diff options
Diffstat (limited to 'res/stasis_http')
| -rw-r--r-- | res/stasis_http/cli.c | 266 | ||||
| -rw-r--r-- | res/stasis_http/config.c | 341 | ||||
| -rw-r--r-- | res/stasis_http/internal.h | 139 |
3 files changed, 746 insertions, 0 deletions
diff --git a/res/stasis_http/cli.c b/res/stasis_http/cli.c new file mode 100644 index 000000000..98d082b2c --- /dev/null +++ b/res/stasis_http/cli.c @@ -0,0 +1,266 @@ +/* + * Asterisk -- An open source telephony toolkit. + * + * Copyright (C) 2013, Digium, Inc. + * + * David M. Lee, II <dlee@digium.com> + * + * See http://www.asterisk.org for more information about + * the Asterisk project. Please do not directly contact + * any of the maintainers of this project for assistance; + * the project provides a web site, mailing lists and IRC + * channels for your use. + * + * This program is free software, distributed under the terms of + * the GNU General Public License Version 2. See the LICENSE file + * at the top of the source tree. + */ + +/*! \file + * + * \brief Command line for ARI. + * \author David M. Lee, II <dlee@digium.com> + */ + +#include "asterisk.h" + +ASTERISK_FILE_VERSION(__FILE__, "$Revision$") + +#include "asterisk/astobj2.h" +#include "asterisk/cli.h" +#include "internal.h" + +static char *ari_show(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) +{ + RAII_VAR(struct ari_conf *, conf, NULL, ao2_cleanup); + + switch (cmd) { + case CLI_INIT: + e->command = "ari show status"; + e->usage = + "Usage: ari show status\n" + " Shows all ARI settings\n"; + return NULL; + case CLI_GENERATE: + return NULL; + default: + break; + } + + if (a->argc != 3) { + return CLI_SHOWUSAGE; + } + + conf = ari_config_get(); + + if (!conf) { + ast_cli(a->fd, "Error getting ARI configuration\n"); + return CLI_FAILURE; + } + + ast_cli(a->fd, "ARI Status:\n"); + ast_cli(a->fd, "Enabled: %s\n", AST_CLI_YESNO(conf->general->enabled)); + ast_cli(a->fd, "Output format: "); + switch (conf->general->format) { + case AST_JSON_COMPACT: + ast_cli(a->fd, "compact"); + break; + case AST_JSON_PRETTY: + ast_cli(a->fd, "pretty"); + break; + } + ast_cli(a->fd, "\n"); + ast_cli(a->fd, "Auth realm: %s\n", conf->general->auth_realm); + ast_cli(a->fd, "User count: %d\n", ao2_container_count(conf->users)); + return CLI_SUCCESS; +} + +static int show_users_cb(void *obj, void *arg, int flags) +{ + struct ari_conf_user *user = obj; + struct ast_cli_args *a = arg; + + ast_cli(a->fd, "%-4s %s\n", + AST_CLI_YESNO(user->read_only), + user->username); + return 0; +} + +static char *ari_show_users(struct ast_cli_entry *e, int cmd, + struct ast_cli_args *a) +{ + RAII_VAR(struct ari_conf *, conf, NULL, ao2_cleanup); + + switch (cmd) { + case CLI_INIT: + e->command = "ari show users"; + e->usage = + "Usage: ari show users\n" + " Shows all ARI users\n"; + return NULL; + case CLI_GENERATE: + return NULL; + default: + break; + } + + if (a->argc != 3) { + return CLI_SHOWUSAGE; + } + + conf = ari_config_get(); + if (!conf) { + ast_cli(a->fd, "Error getting ARI configuration\n"); + return CLI_FAILURE; + } + + ast_cli(a->fd, "r/o? Username\n"); + ast_cli(a->fd, "---- --------\n"); + + ao2_callback(conf->users, OBJ_NODATA, show_users_cb, a); + + return CLI_SUCCESS; +} + +struct user_complete { + /*! Nth user to search for */ + int state; + /*! Which user currently on */ + int which; +}; + +static int complete_ari_user_search(void *obj, void *arg, void *data, int flags) +{ + struct user_complete *search = data; + + if (++search->which > search->state) { + return CMP_MATCH; + } + return 0; +} + +static char *complete_ari_user(struct ast_cli_args *a) +{ + RAII_VAR(struct ari_conf *, conf, NULL, ao2_cleanup); + RAII_VAR(struct ari_conf_user *, user, NULL, ao2_cleanup); + + struct user_complete search = { + .state = a->n, + }; + + conf = ari_config_get(); + if (!conf) { + ast_cli(a->fd, "Error getting ARI configuration\n"); + return CLI_FAILURE; + } + + user = ao2_callback_data(conf->users, + ast_strlen_zero(a->word) ? 0 : OBJ_PARTIAL_KEY, + complete_ari_user_search, (char*)a->word, &search); + + return user ? ast_strdup(user->username) : NULL; +} + +static char *complete_ari_show_user(struct ast_cli_args *a) +{ + if (a->pos == 3) { + return complete_ari_user(a); + } + + return NULL; +} + +static char *ari_show_user(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) +{ + RAII_VAR(struct ari_conf *, conf, NULL, ao2_cleanup); + RAII_VAR(struct ari_conf_user *, user, NULL, ao2_cleanup); + + switch (cmd) { + case CLI_INIT: + e->command = "ari show user"; + e->usage = + "Usage: ari show user <username>\n" + " Shows a specific ARI user\n"; + return NULL; + case CLI_GENERATE: + return complete_ari_show_user(a); + default: + break; + } + + if (a->argc != 4) { + return CLI_SHOWUSAGE; + } + + conf = ari_config_get(); + + if (!conf) { + ast_cli(a->fd, "Error getting ARI configuration\n"); + return CLI_FAILURE; + } + + user = ao2_find(conf->users, a->argv[3], OBJ_KEY); + if (!user) { + ast_cli(a->fd, "User '%s' not found\n", a->argv[3]); + return CLI_SUCCESS; + } + + ast_cli(a->fd, "Username: %s\n", user->username); + ast_cli(a->fd, "Read only?: %s\n", AST_CLI_YESNO(user->read_only)); + + return CLI_SUCCESS; +} + +static char *ari_mkpasswd(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) +{ + RAII_VAR(char *, crypted, NULL, ast_free); + + switch (cmd) { + case CLI_INIT: + e->command = "ari mkpasswd"; + e->usage = + "Usage: ari mkpasswd <password>\n" + " Encrypts a password for use in ari.conf\n" + " Be aware that the password will be shown in the\n" + " command line history. The mkpasswd shell command\n" + " may be preferable.\n" + ; + return NULL; + case CLI_GENERATE: + return NULL; + default: + break; + } + + if (a->argc != 3) { + return CLI_SHOWUSAGE; + } + + crypted = ast_crypt_encrypt(a->argv[2]); + if (!crypted) { + ast_cli(a->fd, "Failed to encrypt password\n"); + return CLI_FAILURE; + } + + ast_cli(a->fd, + "; Copy the following two lines into ari.conf\n"); + ast_cli(a->fd, "password_format = crypt\n"); + ast_cli(a->fd, "password = %s\n", crypted); + + return CLI_SUCCESS; +} + +static struct ast_cli_entry cli_ari[] = { + AST_CLI_DEFINE(ari_show, "Show ARI settings"), + AST_CLI_DEFINE(ari_show_users, "List ARI users"), + AST_CLI_DEFINE(ari_show_user, "List single ARI user"), + AST_CLI_DEFINE(ari_mkpasswd, "Encrypts a password"), +}; + +int ari_cli_register(void) { + return ast_cli_register_multiple(cli_ari, ARRAY_LEN(cli_ari)); +} + +void ari_cli_unregister(void) { + ast_cli_unregister_multiple(cli_ari, ARRAY_LEN(cli_ari)); +} diff --git a/res/stasis_http/config.c b/res/stasis_http/config.c new file mode 100644 index 000000000..f02fabea4 --- /dev/null +++ b/res/stasis_http/config.c @@ -0,0 +1,341 @@ +/* + * Asterisk -- An open source telephony toolkit. + * + * Copyright (C) 2013, Digium, Inc. + * + * David M. Lee, II <dlee@digium.com> + * + * See http://www.asterisk.org for more information about + * the Asterisk project. Please do not directly contact + * any of the maintainers of this project for assistance; + * the project provides a web site, mailing lists and IRC + * channels for your use. + * + * This program is free software, distributed under the terms of + * the GNU General Public License Version 2. See the LICENSE file + * at the top of the source tree. + */ + +/*! \file + * + * \brief Config framework stuffz for ARI. + * \author David M. Lee, II <dlee@digium.com> + */ + +#include "asterisk.h" + +ASTERISK_FILE_VERSION(__FILE__, "$Revision$") + +#include "asterisk/config_options.h" +#include "internal.h" + +/*! \brief Locking container for safe configuration access. */ +static AO2_GLOBAL_OBJ_STATIC(confs); + +/*! \brief Mapping of the stasis http conf struct's globals to the + * general context in the config file. */ +static struct aco_type general_option = { + .type = ACO_GLOBAL, + .name = "general", + .item_offset = offsetof(struct ari_conf, general), + .category = "^general$", + .category_match = ACO_WHITELIST, +}; + +static struct aco_type *general_options[] = ACO_TYPES(&general_option); + +/*! \brief Encoding format handler converts from boolean to enum. */ +static int encoding_format_handler(const struct aco_option *opt, + struct ast_variable *var, void *obj) +{ + struct ari_conf_general *general = obj; + + if (!strcasecmp(var->name, "pretty")) { + general->format = ast_true(var->value) ? + AST_JSON_PRETTY : AST_JSON_COMPACT; + } else { + return -1; + } + + return 0; +} + +/*! \brief Parses the ari_password_format enum from a config file */ +static int password_format_handler(const struct aco_option *opt, + struct ast_variable *var, void *obj) +{ + struct ari_conf_user *user = obj; + + if (strcasecmp(var->value, "plain") == 0) { + user->password_format = ARI_PASSWORD_FORMAT_PLAIN; + } else if (strcasecmp(var->value, "crypt") == 0) { + user->password_format = ARI_PASSWORD_FORMAT_CRYPT; + } else { + return -1; + } + + return 0; +} + +/*! \brief Destructor for \ref ari_conf_user */ +static void user_dtor(void *obj) +{ + struct ari_conf_user *user = obj; + ast_debug(3, "Disposing of user %s\n", user->username); + ast_free(user->username); +} + +/*! \brief Allocate an \ref ari_conf_user for config parsing */ +static void *user_alloc(const char *cat) +{ + RAII_VAR(struct ari_conf_user *, user, NULL, ao2_cleanup); + const char *username; + + if (!cat) { + return NULL; + } + + username = strchr(cat, '-') + 1; + + if (!username) { + ast_log(LOG_ERROR, "Invalid user category '%s'\n", cat); + return NULL; + } + + ast_debug(3, "Allocating user %s\n", cat); + + user = ao2_alloc_options(sizeof(*user), user_dtor, + AO2_ALLOC_OPT_LOCK_NOLOCK); + if (!user) { + return NULL; + } + + user->username = ast_strdup(username); + if (!user->username) { + return NULL; + } + + ao2_ref(user, +1); + return user; +} + +/*! \brief Sorting function for use with red/black tree */ +static int user_sort_cmp(const void *obj_left, const void *obj_right, int flags) +{ + const struct ari_conf_user *user_left = obj_left; + + if (flags & OBJ_PARTIAL_KEY) { + const char *key_right = obj_right; + return strncasecmp(user_left->username, key_right, + strlen(key_right)); + } else if (flags & OBJ_KEY) { + const char *key_right = obj_right; + return strcasecmp(user_left->username, key_right); + } else { + const struct ari_conf_user *user_right = obj_right; + const char *key_right = user_right->username; + return strcasecmp(user_left->username, key_right); + } +} + +/*! \brief \ref aco_type item_find function */ +static void *user_find(struct ao2_container *tmp_container, const char *cat) +{ + const char *username; + + if (!cat) { + return NULL; + } + + username = strchr(cat, '-') + 1; + return ao2_find(tmp_container, username, OBJ_KEY); +} + +static struct aco_type user_option = { + .type = ACO_ITEM, + .name = "user", + .category_match = ACO_WHITELIST, + .category = "^user-.+$", + .item_alloc = user_alloc, + .item_find = user_find, + .item_offset = offsetof(struct ari_conf, users), +}; + +static struct aco_type *user[] = ACO_TYPES(&user_option); + +/*! \brief \ref ari_conf destructor. */ +static void conf_destructor(void *obj) +{ + struct ari_conf *cfg = obj; + ao2_cleanup(cfg->general); + ao2_cleanup(cfg->users); +} + +/*! \brief Allocate an \ref ari_conf for config parsing */ +static void *conf_alloc(void) +{ + RAII_VAR(struct ari_conf *, cfg, NULL, ao2_cleanup); + + cfg = ao2_alloc_options(sizeof(*cfg), conf_destructor, + AO2_ALLOC_OPT_LOCK_NOLOCK); + if (!cfg) { + return NULL; + } + + cfg->general = ao2_alloc_options(sizeof(*cfg->general), NULL, + AO2_ALLOC_OPT_LOCK_NOLOCK); + if (!cfg->general) { + return NULL; + } + + cfg->users = ao2_container_alloc_rbtree(AO2_ALLOC_OPT_LOCK_NOLOCK, + AO2_CONTAINER_ALLOC_OPT_DUPS_REPLACE, user_sort_cmp, NULL); + + ao2_ref(cfg, +1); + return cfg; +} + +#define CONF_FILENAME "ari.conf" + +/*! \brief The conf file that's processed for the module. */ +static struct aco_file conf_file = { + /*! The config file name. */ + .filename = CONF_FILENAME, + /*! The mapping object types to be processed. */ + .types = ACO_TYPES(&general_option, &user_option), +}; + +CONFIG_INFO_STANDARD(cfg_info, confs, conf_alloc, + .files = ACO_FILES(&conf_file)); + +struct ari_conf *ari_config_get(void) +{ + struct ari_conf *res = ao2_global_obj_ref(confs); + if (!res) { + ast_log(LOG_ERROR, + "Error obtaining config from " CONF_FILENAME "\n"); + } + return res; +} + +struct ari_conf_user *ari_config_validate_user(const char *username, + const char *password) +{ + RAII_VAR(struct ari_conf *, conf, NULL, ao2_cleanup); + RAII_VAR(struct ari_conf_user *, user, NULL, ao2_cleanup); + int is_valid = 0; + + conf = ari_config_get(); + if (!conf) { + return NULL; + } + + user = ao2_find(conf->users, username, OBJ_KEY); + if (!user) { + return NULL; + } + + if (ast_strlen_zero(user->password)) { + ast_log(LOG_WARNING, + "User '%s' missing password; authentication failed\n", + user->username); + return NULL; + } + + switch (user->password_format) { + case ARI_PASSWORD_FORMAT_PLAIN: + is_valid = strcmp(password, user->password) == 0; + break; + case ARI_PASSWORD_FORMAT_CRYPT: + is_valid = ast_crypt_validate(password, user->password); + break; + } + + if (!is_valid) { + return NULL; + } + + ao2_ref(user, +1); + return user; +} + +/*! \brief Callback to validate a user object */ +static int validate_user_cb(void *obj, void *arg, int flags) +{ + struct ari_conf_user *user = obj; + + if (ast_strlen_zero(user->password)) { + ast_log(LOG_WARNING, "User '%s' missing password\n", + user->username); + } + + return 0; +} + +/*! \brief Load (or reload) configuration. */ +static int process_config(int reload) +{ + RAII_VAR(struct ari_conf *, conf, NULL, ao2_cleanup); + + switch (aco_process_config(&cfg_info, reload)) { + case ACO_PROCESS_ERROR: + return -1; + case ACO_PROCESS_OK: + case ACO_PROCESS_UNCHANGED: + break; + } + + conf = ari_config_get(); + if (!conf) { + ast_assert(0); /* We just configured; it should be there */ + return -1; + } + + if (ao2_container_count(conf->users) == 0) { + ast_log(LOG_ERROR, "No configured users for ARI\n"); + } + + ao2_callback(conf->users, OBJ_NODATA, validate_user_cb, NULL); + + return 0; +} + +int ari_config_init(void) +{ + if (aco_info_init(&cfg_info)) { + aco_info_destroy(&cfg_info); + return -1; + } + + aco_option_register(&cfg_info, "enabled", ACO_EXACT, general_options, + "yes", OPT_BOOL_T, 1, + FLDSET(struct ari_conf_general, enabled)); + aco_option_register_custom(&cfg_info, "pretty", ACO_EXACT, + general_options, "no", encoding_format_handler, 0); + aco_option_register(&cfg_info, "auth_realm", ACO_EXACT, general_options, + "Asterisk REST Interface", OPT_CHAR_ARRAY_T, 0, + FLDSET(struct ari_conf_general, auth_realm), + ARI_AUTH_REALM_LEN); + + aco_option_register(&cfg_info, "read_only", ACO_EXACT, user, + "no", OPT_BOOL_T, 1, + FLDSET(struct ari_conf_user, read_only)); + aco_option_register(&cfg_info, "password", ACO_EXACT, user, + "", OPT_CHAR_ARRAY_T, 0, + FLDSET(struct ari_conf_user, password), ARI_PASSWORD_LEN); + aco_option_register_custom(&cfg_info, "password_format", ACO_EXACT, + user, "plain", password_format_handler, 0); + + return process_config(0); +} + +int ari_config_reload(void) +{ + return process_config(1); +} + +void ari_config_destroy(void) +{ + aco_info_destroy(&cfg_info); + ao2_global_obj_release(confs); +} diff --git a/res/stasis_http/internal.h b/res/stasis_http/internal.h new file mode 100644 index 000000000..659f4a2ae --- /dev/null +++ b/res/stasis_http/internal.h @@ -0,0 +1,139 @@ +/* + * Asterisk -- An open source telephony toolkit. + * + * Copyright (C) 2013, Digium, Inc. + * + * David M. Lee, II <dlee@digium.com> + * + * See http://www.asterisk.org for more information about + * the Asterisk project. Please do not directly contact + * any of the maintainers of this project for assistance; + * the project provides a web site, mailing lists and IRC + * channels for your use. + * + * This program is free software, distributed under the terms of + * the GNU General Public License Version 2. See the LICENSE file + * at the top of the source tree. + */ + +#ifndef STASIS_HTTP_INTERNAL_H_ +#define STASIS_HTTP_INTERNAL_H_ + +/*! \file + * + * \brief Internal API's for res_stasis_http. + * \author David M. Lee, II <dlee@digium.com> + */ + +#include "asterisk/json.h" + +/*! @{ */ + +/*! + * \brief Register CLI commands for ARI. + * + * \return 0 on success. + * \return Non-zero on error. + */ +int ari_cli_register(void); + +/*! + * \brief Unregister CLI commands for ARI. + */ +void ari_cli_unregister(void); + +/*! @} */ + +/*! @{ */ + +struct ari_conf_general; + +/*! \brief All configuration options for stasis http. */ +struct ari_conf { + /*! The general section configuration options. */ + struct ari_conf_general *general; + /*! Configured users */ + struct ao2_container *users; +}; + +/*! Max length for auth_realm field */ +#define ARI_AUTH_REALM_LEN 80 + +/*! \brief Global configuration options for stasis http. */ +struct ari_conf_general { + /*! Enabled by default, disabled if false. */ + int enabled; + /*! Encoding format used during output (default compact). */ + enum ast_json_encoding_format format; + /*! Authentication realm */ + char auth_realm[ARI_AUTH_REALM_LEN]; +}; + +/*! \brief Password format */ +enum ari_password_format { + /*! \brief Plaintext password */ + ARI_PASSWORD_FORMAT_PLAIN, + /*! crypt(3) password */ + ARI_PASSWORD_FORMAT_CRYPT, +}; + +/*! + * \brief User's password mx length. + * + * If 256 seems like a lot, a crypt SHA-512 has over 106 characters. + */ +#define ARI_PASSWORD_LEN 256 + +/*! \brief Per-user configuration options */ +struct ari_conf_user { + /*! Username for authentication */ + char *username; + /*! User's password. */ + char password[ARI_PASSWORD_LEN]; + /*! Format for the password field */ + enum ari_password_format password_format; + /*! If true, user cannot execute change operations */ + int read_only; +}; + +/*! + * \brief Initialize the ARI configuration + */ +int ari_config_init(void); + +/*! + * \brief Reload the ARI configuration + */ +int ari_config_reload(void); + +/*! + * \brief Destroy the ARI configuration + */ +void ari_config_destroy(void); + +/*! + * \brief Get the current ARI configuration. + * + * This is an immutable object, so don't modify it. It is AO2 managed, so + * ao2_cleanup() when you're done with it. + * + * \return ARI configuration object. + * \return \c NULL on error. + */ +struct ari_conf *ari_config_get(void); + +/*! + * \brief Validated a user's credentials. + * + * \param username Name of the user. + * \param password User's password. + * \return User object. + * \return \c NULL if username or password is invalid. + */ +struct ari_conf_user *ari_config_validate_user(const char *username, + const char *password); + +/*! @} */ + + +#endif /* STASIS_HTTP_INTERNAL_H_ */ |