res_pjsip_endpoint_identifier_user.c

Go to the documentation of this file.

/*
 * Asterisk -- An open source telephony toolkit.
 *
 * Copyright (C) 2013, Digium, Inc.
 *
 * Mark Michelson <[email protected]>
 *
 * See http://www.asterisk.org for more information about
 * the Asterisk project. Please do not directly contact
 * any of the maintainers of this project for assistance;
 * the project provides a web site, mailing lists and IRC
 * channels for your use.
 *
 * This program is free software, distributed under the terms of
 * the GNU General Public License Version 2. See the LICENSE file
 * at the top of the source tree.
 */

/*** MODULEINFO
   <depend>pjproject</depend>
   <depend>res_pjsip</depend>
   <support_level>core</support_level>
 ***/

#include "asterisk.h"

#include <pjsip.h>

#include "asterisk/res_pjsip.h"
#include "asterisk/module.h"

static int get_from_header(pjsip_rx_data *rdata, char *username, size_t username_size, char *domain, size_t domain_size)
{
   pjsip_uri *from = rdata->msg_info.from->uri;
   pjsip_sip_uri *sip_from;

   if (!PJSIP_URI_SCHEME_IS_SIP(from) && !PJSIP_URI_SCHEME_IS_SIPS(from)) {
      return -1;
   }
   sip_from = (pjsip_sip_uri *) pjsip_uri_get_uri(from);
   ast_copy_pj_str(username, &sip_from->user, username_size);
   ast_copy_pj_str(domain, &sip_from->host, domain_size);
   return 0;
}

static pjsip_authorization_hdr *get_auth_header(pjsip_rx_data *rdata, char *username,
   size_t username_size, char *realm, size_t realm_size, pjsip_authorization_hdr *start)
{
   pjsip_authorization_hdr *header;

   header = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_AUTHORIZATION, start);

   if (!header || pj_stricmp2(&header->scheme, "digest")) {
      return NULL;
   }

   ast_copy_pj_str(username, &header->credential.digest.username, username_size);
   ast_copy_pj_str(realm, &header->credential.digest.realm, realm_size);

   return header;
}

static int find_transport_state_in_use(void *obj, void *arg, int flags)
{
   struct ast_sip_transport_state *transport_state = obj;
   pjsip_rx_data *rdata = arg;

   if (transport_state->transport == rdata->tp_info.transport
      || (transport_state->factory
         && !pj_strcmp(&transport_state->factory->addr_name.host, &rdata->tp_info.transport->local_name.host)
         && transport_state->factory->addr_name.port == rdata->tp_info.transport->local_name.port)) {
      return CMP_MATCH;
   }

   return 0;
}

#define DOMAIN_NAME_LEN 255
#define USERNAME_LEN    255

static struct ast_sip_endpoint *find_endpoint(pjsip_rx_data *rdata, char *endpoint_name,
   char *domain_name)
{
   struct ast_sip_endpoint *endpoint;

   if (!ast_sip_get_disable_multi_domain()) {
      struct ast_sip_domain_alias *alias;
      struct ao2_container *transport_states;
      struct ast_sip_transport_state *transport_state = NULL;
      struct ast_sip_transport *transport = NULL;
      char id[DOMAIN_NAME_LEN + USERNAME_LEN + sizeof("@")];

      /* Attempt to find the endpoint given the name and domain provided */
      snprintf(id, sizeof(id), "%s@%s", endpoint_name, domain_name);
      endpoint = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", id);
      if (endpoint) {
         return endpoint;
      }

      /* See if an alias exists for the domain provided */
      alias = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "domain_alias",
         domain_name);
      if (alias) {
         snprintf(id, sizeof(id), "%s@%s", endpoint_name, alias->domain);
         ao2_ref(alias, -1);
         endpoint = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", id);
         if (endpoint) {
            return endpoint;
         }
      }

      /* See if the transport this came in on has a provided domain */
      if ((transport_states = ast_sip_get_transport_states())
         && (transport_state = ao2_callback(transport_states, 0, find_transport_state_in_use, rdata))
         && (transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_state->id))
         && !ast_strlen_zero(transport->domain)) {
         snprintf(id, sizeof(id), "%s@%s", endpoint_name, transport->domain);
         endpoint = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", id);
      }
      ao2_cleanup(transport);
      ao2_cleanup(transport_state);
      ao2_cleanup(transport_states);
      if (endpoint) {
         return endpoint;
      }
   }

   /* Fall back to no domain */
   return ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", endpoint_name);
}

static struct ast_sip_endpoint *username_identify(pjsip_rx_data *rdata)
{
   char username[USERNAME_LEN + 1];
   char domain[DOMAIN_NAME_LEN + 1];
   struct ast_sip_endpoint *endpoint;

   if (get_from_header(rdata, username, sizeof(username), domain, sizeof(domain))) {
      return NULL;
   }

   /*
    * We may want to be matched without any user options getting
    * in the way.
    */
   AST_SIP_USER_OPTIONS_TRUNCATE_CHECK(username);

   ast_debug(3, "Attempting identify by From username '%s' domain '%s'\n", username, domain);

   endpoint = find_endpoint(rdata, username, domain);
   if (!endpoint) {
      ast_debug(3, "Endpoint not found for From username '%s' domain '%s'\n", username, domain);
      return NULL;
   }
   if (!(endpoint->ident_method & AST_SIP_ENDPOINT_IDENTIFY_BY_USERNAME)) {
      ast_debug(3, "Endpoint found for '%s' but 'username' method not supported'\n", username);
      ao2_cleanup(endpoint);
      return NULL;
   }
   ast_debug(3, "Identified by From username '%s' domain '%s'\n", username, domain);

   return endpoint;
}

static struct ast_sip_endpoint *auth_username_identify(pjsip_rx_data *rdata)
{
   char username[USERNAME_LEN + 1], realm[DOMAIN_NAME_LEN + 1];
   struct ast_sip_endpoint *endpoint;
   pjsip_authorization_hdr *auth_header = NULL;

   while ((auth_header = get_auth_header(rdata, username, sizeof(username), realm, sizeof(realm),
      auth_header ? auth_header->next : NULL))) {
      ast_debug(3, "Attempting identify by Authorization username '%s' realm '%s'\n", username,
         realm);

      endpoint = find_endpoint(rdata, username, realm);
      if (!endpoint) {
         ast_debug(3, "Endpoint not found for Authentication username '%s' realm '%s'\n",
            username, realm);
         ao2_cleanup(endpoint);
         continue;
      }
      if (!(endpoint->ident_method & AST_SIP_ENDPOINT_IDENTIFY_BY_AUTH_USERNAME)) {
         ast_debug(3, "Endpoint found for '%s' but 'auth_username' method not supported'\n",
            username);
         ao2_cleanup(endpoint);
         continue;
      }
      ast_debug(3, "Identified by Authorization username '%s' realm '%s'\n", username, realm);

      return endpoint;
   }

   return NULL;
}


static struct ast_sip_endpoint_identifier username_identifier = {
   .identify_endpoint = username_identify,
};

static struct ast_sip_endpoint_identifier auth_username_identifier = {
   .identify_endpoint = auth_username_identify,
};


static int load_module(void)
{
   ast_sip_register_endpoint_identifier_with_name(&username_identifier, "username");
   ast_sip_register_endpoint_identifier_with_name(&auth_username_identifier, "auth_username");
   return AST_MODULE_LOAD_SUCCESS;
}

static int unload_module(void)
{
   ast_sip_unregister_endpoint_identifier(&auth_username_identifier);
   ast_sip_unregister_endpoint_identifier(&username_identifier);
   return 0;
}

AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "PJSIP username endpoint identifier",
   .support_level = AST_MODULE_SUPPORT_CORE,
   .load = load_module,
   .unload = unload_module,
   .load_pri = AST_MODPRI_CHANNEL_DEPEND - 4,
   .requires = "res_pjsip",
);