diff options
Diffstat (limited to 'res/res_pjsip_endpoint_identifier_ip.c')
-rw-r--r-- | res/res_pjsip_endpoint_identifier_ip.c | 171 |
1 files changed, 171 insertions, 0 deletions
diff --git a/res/res_pjsip_endpoint_identifier_ip.c b/res/res_pjsip_endpoint_identifier_ip.c new file mode 100644 index 000000000..30f1ccb9c --- /dev/null +++ b/res/res_pjsip_endpoint_identifier_ip.c @@ -0,0 +1,171 @@ +/* + * Asterisk -- An open source telephony toolkit. + * + * Copyright (C) 2013, Digium, Inc. + * + * Mark Michelson <mmichelson@digium.com> + * + * See http://www.asterisk.org for more information about + * the Asterisk project. Please do not directly contact + * any of the maintainers of this project for assistance; + * the project provides a web site, mailing lists and IRC + * channels for your use. + * + * This program is free software, distributed under the terms of + * the GNU General Public License Version 2. See the LICENSE file + * at the top of the source tree. + */ + +/*** MODULEINFO + <depend>pjproject</depend> + <depend>res_pjsip</depend> + <support_level>core</support_level> + ***/ + +#include "asterisk.h" + +#include <pjsip.h> + +#include "asterisk/res_pjsip.h" +#include "asterisk/module.h" +#include "asterisk/acl.h" + +/*** DOCUMENTATION + <configInfo name="res_pjsip_endpoint_identifier_ip" language="en_US"> + <synopsis>Module that identifies endpoints via source IP address</synopsis> + <configFile name="res_pjsip.conf"> + <configObject name="identify"> + <configOption name="endpoint"> + <synopsis>Name of Endpoint</synopsis> + </configOption> + <configOption name="match"> + <synopsis>IP addresses or networks to match against</synopsis> + </configOption> + <configOption name="type"> + <synopsis>Must be of type 'identify'.</synopsis> + </configOption> + </configObject> + </configFile> + </configInfo> + ***/ + +/*! \brief Structure for an IP identification matching object */ +struct ip_identify_match { + /*! \brief Sorcery object details */ + SORCERY_OBJECT(details); + /*! \brief Stringfields */ + AST_DECLARE_STRING_FIELDS( + /*! The name of the endpoint */ + AST_STRING_FIELD(endpoint_name); + ); + /*! \brief Networks or addresses that should match this */ + struct ast_ha *matches; +}; + +/*! \brief Destructor function for a matching object */ +static void ip_identify_destroy(void *obj) +{ + struct ip_identify_match *identify = obj; + + ast_string_field_free_memory(identify); + ast_free_ha(identify->matches); +} + +/*! \brief Allocator function for a matching object */ +static void *ip_identify_alloc(const char *name) +{ + struct ip_identify_match *identify = ast_sorcery_generic_alloc(sizeof(*identify), ip_identify_destroy); + + if (!identify || ast_string_field_init(identify, 256)) { + ao2_cleanup(identify); + return NULL; + } + + return identify; +} + +/*! \brief Comparator function for a matching object */ +static int ip_identify_match_check(void *obj, void *arg, int flags) +{ + struct ip_identify_match *identify = obj; + struct ast_sockaddr *addr = arg; + + return (ast_apply_ha(identify->matches, addr) != AST_SENSE_ALLOW) ? CMP_MATCH | CMP_STOP : 0; +} + +static struct ast_sip_endpoint *ip_identify(pjsip_rx_data *rdata) +{ + struct ast_sockaddr addr = { { 0, } }; + RAII_VAR(struct ao2_container *, candidates, NULL, ao2_cleanup); + RAII_VAR(struct ip_identify_match *, match, NULL, ao2_cleanup); + + /* If no possibilities exist return early to save some time */ + if (!(candidates = ast_sorcery_retrieve_by_fields(ast_sip_get_sorcery(), "identify", AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL)) || + !ao2_container_count(candidates)) { + return NULL; + } + + ast_sockaddr_parse(&addr, rdata->pkt_info.src_name, PARSE_PORT_FORBID); + ast_sockaddr_set_port(&addr, rdata->pkt_info.src_port); + + if (!(match = ao2_callback(candidates, 0, ip_identify_match_check, &addr))) { + return NULL; + } + + return ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "endpoint", match->endpoint_name); +} + +static struct ast_sip_endpoint_identifier ip_identifier = { + .identify_endpoint = ip_identify, +}; + +/*! \brief Custom handler for match field */ +static int ip_identify_match_handler(const struct aco_option *opt, struct ast_variable *var, void *obj) +{ + struct ip_identify_match *identify = obj; + int error = 0; + + /* We deny what we actually want to match because there is an implicit permit all rule for ACLs */ + if (!(identify->matches = ast_append_ha("d", var->value, identify->matches, &error))) { + return -1; + } + + return error; +} + +static int load_module(void) +{ + ast_sorcery_apply_default(ast_sip_get_sorcery(), "identify", "config", "res_pjsip.conf,criteria=type=identify"); + + if (ast_sorcery_object_register(ast_sip_get_sorcery(), "identify", ip_identify_alloc, NULL, NULL)) { + return AST_MODULE_LOAD_DECLINE; + } + + ast_sorcery_object_field_register(ast_sip_get_sorcery(), "identify", "type", "", OPT_NOOP_T, 0, 0); + ast_sorcery_object_field_register(ast_sip_get_sorcery(), "identify", "endpoint", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ip_identify_match, endpoint_name)); + ast_sorcery_object_field_register_custom(ast_sip_get_sorcery(), "identify", "match", "", ip_identify_match_handler, NULL, 0, 0); + ast_sorcery_reload_object(ast_sip_get_sorcery(), "identify"); + + ast_sip_register_endpoint_identifier(&ip_identifier); + + return AST_MODULE_LOAD_SUCCESS; +} + +static int reload_module(void) +{ + ast_sorcery_reload_object(ast_sip_get_sorcery(), "identify"); + return 0; +} + +static int unload_module(void) +{ + ast_sip_unregister_endpoint_identifier(&ip_identifier); + return 0; +} + +AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "PJSIP IP endpoint identifier", + .load = load_module, + .reload = reload_module, + .unload = unload_module, + .load_pri = AST_MODPRI_APP_DEPEND, + ); |