Removing registrar_expire from basic-pbx config
[asterisk/asterisk.git] / res / res_pjsip_nat.c
index b71a84b..bbf3359 100644 (file)
 #include "asterisk/module.h"
 #include "asterisk/acl.h"
 
-static pj_bool_t handle_rx_message(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
+static void rewrite_uri(pjsip_rx_data *rdata, pjsip_sip_uri *uri)
 {
-       pjsip_contact_hdr *contact;
+       pj_cstr(&uri->host, rdata->pkt_info.src_name);
+       uri->port = rdata->pkt_info.src_port;
+       if (!strcasecmp("WSS", rdata->tp_info.transport->type_name)) {
+               /* WSS is special, we don't want to overwrite the URI at all as it needs to be ws */
+       } else if (strcasecmp("udp", rdata->tp_info.transport->type_name)) {
+               uri->transport_param = pj_str(rdata->tp_info.transport->type_name);
+       } else {
+               uri->transport_param.slen = 0;
+       }
+}
 
-       if (!endpoint) {
-               return PJ_FALSE;
+/*
+ * Update the Record-Route headers in the request or response and in the dialog
+ * object if exists.
+ *
+ * When NAT is in use, the address of the next hop in the SIP may be incorrect.
+ * To address this  asterisk uses two strategies in parallel:
+ *  1. intercept the messages at the transaction level and rewrite the
+ *     messages before arriving at the dialog layer
+ *  2. after the application processing, update the dialog object with the
+ *     correct information
+ *
+ * The first strategy has a limitation that the SIP message may not have all
+ * the information required to determine if the next hop is in the route set
+ * or in the contact. Causing risk that asterisk will update the Contact on
+ * receipt of an in-dialog message despite there being a route set saved in
+ * the dialog.
+ *
+ * The second strategy has a limitation that not all UAC layers have interfaces
+ * available to invoke this module after dialog creation.  (pjsip_sesion does
+ * but pjsip_pubsub does not), thus this strategy can't update the dialog in
+ * all cases needed.
+ *
+ * The ideal solution would be to implement an "incomming_request" event
+ * in pubsub module that can then pass the dialog object to this module
+ * on SUBSCRIBE, this module then should add itself as a listener to the dialog
+ * for the subsequent requests and responses & then be able to properly update
+ * the dialog object for all required events.
+ */
+
+static int rewrite_route_set(pjsip_rx_data *rdata, pjsip_dialog *dlg)
+{
+       pjsip_rr_hdr *rr = NULL;
+       pjsip_sip_uri *uri;
+       int res = -1;
+       int ignore_rr = 0;
+       int pubsub = 0;
+
+       if (rdata->msg_info.msg->type == PJSIP_RESPONSE_MSG) {
+               pjsip_hdr *iter;
+               for (iter = rdata->msg_info.msg->hdr.prev; iter != &rdata->msg_info.msg->hdr; iter = iter->prev) {
+                       if (iter->type == PJSIP_H_RECORD_ROUTE) {
+                               rr = (pjsip_rr_hdr *)iter;
+                               break;
+                       }
+               }
+       } else if (pjsip_method_cmp(&rdata->msg_info.msg->line.req.method, &pjsip_register_method)) {
+               rr = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_RECORD_ROUTE, NULL);
+       } else {
+               /**
+                * Record-Route header has no meaning in REGISTER requests
+                * and should be ignored
+                */
+               ignore_rr = 1;
+       }
+
+       if (!pjsip_method_cmp(&rdata->msg_info.cseq->method, &pjsip_subscribe_method) ||
+               !pjsip_method_cmp(&rdata->msg_info.cseq->method, &pjsip_notify_method)) {
+               /**
+                * There is currently no good way to get the dlg object for a pubsub dialog
+                * so we will just look at the rr & contact of the current message and
+                * hope for the best
+                */
+               pubsub = 1;
+       }
+
+       if (rr) {
+               uri = pjsip_uri_get_uri(&rr->name_addr);
+               rewrite_uri(rdata, uri);
+               res = 0;
        }
 
-       if (endpoint->nat.rewrite_contact && (contact = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, NULL)) &&
-               !contact->star && (PJSIP_URI_SCHEME_IS_SIP(contact->uri) || PJSIP_URI_SCHEME_IS_SIPS(contact->uri))) {
+       if (dlg && !pj_list_empty(&dlg->route_set) && !dlg->route_set_frozen) {
+               pjsip_routing_hdr *route = dlg->route_set.next;
+               uri = pjsip_uri_get_uri(&route->name_addr);
+               rewrite_uri(rdata, uri);
+               res = 0;
+       }
+
+       if (!dlg && !rr && !ignore_rr  && !pubsub && rdata->msg_info.to->tag.slen){
+               /**
+                * Even if this message doesn't have any route headers
+                * the dialog may, so wait until a later invocation that
+                * has a dialog reference to make sure there isn't a
+                * previously saved routset in the dialog before deciding
+                * the contact needs to be modified
+                */
+               res = 0;
+       }
+
+       return res;
+}
+
+static int rewrite_contact(pjsip_rx_data *rdata, pjsip_dialog *dlg)
+{
+       pjsip_contact_hdr *contact;
+
+       contact = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, NULL);
+       if (contact && !contact->star && (PJSIP_URI_SCHEME_IS_SIP(contact->uri) || PJSIP_URI_SCHEME_IS_SIPS(contact->uri))) {
                pjsip_sip_uri *uri = pjsip_uri_get_uri(contact->uri);
-               pjsip_dialog *dlg = pjsip_rdata_get_dlg(rdata);
 
-               pj_cstr(&uri->host, rdata->pkt_info.src_name);
-               if (strcasecmp("udp", rdata->tp_info.transport->type_name)) {
-                       uri->transport_param = pj_str(rdata->tp_info.transport->type_name);
-               } else {
-                       uri->transport_param.slen = 0;
-               }
-               uri->port = rdata->pkt_info.src_port;
-               ast_debug(4, "Re-wrote Contact URI host/port to %.*s:%d\n",
-                       (int)pj_strlen(&uri->host), pj_strbuf(&uri->host), uri->port);
+               rewrite_uri(rdata, uri);
 
-               /* rewrite the session target since it may have already been pulled from the contact header */
-               if (dlg && (!dlg->remote.contact
+               if (dlg && pj_list_empty(&dlg->route_set) && (!dlg->remote.contact
                        || pjsip_uri_cmp(PJSIP_URI_IN_REQ_URI, dlg->remote.contact->uri, contact->uri))) {
                        dlg->remote.contact = (pjsip_contact_hdr*)pjsip_hdr_clone(dlg->pool, contact);
                        dlg->target = dlg->remote.contact->uri;
                }
+               return 0;
+       }
+
+       return -1;
+}
+
+static pj_bool_t handle_rx_message(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
+{
+       pjsip_dialog *dlg = pjsip_rdata_get_dlg(rdata);
+
+       if (!endpoint) {
+               return PJ_FALSE;
+       }
+
+       if (endpoint->nat.rewrite_contact) {
+               /* rewrite_contact is intended to ensure we send requests/responses to
+                * a routeable address when NAT is involved. The URI that dictates where
+                * we send requests/responses can be determined either by Record-Route
+                * headers or by the Contact header if no Record-Route headers are present.
+                * We therefore will attempt to rewrite a Record-Route header first, and if
+                * none are present, we fall back to rewriting the Contact header instead.
+                */
+               if (rewrite_route_set(rdata, dlg)) {
+                       rewrite_contact(rdata, dlg);
+               }
        }
 
        if (endpoint->nat.force_rport) {
@@ -72,8 +188,13 @@ static pj_bool_t handle_rx_message(struct ast_sip_endpoint *endpoint, pjsip_rx_d
 
 static pj_bool_t nat_on_rx_message(pjsip_rx_data *rdata)
 {
-       RAII_VAR(struct ast_sip_endpoint *, endpoint, ast_pjsip_rdata_get_endpoint(rdata), ao2_cleanup);
-       return handle_rx_message(endpoint, rdata);
+       pj_bool_t res;
+       struct ast_sip_endpoint *endpoint;
+
+       endpoint = ast_pjsip_rdata_get_endpoint(rdata);
+       res = handle_rx_message(endpoint, rdata);
+       ao2_cleanup(endpoint);
+       return res;
 }
 
 /*! \brief Structure which contains information about a transport */
@@ -91,20 +212,20 @@ struct request_transport_details {
 };
 
 /*! \brief Callback function for finding the transport the request is going out on */
-static int find_transport_in_use(void *obj, void *arg, int flags)
+static int find_transport_state_in_use(void *obj, void *arg, int flags)
 {
-       struct ast_sip_transport *transport = obj;
+       struct ast_sip_transport_state *transport_state = obj;
        struct request_transport_details *details = arg;
 
        /* If an explicit transport or factory matches then this is what is in use, if we are unavailable
         * to compare based on that we make sure that the type is the same and the source IP address/port are the same
         */
-       if ((details->transport && details->transport == transport->state->transport) ||
-               (details->factory && details->factory == transport->state->factory) ||
-               ((details->type == transport->type) && (transport->state->factory) &&
-                       !pj_strcmp(&transport->state->factory->addr_name.host, &details->local_address) &&
-                       transport->state->factory->addr_name.port == details->local_port)) {
-               return CMP_MATCH | CMP_STOP;
+       if (transport_state && ((details->transport && details->transport == transport_state->transport) ||
+               (details->factory && details->factory == transport_state->factory) ||
+               ((details->type == transport_state->type) && (transport_state->factory) &&
+                       !pj_strcmp(&transport_state->factory->addr_name.host, &details->local_address) &&
+                       transport_state->factory->addr_name.port == details->local_port))) {
+               return CMP_MATCH;
        }
 
        return 0;
@@ -145,8 +266,9 @@ static int nat_invoke_hook(void *obj, void *arg, int flags)
 
 static pj_status_t nat_on_tx_message(pjsip_tx_data *tdata)
 {
-       RAII_VAR(struct ao2_container *, transports, NULL, ao2_cleanup);
+       RAII_VAR(struct ao2_container *, transport_states, NULL, ao2_cleanup);
        RAII_VAR(struct ast_sip_transport *, transport, NULL, ao2_cleanup);
+       RAII_VAR(struct ast_sip_transport_state *, transport_state, NULL, ao2_cleanup);
        struct request_transport_details details = { 0, };
        pjsip_via_hdr *via = NULL;
        struct ast_sockaddr addr = { { 0, } };
@@ -188,34 +310,45 @@ static pj_status_t nat_on_tx_message(pjsip_tx_data *tdata)
                }
        }
 
-       if (!(transports = ast_sorcery_retrieve_by_fields(ast_sip_get_sorcery(), "transport", AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL)) ||
-               !(transport = ao2_callback(transports, 0, find_transport_in_use, &details)) || !transport->localnet ||
-               ast_sockaddr_isnull(&transport->external_address)) {
+       if (!(transport_states = ast_sip_get_transport_states())) {
                return PJ_SUCCESS;
        }
 
-       ast_sockaddr_parse(&addr, tdata->tp_info.dst_name, PARSE_PORT_FORBID);
-       ast_sockaddr_set_port(&addr, tdata->tp_info.dst_port);
+       if (!(transport_state = ao2_callback(transport_states, 0, find_transport_state_in_use, &details))) {
+               return PJ_SUCCESS;
+       }
 
-       /* See if where we are sending this request is local or not, and if not that we can get a Contact URI to modify */
-       if (ast_apply_ha(transport->localnet, &addr) != AST_SENSE_ALLOW) {
+       if (!(transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_state->id))) {
                return PJ_SUCCESS;
        }
 
-       /* Update the contact header with the external address */
-       if (uri || (uri = nat_get_contact_sip_uri(tdata))) {
-               pj_strdup2(tdata->pool, &uri->host, ast_sockaddr_stringify_host(&transport->external_address));
-               if (transport->external_signaling_port) {
-                       uri->port = transport->external_signaling_port;
-                       ast_debug(4, "Re-wrote Contact URI port to %d\n", uri->port);
+       if (transport_state->localnet) {
+               ast_sockaddr_parse(&addr, tdata->tp_info.dst_name, PARSE_PORT_FORBID);
+               ast_sockaddr_set_port(&addr, tdata->tp_info.dst_port);
+
+               /* See if where we are sending this request is local or not, and if not that we can get a Contact URI to modify */
+               if (ast_sip_transport_is_local(transport_state, &addr)) {
+                       ast_debug(5, "Request is being sent to local address, skipping NAT manipulation\n");
+                       return PJ_SUCCESS;
                }
        }
 
-       /* Update the via header if relevant */
-       if ((tdata->msg->type == PJSIP_REQUEST_MSG) && (via || (via = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_VIA, NULL)))) {
-               pj_strdup2(tdata->pool, &via->sent_by.host, ast_sockaddr_stringify_host(&transport->external_address));
-               if (transport->external_signaling_port) {
-                       via->sent_by.port = transport->external_signaling_port;
+       if (!ast_sockaddr_isnull(&transport_state->external_signaling_address)) {
+               /* Update the contact header with the external address */
+               if (uri || (uri = nat_get_contact_sip_uri(tdata))) {
+                       pj_strdup2(tdata->pool, &uri->host, ast_sockaddr_stringify_host(&transport_state->external_signaling_address));
+                       if (transport->external_signaling_port) {
+                               uri->port = transport->external_signaling_port;
+                               ast_debug(4, "Re-wrote Contact URI port to %d\n", uri->port);
+                       }
+               }
+
+               /* Update the via header if relevant */
+               if ((tdata->msg->type == PJSIP_REQUEST_MSG) && (via || (via = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_VIA, NULL)))) {
+                       pj_strdup2(tdata->pool, &via->sent_by.host, ast_sockaddr_stringify_host(&transport_state->external_signaling_address));
+                       if (transport->external_signaling_port) {
+                               via->sent_by.port = transport->external_signaling_port;
+                       }
                }
        }
 
@@ -284,25 +417,20 @@ static int unload_module(void)
 
 static int load_module(void)
 {
-       CHECK_PJSIP_SESSION_MODULE_LOADED();
-
        if (ast_sip_register_service(&nat_module)) {
                ast_log(LOG_ERROR, "Could not register NAT module for incoming and outgoing requests\n");
-               return AST_MODULE_LOAD_FAILURE;
+               return AST_MODULE_LOAD_DECLINE;
        }
 
-       if (ast_sip_session_register_supplement(&nat_supplement)) {
-               ast_log(LOG_ERROR, "Could not register NAT session supplement for incoming and outgoing INVITE requests\n");
-               unload_module();
-               return AST_MODULE_LOAD_FAILURE;
-       }
+       ast_sip_session_register_supplement(&nat_supplement);
 
        return AST_MODULE_LOAD_SUCCESS;
 }
 
 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "PJSIP NAT Support",
-               .support_level = AST_MODULE_SUPPORT_CORE,
-               .load = load_module,
-               .unload = unload_module,
-               .load_pri = AST_MODPRI_APP_DEPEND,
-              );
+       .support_level = AST_MODULE_SUPPORT_CORE,
+       .load = load_module,
+       .unload = unload_module,
+       .load_pri = AST_MODPRI_APP_DEPEND,
+       .requires = "res_pjsip,res_pjsip_session",
+);