res_pjsip_nat: Rewrite route set when required.
[asterisk/asterisk.git] / res / res_pjsip_nat.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2013, Digium, Inc.
5  *
6  * Joshua Colp <jcolp@digium.com>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18
19 /*** MODULEINFO
20         <depend>pjproject</depend>
21         <depend>res_pjsip</depend>
22         <support_level>core</support_level>
23  ***/
24
25 #include "asterisk.h"
26
27 #include <pjsip.h>
28 #include <pjsip_ua.h>
29
30 #include "asterisk/res_pjsip.h"
31 #include "asterisk/res_pjsip_session.h"
32 #include "asterisk/module.h"
33 #include "asterisk/acl.h"
34
35 static void rewrite_uri(pjsip_rx_data *rdata, pjsip_sip_uri *uri)
36 {
37         pj_cstr(&uri->host, rdata->pkt_info.src_name);
38         if (strcasecmp("udp", rdata->tp_info.transport->type_name)) {
39                 uri->transport_param = pj_str(rdata->tp_info.transport->type_name);
40         } else {
41                 uri->transport_param.slen = 0;
42         }
43         uri->port = rdata->pkt_info.src_port;
44 }
45
46 static int rewrite_route_set(pjsip_rx_data *rdata, pjsip_dialog *dlg)
47 {
48         pjsip_rr_hdr *rr = NULL;
49         pjsip_sip_uri *uri;
50
51         if (rdata->msg_info.msg->type == PJSIP_RESPONSE_MSG) {
52                 pjsip_hdr *iter;
53                 for (iter = rdata->msg_info.msg->hdr.prev; iter != &rdata->msg_info.msg->hdr; iter = iter->prev) {
54                         if (iter->type == PJSIP_H_RECORD_ROUTE) {
55                                 rr = (pjsip_rr_hdr *)iter;
56                                 break;
57                         }
58                 }
59         } else {
60                 rr = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_RECORD_ROUTE, NULL);
61         }
62
63         if (rr) {
64                 uri = pjsip_uri_get_uri(&rr->name_addr);
65                 rewrite_uri(rdata, uri);
66                 if (dlg && dlg->route_set.next && !dlg->route_set_frozen) {
67                         pjsip_routing_hdr *route = dlg->route_set.next;
68                         uri = pjsip_uri_get_uri(&route->name_addr);
69                         rewrite_uri(rdata, uri);
70                 }
71
72                 return 0;
73         }
74
75         return -1;
76 }
77
78 static int rewrite_contact(pjsip_rx_data *rdata, pjsip_dialog *dlg)
79 {
80         pjsip_contact_hdr *contact;
81
82         contact = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, NULL);
83         if (contact && !contact->star && (PJSIP_URI_SCHEME_IS_SIP(contact->uri) || PJSIP_URI_SCHEME_IS_SIPS(contact->uri))) {
84                 pjsip_sip_uri *uri = pjsip_uri_get_uri(contact->uri);
85
86                 rewrite_uri(rdata, uri);
87
88                 if (dlg && !dlg->route_set_frozen && (!dlg->remote.contact
89                         || pjsip_uri_cmp(PJSIP_URI_IN_REQ_URI, dlg->remote.contact->uri, contact->uri))) {
90                         dlg->remote.contact = (pjsip_contact_hdr*)pjsip_hdr_clone(dlg->pool, contact);
91                         dlg->target = dlg->remote.contact->uri;
92                 }
93                 return 0;
94         }
95
96         return -1;
97 }
98
99 static pj_bool_t handle_rx_message(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
100 {
101         pjsip_dialog *dlg = pjsip_rdata_get_dlg(rdata);
102
103         if (!endpoint) {
104                 return PJ_FALSE;
105         }
106
107         if (endpoint->nat.rewrite_contact) {
108                 /* rewrite_contact is intended to ensure we send requests/responses to
109                  * a routeable address when NAT is involved. The URI that dictates where
110                  * we send requests/responses can be determined either by Record-Route
111                  * headers or by the Contact header if no Record-Route headers are present.
112                  * We therefore will attempt to rewrite a Record-Route header first, and if
113                  * none are present, we fall back to rewriting the Contact header instead.
114                  */
115                 if (rewrite_route_set(rdata, dlg)) {
116                         rewrite_contact(rdata, dlg);
117                 }
118         }
119
120         if (endpoint->nat.force_rport) {
121                 rdata->msg_info.via->rport_param = rdata->pkt_info.src_port;
122         }
123
124         return PJ_FALSE;
125 }
126
127 static pj_bool_t nat_on_rx_message(pjsip_rx_data *rdata)
128 {
129         pj_bool_t res;
130         struct ast_sip_endpoint *endpoint;
131
132         endpoint = ast_pjsip_rdata_get_endpoint(rdata);
133         res = handle_rx_message(endpoint, rdata);
134         ao2_cleanup(endpoint);
135         return res;
136 }
137
138 /*! \brief Structure which contains information about a transport */
139 struct request_transport_details {
140         /*! \brief Type of transport */
141         enum ast_transport type;
142         /*! \brief Potential pointer to the transport itself, if UDP */
143         pjsip_transport *transport;
144         /*! \brief Potential pointer to the transport factory itself, if TCP/TLS */
145         pjsip_tpfactory *factory;
146         /*! \brief Local address for transport */
147         pj_str_t local_address;
148         /*! \brief Local port for transport */
149         int local_port;
150 };
151
152 /*! \brief Callback function for finding the transport the request is going out on */
153 static int find_transport_in_use(void *obj, void *arg, int flags)
154 {
155         struct ast_sip_transport *transport = obj;
156         struct request_transport_details *details = arg;
157
158         /* If an explicit transport or factory matches then this is what is in use, if we are unavailable
159          * to compare based on that we make sure that the type is the same and the source IP address/port are the same
160          */
161         if ((details->transport && details->transport == transport->state->transport) ||
162                 (details->factory && details->factory == transport->state->factory) ||
163                 ((details->type == transport->type) && (transport->state->factory) &&
164                         !pj_strcmp(&transport->state->factory->addr_name.host, &details->local_address) &&
165                         transport->state->factory->addr_name.port == details->local_port)) {
166                 return CMP_MATCH | CMP_STOP;
167         }
168
169         return 0;
170 }
171
172 /*! \brief Helper function which returns the SIP URI of a Contact header */
173 static pjsip_sip_uri *nat_get_contact_sip_uri(pjsip_tx_data *tdata)
174 {
175         pjsip_contact_hdr *contact = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_CONTACT, NULL);
176
177         if (!contact || (!PJSIP_URI_SCHEME_IS_SIP(contact->uri) && !PJSIP_URI_SCHEME_IS_SIPS(contact->uri))) {
178                 return NULL;
179         }
180
181         return pjsip_uri_get_uri(contact->uri);
182 }
183
184 /*! \brief Structure which contains hook details */
185 struct nat_hook_details {
186         /*! \brief Outgoing message itself */
187         pjsip_tx_data *tdata;
188         /*! \brief Chosen transport */
189         struct ast_sip_transport *transport;
190 };
191
192 /*! \brief Callback function for invoking hooks */
193 static int nat_invoke_hook(void *obj, void *arg, int flags)
194 {
195         struct ast_sip_nat_hook *hook = obj;
196         struct nat_hook_details *details = arg;
197
198         if (hook->outgoing_external_message) {
199                 hook->outgoing_external_message(details->tdata, details->transport);
200         }
201
202         return 0;
203 }
204
205 static pj_status_t nat_on_tx_message(pjsip_tx_data *tdata)
206 {
207         RAII_VAR(struct ao2_container *, transports, NULL, ao2_cleanup);
208         RAII_VAR(struct ast_sip_transport *, transport, NULL, ao2_cleanup);
209         struct request_transport_details details = { 0, };
210         pjsip_via_hdr *via = NULL;
211         struct ast_sockaddr addr = { { 0, } };
212         pjsip_sip_uri *uri = NULL;
213         RAII_VAR(struct ao2_container *, hooks, NULL, ao2_cleanup);
214
215         /* If a transport selector is in use we know the transport or factory, so explicitly find it */
216         if (tdata->tp_sel.type == PJSIP_TPSELECTOR_TRANSPORT) {
217                 details.transport = tdata->tp_sel.u.transport;
218         } else if (tdata->tp_sel.type == PJSIP_TPSELECTOR_LISTENER) {
219                 details.factory = tdata->tp_sel.u.listener;
220         } else if (tdata->tp_info.transport->key.type == PJSIP_TRANSPORT_UDP || tdata->tp_info.transport->key.type == PJSIP_TRANSPORT_UDP6) {
221                 /* Connectionless uses the same transport for all requests */
222                 details.type = AST_TRANSPORT_UDP;
223                 details.transport = tdata->tp_info.transport;
224         } else {
225                 if (tdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TCP) {
226                         details.type = AST_TRANSPORT_TCP;
227                 } else if (tdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TLS) {
228                         details.type = AST_TRANSPORT_TLS;
229                 } else {
230                         /* Unknown transport type, we can't map and thus can't apply NAT changes */
231                         return PJ_SUCCESS;
232                 }
233
234                 if ((uri = nat_get_contact_sip_uri(tdata))) {
235                         details.local_address = uri->host;
236                         details.local_port = uri->port;
237                 } else if ((tdata->msg->type == PJSIP_REQUEST_MSG) &&
238                         (via = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_VIA, NULL))) {
239                         details.local_address = via->sent_by.host;
240                         details.local_port = via->sent_by.port;
241                 } else {
242                         return PJ_SUCCESS;
243                 }
244
245                 if (!details.local_port) {
246                         details.local_port = (details.type == AST_TRANSPORT_TLS) ? 5061 : 5060;
247                 }
248         }
249
250         if (!(transports = ast_sorcery_retrieve_by_fields(ast_sip_get_sorcery(), "transport", AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL)) ||
251                 !(transport = ao2_callback(transports, 0, find_transport_in_use, &details)) || !transport->localnet ||
252                 ast_sockaddr_isnull(&transport->external_address)) {
253                 return PJ_SUCCESS;
254         }
255
256         ast_sockaddr_parse(&addr, tdata->tp_info.dst_name, PARSE_PORT_FORBID);
257         ast_sockaddr_set_port(&addr, tdata->tp_info.dst_port);
258
259         /* See if where we are sending this request is local or not, and if not that we can get a Contact URI to modify */
260         if (ast_apply_ha(transport->localnet, &addr) != AST_SENSE_ALLOW) {
261                 return PJ_SUCCESS;
262         }
263
264         /* Update the contact header with the external address */
265         if (uri || (uri = nat_get_contact_sip_uri(tdata))) {
266                 pj_strdup2(tdata->pool, &uri->host, ast_sockaddr_stringify_host(&transport->external_address));
267                 if (transport->external_signaling_port) {
268                         uri->port = transport->external_signaling_port;
269                         ast_debug(4, "Re-wrote Contact URI port to %d\n", uri->port);
270                 }
271         }
272
273         /* Update the via header if relevant */
274         if ((tdata->msg->type == PJSIP_REQUEST_MSG) && (via || (via = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_VIA, NULL)))) {
275                 pj_strdup2(tdata->pool, &via->sent_by.host, ast_sockaddr_stringify_host(&transport->external_address));
276                 if (transport->external_signaling_port) {
277                         via->sent_by.port = transport->external_signaling_port;
278                 }
279         }
280
281         /* Invoke any additional hooks that may be registered */
282         if ((hooks = ast_sorcery_retrieve_by_fields(ast_sip_get_sorcery(), "nat_hook", AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL))) {
283                 struct nat_hook_details hook_details = {
284                         .tdata = tdata,
285                         .transport = transport,
286                 };
287                 ao2_callback(hooks, 0, nat_invoke_hook, &hook_details);
288         }
289
290         return PJ_SUCCESS;
291 }
292
293 static pjsip_module nat_module = {
294         .name = { "NAT", 3 },
295         .id = -1,
296         .priority = PJSIP_MOD_PRIORITY_TSX_LAYER - 2,
297         .on_rx_request = nat_on_rx_message,
298         .on_rx_response = nat_on_rx_message,
299         .on_tx_request = nat_on_tx_message,
300         .on_tx_response = nat_on_tx_message,
301 };
302
303 /*! \brief Function called when an INVITE goes out */
304 static int nat_incoming_invite_request(struct ast_sip_session *session, struct pjsip_rx_data *rdata)
305 {
306         if (session->inv_session->state == PJSIP_INV_STATE_INCOMING) {
307                 pjsip_dlg_add_usage(session->inv_session->dlg, &nat_module, NULL);
308         }
309
310         return 0;
311 }
312
313 /*! \brief Function called when an INVITE response comes in */
314 static void nat_incoming_invite_response(struct ast_sip_session *session, struct pjsip_rx_data *rdata)
315 {
316         handle_rx_message(session->endpoint, rdata);
317 }
318
319 /*! \brief Function called when an INVITE comes in */
320 static void nat_outgoing_invite_request(struct ast_sip_session *session, struct pjsip_tx_data *tdata)
321 {
322         if (session->inv_session->state == PJSIP_INV_STATE_NULL) {
323                 pjsip_dlg_add_usage(session->inv_session->dlg, &nat_module, NULL);
324         }
325 }
326
327 /*! \brief Supplement for adding NAT functionality to dialog */
328 static struct ast_sip_session_supplement nat_supplement = {
329         .method = "INVITE",
330         .priority = AST_SIP_SUPPLEMENT_PRIORITY_FIRST + 1,
331         .incoming_request = nat_incoming_invite_request,
332         .outgoing_request = nat_outgoing_invite_request,
333         .incoming_response = nat_incoming_invite_response,
334 };
335
336
337 static int unload_module(void)
338 {
339         ast_sip_session_unregister_supplement(&nat_supplement);
340         ast_sip_unregister_service(&nat_module);
341         return 0;
342 }
343
344 static int load_module(void)
345 {
346         CHECK_PJSIP_SESSION_MODULE_LOADED();
347
348         if (ast_sip_register_service(&nat_module)) {
349                 ast_log(LOG_ERROR, "Could not register NAT module for incoming and outgoing requests\n");
350                 return AST_MODULE_LOAD_FAILURE;
351         }
352
353         if (ast_sip_session_register_supplement(&nat_supplement)) {
354                 ast_log(LOG_ERROR, "Could not register NAT session supplement for incoming and outgoing INVITE requests\n");
355                 unload_module();
356                 return AST_MODULE_LOAD_FAILURE;
357         }
358
359         return AST_MODULE_LOAD_SUCCESS;
360 }
361
362 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "PJSIP NAT Support",
363         .support_level = AST_MODULE_SUPPORT_CORE,
364         .load = load_module,
365         .unload = unload_module,
366         .load_pri = AST_MODPRI_APP_DEPEND,
367 );