Add IAX provisioning support to Asterisk
authorMark Spencer <markster@digium.com>
Wed, 7 Jul 2004 09:34:01 +0000 (09:34 +0000)
committerMark Spencer <markster@digium.com>
Wed, 7 Jul 2004 09:34:01 +0000 (09:34 +0000)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@3382 65c4cc65-6c06-0410-ace0-fbb531ad65f3

channels/Makefile
channels/chan_iax2.c
channels/iax2-parser.c
channels/iax2-parser.h
channels/iax2-provision.c [new file with mode: 0755]
channels/iax2-provision.h [new file with mode: 0755]
configs/iaxprov.conf.sample [new file with mode: 0755]

index c1ce599..d908a37 100755 (executable)
@@ -136,11 +136,11 @@ chan_oss.so: chan_oss.o
        $(CC) $(SOLINK) -o $@ chan_oss.o -lossaudio
 endif
 
-chan_iax2.so: chan_iax2.o iax2-parser.o
+chan_iax2.so: chan_iax2.o iax2-parser.o iax2-provision.o
 ifeq ($(USE_MYSQL_FRIENDS),1)
-       $(CC) $(SOLINK) -o $@ chan_iax2.o iax2-parser.o $(MYSQLLIB) -lz
+       $(CC) $(SOLINK) -o $@ chan_iax2.o iax2-parser.o iax2-provision.o $(MYSQLLIB) -lz
 else
-       $(CC) $(SOLINK) -o $@ chan_iax2.o iax2-parser.o
+       $(CC) $(SOLINK) -o $@ chan_iax2.o iax2-parser.o iax2-provision.o
 endif
 
 chan_iax.so: chan_iax.o
index 44e617d..fd08f24 100755 (executable)
@@ -67,6 +67,7 @@
 #endif
 #include "iax2.h"
 #include "iax2-parser.h"
+#include "iax2-provision.h"
 #include "../astconf.h"
 
 #ifndef IPTOS_MINCOST
@@ -453,6 +454,9 @@ struct chan_iax2_pvt {
        unsigned int bridgesfmt;
        struct ast_trans_pvt *bridgetrans;
        
+       /* If this is a provisioning request */
+       int provision;
+       
        int pingid;                     /* Transmit PING request */
        int lagid;                      /* Retransmit lag request */
        int autoid;                     /* Auto hangup for Dialplan requestor */
@@ -1592,6 +1596,7 @@ static struct ast_cli_entry cli_show_stats =
 static struct ast_cli_entry cli_show_cache =
 { { "iax2", "show", "cache", NULL }, iax2_show_cache, "Display IAX cached dialplan", show_cache_usage };
 
+
 static unsigned int calc_rxstamp(struct chan_iax2_pvt *p);
 
 #ifdef BRIDGE_OPTIMIZATION
@@ -4742,6 +4747,22 @@ static int iax_park(struct ast_channel *chan1, struct ast_channel *chan2)
 }
 
 
+static int iax2_provision(struct sockaddr_in *end, char *dest, const char *template, int force);
+
+static int check_provisioning(struct sockaddr_in *sin, char *si, unsigned int ver)
+{
+       unsigned int ourver;
+       unsigned char rsi[80];
+       snprintf(rsi, sizeof(rsi), "si-%s", si);
+       if (iax_provision_version(&ourver, rsi, 1))
+               return 0;
+       if (option_debug)
+               ast_log(LOG_DEBUG, "Service identifier '%s', we think '%08x', they think '%08x'\n", si, ourver, ver);
+       if (ourver != ver) 
+               iax2_provision(sin, NULL, rsi, 1);
+       return 0;
+}
+
 static int socket_read(int *id, int fd, short events, void *cbdata)
 {
        struct sockaddr_in sin;
@@ -5150,6 +5171,8 @@ retryowner:
                                /* Ignore if it's already up */
                                if (iaxs[fr.callno]->state & (IAX_STATE_STARTED | IAX_STATE_TBD))
                                        break;
+                               if (ies.provverpres && ies.serviceident && sin.sin_addr.s_addr)
+                                       check_provisioning(&sin, ies.serviceident, ies.provver);
                                /* For security, always ack immediately */
                                if (delayreject)
                                        send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
@@ -5250,6 +5273,12 @@ retryowner:
                                iax2_destroy_nolock(fr.callno);
                                break;
                        case IAX_COMMAND_REJECT:
+                               if (iaxs[fr.callno]->provision) {
+                                       /* Send ack immediately, before we destroy */
+                                       send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
+                                       iax2_destroy_nolock(fr.callno);
+                                       break;
+                               }
                                if (iaxs[fr.callno]->owner) {
                                        if (authdebug)
                                                ast_log(LOG_WARNING, "Call rejected by %s: %s\n", ast_inet_ntoa(iabuf, sizeof(iabuf), iaxs[fr.callno]->addr.sin_addr), ies.cause ? ies.cause : "<Unknown>");
@@ -5282,6 +5311,12 @@ retryowner:
                                /* Ignore if call is already up or needs authentication or is a TBD */
                                if (iaxs[fr.callno]->state & (IAX_STATE_STARTED | IAX_STATE_TBD | IAX_STATE_AUTHENTICATED))
                                        break;
+                               if (iaxs[fr.callno]->provision) {
+                                       /* Send ack immediately, before we destroy */
+                                       send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
+                                       iax2_destroy_nolock(fr.callno);
+                                       break;
+                               }
                                if (ies.format) {
                                        iaxs[fr.callno]->peerformat = ies.format;
                                } else {
@@ -5549,6 +5584,8 @@ retryowner2:
                                                memset(&sin, 0, sizeof(sin));
                                        if (update_registry(iaxs[fr.callno]->peer, &sin, fr.callno, ies.devicetype))
                                                ast_log(LOG_WARNING, "Registry error\n");
+                                       if (ies.provverpres && ies.serviceident && sin.sin_addr.s_addr)
+                                               check_provisioning(&sin, ies.serviceident, ies.provver);
                                        break;
                                }
                                registry_authrequest(iaxs[fr.callno]->peer, fr.callno);
@@ -5779,6 +5816,86 @@ static int iax2_do_register(struct iax2_registry *reg)
        return 0;
 }
 
+static char *iax2_prov_complete_template_3rd(char *line, char *word, int pos, int state)
+{
+       if (pos != 3)
+               return NULL;
+       return iax_prov_complete_template(line, word, pos, state);
+}
+
+static int iax2_provision(struct sockaddr_in *end, char *dest, const char *template, int force)
+{
+       /* Returns 1 if provisioned, -1 if not able to find destination, or 0 if no provisioning
+          is found for template */
+       struct iax_ie_data provdata;
+       struct iax_ie_data ied;
+       unsigned int sig;
+       struct sockaddr_in sin;
+       int callno;
+       if (option_debug)
+               ast_log(LOG_DEBUG, "Provisioning '%s' from template '%s'\n", dest, template);
+       if (iax_provision_build(&provdata, &sig, template, force)) {
+               ast_log(LOG_DEBUG, "No provisioning found for template '%s'\n", template);
+               return 0;
+       }
+       if (end)
+               memcpy(&sin, end, sizeof(sin));
+       else {
+               if (create_addr(&sin, NULL, NULL, NULL, dest, NULL, NULL, NULL, NULL, 0, NULL, NULL))
+                       return -1;
+       }
+       /* Build the rest of the message */
+       memset(&ied, 0, sizeof(ied));
+       iax_ie_append_raw(&ied, IAX_IE_PROVISIONING, provdata.buf, provdata.pos);
+
+       callno = find_callno(0, 0, &sin, NEW_FORCE, 1);
+       if (!callno)
+               return -1;
+       ast_mutex_lock(&iaxsl[callno]);
+       if (iaxs[callno]) {
+               /* Schedule autodestruct in case they don't ever give us anything back */
+               if (iaxs[callno]->autoid > -1)
+                       ast_sched_del(sched, iaxs[callno]->autoid);
+               iaxs[callno]->autoid = ast_sched_add(sched, 15000, auto_hangup, (void *)(long)callno);
+               iaxs[callno]->provision = 1;
+               /* Got a call number now, so go ahead and send the provisioning information */
+               send_command(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_PROVISION, 0, ied.buf, ied.pos, -1);
+       }
+       ast_mutex_unlock(&iaxsl[callno]);
+       return 1;
+}
+
+static int iax2_prov_cmd(int fd, int argc, char *argv[])
+{
+       int force = 0;
+       int res;
+       if (argc < 4)
+               return RESULT_SHOWUSAGE;
+       if ((argc > 4)) {
+               if (!strcasecmp(argv[4], "forced"))
+                       force = 1;
+               else
+                       return RESULT_SHOWUSAGE;
+       }
+       res = iax2_provision(NULL, argv[2], argv[3], force);
+       if (res < 0)
+               ast_cli(fd, "Unable to find peer/address '%s'\n", argv[2]);
+       else if (res < 1)
+               ast_cli(fd, "No template (including wildcard) matching '%s'\n", argv[3]);
+       else
+               ast_cli(fd, "Provisioning '%s' with template '%s'%s\n", argv[2], argv[3], force ? ", forced" : "");
+       return RESULT_SUCCESS;
+}
+
+static char show_prov_usage[] =
+"Usage: iax2 provision <host> <template> [forced]\n"
+"       Provisions the given peer or IP address using a template\n"
+"       matching either 'template' or '*' if the template is not\n"
+"       found.  If 'forced' is specified, even empty provisioning\n"
+"       fields will be provisioned as empty fields.\n";
+
+static struct ast_cli_entry cli_provision = 
+{ { "iax2", "provision", NULL }, iax2_prov_cmd, "Provision an IAX device", show_prov_usage, iax2_prov_complete_template_3rd };
 
 static int iax2_poke_noanswer(void *data)
 {
@@ -6600,6 +6717,7 @@ static int reload_config(void)
                iax2_poke_peer(peer, 0);
        ast_mutex_unlock(&peerl.lock);
        reload_firmware();
+       iax_provision_reload();
        return 0;
 }
 
@@ -6980,6 +7098,7 @@ static int __unload_module(void)
        ast_cli_unregister(&cli_show_peers_begin);
        ast_cli_unregister(&cli_show_firmware);
        ast_cli_unregister(&cli_show_registry);
+       ast_cli_unregister(&cli_provision);
        ast_cli_unregister(&cli_debug);
        ast_cli_unregister(&cli_trunk_debug);
        ast_cli_unregister(&cli_no_debug);
@@ -7056,6 +7175,7 @@ int load_module(void)
        ast_cli_register(&cli_show_peers_begin);
        ast_cli_register(&cli_show_firmware);
        ast_cli_register(&cli_show_registry);
+       ast_cli_register(&cli_provision);
        ast_cli_register(&cli_debug);
        ast_cli_register(&cli_trunk_debug);
        ast_cli_register(&cli_no_debug);
@@ -7109,6 +7229,7 @@ int load_module(void)
                iax2_poke_peer(peer, 0);
        ast_mutex_unlock(&peerl.lock);
        reload_firmware();
+       iax_provision_reload();
        return res;
 }
 
index e41056e..40b2e27 100755 (executable)
@@ -23,6 +23,7 @@
 #include <stdio.h>
 #include "iax2.h"
 #include "iax2-parser.h"
+#include "iax2-provision.h"
 
 
 static int frames = 0;
@@ -82,11 +83,40 @@ static void dump_short(char *output, int maxlen, void *value, int len)
 static void dump_byte(char *output, int maxlen, void *value, int len)
 {
        if (len == (int)sizeof(unsigned char))
-               snprintf(output, maxlen, "%d", ntohs(*((unsigned char *)value)));
+               snprintf(output, maxlen, "%d", *((unsigned char *)value));
        else
                snprintf(output, maxlen, "Invalid BYTE");
 }
 
+static void dump_ipaddr(char *output, int maxlen, void *value, int len)
+{
+       struct sockaddr_in sin;
+       char iabuf[INET_ADDRSTRLEN];
+       if (len == (int)sizeof(unsigned int)) {
+               memcpy(&sin.sin_addr, value, len);
+               ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr);
+               snprintf(output, maxlen, "%s", iabuf);
+       } else
+               snprintf(output, maxlen, "Invalid IPADDR");
+}
+
+
+static void dump_prov_flags(char *output, int maxlen, void *value, int len)
+{
+       char buf[256] = "";
+       if (len == (int)sizeof(unsigned int))
+               snprintf(output, maxlen, "%lu (%s)", (unsigned long)ntohl(*((unsigned int *)value)),
+                       iax_provflags2str(buf, sizeof(buf), ntohl(*((unsigned int *)value))));
+       else
+               snprintf(output, maxlen, "Invalid INT");
+}
+
+static void dump_prov_ies(char *output, int maxlen, unsigned char *iedata, int len);
+static void dump_prov(char *output, int maxlen, void *value, int len)
+{
+       dump_prov_ies(output, maxlen, value, len);
+}
+
 static struct iax2_ie {
        int ie;
        char *name;
@@ -119,7 +149,7 @@ static struct iax2_ie {
        { IAX_IE_AUTOANSWER, "AUTO ANSWER REQ" },
        { IAX_IE_TRANSFERID, "TRANSFER ID", dump_int },
        { IAX_IE_RDNIS, "REFERRING DNIS", dump_string },
-       { IAX_IE_PROVISIONING, "PROVISIONING" },
+       { IAX_IE_PROVISIONING, "PROVISIONING", dump_prov },
        { IAX_IE_AESPROVISIONING, "AES PROVISIONG" },
        { IAX_IE_DATETIME, "DATE TIME", dump_int },
        { IAX_IE_DEVICETYPE, "DEVICE TYPE", dump_string },
@@ -130,6 +160,26 @@ static struct iax2_ie {
        { IAX_IE_PROVVER, "PROVISIONG VER", dump_int },
 };
 
+static struct iax2_ie prov_ies[] = {
+       { PROV_IE_USEDHCP, "USEDHCP" },
+       { PROV_IE_IPADDR, "IPADDR", dump_ipaddr },
+       { PROV_IE_SUBNET, "SUBNET", dump_ipaddr },
+       { PROV_IE_GATEWAY, "GATEWAY", dump_ipaddr },
+       { PROV_IE_PORTNO, "BINDPORT", dump_short },
+       { PROV_IE_SERVERUSER, "USERNAME", dump_string },
+       { PROV_IE_SERVERPASS, "PASSWORD", dump_string },
+       { PROV_IE_LANG, "LANGUAGE", dump_string },
+       { PROV_IE_TOS, "TYPEOFSERVICE", dump_byte },
+       { PROV_IE_FLAGS, "FLAGS", dump_prov_flags },
+       { PROV_IE_FORMAT, "FORMAT", dump_int },
+       { PROV_IE_AESKEY, "AESKEY" },
+       { PROV_IE_SERVERIP, "SERVERIP", dump_ipaddr },
+       { PROV_IE_SERVERPORT, "SERVERPORT", dump_short },
+       { PROV_IE_NEWAESKEY, "NEWAESKEY" },
+       { PROV_IE_PROVVER, "PROV VERSION", dump_int },
+       { PROV_IE_ALTSERVER, "ALTSERVERIP", dump_ipaddr },
+};
+
 const char *iax_ie2str(int ie)
 {
        int x;
@@ -140,7 +190,8 @@ const char *iax_ie2str(int ie)
        return "Unknown IE";
 }
 
-static void dump_ies(unsigned char *iedata, int len)
+
+static void dump_prov_ies(char *output, int maxlen, unsigned char *iedata, int len)
 {
        int ielen;
        int ie;
@@ -150,6 +201,57 @@ static void dump_ies(unsigned char *iedata, int len)
        char tmp[256];
        if (len < 2)
                return;
+       strcpy(output, "\n"); 
+       maxlen -= strlen(output); output += strlen(output);
+       while(len > 2) {
+               ie = iedata[0];
+               ielen = iedata[1];
+               if (ielen + 2> len) {
+                       snprintf(tmp, (int)sizeof(tmp), "Total Prov IE length of %d bytes exceeds remaining prov frame length of %d bytes\n", ielen + 2, len);
+                       strncpy(output, tmp, maxlen - 1);
+                       maxlen -= strlen(output); output += strlen(output);
+                       return;
+               }
+               found = 0;
+               for (x=0;x<(int)sizeof(prov_ies) / (int)sizeof(prov_ies[0]); x++) {
+                       if (prov_ies[x].ie == ie) {
+                               if (prov_ies[x].dump) {
+                                       prov_ies[x].dump(interp, (int)sizeof(interp), iedata + 2, ielen);
+                                       snprintf(tmp, (int)sizeof(tmp), "       %-15.15s : %s\n", prov_ies[x].name, interp);
+                                       strncpy(output, tmp, maxlen - 1);
+                                       maxlen -= strlen(output); output += strlen(output);
+                               } else {
+                                       if (ielen)
+                                               snprintf(interp, (int)sizeof(interp), "%d bytes", ielen);
+                                       else
+                                               strcpy(interp, "Present");
+                                       snprintf(tmp, (int)sizeof(tmp), "       %-15.15s : %s\n", prov_ies[x].name, interp);
+                                       strncpy(output, tmp, maxlen - 1);
+                                       maxlen -= strlen(output); output += strlen(output);
+                               }
+                               found++;
+                       }
+               }
+               if (!found) {
+                       snprintf(tmp, (int)sizeof(tmp), "       Unknown Prov IE %03d  : Present\n", ie);
+                       strncpy(output, tmp, maxlen - 1);
+                       maxlen -= strlen(output); output += strlen(output);
+               }
+               iedata += (2 + ielen);
+               len -= (2 + ielen);
+       }
+}
+
+static void dump_ies(unsigned char *iedata, int len)
+{
+       int ielen;
+       int ie;
+       int x;
+       int found;
+       char interp[1024];
+       char tmp[1024];
+       if (len < 2)
+               return;
        while(len > 2) {
                ie = iedata[0];
                ielen = iedata[1];
@@ -551,8 +653,10 @@ int iax_parse_ies(struct iax_ies *ies, unsigned char *data, int datalen)
                        if (len != (int)sizeof(unsigned int)) {
                                snprintf(tmp, (int)sizeof(tmp), "Expected provisioning version to be %d bytes long but was %d\n", (int)sizeof(unsigned int), len);
                                errorf(tmp);
-                       } else
+                       } else {
+                               ies->provverpres = 1;
                                ies->provver = ntohl(*((unsigned int *)(data + 2)));
+                       }
                        break;
                default:
                        snprintf(tmp, (int)sizeof(tmp), "Ignoring unknown information element '%s' (%d) of length %d\n", iax_ie2str(ie), ie, len);
index aff6a68..f17fb1b 100755 (executable)
@@ -51,6 +51,7 @@ struct iax_ies {
        unsigned char *fwdata;
        unsigned char fwdatalen;
        unsigned int provver;
+       int provverpres;
 };
 
 #define DIRECTION_INGRESS 1
diff --git a/channels/iax2-provision.c b/channels/iax2-provision.c
new file mode 100755 (executable)
index 0000000..61190c2
--- /dev/null
@@ -0,0 +1,504 @@
+/*
+ * IAX Provisioning Protocol 
+ *
+ * Asterisk Interface
+ *
+ * Copyright (C) 2004 Digium, Inc.
+ *
+ * Mark Spencer <markster@digium.com>
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU General Public License
+ *
+ */
+
+#include <asterisk/config.h>
+#include <asterisk/logger.h>
+#include <asterisk/cli.h>
+#include <asterisk/lock.h>
+#include <asterisk/utils.h>
+#include <asterisk/frame.h>
+#include <asterisk/options.h>
+#include <asterisk/md5.h>
+#include <asterisk/astdb.h>
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#include <netdb.h>
+#include "iax2.h"
+#include "iax2-provision.h"
+#include "iax2-parser.h"
+
+static int provinit = 0;
+
+struct iax_template {
+       int dead;
+       char name[80];
+       char src[80];
+       struct iax_template *next;
+       char user[20];
+       char pass[20];
+       char lang[10];
+       unsigned short port;
+       unsigned int server;
+       unsigned short serverport;
+       unsigned int altserver;
+       unsigned int flags;
+       unsigned int format;
+       int tos;        
+} *templates;
+
+static struct iax_flag {
+       char *name;
+       int value;
+} iax_flags[] = {
+       { "register", PROV_FLAG_REGISTER },
+       { "secure", PROV_FLAG_SECURE },
+       { "heartbeat", PROV_FLAG_HEARTBEAT },
+       { "debug", PROV_FLAG_DEBUG },
+};
+
+char *iax_provflags2str(char *buf, int buflen, unsigned int flags)
+{
+       int x;
+       strcpy(buf, "");
+       for (x=0;x<sizeof(iax_flags) / sizeof(iax_flags[0]); x++) {
+               if (flags & iax_flags[x].value){
+                       strcat(buf, iax_flags[x].name);
+                       strcat(buf, ",");
+               }
+       }
+       if (strlen(buf)) 
+               buf[strlen(buf) - 1] = '\0';
+       else
+               strcpy(buf, "none");
+       return buf;
+}
+
+static unsigned int iax_str2flags(const char *buf)
+{
+       int x;
+       int len;
+       int found;
+       unsigned int flags = 0;
+       char *e;
+       while(buf && *buf) {
+               e = strchr(buf, ',');
+               if (e)
+                       len = e - buf;
+               else
+                       len = 0;
+               found = 0;
+               for (x=0;x<sizeof(iax_flags) / sizeof(iax_flags[0]); x++) {
+                       if ((len && !strncasecmp(iax_flags[x].name, buf, len)) ||
+                           (!len && !strcasecmp(iax_flags[x].name, buf))) {
+                               flags |= iax_flags[x].value;
+                               break;
+                       }
+               }
+               if (e) {
+                       buf = e + 1;
+                       while(*buf && (*buf < 33))
+                               buf++;
+               } else
+                       break;
+       }
+       return flags;
+}
+AST_MUTEX_DEFINE_STATIC(provlock);
+
+static struct iax_template *iax_template_find(const char *s, int allowdead)
+{
+       struct iax_template *cur;
+       cur = templates;
+       while(cur) {
+               if (!strcasecmp(s, cur->name)) {
+                       if (!allowdead && cur->dead)
+                               cur = NULL;
+                       break;
+               }
+               cur = cur->next;
+       }
+       return cur;
+}
+
+char *iax_prov_complete_template(char *line, char *word, int pos, int state)
+{
+       struct iax_template *c;
+       int which=0;
+       char *ret;
+       ast_mutex_lock(&provlock);
+       c = templates;
+       while(c) {
+               if (!strncasecmp(word, c->name, strlen(word))) {
+                       if (++which > state)
+                               break;
+               }
+               c = c->next;
+       }
+       if (c) {
+               ret = strdup(c->name);
+       } else
+               ret = NULL;
+       ast_mutex_unlock(&provlock);
+       return ret;
+}
+
+static unsigned int prov_ver_calc(struct iax_ie_data *provdata)
+{
+       struct MD5Context md5;
+       unsigned int tmp[4];
+       MD5Init(&md5);
+       MD5Update(&md5, provdata->buf, provdata->pos);
+       MD5Final((unsigned char *)tmp, &md5);
+       return tmp[0] ^ tmp[1] ^ tmp[2] ^ tmp[3];
+}
+
+int iax_provision_build(struct iax_ie_data *provdata, unsigned int *signature, const char *template, int force)
+{
+       struct iax_template *cur;
+       unsigned int sig;
+       char tmp[40];
+       memset(provdata, 0, sizeof(*provdata));
+       ast_mutex_lock(&provlock);
+       cur = iax_template_find(template, 1);
+       /* If no match, try searching for '*' */
+       if (!cur)
+               cur = iax_template_find("*", 1);
+       if (cur) {
+               /* found it -- add information elements as appropriate */
+               if (force || strlen(cur->user))
+                       iax_ie_append_str(provdata, PROV_IE_USER, cur->user);
+               if (force || strlen(cur->pass))
+                       iax_ie_append_str(provdata, PROV_IE_PASS, cur->pass);
+               if (force || strlen(cur->lang))
+                       iax_ie_append_str(provdata, PROV_IE_LANG, cur->lang);
+               if (force || cur->port)
+                       iax_ie_append_short(provdata, PROV_IE_PORTNO, cur->port);
+               if (force || cur->server)
+                       iax_ie_append_int(provdata, PROV_IE_SERVERIP, cur->server);
+               if (force || cur->serverport)
+                       iax_ie_append_short(provdata, PROV_IE_SERVERPORT, cur->serverport);
+               if (force || cur->altserver)
+                       iax_ie_append_int(provdata, PROV_IE_ALTSERVER, cur->altserver);
+               if (force || cur->flags)
+                       iax_ie_append_int(provdata, PROV_IE_FLAGS, cur->flags);
+               if (force || cur->format)
+                       iax_ie_append_int(provdata, PROV_IE_FORMAT, cur->format);
+               if (force || cur->tos)
+                       iax_ie_append_byte(provdata, PROV_IE_TOS, cur->tos);
+               
+               /* Calculate checksum of message so far */
+               sig = prov_ver_calc(provdata);
+               if (signature)
+                       *signature = sig;
+               /* Store signature */
+               iax_ie_append_int(provdata, PROV_IE_PROVVER, sig);
+               /* Cache signature for later verification so we need not recalculate all this */
+               snprintf(tmp, sizeof(tmp), "v0x%08x", sig);
+               ast_db_put("iax/provisioning/cache", template, tmp);
+       } else
+               ast_db_put("iax/provisioning/cache", template, "u");
+       ast_mutex_unlock(&provlock);
+       return cur ? 0 : -1;
+}
+
+int iax_provision_version(unsigned int *version, const char *template, int force)
+{
+       char tmp[80] = "";
+       struct iax_ie_data ied;
+       int ret=0;
+       memset(&ied, 0, sizeof(ied));
+
+       ast_mutex_lock(&provlock);
+       ast_db_get("iax/provisioning/cache", template, tmp, sizeof(tmp));
+       if (sscanf(tmp, "v%x", version) != 1) {
+               if (strcmp(tmp, "u")) {
+                       ret = iax_provision_build(&ied, version, template, force);
+                       if (ret)
+                               ast_log(LOG_DEBUG, "Unable to create provisioning packet for '%s'\n", template);
+               } else
+                       ret = -1;
+       } else if (option_debug)
+               ast_log(LOG_DEBUG, "Retrieved cached version '%s' = '%08x'\n", tmp, *version);
+       ast_mutex_unlock(&provlock);
+       return ret;
+}
+
+static int iax_template_parse(struct iax_template *cur, struct ast_config *cfg, char *s, char *def)
+{
+       struct ast_variable *v;
+       int foundportno = 0;
+       int foundserverportno = 0;
+       int x;
+       struct in_addr ia;
+       struct hostent *hp;
+       struct ast_hostent h;
+       struct iax_template *src, tmp;
+       char *t;
+       if (def) {
+               t = ast_variable_retrieve(cfg, s ,"template");
+               src = NULL;
+               if (t && strlen(t)) {
+                       src = iax_template_find(t, 0);
+                       if (!src)
+                               ast_log(LOG_WARNING, "Unable to find base template '%s' for creating '%s'.  Trying '%s'\n", t, s, def);
+                       else
+                               def = t;
+               } 
+               if (!src) {
+                       src = iax_template_find(def, 0);
+                       if (!src)
+                               ast_log(LOG_WARNING, "Unable to locate default base template '%s' for creating '%s', omitting.", def, s);
+               }
+               if (!src)
+                       return -1;
+               ast_mutex_lock(&provlock);      
+               /* Backup old data */
+               memcpy(&tmp, cur, sizeof(tmp));
+               /* Restore from src */
+               memcpy(cur, src, sizeof(tmp));
+               /* Restore important headers */
+               memcpy(cur->name, tmp.name, sizeof(cur->name));
+               cur->dead = tmp.dead;
+               cur->next = tmp.next;
+               ast_mutex_unlock(&provlock);    
+       }
+       if (def)
+               strncpy(cur->src, def, sizeof(cur->src) - 1);
+       else
+               strcpy(cur->src, "");
+       v = ast_variable_browse(cfg, s);
+       while(v) {
+               if (!strcasecmp(v->name, "port") || !strcasecmp(v->name, "serverport")) {
+                       if ((sscanf(v->value, "%i", &x) == 1) && (x > 0) && (x < 65535)) {
+                               if (!strcasecmp(v->name, "port")) {
+                                       cur->port = x;
+                                       foundportno = 1;
+                               } else {
+                                       cur->serverport = x;
+                                       foundserverportno = 0;
+                               }
+                       } else
+                               ast_log(LOG_WARNING, "Ignoring invalid %s '%s' for '%s' at line %d\n", v->name, v->value, s, v->lineno);
+               } else if (!strcasecmp(v->name, "server") || !strcasecmp(v->name, "altserver")) {
+                       hp = ast_gethostbyname(v->value, &h);
+                       if (hp) {
+                               memcpy(&ia, hp->h_addr, sizeof(ia));
+                               if (!strcasecmp(v->name, "server"))
+                                       cur->server = ntohl(ia.s_addr);
+                               else
+                                       cur->altserver = ntohl(ia.s_addr);
+                       } else 
+                               ast_log(LOG_WARNING, "Ignoring invalid %s '%s' for '%s' at line %d\n", v->name, v->value, s, v->lineno);
+               } else if (!strcasecmp(v->name, "codec")) {
+                       if ((x = ast_getformatbyname(v->value)) > 0) {
+                               cur->format = x;
+                       } else
+                               ast_log(LOG_WARNING, "Ignoring invalid codec '%s' for '%s' at line %d\n", v->value, s, v->lineno);
+               } else if (!strcasecmp(v->name, "tos")) {
+                       if (sscanf(v->value, "%i", &x) == 1)
+                               cur->tos = x & 0xff;
+                       else if (!strcasecmp(v->value, "lowdelay"))
+                               cur->tos = IPTOS_LOWDELAY;
+                       else if (!strcasecmp(v->value, "throughput"))
+                               cur->tos = IPTOS_THROUGHPUT;
+                       else if (!strcasecmp(v->value, "reliability"))
+                               cur->tos = IPTOS_RELIABILITY;
+                       else if (!strcasecmp(v->value, "mincost"))
+                               cur->tos = IPTOS_MINCOST;
+                       else if (!strcasecmp(v->value, "none"))
+                               cur->tos = 0;
+                       else
+                               ast_log(LOG_WARNING, "Invalid tos value at line %d, should be 'lowdelay', 'throughput', 'reliability', 'mincost', or 'none'\n", v->lineno);
+               } else if (!strcasecmp(v->name, "user")) {
+                       strncpy(cur->user, v->value, sizeof(cur->user) - 1);
+                       if (strcmp(cur->user, v->value))
+                               ast_log(LOG_WARNING, "Truncating username from '%s' to '%s' for '%s' at line %d\n", v->value, cur->user, s, v->lineno);
+               } else if (!strcasecmp(v->name, "pass")) {
+                       strncpy(cur->pass, v->value, sizeof(cur->pass) - 1);
+                       if (strcmp(cur->pass, v->value))
+                               ast_log(LOG_WARNING, "Truncating password from '%s' to '%s' for '%s' at line %d\n", v->value, cur->pass, s, v->lineno);
+               } else if (!strcasecmp(v->name, "language")) {
+                       strncpy(cur->lang, v->value, sizeof(cur->lang) - 1);
+                       if (strcmp(cur->lang, v->value))
+                               ast_log(LOG_WARNING, "Truncating language from '%s' to '%s' for '%s' at line %d\n", v->value, cur->lang, s, v->lineno);
+               } else if (!strcasecmp(v->name, "flags")) {
+                       cur->flags = iax_str2flags(v->value);
+               } else if (!strncasecmp(v->name, "flags", 5) && strchr(v->name, '+')) {
+                       cur->flags |= iax_str2flags(v->value);
+               } else if (!strncasecmp(v->name, "flags", 5) && strchr(v->name, '-')) {
+                       cur->flags &= ~iax_str2flags(v->value);
+               } else if (strcasecmp(v->name, "template")) {
+                       ast_log(LOG_WARNING, "Unknown keyword '%s' in definition of '%s' at line %d\n", v->name, s, v->lineno);
+               }
+               v = v->next;
+       }
+       if (!foundportno)
+               cur->port = IAX_DEFAULT_PORTNO;
+       if (!foundserverportno)
+               cur->serverport = IAX_DEFAULT_PORTNO;
+       return 0;
+}
+
+static int iax_process_template(struct ast_config *cfg, char *s, char *def)
+{
+       /* Find an already existing one if there */
+       struct iax_template *cur;
+       int mallocd = 0;
+       cur = templates;
+       while(cur) {
+               if (!strcasecmp(cur->name, s))
+                       break;
+               cur = cur->next;
+       }
+       if (!cur) {
+               mallocd = 1;
+               cur = malloc(sizeof(struct iax_template));
+               if (!cur) {
+                       ast_log(LOG_WARNING, "Out of memory!\n");
+                       return -1;
+               }
+               /* Initialize entry */
+               memset(cur, 0, sizeof(*cur));
+               strncpy(cur->name, s, sizeof(cur->name) - 1);
+               cur->dead = 1;
+       }
+       if (!iax_template_parse(cur, cfg, s, def))
+               cur->dead = 0;
+
+       /* Link if we're mallocd */
+       if (mallocd) {
+               ast_mutex_lock(&provlock);
+               cur->next = templates;
+               templates = cur;
+               ast_mutex_unlock(&provlock);
+       }
+       return 0;
+}
+
+static char show_provisioning_usage[] = 
+"Usage: iax show provisioning [template]\n"
+"       Lists all known IAX provisioning templates or a\n"
+"       specific one if specified.\n";
+
+static const char *ifthere(const char *s)
+{
+       if (strlen(s))
+               return s;
+       else
+               return "<unspecified>";
+}
+
+static const char *iax_server(char *a, int alen, unsigned int addr)
+{
+       struct in_addr ia;
+       if (!addr)
+               return "<unspecified>";
+       ia.s_addr = htonl(addr);
+       return ast_inet_ntoa(a, alen, ia);
+}
+
+
+static int iax_show_provisioning(int fd, int argc, char *argv[])
+{
+       struct iax_template *cur;
+       char iabuf[80]; /* Has to be big enough for 'flags' too */
+       int found = 0;
+       if ((argc != 3) && (argc != 4))
+               return RESULT_SHOWUSAGE;
+       ast_mutex_lock(&provlock);
+       for (cur = templates;cur;cur = cur->next) {
+               if ((argc == 3) || (!strcasecmp(argv[3], cur->name)))  {
+                       if (found) ast_cli(fd, "\n");
+                       ast_cli(fd, "== %s ==\n", cur->name);
+                       ast_cli(fd, "Base Templ:   %s\n", strlen(cur->src) ? cur->src : "<none>");
+                       ast_cli(fd, "Username:     %s\n", ifthere(cur->user));
+                       ast_cli(fd, "Secret:       %s\n", ifthere(cur->pass));
+                       ast_cli(fd, "Language:     %s\n", ifthere(cur->lang));
+                       ast_cli(fd, "Bind Port:    %d\n", cur->port);
+                       ast_cli(fd, "Server:       %s\n", iax_server(iabuf, sizeof(iabuf), cur->server));
+                       ast_cli(fd, "Server Port:  %d\n", cur->serverport);
+                       ast_cli(fd, "Alternate:    %s\n", iax_server(iabuf, sizeof(iabuf), cur->altserver));
+                       ast_cli(fd, "Flags:        %s\n", iax_provflags2str(iabuf, sizeof(iabuf), cur->flags));
+                       ast_cli(fd, "Format:       %s\n", ast_getformatname(cur->format));
+                       ast_cli(fd, "TOS:          %d\n", cur->tos);
+                       found++;
+               }
+       }
+       ast_mutex_unlock(&provlock);
+       if (!found) {
+               if (argc == 3)
+                       ast_cli(fd, "No provisioning templates found\n");
+               else
+                       ast_cli(fd, "No provisioning template matching '%s' found\n", argv[3]);
+       }
+       return RESULT_SUCCESS;
+}
+
+static struct ast_cli_entry  cli_show_provisioning = 
+       { { "iax2", "show", "provisioning", NULL }, iax_show_provisioning, "Show iax provisioning", show_provisioning_usage, iax_prov_complete_template };
+
+static int iax_provision_init(void)
+{
+       ast_cli_register(&cli_show_provisioning);
+       provinit = 1;
+       return 0;
+}
+
+int iax_provision_reload(void)
+{
+       struct ast_config *cfg;
+       struct iax_template *cur, *prev, *next;
+       char *cat;
+       int found = 0;
+       if (!provinit)
+               iax_provision_init();
+       /* Mark all as dead.  No need for locking */
+       cur = templates;
+       while(cur) {
+               cur->dead = 1;
+               cur = cur->next;
+       }
+       cfg = ast_load("iaxprov.conf");
+       if (cfg) {
+               /* Load as appropriate */
+               cat = ast_category_browse(cfg, NULL);
+               while(cat) {
+                       if (strcasecmp(cat, "general")) {
+                               iax_process_template(cfg, cat, found ? "default" : NULL);
+                               found++;
+                               if (option_verbose > 2)
+                                       ast_verbose(VERBOSE_PREFIX_3 "Loaded provisioning template '%s'\n", cat);
+                       }
+                       cat = ast_category_browse(cfg, cat);
+               }
+       } else
+               ast_log(LOG_NOTICE, "No IAX provisioning configuration found, IAX provisioning disabled.\n");
+       ast_mutex_lock(&provlock);
+       /* Drop dead entries while locked */
+       prev = NULL;
+       cur = templates;
+       while(cur) {
+               next = cur->next;
+               if (cur->dead) {
+                       if (prev)
+                               prev->next = next;
+                       else
+                               templates = next;
+                       free(cur);
+               } else 
+                       prev = cur;
+               cur = next;
+       }
+       ast_mutex_unlock(&provlock);
+       /* Purge cached signature DB entries */
+       ast_db_deltree("iax/provisioning/cache", NULL);
+       return 0;
+       
+}
diff --git a/channels/iax2-provision.h b/channels/iax2-provision.h
new file mode 100755 (executable)
index 0000000..2422ce0
--- /dev/null
@@ -0,0 +1,43 @@
+/*
+ * IAX Provisioning Protocol 
+ *
+ * Sub-information elements
+ *
+ * Copyright (C) 2003, Digium
+ *
+ * Mark Spencer <markster@digium.com>
+ *
+ */
+
+#include "iax2-parser.h"
+
+#define PROV_IE_USEDHCP        1       /* Presense only */
+#define PROV_IE_IPADDR         2       /* 32-bit */
+#define PROV_IE_SUBNET         3       /* 32-bit */
+#define PROV_IE_GATEWAY                4       /* 32-bit */
+#define PROV_IE_PORTNO         5       /* 16-bit */
+#define PROV_IE_USER           6       /* < 20 bytes */
+#define PROV_IE_PASS           7       /* < 20 bytes */
+#define PROV_IE_SERVERUSER     8       /* < 20 bytes */
+#define PROV_IE_SERVERPASS     9       /* < 20 bytes */
+#define PROV_IE_LANG           10      /* < 10 bytes */
+#define PROV_IE_TOS                    11      /* 8-bits */
+#define PROV_IE_FLAGS          12      /* 32-bits */
+#define PROV_IE_FORMAT         13      /* 32-bits */
+#define PROV_IE_AESKEY         14      /* 128-bits */
+#define PROV_IE_SERVERIP       15      /* 32-bits */
+#define PROV_IE_SERVERPORT     16      /* 16-bits */
+#define PROV_IE_NEWAESKEY      17      /* 128-bits */
+#define PROV_IE_PROVVER                18      /* 32-bits */
+#define PROV_IE_ALTSERVER      19      /* 32-bits */
+
+#define PROV_FLAG_REGISTER             (1 << 0)
+#define PROV_FLAG_SECURE               (1 << 1)
+#define PROV_FLAG_HEARTBEAT            (1 << 2)
+#define PROV_FLAG_DEBUG                        (1 << 3)
+
+extern char *iax_provflags2str(char *buf, int buflen, unsigned int flags);
+extern int iax_provision_reload(void);
+extern int iax_provision_build(struct iax_ie_data *provdata, unsigned int *signature, const char *template, int force);
+extern int iax_provision_version(unsigned int *signature, const char *template, int force);
+extern char *iax_prov_complete_template(char *line, char *word, int pos, int state);
diff --git a/configs/iaxprov.conf.sample b/configs/iaxprov.conf.sample
new file mode 100755 (executable)
index 0000000..f39db18
--- /dev/null
@@ -0,0 +1,86 @@
+;
+; IAX2 Provisioning Information
+;
+; Contains provisioning information for templates
+; and for specific service entries.
+;
+; Templates provide a group of settings from which provisioning takes
+; place.  A template may be based upon any template that has been
+; specified before it.  If the template that an entry is based on is not
+; specified then it is presumed to be 'default' (unless it is the first
+; of course).  
+;
+; Templates which begin with 'si-' are used for provisioning 
+; units with specific service identifiers.  For example the
+; entry "si-000364000126" would be used when the device with the
+; corresponding service identifier of "000364000126" attempts
+; to register or make a call.
+;
+[default]
+;
+; The port number the device should use to bind to.  The default
+; is 4569
+;
+;port=4569
+;
+; server is our PRIMARY server for registration and placing calls
+;
+;server=192.168.69.3
+;
+; altserver is the BACKUP server for registration and placing calls
+; in the event the primary server is unavailable.
+;
+;altserver=192.168.69.4
+;
+; port is the port number to use for IAX2 outbound.  The 
+; connections to the server and altserver -- default is of course
+; 4569.
+;serverport=4569
+;
+; language is the preferred language for the device
+;
+;language=en
+;
+; codec is the requested codec.  The iaxy supports ulaw and adpcm
+;
+codec=ulaw
+;
+; flags is a comma separated list of flags which the device should
+; use and may contain any of the following keywords:
+;
+;  "register"  - Register with server
+;  "secure"    - Do not accept calls / provisioning not originated by the server
+;  "heartbeat" - Generate status packets on port 9999 sent to 255.255.255.255
+;  "debug"     - Output extra debugging to port 9999
+;
+;  Note that use can use += and -= to adjust parameters
+;
+flags=register,heartbeat
+;
+; tos is the requested type of service setting and may be one a number or
+; 'lowdelay','throughput','reliability','mincost' or 'none'
+;
+tos=lowdelay
+;
+; Example iaxy provisioning
+;
+;[si-000364000126]
+;user=iaxy
+;pass=bitsy
+;flags += debug
+
+;[si-000364000127]
+;user=iaxy2
+;pass=bitsy2
+;template=si-000364000126
+;flags += debug
+
+;
+;[*]
+;
+;  If specified, the '*' provisioning is used for all devices which do
+;  not have another provisioning entry within the file.  If unspecified, no
+;  provisioning will take place for devices which have no entry.  DO NOT
+;  USE A '*' PROVISIONING ENTRY UNLESS YOU KNOW WHAT YOU'RE DOING.
+;
+;template=default