY_BOOTED
Definition: options.h:58
struct ast_sip_endpoint * ast_sip_dialog_get_endpoint(pjsip_dialog *dlg)
Get the endpoint associated with this dialog.
struct ast_taskprocessor * ast_sip_get_distributor_serializer(pjsip_rx_data *rdata)
Determine the distributor serializer for the SIP message.
int ast_sip_push_task(struct ast_taskprocessor *serializer, int(*sip_task)(void *), void *task_data)
Pushes a task to SIP servants.
Definition: res_pjsip.c:2099
struct ast_taskprocessor * ast_sip_create_serializer(const char *name)
Create a new serializer for SIP tasks.
Definition: res_pjsip.c:2094
void ast_sip_dialog_set_endpoint(pjsip_dialog *dlg, struct ast_sip_endpoint *endpoint)
Set an endpoint on a SIP dialog so in-dialog requests do not undergo endpoint lookup.
void ast_sip_dialog_set_serializer(pjsip_dialog *dlg, struct ast_taskprocessor *serializer)
Set a serializer on a SIP dialog so requests and responses are automatically serialized.
#define ast_debug(level,...)
Log a DEBUG message.
#define LOG_ERROR
#define LOG_NOTICE
int ast_sockaddr_resolve(struct ast_sockaddr **addrs, const char *str, int flags, int family)
Parses a string with an IPv4 or IPv6 address and place results into an array.
Definition: netsock2.c:280
@ AST_AF_UNSPEC
Definition: netsock2.h:54
int ast_sockaddr_parse(struct ast_sockaddr *addr, const char *str, int flags)
Parse an IPv4 or IPv6 address string.
Definition: netsock2.c:230
#define ast_sockaddr_set_port(addr, port)
Sets the port number of a socket address.
Definition: netsock2.h:532
#define AST_SOCKADDR_BUFLEN
Definition: netsock2.h:46
struct ast_sip_auth * ast_sip_get_artificial_auth(void)
Retrieves a reference to the artificial auth.
static int dialog_associations_hash(const void *obj, int flags)
static int cli_unid_iterate(void *container, ao2_callback_fn callback, void *args)
static int cli_unid_print_header(void *obj, void *arg, int flags)
static struct ast_sorcery_observer global_observer
Observer which is used to update our interval and default_realm when the global setting changes.
static int prune_task(const void *data)
static pjsip_module distributor_mod
static void distributor_pool_shutdown(void)
static int distribute(void *data)
static struct ao2_container * unidentified_requests
static struct ast_cli_entry cli_commands[]
static unsigned int unidentified_prune_interval
static enum ast_sip_taskprocessor_overload_trigger overload_trigger
static AO2_GLOBAL_OBJ_STATIC(artificial_auth)
struct ast_sip_endpoint * ast_sip_get_artificial_endpoint(void)
Retrieves a reference to the artificial endpoint.
static unsigned int unidentified_period
static void global_loaded(const char *object_type)
static pjsip_module auth_mod
#define DIALOG_ASSOCIATIONS_BUCKETS
static int extract_contact_addr(pjsip_contact_hdr *contact, struct ast_sockaddr **addrs)
static int expire_requests(void *object, void *arg, int flags)
static int apply_endpoint_acl(pjsip_rx_data *rdata, struct ast_sip_endpoint *endpoint)
static void check_endpoint(pjsip_rx_data *rdata, struct unidentified_request *unid, const char *name)
static pjsip_module endpoint_mod
static int buf_hash(const char *pos, size_t len)
static int buf_hash_add(const char *pos, size_t len, int hash)
struct ast_sched_context * prune_context
static void apply_acls(pjsip_rx_data *rdata)
static int clean_task(const void *data)
static pj_bool_t endpoint_lookup(pjsip_rx_data *rdata)
static pjsip_dialog * find_dialog(pjsip_rx_data *rdata)
static pj_status_t record_serializer(pjsip_tx_data *tdata)
static struct ao2_container * cli_unid_get_container(const char *regex)
struct ast_sip_endpoint * ast_pjsip_rdata_get_endpoint(pjsip_rx_data *rdata)
Get the looked-up endpoint on an out-of dialog request or response.
int ast_sip_initialize_distributor(void)
static int pjstr_hash_add(pj_str_t *str, int hash)
#define DISTRIBUTOR_POOL_SIZE
static int cli_unid_print_body(void *obj, void *arg, int flags)
static int suspects_hash(const void *obj, int flags)
static struct ast_sip_endpoint * artificial_endpoint
static int apply_endpoint_contact_acl(pjsip_rx_data *rdata, struct ast_sip_endpoint *endpoint)
static void * cli_unid_retrieve_by_id(const char *id)
static int suspects_compare(void *obj, void *arg, int flags)
static int suspects_sort(const void *obj, const void *arg, int flags)
static pj_bool_t authenticate(pjsip_rx_data *rdata)
static int create_artificial_endpoint(void)
static int dialog_associations_cmp(void *obj, void *arg, int flags)
void ast_sip_destroy_distributor(void)
static void log_failed_request(pjsip_rx_data *rdata, char *msg, unsigned int count, unsigned int period)
static int create_artificial_auth(void)
static const char * cli_unid_get_id(const void *obj)
struct ast_sip_cli_formatter_entry * unid_formatter
static pj_bool_t distributor(pjsip_rx_data *rdata)
static int pjstr_hash(pj_str_t *str)
static int using_auth_username
static unsigned int unidentified_count
static struct ast_sip_auth * alloc_artificial_auth(char *default_realm, char *default_algos_uac, char *default_algos_uas)
static struct ast_taskprocessor * distributor_pool[DISTRIBUTOR_POOL_SIZE]
static struct ast_taskprocessor * find_request_serializer(pjsip_rx_data *rdata)
static int distributor_pool_setup(void)
#define DEFAULT_SUSPECTS_BUCKETS
static struct ao2_container * dialog_associations
struct ao2_container * container
Definition: res_fax.c:531
const pj_str_t * ast_sip_pjsip_uri_get_username(pjsip_uri *uri)
Get the user portion of the pjsip_uri.
Definition: res_pjsip.c:3477
void ast_sip_unregister_service(pjsip_module *module)
Definition: res_pjsip.c:133
char * ast_sip_get_endpoint_identifier_order(void)
Retrieve the global endpoint_identifier_order setting.
int ast_sip_requires_authentication(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Determine if an incoming request requires authentication.
Definition: res_pjsip.c:163
void ast_sip_report_auth_success(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Send a security event notification for when authentication succeeds.
int ast_sip_register_service(pjsip_module *module)
Register a SIP service in Asterisk.
Definition: res_pjsip.c:117
int ast_sip_is_allowed_uri(pjsip_uri *uri)
Check whether a pjsip_uri is allowed or not.
Definition: res_pjsip.c:3472
void ast_sip_report_auth_challenge_sent(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, pjsip_tx_data *tdata)
Send a security event notification for when an authentication challenge is sent.
int ast_sip_auth_digest_algorithms_vector_init(const char *id, struct pjsip_auth_algorithm_type_vector *algorithms, const char *agent_type, const char *value)
Populate a vector of algorithm types from a string.
Definition: config_auth.c:192
enum ast_sip_check_auth_result ast_sip_check_authentication(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, pjsip_tx_data *tdata)
Method to determine authentication status of an incoming request.
Definition: res_pjsip.c:179
pjsip_endpoint * ast_sip_get_pjsip_endpoint(void)
Get a pointer to the PJSIP endpoint.
Definition: res_pjsip.c:520
void ast_copy_pj_str(char *dest, const pj_str_t *src, size_t size)
Copy a pj_str_t into a standard character buffer.
Definition: res_pjsip.c:2201
struct ast_sip_endpoint * ast_sip_identify_endpoint(pjsip_rx_data *rdata)
Determine the endpoint that has sent a SIP message.
Definition: res_pjsip.c:330
void ast_sip_report_invalid_endpoint(const char *name, pjsip_rx_data *rdata)
Send a security event notification for when an invalid endpoint is requested.
void ast_sip_get_default_realm(char *realm, size_t size)
Retrieve the global default realm.
#define AST_SIP_AUTH_MAX_REALM_LENGTH
Definition: res_pjsip.h:74
@ AST_SIP_AUTH_TYPE_ARTIFICIAL
Definition: res_pjsip.h:585
#define AST_SIP_AUTH_MAX_SUPPORTED_ALGORITHMS_LENGTH
Definition: res_pjsip.h:75
void ast_sip_report_auth_failed_challenge_response(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Send a security event notification for when a challenge response has failed.
#define SIP_SORCERY_AUTH_TYPE
Definition: res_pjsip.h:597
struct ast_sorcery * ast_sip_get_sorcery(void)
Get a pointer to the SIP sorcery structure.
@ AST_SIP_AUTHENTICATION_CHALLENGE
Definition: res_pjsip.h:1323
@ AST_SIP_AUTHENTICATION_ERROR
Definition: res_pjsip.h:1329
@ AST_SIP_AUTHENTICATION_SUCCESS
Definition: res_pjsip.h:1325
@ AST_SIP_AUTHENTICATION_FAILED
Definition: res_pjsip.h:1327
void ast_sip_get_default_auth_algorithms_uac(char *default_auth_algorithms_uac, size_t size)
Retrieve the global auth algorithms for UAC.
void ast_sip_get_default_auth_algorithms_uas(char *default_auth_algorithms_uas, size_t size)
Retrieve the global auth algorithms for UAS.
void ast_sip_report_failed_acl(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, const char *name)
Send a security event notification for when an ACL check fails.
void ast_sip_get_unidentified_request_thresholds(unsigned int *count, unsigned int *period, unsigned int *prune_interval)
Retrieve the unidentified request security event thresholds.
static char default_realm[AST_SIP_AUTH_MAX_REALM_LENGTH+1]
int ast_sip_unregister_cli_formatter(struct ast_sip_cli_formatter_entry *formatter)
Unregisters a CLI formatter.
Definition: pjsip_cli.c:326
#define CLI_HEADER_FILLER
Definition: res_pjsip_cli.h:24
#define CLI_LAST_TABSTOP
Definition: res_pjsip_cli.h:27
char * ast_sip_cli_traverse_objects(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
Definition: pjsip_cli.c:109
#define CLI_INDENT_TO_SPACES(x)
Definition: res_pjsip_cli.h:29
int ast_sip_register_cli_formatter(struct ast_sip_cli_formatter_entry *formatter)
Registers a CLI formatter.
Definition: pjsip_cli.c:310
ast_sip_taskprocessor_overload_trigger
@ TASKPROCESSOR_OVERLOAD_TRIGGER_GLOBAL
@ TASKPROCESSOR_OVERLOAD_TRIGGER_PJSIP_ONLY
#define NULL
Definition: resample.c:96
void ast_sched_clean_by_callback(struct ast_sched_context *con, ast_sched_cb match, ast_sched_cb cleanup_cb)
Clean all scheduled events with matching callback.
Definition: sched.c:409
void ast_sched_context_destroy(struct ast_sched_context *c)
destroys a schedule context
Definition: sched.c:271
int ast_sched_start_thread(struct ast_sched_context *con)
Start a thread for processing scheduler entries.
Definition: sched.c:197
int ast_sched_add_variable(struct ast_sched_context *con, int when, ast_sched_cb callback, const void *data, int variable) attribute_warn_unused_result
Adds a scheduled event with rescheduling support.
Definition: sched.c:526
struct ast_sched_context * ast_sched_context_create(void)
Create a scheduler context.
Definition: sched.c:238
const char * ast_sorcery_object_get_id(const void *object)
Get the unique identifier of a sorcery object.
Definition: sorcery.c:2317
void ast_sorcery_observer_remove(const struct ast_sorcery *sorcery, const char *type, const struct ast_sorcery_observer *callbacks)
Remove an observer from a specific object type.
Definition: sorcery.c:2423
int ast_sorcery_observer_add(const struct ast_sorcery *sorcery, const char *type, const struct ast_sorcery_observer *callbacks)
Add an observer to a specific object type.
Definition: sorcery.c:2391
void * ast_sorcery_alloc(const struct ast_sorcery *sorcery, const char *type, const char *id)
Allocate an object.
Definition: sorcery.c:1744
void ast_sorcery_reload_object(const struct ast_sorcery *sorcery, const char *type)
Inform any wizards of a specific object type to reload persistent objects.
Definition: sorcery.c:1442
#define ast_string_field_set(x, field, data)
Set a field to a simple string value.
Definition: stringfields.h:521
int ast_str_append(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Append to a thread local dynamic string.
Definition: strings.h:1139
static force_inline int attribute_pure ast_str_hash(const char *str)
Compute a hash value on a string.
Definition: strings.h:1259
static force_inline int attribute_pure ast_strlen_zero(const char *s)
Definition: strings.h:65
static force_inline int attribute_pure ast_str_hash_restrict(unsigned int hash)
Restrict hash value range.
Definition: strings.h:1246
char * ast_strip(char *s)
Strip leading/trailing whitespace from a string.
Definition: strings.h:223
Generic container type.
descriptor for a cli entry.
Definition: cli.h:171
char * command
Definition: cli.h:186
struct pjsip_auth_algorithm_type_vector supported_algorithms_uac
Definition: res_pjsip.h:687
const ast_string_field realm
Definition: res_pjsip.h:681
const ast_string_field auth_user
Definition: res_pjsip.h:681
struct pjsip_auth_algorithm_type_vector supported_algorithms_uas
Definition: res_pjsip.h:689
const ast_string_field auth_pass
Definition: res_pjsip.h:681
enum ast_sip_auth_type type
Definition: res_pjsip.h:685
CLI Formatter Context passed to all formatters.
Definition: res_pjsip_cli.h:34
CLI Formatter Registry Entry.
Definition: res_pjsip_cli.h:52
int(* iterate)(void *container, ao2_callback_fn callback, void *args)
Definition: res_pjsip_cli.h:66
ao2_callback_fn * print_header
Definition: res_pjsip_cli.h:60
void *(* retrieve_by_id)(const char *id)
Definition: res_pjsip_cli.h:68
const char *(* get_id)(const void *obj)
Definition: res_pjsip_cli.h:70
const char * name
Definition: res_pjsip_cli.h:58
ao2_callback_fn * print_body
Definition: res_pjsip_cli.h:62
struct ao2_container *(* get_container)(const char *regex)
Definition: res_pjsip_cli.h:64
An entity with which Asterisk communicates.
Definition: res_pjsip.h:1051
struct ast_sip_auth_vector inbound_auths
Definition: res_pjsip.h:1096
struct ast_acl_list * contact_acl
Definition: res_pjsip.h:1126
struct ast_acl_list * acl
Definition: res_pjsip.h:1124
Socket address structure.
Definition: netsock2.h:97
Interface for a sorcery object type observer.
Definition: sorcery.h:332
void(* loaded)(const char *object_type)
Callback for when an object type is loaded/reloaded.
Definition: sorcery.h:343
A ast_taskprocessor structure is a singleton by name.
Definition: taskprocessor.c:69
struct ast_sip_endpoint * endpoint
struct ast_taskprocessor * serializer
struct timeval first_seen
An API for managing task processing threads that can be shared across modules.
struct ast_taskprocessor * ast_taskprocessor_get(const char *name, enum ast_tps_options create)
Get a reference to a taskprocessor with the specified name and create the taskprocessor if necessary.
void * ast_taskprocessor_unreference(struct ast_taskprocessor *tps)
Unreference the specified taskprocessor and its reference count will decrement.
@ TPS_REF_IF_EXISTS
return a reference to a taskprocessor ONLY if it already exists
Definition: taskprocessor.h:78
unsigned int ast_taskprocessor_alert_get(void)
Get the current taskprocessor high water alert count.
unsigned int ast_taskprocessor_get_subsystem_alert(const char *subsystem)
Get the current taskprocessor high water alert count by subsystem.
void ast_taskprocessor_build_name(char *buf, unsigned int size, const char *format,...)
Build a taskprocessor name with a sequence number on the end.
const char * ast_taskprocessor_name(struct ast_taskprocessor *tps)
Return the name of the taskprocessor singleton.
#define AST_TASKPROCESSOR_MAX_NAME
Suggested maximum taskprocessor name length (less null terminator).
Definition: taskprocessor.h:61
const char * args
struct ast_taskprocessor * ast_threadpool_serializer_get_current(void)
Get the threadpool serializer currently associated with this thread.
Definition: threadpool.c:1393
int64_t ast_tvdiff_ms(struct timeval end, struct timeval start)
Computes the difference (in milliseconds) between two struct timeval instances.
Definition: time.h:107
struct timeval ast_tvnow(void)
Returns current timeval. Meant to replace calls to gettimeofday().
Definition: time.h:159
char * usage
Definition: utils/frame.c:37
#define ast_test_flag(p, flag)
Definition: utils.h:63
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
Definition: utils.h:941
#define ast_assert(a)
Definition: utils.h:739
#define ARRAY_LEN(a)
Definition: utils.h:666
#define AST_UUID_STR_LEN
Definition: uuid.h:27
#define AST_VECTOR_INIT(vec, size)
Initialize a vector.
Definition: vector.h:113
#define AST_VECTOR_APPEND(vec, elem)
Append an element to a vector, growing the vector if needed.
Definition: vector.h:256