Merge "BuildSystem: For consistency, avoid double-checking via if clauses."
[asterisk/asterisk.git] / cel / cel_tds.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2008, Digium, Inc.
5  *
6  * See http://www.asterisk.org for more information about
7  * the Asterisk project. Please do not directly contact
8  * any of the maintainers of this project for assistance;
9  * the project provides a web site, mailing lists and IRC
10  * channels for your use.
11  *
12  * This program is free software, distributed under the terms of
13  * the GNU General Public License Version 2. See the LICENSE file
14  * at the top of the source tree.
15  */
16
17 /*! \file
18  *
19  * \brief FreeTDS CEL logger
20  *
21  * See also
22  * \arg \ref Config_cel
23  * \arg http://www.freetds.org/
24  * \ingroup cel_drivers
25  */
26
27 /*! \verbatim
28  *
29  * Table Structure for `cel`
30  *
31
32 CREATE TABLE [dbo].[cel] (
33         [accountcode] [varchar] (20) NULL ,
34         [cidname] [varchar] (80) NULL ,
35         [cidnum] [varchar] (80) NULL ,
36         [cidani] [varchar] (80) NULL ,
37         [cidrdnis] [varchar] (80) NULL ,
38         [ciddnid] [varchar] (80) NULL ,
39         [exten] [varchar] (80) NULL ,
40         [context] [varchar] (80) NULL ,
41         [channame] [varchar] (80) NULL ,
42         [appname] [varchar] (80) NULL ,
43         [appdata] [varchar] (80) NULL ,
44         [eventtime] [datetime] NULL ,
45         [eventtype] [varchar] (32) NULL ,
46         [uniqueid] [varchar] (32) NULL ,
47         [linkedid] [varchar] (32) NULL ,
48         [amaflags] [varchar] (16) NULL ,
49         [userfield] [varchar] (32) NULL ,
50         [peer] [varchar] (32) NULL
51 ) ON [PRIMARY]
52
53 \endverbatim
54
55 */
56
57 /*** MODULEINFO
58         <depend>freetds</depend>
59         <support_level>extended</support_level>
60  ***/
61
62 #include "asterisk.h"
63
64 #include <time.h>
65 #include <math.h>
66
67 #include "asterisk/config.h"
68 #include "asterisk/channel.h"
69 #include "asterisk/cel.h"
70 #include "asterisk/module.h"
71 #include "asterisk/logger.h"
72
73 #include <sqlfront.h>
74 #include <sybdb.h>
75
76 #ifdef FREETDS_PRE_0_62
77 #warning "You have older TDS, you should upgrade!"
78 #endif
79
80 #define DATE_FORMAT "%Y/%m/%d %T"
81
82 #define TDS_BACKEND_NAME "CEL TDS logging backend"
83
84 static char *config = "cel_tds.conf";
85
86 struct cel_tds_config {
87         AST_DECLARE_STRING_FIELDS(
88                 AST_STRING_FIELD(connection);
89                 AST_STRING_FIELD(database);
90                 AST_STRING_FIELD(username);
91                 AST_STRING_FIELD(password);
92                 AST_STRING_FIELD(table);
93                 AST_STRING_FIELD(charset);
94                 AST_STRING_FIELD(language);
95         );
96         DBPROCESS *dbproc;
97         unsigned int connected:1;
98 };
99
100 AST_MUTEX_DEFINE_STATIC(tds_lock);
101
102 static struct cel_tds_config *settings;
103
104 static char *anti_injection(const char *, int);
105 static void get_date(char *, size_t len, struct timeval);
106
107 static int execute_and_consume(DBPROCESS *dbproc, const char *fmt, ...)
108         __attribute__((format(printf, 2, 3)));
109
110 static int mssql_connect(void);
111 static int mssql_disconnect(void);
112
113 static void tds_log(struct ast_event *event)
114 {
115         char start[80];
116         char *accountcode_ai, *clidnum_ai, *exten_ai, *context_ai, *clid_ai, *channel_ai, *app_ai, *appdata_ai, *uniqueid_ai, *linkedid_ai, *cidani_ai, *cidrdnis_ai, *ciddnid_ai, *peer_ai, *userfield_ai;
117         RETCODE erc;
118         int attempt = 1;
119         struct ast_cel_event_record record = {
120                 .version = AST_CEL_EVENT_RECORD_VERSION,
121         };
122
123         if (ast_cel_fill_record(event, &record)) {
124                 return;
125         }
126
127         ast_mutex_lock(&tds_lock);
128
129         accountcode_ai = anti_injection(record.account_code, 20);
130         clidnum_ai     = anti_injection(record.caller_id_num, 80);
131         clid_ai        = anti_injection(record.caller_id_name, 80);
132         cidani_ai      = anti_injection(record.caller_id_ani, 80);
133         cidrdnis_ai    = anti_injection(record.caller_id_rdnis, 80);
134         ciddnid_ai     = anti_injection(record.caller_id_dnid, 80);
135         exten_ai       = anti_injection(record.extension, 80);
136         context_ai     = anti_injection(record.context, 80);
137         channel_ai     = anti_injection(record.channel_name, 80);
138         app_ai         = anti_injection(record.application_name, 80);
139         appdata_ai     = anti_injection(record.application_data, 80);
140         uniqueid_ai    = anti_injection(record.unique_id, 32);
141         linkedid_ai    = anti_injection(record.linked_id, 32);
142         userfield_ai   = anti_injection(record.user_field, 32);
143         peer_ai        = anti_injection(record.peer, 32);
144
145         get_date(start, sizeof(start), record.event_time);
146
147 retry:
148         /* Ensure that we are connected */
149         if (!settings->connected) {
150                 ast_log(LOG_NOTICE, "Attempting to reconnect to %s (Attempt %d)\n", settings->connection, attempt);
151                 if (mssql_connect()) {
152                         /* Connect failed */
153                         if (attempt++ < 3) {
154                                 goto retry;
155                         }
156                         goto done;
157                 }
158         }
159
160         erc = dbfcmd(settings->dbproc,
161                 "INSERT INTO %s "
162                 "("
163                 "accountcode,"
164                 "cidnum,"
165                 "cidname,"
166                 "cidani,"
167                 "cidrdnis,"
168                 "ciddnid,"
169                 "exten,"
170                 "context,"
171                 "channel,"
172                 "appname,"
173                 "appdata,"
174                 "eventtime,"
175                 "eventtype,"
176                 "amaflags, "
177                 "uniqueid,"
178                 "linkedid,"
179                 "userfield,"
180                 "peer"
181                 ") "
182                 "VALUES "
183                 "("
184                 "'%s'," /* accountcode */
185                 "'%s'," /* clidnum */
186                 "'%s'," /* clid */
187                 "'%s'," /* cid-ani */
188                 "'%s'," /* cid-rdnis */
189                 "'%s'," /* cid-dnid */
190                 "'%s'," /* exten */
191                 "'%s'," /* context */
192                 "'%s'," /* channel */
193                 "'%s'," /* app */
194                 "'%s'," /* appdata */
195                 "%s, "  /* eventtime */
196                 "'%s'," /* eventtype */
197                 "'%s'," /* amaflags */
198                 "'%s'," /* uniqueid */
199                 "'%s'," /* linkedid */
200                 "'%s'," /* userfield */
201                 "'%s'"  /* peer */
202                 ")",
203                 settings->table, accountcode_ai, clidnum_ai, clid_ai, cidani_ai, cidrdnis_ai,
204                 ciddnid_ai, exten_ai, context_ai, channel_ai, app_ai, appdata_ai, start,
205                 (record.event_type == AST_CEL_USER_DEFINED)
206                         ? record.user_defined_name : record.event_name,
207                                         ast_channel_amaflags2string(record.amaflag), uniqueid_ai, linkedid_ai,
208                 userfield_ai, peer_ai);
209
210         if (erc == FAIL) {
211                 if (attempt++ < 3) {
212                         ast_log(LOG_NOTICE, "Failed to build INSERT statement, retrying...\n");
213                         mssql_disconnect();
214                         goto retry;
215                 } else {
216                         ast_log(LOG_ERROR, "Failed to build INSERT statement, no CEL was logged.\n");
217                         goto done;
218                 }
219         }
220
221         if (dbsqlexec(settings->dbproc) == FAIL) {
222                 if (attempt++ < 3) {
223                         ast_log(LOG_NOTICE, "Failed to execute INSERT statement, retrying...\n");
224                         mssql_disconnect();
225                         goto retry;
226                 } else {
227                         ast_log(LOG_ERROR, "Failed to execute INSERT statement, no CEL was logged.\n");
228                         goto done;
229                 }
230         }
231
232         /* Consume any results we might get back (this is more of a sanity check than
233          * anything else, since an INSERT shouldn't return results). */
234         while (dbresults(settings->dbproc) != NO_MORE_RESULTS) {
235                 while (dbnextrow(settings->dbproc) != NO_MORE_ROWS);
236         }
237
238 done:
239         ast_mutex_unlock(&tds_lock);
240
241         ast_free(accountcode_ai);
242         ast_free(clidnum_ai);
243         ast_free(clid_ai);
244         ast_free(cidani_ai);
245         ast_free(cidrdnis_ai);
246         ast_free(ciddnid_ai);
247         ast_free(exten_ai);
248         ast_free(context_ai);
249         ast_free(channel_ai);
250         ast_free(app_ai);
251         ast_free(appdata_ai);
252         ast_free(uniqueid_ai);
253         ast_free(linkedid_ai);
254         ast_free(userfield_ai);
255         ast_free(peer_ai);
256
257         return;
258 }
259
260 static char *anti_injection(const char *str, int len)
261 {
262         /* Reference to http://www.nextgenss.com/papers/advanced_sql_injection.pdf */
263         char *buf;
264         char *buf_ptr, *srh_ptr;
265         char *known_bad[] = {"select", "insert", "update", "delete", "drop", ";", "--", "\0"};
266         int idx;
267
268         if (!(buf = ast_calloc(1, len + 1))) {
269                 ast_log(LOG_ERROR, "Out of memory\n");
270                 return NULL;
271         }
272
273         buf_ptr = buf;
274
275         /* Escape single quotes */
276         for (; *str && strlen(buf) < len; str++) {
277                 if (*str == '\'') {
278                         *buf_ptr++ = '\'';
279                 }
280                 *buf_ptr++ = *str;
281         }
282         *buf_ptr = '\0';
283
284         /* Erase known bad input */
285         for (idx = 0; *known_bad[idx]; idx++) {
286                 while ((srh_ptr = strcasestr(buf, known_bad[idx]))) {
287                         memmove(srh_ptr, srh_ptr + strlen(known_bad[idx]), strlen(srh_ptr + strlen(known_bad[idx])) + 1);
288                 }
289         }
290         return buf;
291 }
292
293 static void get_date(char *dateField, size_t len, struct timeval when)
294 {
295         /* To make sure we have date variable if not insert null to SQL */
296         if (!ast_tvzero(when)) {
297                 struct ast_tm tm;
298                 ast_localtime(&when, &tm, NULL);
299                 ast_strftime(dateField, len, "'" DATE_FORMAT "'", &tm);
300         } else {
301                 ast_copy_string(dateField, "null", len);
302         }
303 }
304
305 static int execute_and_consume(DBPROCESS *dbproc, const char *fmt, ...)
306 {
307         va_list ap;
308         char *buffer;
309
310         va_start(ap, fmt);
311         if (ast_vasprintf(&buffer, fmt, ap) < 0) {
312                 va_end(ap);
313                 return 1;
314         }
315         va_end(ap);
316
317         if (dbfcmd(dbproc, buffer) == FAIL) {
318                 ast_free(buffer);
319                 return 1;
320         }
321
322         ast_free(buffer);
323
324         if (dbsqlexec(dbproc) == FAIL) {
325                 return 1;
326         }
327
328         /* Consume the result set (we don't really care about the result, though) */
329         while (dbresults(dbproc) != NO_MORE_RESULTS) {
330                 while (dbnextrow(dbproc) != NO_MORE_ROWS);
331         }
332
333         return 0;
334 }
335
336 static int mssql_disconnect(void)
337 {
338         if (settings->dbproc) {
339                 dbclose(settings->dbproc);
340                 settings->dbproc = NULL;
341         }
342         settings->connected = 0;
343
344         return 0;
345 }
346
347 static int mssql_connect(void)
348 {
349         LOGINREC *login;
350
351         if ((login = dblogin()) == NULL) {
352                 ast_log(LOG_ERROR, "Unable to allocate login structure for db-lib\n");
353                 return -1;
354         }
355
356         DBSETLAPP(login,  "TSQL");
357         DBSETLUSER(login, (char *) settings->username);
358         DBSETLPWD(login,  (char *) settings->password);
359
360         if (!ast_strlen_zero(settings->charset)) {
361                 DBSETLCHARSET(login, (char *) settings->charset);
362         }
363
364         if (!ast_strlen_zero(settings->language)) {
365                 DBSETLNATLANG(login, (char *) settings->language);
366         }
367
368         if ((settings->dbproc = dbopen(login, (char *) settings->connection)) == NULL) {
369                 ast_log(LOG_ERROR, "Unable to connect to %s\n", settings->connection);
370                 dbloginfree(login);
371                 return -1;
372         }
373
374         dbloginfree(login);
375
376         if (dbuse(settings->dbproc, (char *) settings->database) == FAIL) {
377                 ast_log(LOG_ERROR, "Unable to select database %s\n", settings->database);
378                 goto failed;
379         }
380
381         if (execute_and_consume(settings->dbproc, "SELECT 1 FROM [%s]", settings->table)) {
382                 ast_log(LOG_ERROR, "Unable to find table '%s'\n", settings->table);
383                 goto failed;
384         }
385
386         settings->connected = 1;
387
388         return 0;
389
390 failed:
391         dbclose(settings->dbproc);
392         settings->dbproc = NULL;
393         return -1;
394 }
395
396 static int tds_unload_module(void)
397 {
398         ast_cel_backend_unregister(TDS_BACKEND_NAME);
399
400         if (settings) {
401                 ast_mutex_lock(&tds_lock);
402                 mssql_disconnect();
403                 ast_mutex_unlock(&tds_lock);
404
405                 ast_string_field_free_memory(settings);
406                 ast_free(settings);
407         }
408
409         dbexit();
410
411         return 0;
412 }
413
414 static int tds_error_handler(DBPROCESS *dbproc, int severity, int dberr, int oserr, char *dberrstr, char *oserrstr)
415 {
416         ast_log(LOG_ERROR, "%s (%d)\n", dberrstr, dberr);
417
418         if (oserr != DBNOERR) {
419                 ast_log(LOG_ERROR, "%s (%d)\n", oserrstr, oserr);
420         }
421
422         return INT_CANCEL;
423 }
424
425 static int tds_message_handler(DBPROCESS *dbproc, DBINT msgno, int msgstate, int severity, char *msgtext, char *srvname, char *procname, int line)
426 {
427         ast_debug(1, "Msg %d, Level %d, State %d, Line %d\n", msgno, severity, msgstate, line);
428         ast_log(LOG_NOTICE, "%s\n", msgtext);
429
430         return 0;
431 }
432
433 static int tds_load_module(int reload)
434 {
435         struct ast_config *cfg;
436         const char *ptr = NULL;
437         struct ast_flags config_flags = { reload ? CONFIG_FLAG_FILEUNCHANGED : 0 };
438
439         cfg = ast_config_load(config, config_flags);
440         if (!cfg || cfg == CONFIG_STATUS_FILEINVALID) {
441                 ast_log(LOG_NOTICE, "Unable to load TDS config for CELs: %s\n", config);
442                 return 0;
443         } else if (cfg == CONFIG_STATUS_FILEUNCHANGED) {
444                 return 0;
445         }
446
447         if (!ast_variable_browse(cfg, "global")) {
448                 /* nothing configured */
449                 ast_config_destroy(cfg);
450                 ast_log(LOG_NOTICE, "cel_tds has no global category, nothing to configure.\n");
451                 return 0;
452         }
453
454         ast_mutex_lock(&tds_lock);
455
456         /* Clear out any existing settings */
457         ast_string_field_init(settings, 0);
458
459         ptr = ast_variable_retrieve(cfg, "global", "connection");
460         if (ptr) {
461                 ast_string_field_set(settings, connection, ptr);
462         } else {
463                 ast_log(LOG_ERROR, "Failed to connect: Database connection name not specified.\n");
464                 goto failed;
465         }
466
467         ptr = ast_variable_retrieve(cfg, "global", "dbname");
468         if (ptr) {
469                 ast_string_field_set(settings, database, ptr);
470         } else {
471                 ast_log(LOG_ERROR, "Failed to connect: Database dbname not specified.\n");
472                 goto failed;
473         }
474
475         ptr = ast_variable_retrieve(cfg, "global", "user");
476         if (ptr) {
477                 ast_string_field_set(settings, username, ptr);
478         } else {
479                 ast_log(LOG_ERROR, "Failed to connect: Database dbuser not specified.\n");
480                 goto failed;
481         }
482
483         ptr = ast_variable_retrieve(cfg, "global", "password");
484         if (ptr) {
485                 ast_string_field_set(settings, password, ptr);
486         } else {
487                 ast_log(LOG_ERROR, "Failed to connect: Database password not specified.\n");
488                 goto failed;
489         }
490
491         ptr = ast_variable_retrieve(cfg, "global", "charset");
492         if (ptr) {
493                 ast_string_field_set(settings, charset, ptr);
494         }
495
496         ptr = ast_variable_retrieve(cfg, "global", "language");
497         if (ptr) {
498                 ast_string_field_set(settings, language, ptr);
499         }
500
501         ptr = ast_variable_retrieve(cfg, "global", "table");
502         if (ptr) {
503                 ast_string_field_set(settings, table, ptr);
504         } else {
505                 ast_log(LOG_NOTICE, "Table name not specified, using 'cel' by default.\n");
506                 ast_string_field_set(settings, table, "cel");
507         }
508
509         mssql_disconnect();
510
511         if (mssql_connect()) {
512                 /* We failed to connect (mssql_connect takes care of logging it) */
513                 goto failed;
514         }
515
516         ast_mutex_unlock(&tds_lock);
517         ast_config_destroy(cfg);
518
519         return 1;
520
521 failed:
522         ast_mutex_unlock(&tds_lock);
523         ast_config_destroy(cfg);
524
525         return 0;
526 }
527
528 static int reload(void)
529 {
530         return tds_load_module(1);
531 }
532
533 static int load_module(void)
534 {
535         if (dbinit() == FAIL) {
536                 ast_log(LOG_ERROR, "Failed to initialize FreeTDS db-lib\n");
537                 return AST_MODULE_LOAD_DECLINE;
538         }
539
540         dberrhandle(tds_error_handler);
541         dbmsghandle(tds_message_handler);
542
543         settings = ast_calloc_with_stringfields(1, struct cel_tds_config, 256);
544
545         if (!settings) {
546                 dbexit();
547                 return AST_MODULE_LOAD_DECLINE;
548         }
549
550         if (!tds_load_module(0)) {
551                 ast_string_field_free_memory(settings);
552                 ast_free(settings);
553                 settings = NULL;
554                 dbexit();
555                 ast_log(LOG_WARNING,"cel_tds module had config problems; declining load\n");
556                 return AST_MODULE_LOAD_DECLINE;
557         }
558
559         /* Register MSSQL CEL handler */
560         if (ast_cel_backend_register(TDS_BACKEND_NAME, tds_log)) {
561                 ast_log(LOG_ERROR, "Unable to register MSSQL CEL handling\n");
562                 ast_string_field_free_memory(settings);
563                 ast_free(settings);
564                 settings = NULL;
565                 dbexit();
566                 return AST_MODULE_LOAD_DECLINE;
567         }
568
569         return AST_MODULE_LOAD_SUCCESS;
570 }
571
572 static int unload_module(void)
573 {
574         return tds_unload_module();
575 }
576
577 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "FreeTDS CEL Backend",
578         .support_level = AST_MODULE_SUPPORT_EXTENDED,
579         .load = load_module,
580         .unload = unload_module,
581         .reload = reload,
582         .load_pri = AST_MODPRI_CDR_DRIVER,
583 );