mirror of
https://github.com/asterisk/asterisk.git
synced 2025-09-03 03:20:57 +00:00
3570ad103d
based on configuration templates that use Asterisk dialplan function and variable substitution. It should be possible to create phone profiles and templates that work for the majority of phones provisioned over http. It is currently only intended to provision a single user account per phone. An example profile and set of templates for Polycom phones is provided. NOTE: Polycom firmware is not included, but should be placed in AST_DATA_DIR/phoneprov/configs to match up with the included templates. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@97634 65c4cc65-6c06-0410-ace0-fbb531ad65f3
358 lines
8.0 KiB
C
358 lines
8.0 KiB
C
/*
|
|
* Asterisk -- An open source telephony toolkit.
|
|
*
|
|
* Copyright (C) 1999 - 2006, Digium, Inc.
|
|
*
|
|
* Mark Spencer <markster@digium.com>
|
|
*
|
|
* See http://www.asterisk.org for more information about
|
|
* the Asterisk project. Please do not directly contact
|
|
* any of the maintainers of this project for assistance;
|
|
* the project provides a web site, mailing lists and IRC
|
|
* channels for your use.
|
|
*
|
|
* This program is free software, distributed under the terms of
|
|
* the GNU General Public License Version 2. See the LICENSE file
|
|
* at the top of the source tree.
|
|
*/
|
|
|
|
/*! \file
|
|
*
|
|
* \brief Various sorts of access control
|
|
*
|
|
* \author Mark Spencer <markster@digium.com>
|
|
*/
|
|
|
|
#include "asterisk.h"
|
|
|
|
ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
|
|
|
|
#include "asterisk/network.h"
|
|
|
|
#if defined(SOLARIS)
|
|
#include <sys/sockio.h>
|
|
#endif
|
|
|
|
#include "asterisk/acl.h"
|
|
#include "asterisk/channel.h"
|
|
#include "asterisk/utils.h"
|
|
#include "asterisk/lock.h"
|
|
#include "asterisk/srv.h"
|
|
|
|
/* Free HA structure */
|
|
void ast_free_ha(struct ast_ha *ha)
|
|
{
|
|
struct ast_ha *hal;
|
|
while (ha) {
|
|
hal = ha;
|
|
ha = ha->next;
|
|
ast_free(hal);
|
|
}
|
|
}
|
|
|
|
/* Copy HA structure */
|
|
static void ast_copy_ha(struct ast_ha *from, struct ast_ha *to)
|
|
{
|
|
memcpy(&to->netaddr, &from->netaddr, sizeof(from->netaddr));
|
|
memcpy(&to->netmask, &from->netmask, sizeof(from->netmask));
|
|
to->sense = from->sense;
|
|
}
|
|
|
|
/* Create duplicate of ha structure */
|
|
static struct ast_ha *ast_duplicate_ha(struct ast_ha *original)
|
|
{
|
|
struct ast_ha *new_ha;
|
|
|
|
if ((new_ha = ast_malloc(sizeof(*new_ha)))) {
|
|
/* Copy from original to new object */
|
|
ast_copy_ha(original, new_ha);
|
|
}
|
|
|
|
return new_ha;
|
|
}
|
|
|
|
/* Create duplicate HA link list */
|
|
/* Used in chan_sip2 templates */
|
|
struct ast_ha *ast_duplicate_ha_list(struct ast_ha *original)
|
|
{
|
|
struct ast_ha *start = original;
|
|
struct ast_ha *ret = NULL;
|
|
struct ast_ha *link, *prev = NULL;
|
|
|
|
while (start) {
|
|
link = ast_duplicate_ha(start); /* Create copy of this object */
|
|
if (prev)
|
|
prev->next = link; /* Link previous to this object */
|
|
|
|
if (!ret)
|
|
ret = link; /* Save starting point */
|
|
|
|
start = start->next; /* Go to next object */
|
|
prev = link; /* Save pointer to this object */
|
|
}
|
|
return ret; /* Return start of list */
|
|
}
|
|
|
|
struct ast_ha *ast_append_ha(const char *sense, const char *stuff, struct ast_ha *path, int *error)
|
|
{
|
|
struct ast_ha *ha;
|
|
char *nm;
|
|
struct ast_ha *prev = NULL;
|
|
struct ast_ha *ret;
|
|
int x;
|
|
char *tmp = ast_strdupa(stuff);
|
|
|
|
ret = path;
|
|
while (path) {
|
|
prev = path;
|
|
path = path->next;
|
|
}
|
|
|
|
ha = ast_malloc(sizeof(*ha));
|
|
if (!ha)
|
|
return ret;
|
|
|
|
nm = strchr(tmp, '/');
|
|
if (!nm) {
|
|
/* assume /32. Yes, htonl does not do anything for this particular mask
|
|
but we better use it to show we remember about byte order */
|
|
ha->netmask.s_addr = htonl(0xFFFFFFFF);
|
|
} else {
|
|
*nm = '\0';
|
|
nm++;
|
|
|
|
if (!strchr(nm, '.')) {
|
|
if ((sscanf(nm, "%d", &x) == 1) && (x >= 0) && (x <= 32))
|
|
ha->netmask.s_addr = htonl(0xFFFFFFFF << (32 - x));
|
|
else {
|
|
ast_log(LOG_WARNING, "Invalid CIDR in %s\n", stuff);
|
|
ast_free(ha);
|
|
if (error)
|
|
*error = 1;
|
|
return ret;
|
|
}
|
|
} else if (!inet_aton(nm, &ha->netmask)) {
|
|
ast_log(LOG_WARNING, "Invalid mask in %s\n", stuff);
|
|
ast_free(ha);
|
|
if (error)
|
|
*error = 1;
|
|
return ret;
|
|
}
|
|
}
|
|
|
|
if (!inet_aton(tmp, &ha->netaddr)) {
|
|
ast_log(LOG_WARNING, "Invalid IP address in %s\n", stuff);
|
|
ast_free(ha);
|
|
if (error)
|
|
*error = 1;
|
|
return ret;
|
|
}
|
|
|
|
ha->netaddr.s_addr &= ha->netmask.s_addr;
|
|
|
|
ha->sense = strncasecmp(sense, "p", 1) ? AST_SENSE_DENY : AST_SENSE_ALLOW;
|
|
|
|
ha->next = NULL;
|
|
if (prev) {
|
|
prev->next = ha;
|
|
} else {
|
|
ret = ha;
|
|
}
|
|
|
|
ast_debug(1, "%s/%s sense %d appended to acl for peer\n", ast_strdupa(ast_inet_ntoa(ha->netaddr)), ast_strdupa(ast_inet_ntoa(ha->netmask)), ha->sense);
|
|
|
|
return ret;
|
|
}
|
|
|
|
int ast_apply_ha(struct ast_ha *ha, struct sockaddr_in *sin)
|
|
{
|
|
/* Start optimistic */
|
|
int res = AST_SENSE_ALLOW;
|
|
while (ha) {
|
|
#if 0 /* debugging code */
|
|
char iabuf[INET_ADDRSTRLEN];
|
|
char iabuf2[INET_ADDRSTRLEN];
|
|
/* DEBUG */
|
|
ast_copy_string(iabuf, ast_inet_ntoa(sin->sin_addr), sizeof(iabuf));
|
|
ast_copy_string(iabuf2, ast_inet_ntoa(ha->netaddr), sizeof(iabuf2));
|
|
ast_debug(1, "##### Testing %s with %s\n", iabuf, iabuf2);
|
|
#endif
|
|
/* For each rule, if this address and the netmask = the net address
|
|
apply the current rule */
|
|
if ((sin->sin_addr.s_addr & ha->netmask.s_addr) == ha->netaddr.s_addr)
|
|
res = ha->sense;
|
|
ha = ha->next;
|
|
}
|
|
return res;
|
|
}
|
|
|
|
int ast_get_ip_or_srv(struct sockaddr_in *sin, const char *value, const char *service)
|
|
{
|
|
struct hostent *hp;
|
|
struct ast_hostent ahp;
|
|
char srv[256];
|
|
char host[256];
|
|
int tportno = ntohs(sin->sin_port);
|
|
if (service) {
|
|
snprintf(srv, sizeof(srv), "%s.%s", service, value);
|
|
if (ast_get_srv(NULL, host, sizeof(host), &tportno, srv) > 0) {
|
|
sin->sin_port = htons(tportno);
|
|
value = host;
|
|
}
|
|
}
|
|
hp = ast_gethostbyname(value, &ahp);
|
|
if (hp) {
|
|
memcpy(&sin->sin_addr, hp->h_addr, sizeof(sin->sin_addr));
|
|
} else {
|
|
ast_log(LOG_WARNING, "Unable to lookup '%s'\n", value);
|
|
return -1;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
struct dscp_codepoint {
|
|
char *name;
|
|
unsigned int space;
|
|
};
|
|
|
|
/* IANA registered DSCP codepoints */
|
|
|
|
static const struct dscp_codepoint dscp_pool1[] = {
|
|
{ "CS0", 0x00 },
|
|
{ "CS1", 0x08 },
|
|
{ "CS2", 0x10 },
|
|
{ "CS3", 0x18 },
|
|
{ "CS4", 0x20 },
|
|
{ "CS5", 0x28 },
|
|
{ "CS6", 0x30 },
|
|
{ "CS7", 0x38 },
|
|
{ "AF11", 0x0A },
|
|
{ "AF12", 0x0C },
|
|
{ "AF13", 0x0E },
|
|
{ "AF21", 0x12 },
|
|
{ "AF22", 0x14 },
|
|
{ "AF23", 0x16 },
|
|
{ "AF31", 0x1A },
|
|
{ "AF32", 0x1C },
|
|
{ "AF33", 0x1E },
|
|
{ "AF41", 0x22 },
|
|
{ "AF42", 0x24 },
|
|
{ "AF43", 0x26 },
|
|
{ "EF", 0x2E },
|
|
};
|
|
|
|
int ast_str2cos(const char *value, unsigned int *cos)
|
|
{
|
|
int fval;
|
|
|
|
if (sscanf(value, "%d", &fval) == 1) {
|
|
if (fval < 8) {
|
|
*cos = fval;
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
return -1;
|
|
}
|
|
|
|
int ast_str2tos(const char *value, unsigned int *tos)
|
|
{
|
|
int fval;
|
|
unsigned int x;
|
|
|
|
if (sscanf(value, "%i", &fval) == 1) {
|
|
*tos = fval & 0xFF;
|
|
return 0;
|
|
}
|
|
|
|
for (x = 0; x < sizeof(dscp_pool1) / sizeof(dscp_pool1[0]); x++) {
|
|
if (!strcasecmp(value, dscp_pool1[x].name)) {
|
|
*tos = dscp_pool1[x].space << 2;
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
return -1;
|
|
}
|
|
|
|
const char *ast_tos2str(unsigned int tos)
|
|
{
|
|
unsigned int x;
|
|
|
|
for (x = 0; x < sizeof(dscp_pool1) / sizeof(dscp_pool1[0]); x++) {
|
|
if (dscp_pool1[x].space == (tos >> 2))
|
|
return dscp_pool1[x].name;
|
|
}
|
|
|
|
return "unknown";
|
|
}
|
|
|
|
int ast_get_ip(struct sockaddr_in *sin, const char *value)
|
|
{
|
|
return ast_get_ip_or_srv(sin, value, NULL);
|
|
}
|
|
|
|
int ast_ouraddrfor(struct in_addr *them, struct in_addr *us)
|
|
{
|
|
int s;
|
|
struct sockaddr_in sin;
|
|
socklen_t slen;
|
|
|
|
s = socket(PF_INET, SOCK_DGRAM, 0);
|
|
if (s < 0) {
|
|
ast_log(LOG_ERROR, "Cannot create socket\n");
|
|
return -1;
|
|
}
|
|
sin.sin_family = AF_INET;
|
|
sin.sin_port = 5060;
|
|
sin.sin_addr = *them;
|
|
if (connect(s, (struct sockaddr *)&sin, sizeof(sin))) {
|
|
ast_log(LOG_WARNING, "Cannot connect\n");
|
|
close(s);
|
|
return -1;
|
|
}
|
|
slen = sizeof(sin);
|
|
if (getsockname(s, (struct sockaddr *)&sin, &slen)) {
|
|
ast_log(LOG_WARNING, "Cannot get socket name\n");
|
|
close(s);
|
|
return -1;
|
|
}
|
|
close(s);
|
|
ast_debug(3, "Found IP address for this socket\n");
|
|
*us = sin.sin_addr;
|
|
return 0;
|
|
}
|
|
|
|
int ast_find_ourip(struct in_addr *ourip, struct sockaddr_in bindaddr)
|
|
{
|
|
char ourhost[MAXHOSTNAMELEN] = "";
|
|
struct ast_hostent ahp;
|
|
struct hostent *hp;
|
|
struct in_addr saddr;
|
|
|
|
/* just use the bind address if it is nonzero */
|
|
if (ntohl(bindaddr.sin_addr.s_addr)) {
|
|
memcpy(ourip, &bindaddr.sin_addr, sizeof(*ourip));
|
|
ast_debug(3, "Attached to given IP address\n");
|
|
return 0;
|
|
}
|
|
/* try to use our hostname */
|
|
if (gethostname(ourhost, sizeof(ourhost) - 1)) {
|
|
ast_log(LOG_WARNING, "Unable to get hostname\n");
|
|
} else {
|
|
hp = ast_gethostbyname(ourhost, &ahp);
|
|
if (hp) {
|
|
memcpy(ourip, hp->h_addr, sizeof(*ourip));
|
|
ast_debug(3, "Found one IP address based on local hostname %s.\n", ourhost);
|
|
return 0;
|
|
}
|
|
}
|
|
ast_debug(3, "Trying to check A.ROOT-SERVERS.NET and get our IP address for that connection\n");
|
|
/* A.ROOT-SERVERS.NET. */
|
|
if (inet_aton("198.41.0.4", &saddr) && !ast_ouraddrfor(&saddr, ourip))
|
|
return 0;
|
|
ast_debug(3, "Failed to find any IP address for us\n");
|
|
return -1;
|
|
}
|
|
|