res_pjsip_endpoint_identifier_user.c

Go to the documentation of this file.

/*
 * Asterisk -- An open source telephony toolkit.
 *
 * Copyright (C) 2013, Digium, Inc.
 *
 * Mark Michelson <mmichelson@digium.com>
 *
 * See http://www.asterisk.org for more information about
 * the Asterisk project. Please do not directly contact
 * any of the maintainers of this project for assistance;
 * the project provides a web site, mailing lists and IRC
 * channels for your use.
 *
 * This program is free software, distributed under the terms of
 * the GNU General Public License Version 2. See the LICENSE file
 * at the top of the source tree.
 */
 
/*** MODULEINFO
    <depend>pjproject</depend>
    <depend>res_pjsip</depend>
    <support_level>core</support_level>
 ***/
 
#include "asterisk.h"
 
#include <pjsip.h>
 
#include "asterisk/res_pjsip.h"
#include "asterisk/module.h"
 
static int get_from_header(pjsip_rx_data *rdata, char *username, size_t username_size, char *domain, size_t domain_size)
{
    pjsip_uri *from = rdata->msg_info.from->uri;
 
    if (!ast_sip_is_uri_sip_sips(from)) {
        return -1;
    }
 
    ast_copy_pj_str(username, ast_sip_pjsip_uri_get_username(from), username_size);
    ast_copy_pj_str(domain, ast_sip_pjsip_uri_get_hostname(from), domain_size);
 
    return 0;
}
 
static pjsip_authorization_hdr *get_auth_header(pjsip_rx_data *rdata, char *username,
    size_t username_size, char *realm, size_t realm_size, pjsip_authorization_hdr *start)
{
    pjsip_authorization_hdr *header;
 
    header = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_AUTHORIZATION, start);
 
    if (!header || pj_stricmp2(&header->scheme, "digest")) {
        return NULL;
    }
 
    ast_copy_pj_str(username, &header->credential.digest.username, username_size);
    ast_copy_pj_str(realm, &header->credential.digest.realm, realm_size);
 
    return header;
}
 
static int find_transport_state_in_use(void *obj, void *arg, int flags)
{
    struct ast_sip_transport_state *transport_state = obj;
    pjsip_rx_data *rdata = arg;
 
    if (transport_state->transport == rdata->tp_info.transport
        || (transport_state->factory
            && !pj_strcmp(&transport_state->factory->addr_name.host, &rdata->tp_info.transport->local_name.host)
            && transport_state->factory->addr_name.port == rdata->tp_info.transport->local_name.port)) {
        return CMP_MATCH;
    }
 
    return 0;
}
 
#define DOMAIN_NAME_LEN 255
#define USERNAME_LEN    255
 
static struct ast_sip_endpoint *find_endpoint(pjsip_rx_data *rdata, char *endpoint_name,
    char *domain_name)
{
    struct ast_sip_endpoint *endpoint;
 
    if (!ast_sip_get_disable_multi_domain()) {
        struct ast_sip_domain_alias *alias;
        struct ao2_container *transport_states;
        struct ast_sip_transport_state *transport_state = NULL;
        struct ast_sip_transport *transport = NULL;
        char id[DOMAIN_NAME_LEN + USERNAME_LEN + sizeof("@")];
 
        /* Attempt to find the endpoint given the name and domain provided */
        snprintf(id, sizeof(id), "%s@%s", endpoint_name, domain_name);
        endpoint = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", id);
        if (endpoint) {
            return endpoint;
        }
 
        /* See if an alias exists for the domain provided */
        alias = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "domain_alias",
            domain_name);
        if (alias) {
            snprintf(id, sizeof(id), "%s@%s", endpoint_name, alias->domain);
            ao2_ref(alias, -1);
            endpoint = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", id);
            if (endpoint) {
                return endpoint;
            }
        }
 
        /* See if the transport this came in on has a provided domain */
        if ((transport_states = ast_sip_get_transport_states())
            && (transport_state = ao2_callback(transport_states, 0, find_transport_state_in_use, rdata))
            && (transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_state->id))
            && !ast_strlen_zero(transport->domain)) {
            snprintf(id, sizeof(id), "%s@%s", endpoint_name, transport->domain);
            endpoint = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", id);
        }
        ao2_cleanup(transport);
        ao2_cleanup(transport_state);
        ao2_cleanup(transport_states);
        if (endpoint) {
            return endpoint;
        }
    }
 
    /* Fall back to no domain */
    return ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", endpoint_name);
}
 
static struct ast_sip_endpoint *username_identify(pjsip_rx_data *rdata)
{
    char username[USERNAME_LEN + 1];
    char domain[DOMAIN_NAME_LEN + 1];
    struct ast_sip_endpoint *endpoint;
 
    if (get_from_header(rdata, username, sizeof(username), domain, sizeof(domain))) {
        return NULL;
    }
 
    /*
     * We may want to be matched without any user options getting
     * in the way.
     */
    AST_SIP_USER_OPTIONS_TRUNCATE_CHECK(username);
 
    ast_debug(3, "Attempting identify by From username '%s' domain '%s'\n", username, domain);
 
    endpoint = find_endpoint(rdata, username, domain);
    if (!endpoint) {
        ast_debug(3, "Endpoint not found for From username '%s' domain '%s'\n", username, domain);
        return NULL;
    }
    if (!(endpoint->ident_method & AST_SIP_ENDPOINT_IDENTIFY_BY_USERNAME)) {
        ast_debug(3, "Endpoint found for '%s' but 'username' method not supported'\n", username);
        ao2_cleanup(endpoint);
        return NULL;
    }
    ast_debug(3, "Identified by From username '%s' domain '%s'\n", username, domain);
 
    return endpoint;
}
 
static struct ast_sip_endpoint *auth_username_identify(pjsip_rx_data *rdata)
{
    char username[USERNAME_LEN + 1], realm[AST_SIP_AUTH_MAX_REALM_LENGTH + 1];
    struct ast_sip_endpoint *endpoint;
    pjsip_authorization_hdr *auth_header = NULL;
 
    while ((auth_header = get_auth_header(rdata, username, sizeof(username), realm, sizeof(realm),
        auth_header ? auth_header->next : NULL))) {
        ast_debug(3, "Attempting identify by Authorization username '%s' realm '%s'\n", username,
            realm);
 
        endpoint = find_endpoint(rdata, username, realm);
        if (!endpoint) {
            ast_debug(3, "Endpoint not found for Authentication username '%s' realm '%s'\n",
                username, realm);
            ao2_cleanup(endpoint);
            continue;
        }
        if (!(endpoint->ident_method & AST_SIP_ENDPOINT_IDENTIFY_BY_AUTH_USERNAME)) {
            ast_debug(3, "Endpoint found for '%s' but 'auth_username' method not supported'\n",
                username);
            ao2_cleanup(endpoint);
            continue;
        }
        ast_debug(3, "Identified by Authorization username '%s' realm '%s'\n", username, realm);
 
        return endpoint;
    }
 
    return NULL;
}
 
 
static struct ast_sip_endpoint_identifier username_identifier = {
    .identify_endpoint = username_identify,
};
 
static struct ast_sip_endpoint_identifier auth_username_identifier = {
    .identify_endpoint = auth_username_identify,
};
 
 
static int load_module(void)
{
    ast_sip_register_endpoint_identifier_with_name(&username_identifier, "username");
    ast_sip_register_endpoint_identifier_with_name(&auth_username_identifier, "auth_username");
    return AST_MODULE_LOAD_SUCCESS;
}
 
static int unload_module(void)
{
    ast_sip_unregister_endpoint_identifier(&auth_username_identifier);
    ast_sip_unregister_endpoint_identifier(&username_identifier);
    return 0;
}
 
AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "PJSIP username endpoint identifier",
    .support_level = AST_MODULE_SUPPORT_CORE,
    .load = load_module,
    .unload = unload_module,
    .load_pri = AST_MODPRI_CHANNEL_DEPEND - 4,
    .requires = "res_pjsip",
);