9866e51fc4a787246de0356e9f8af5e3fb703dc2
[asterisk/asterisk.git] / main / manager.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 1999 - 2006, Digium, Inc.
5  *
6  * Mark Spencer <markster@digium.com>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18
19 /*! \file
20  *
21  * \brief The Asterisk Management Interface - AMI
22  *
23  * \author Mark Spencer <markster@digium.com>
24  *
25  * \extref OpenSSL http://www.openssl.org - for AMI/SSL
26  *
27  * At the moment this file contains a number of functions, namely:
28  *
29  * - data structures storing AMI state
30  * - AMI-related API functions, used by internal asterisk components
31  * - handlers for AMI-related CLI functions
32  * - handlers for AMI functions (available through the AMI socket)
33  * - the code for the main AMI listener thread and individual session threads
34  * - the http handlers invoked for AMI-over-HTTP by the threads in main/http.c
35  *
36  * \ref amiconf
37  */
38
39 /*! \addtogroup Group_AMI AMI functions
40 */
41 /*! @{
42  Doxygen group */
43
44 /*** MODULEINFO
45         <support_level>core</support_level>
46  ***/
47
48 #include "asterisk.h"
49
50 ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
51
52 #include "asterisk/_private.h"
53 #include "asterisk/paths.h"     /* use various ast_config_AST_* */
54 #include <ctype.h>
55 #include <sys/time.h>
56 #include <signal.h>
57 #include <sys/mman.h>
58 #include <sys/types.h>
59 #include <regex.h>
60
61 #include "asterisk/channel.h"
62 #include "asterisk/file.h"
63 #include "asterisk/manager.h"
64 #include "asterisk/module.h"
65 #include "asterisk/config.h"
66 #include "asterisk/callerid.h"
67 #include "asterisk/lock.h"
68 #include "asterisk/cli.h"
69 #include "asterisk/app.h"
70 #include "asterisk/pbx.h"
71 #include "asterisk/md5.h"
72 #include "asterisk/acl.h"
73 #include "asterisk/utils.h"
74 #include "asterisk/tcptls.h"
75 #include "asterisk/http.h"
76 #include "asterisk/ast_version.h"
77 #include "asterisk/threadstorage.h"
78 #include "asterisk/linkedlists.h"
79 #include "asterisk/term.h"
80 #include "asterisk/astobj2.h"
81 #include "asterisk/features.h"
82 #include "asterisk/security_events.h"
83 #include "asterisk/event.h"
84 #include "asterisk/aoc.h"
85 #include "asterisk/stringfields.h"
86 #include "asterisk/presencestate.h"
87
88 /*** DOCUMENTATION
89         <manager name="Ping" language="en_US">
90                 <synopsis>
91                         Keepalive command.
92                 </synopsis>
93                 <syntax>
94                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
95                 </syntax>
96                 <description>
97                         <para>A 'Ping' action will ellicit a 'Pong' response. Used to keep the
98                         manager connection open.</para>
99                 </description>
100         </manager>
101         <manager name="Events" language="en_US">
102                 <synopsis>
103                         Control Event Flow.
104                 </synopsis>
105                 <syntax>
106                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
107                         <parameter name="EventMask" required="true">
108                                 <enumlist>
109                                         <enum name="on">
110                                                 <para>If all events should be sent.</para>
111                                         </enum>
112                                         <enum name="off">
113                                                 <para>If no events should be sent.</para>
114                                         </enum>
115                                         <enum name="system,call,log,...">
116                                                 <para>To select which flags events should have to be sent.</para>
117                                         </enum>
118                                 </enumlist>
119                         </parameter>
120                 </syntax>
121                 <description>
122                         <para>Enable/Disable sending of events to this manager client.</para>
123                 </description>
124         </manager>
125         <manager name="Logoff" language="en_US">
126                 <synopsis>
127                         Logoff Manager.
128                 </synopsis>
129                 <syntax>
130                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
131                 </syntax>
132                 <description>
133                         <para>Logoff the current manager session.</para>
134                 </description>
135         </manager>
136         <manager name="Login" language="en_US">
137                 <synopsis>
138                         Login Manager.
139                 </synopsis>
140                 <syntax>
141                         <parameter name="ActionID">
142                                 <para>ActionID for this transaction. Will be returned.</para>
143                         </parameter>
144                         <parameter name="Username" required="true">
145                                 <para>Username to login with as specified in manager.conf.</para>
146                         </parameter>
147                         <parameter name="Secret">
148                                 <para>Secret to login with as specified in manager.conf.</para>
149                         </parameter>
150                 </syntax>
151                 <description>
152                         <para>Login Manager.</para>
153                 </description>
154         </manager>
155         <manager name="Challenge" language="en_US">
156                 <synopsis>
157                         Generate Challenge for MD5 Auth.
158                 </synopsis>
159                 <syntax>
160                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
161                         <parameter name="AuthType" required="true">
162                                 <para>Digest algorithm to use in the challenge. Valid values are:</para>
163                                 <enumlist>
164                                         <enum name="MD5" />
165                                 </enumlist>
166                         </parameter>
167                 </syntax>
168                 <description>
169                         <para>Generate a challenge for MD5 authentication.</para>
170                 </description>
171         </manager>
172         <manager name="Hangup" language="en_US">
173                 <synopsis>
174                         Hangup channel.
175                 </synopsis>
176                 <syntax>
177                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
178                         <parameter name="Channel" required="true">
179                                 <para>The exact channel name to be hungup, or to use a regular expression, set this parameter to: /regex/</para>
180                                 <para>Example exact channel: SIP/provider-0000012a</para>
181                                 <para>Example regular expression: /^SIP/provider-.*$/</para>
182                         </parameter>
183                         <parameter name="Cause">
184                                 <para>Numeric hangup cause.</para>
185                         </parameter>
186                 </syntax>
187                 <description>
188                         <para>Hangup a channel.</para>
189                 </description>
190         </manager>
191         <manager name="Status" language="en_US">
192                 <synopsis>
193                         List channel status.
194                 </synopsis>
195                 <syntax>
196                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
197                         <parameter name="Channel" required="true">
198                                 <para>The name of the channel to query for status.</para>
199                         </parameter>
200                         <parameter name="Variables">
201                                 <para>Comma <literal>,</literal> separated list of variable to include.</para>
202                         </parameter>
203                 </syntax>
204                 <description>
205                         <para>Will return the status information of each channel along with the
206                         value for the specified channel variables.</para>
207                 </description>
208         </manager>
209         <manager name="Setvar" language="en_US">
210                 <synopsis>
211                         Set a channel variable.
212                 </synopsis>
213                 <syntax>
214                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
215                         <parameter name="Channel">
216                                 <para>Channel to set variable for.</para>
217                         </parameter>
218                         <parameter name="Variable" required="true">
219                                 <para>Variable name.</para>
220                         </parameter>
221                         <parameter name="Value" required="true">
222                                 <para>Variable value.</para>
223                         </parameter>
224                 </syntax>
225                 <description>
226                         <para>Set a global or local channel variable.</para>
227                         <note>
228                                 <para>If a channel name is not provided then the variable is global.</para>
229                         </note>
230                 </description>
231         </manager>
232         <manager name="Getvar" language="en_US">
233                 <synopsis>
234                         Gets a channel variable.
235                 </synopsis>
236                 <syntax>
237                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
238                         <parameter name="Channel">
239                                 <para>Channel to read variable from.</para>
240                         </parameter>
241                         <parameter name="Variable" required="true">
242                                 <para>Variable name.</para>
243                         </parameter>
244                 </syntax>
245                 <description>
246                         <para>Get the value of a global or local channel variable.</para>
247                         <note>
248                                 <para>If a channel name is not provided then the variable is global.</para>
249                         </note>
250                 </description>
251         </manager>
252         <manager name="GetConfig" language="en_US">
253                 <synopsis>
254                         Retrieve configuration.
255                 </synopsis>
256                 <syntax>
257                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
258                         <parameter name="Filename" required="true">
259                                 <para>Configuration filename (e.g. <filename>foo.conf</filename>).</para>
260                         </parameter>
261                         <parameter name="Category">
262                                 <para>Category in configuration file.</para>
263                         </parameter>
264                 </syntax>
265                 <description>
266                         <para>This action will dump the contents of a configuration
267                         file by category and contents or optionally by specified category only.</para>
268                 </description>
269         </manager>
270         <manager name="GetConfigJSON" language="en_US">
271                 <synopsis>
272                         Retrieve configuration (JSON format).
273                 </synopsis>
274                 <syntax>
275                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
276                         <parameter name="Filename" required="true">
277                                 <para>Configuration filename (e.g. <filename>foo.conf</filename>).</para>
278                         </parameter>
279                 </syntax>
280                 <description>
281                         <para>This action will dump the contents of a configuration file by category
282                         and contents in JSON format. This only makes sense to be used using rawman over
283                         the HTTP interface.</para>
284                 </description>
285         </manager>
286         <manager name="UpdateConfig" language="en_US">
287                 <synopsis>
288                         Update basic configuration.
289                 </synopsis>
290                 <syntax>
291                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
292                         <parameter name="SrcFilename" required="true">
293                                 <para>Configuration filename to read (e.g. <filename>foo.conf</filename>).</para>
294                         </parameter>
295                         <parameter name="DstFilename" required="true">
296                                 <para>Configuration filename to write (e.g. <filename>foo.conf</filename>)</para>
297                         </parameter>
298                         <parameter name="Reload">
299                                 <para>Whether or not a reload should take place (or name of specific module).</para>
300                         </parameter>
301                         <parameter name="Action-XXXXXX">
302                                 <para>Action to take.</para>
303                                 <para>X's represent 6 digit number beginning with 000000.</para>
304                                 <enumlist>
305                                         <enum name="NewCat" />
306                                         <enum name="RenameCat" />
307                                         <enum name="DelCat" />
308                                         <enum name="EmptyCat" />
309                                         <enum name="Update" />
310                                         <enum name="Delete" />
311                                         <enum name="Append" />
312                                         <enum name="Insert" />
313                                 </enumlist>
314                         </parameter>
315                         <parameter name="Cat-XXXXXX">
316                                 <para>Category to operate on.</para>
317                                 <xi:include xpointer="xpointer(/docs/manager[@name='UpdateConfig']/syntax/parameter[@name='Action-XXXXXX']/para[2])" />
318                         </parameter>
319                         <parameter name="Var-XXXXXX">
320                                 <para>Variable to work on.</para>
321                                 <xi:include xpointer="xpointer(/docs/manager[@name='UpdateConfig']/syntax/parameter[@name='Action-XXXXXX']/para[2])" />
322                         </parameter>
323                         <parameter name="Value-XXXXXX">
324                                 <para>Value to work on.</para>
325                                 <xi:include xpointer="xpointer(/docs/manager[@name='UpdateConfig']/syntax/parameter[@name='Action-XXXXXX']/para[2])" />
326                         </parameter>
327                         <parameter name="Match-XXXXXX">
328                                 <para>Extra match required to match line.</para>
329                                 <xi:include xpointer="xpointer(/docs/manager[@name='UpdateConfig']/syntax/parameter[@name='Action-XXXXXX']/para[2])" />
330                         </parameter>
331                         <parameter name="Line-XXXXXX">
332                                 <para>Line in category to operate on (used with delete and insert actions).</para>
333                                 <xi:include xpointer="xpointer(/docs/manager[@name='UpdateConfig']/syntax/parameter[@name='Action-XXXXXX']/para[2])" />
334                         </parameter>
335                 </syntax>
336                 <description>
337                         <para>This action will modify, create, or delete configuration elements
338                         in Asterisk configuration files.</para>
339                 </description>
340         </manager>
341         <manager name="CreateConfig" language="en_US">
342                 <synopsis>
343                         Creates an empty file in the configuration directory.
344                 </synopsis>
345                 <syntax>
346                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
347                         <parameter name="Filename" required="true">
348                                 <para>The configuration filename to create (e.g. <filename>foo.conf</filename>).</para>
349                         </parameter>
350                 </syntax>
351                 <description>
352                         <para>This action will create an empty file in the configuration
353                         directory. This action is intended to be used before an UpdateConfig
354                         action.</para>
355                 </description>
356         </manager>
357         <manager name="ListCategories" language="en_US">
358                 <synopsis>
359                         List categories in configuration file.
360                 </synopsis>
361                 <syntax>
362                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
363                         <parameter name="Filename" required="true">
364                                 <para>Configuration filename (e.g. <filename>foo.conf</filename>).</para>
365                         </parameter>
366                 </syntax>
367                 <description>
368                         <para>This action will dump the categories in a given file.</para>
369                 </description>
370         </manager>
371         <manager name="Redirect" language="en_US">
372                 <synopsis>
373                         Redirect (transfer) a call.
374                 </synopsis>
375                 <syntax>
376                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
377                         <parameter name="Channel" required="true">
378                                 <para>Channel to redirect.</para>
379                         </parameter>
380                         <parameter name="ExtraChannel">
381                                 <para>Second call leg to transfer (optional).</para>
382                         </parameter>
383                         <parameter name="Exten" required="true">
384                                 <para>Extension to transfer to.</para>
385                         </parameter>
386                         <parameter name="ExtraExten">
387                                 <para>Extension to transfer extrachannel to (optional).</para>
388                         </parameter>
389                         <parameter name="Context" required="true">
390                                 <para>Context to transfer to.</para>
391                         </parameter>
392                         <parameter name="ExtraContext">
393                                 <para>Context to transfer extrachannel to (optional).</para>
394                         </parameter>
395                         <parameter name="Priority" required="true">
396                                 <para>Priority to transfer to.</para>
397                         </parameter>
398                         <parameter name="ExtraPriority">
399                                 <para>Priority to transfer extrachannel to (optional).</para>
400                         </parameter>
401                 </syntax>
402                 <description>
403                         <para>Redirect (transfer) a call.</para>
404                 </description>
405         </manager>
406         <manager name="Atxfer" language="en_US">
407                 <synopsis>
408                         Attended transfer.
409                 </synopsis>
410                 <syntax>
411                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
412                         <parameter name="Channel" required="true">
413                                 <para>Transferer's channel.</para>
414                         </parameter>
415                         <parameter name="Exten" required="true">
416                                 <para>Extension to transfer to.</para>
417                         </parameter>
418                         <parameter name="Context" required="true">
419                                 <para>Context to transfer to.</para>
420                         </parameter>
421                         <parameter name="Priority" required="true">
422                                 <para>Priority to transfer to.</para>
423                         </parameter>
424                 </syntax>
425                 <description>
426                         <para>Attended transfer.</para>
427                 </description>
428         </manager>
429         <manager name="Originate" language="en_US">
430                 <synopsis>
431                         Originate a call.
432                 </synopsis>
433                 <syntax>
434                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
435                         <parameter name="Channel" required="true">
436                                 <para>Channel name to call.</para>
437                         </parameter>
438                         <parameter name="Exten">
439                                 <para>Extension to use (requires <literal>Context</literal> and
440                                 <literal>Priority</literal>)</para>
441                         </parameter>
442                         <parameter name="Context">
443                                 <para>Context to use (requires <literal>Exten</literal> and
444                                 <literal>Priority</literal>)</para>
445                         </parameter>
446                         <parameter name="Priority">
447                                 <para>Priority to use (requires <literal>Exten</literal> and
448                                 <literal>Context</literal>)</para>
449                         </parameter>
450                         <parameter name="Application">
451                                 <para>Application to execute.</para>
452                         </parameter>
453                         <parameter name="Data">
454                                 <para>Data to use (requires <literal>Application</literal>).</para>
455                         </parameter>
456                         <parameter name="Timeout" default="30000">
457                                 <para>How long to wait for call to be answered (in ms.).</para>
458                         </parameter>
459                         <parameter name="CallerID">
460                                 <para>Caller ID to be set on the outgoing channel.</para>
461                         </parameter>
462                         <parameter name="Variable">
463                                 <para>Channel variable to set, multiple Variable: headers are allowed.</para>
464                         </parameter>
465                         <parameter name="Account">
466                                 <para>Account code.</para>
467                         </parameter>
468                         <parameter name="EarlyMedia">
469                                 <para>Set to <literal>true</literal> to force call bridge on early media..</para>
470                         </parameter>
471                         <parameter name="Async">
472                                 <para>Set to <literal>true</literal> for fast origination.</para>
473                         </parameter>
474                         <parameter name="Codecs">
475                                 <para>Comma-separated list of codecs to use for this call.</para>
476                         </parameter>
477                 </syntax>
478                 <description>
479                         <para>Generates an outgoing call to a
480                         <replaceable>Extension</replaceable>/<replaceable>Context</replaceable>/<replaceable>Priority</replaceable>
481                         or <replaceable>Application</replaceable>/<replaceable>Data</replaceable></para>
482                 </description>
483                 <see-also>
484                         <ref type="managerEvent">OriginateResponse</ref>
485                 </see-also>
486         </manager>
487         <managerEvent language="en_US" name="OriginateResponse">
488                 <managerEventInstance class="EVENT_FLAG_CALL">
489                         <synopsis>Raised in response to an Originate command.</synopsis>
490                         <syntax>
491                                 <parameter name="ActionID" required="false"/>
492                                 <parameter name="Resonse">
493                                         <enumlist>
494                                                 <enum name="Failure"/>
495                                                 <enum name="Success"/>
496                                         </enumlist>
497                                 </parameter>
498                                 <parameter name="Channel"/>
499                                 <parameter name="Context"/>
500                                 <parameter name="Exten"/>
501                                 <parameter name="Reason"/>
502                                 <parameter name="Uniqueid"/>
503                                 <parameter name="CallerIDNum"/>
504                                 <parameter name="CallerIDName"/>
505                         </syntax>
506                         <see-also>
507                                 <ref type="manager">Originate</ref>
508                         </see-also>
509                 </managerEventInstance>
510         </managerEvent>
511         <manager name="Command" language="en_US">
512                 <synopsis>
513                         Execute Asterisk CLI Command.
514                 </synopsis>
515                 <syntax>
516                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
517                         <parameter name="Command" required="true">
518                                 <para>Asterisk CLI command to run.</para>
519                         </parameter>
520                 </syntax>
521                 <description>
522                         <para>Run a CLI command.</para>
523                 </description>
524         </manager>
525         <manager name="ExtensionState" language="en_US">
526                 <synopsis>
527                         Check Extension Status.
528                 </synopsis>
529                 <syntax>
530                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
531                         <parameter name="Exten" required="true">
532                                 <para>Extension to check state on.</para>
533                         </parameter>
534                         <parameter name="Context" required="true">
535                                 <para>Context for extension.</para>
536                         </parameter>
537                 </syntax>
538                 <description>
539                         <para>Report the extension state for given extension. If the extension has a hint,
540                         will use devicestate to check the status of the device connected to the extension.</para>
541                         <para>Will return an <literal>Extension Status</literal> message. The response will include
542                         the hint for the extension and the status.</para>
543                 </description>
544         </manager>
545         <manager name="PresenceState" language="en_US">
546                 <synopsis>
547                         Check Presence State
548                 </synopsis>
549                 <syntax>
550                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
551                         <parameter name="Provider" required="true">
552                                 <para>Presence Provider to check the state of</para>
553                         </parameter>
554                 </syntax>
555                 <description>
556                         <para>Report the presence state for the given presence provider.</para>
557                         <para>Will return a <literal>Presence State</literal> message. The response will include the
558                         presence state and, if set, a presence subtype and custom message.</para>
559                 </description>
560         </manager>
561         <manager name="AbsoluteTimeout" language="en_US">
562                 <synopsis>
563                         Set absolute timeout.
564                 </synopsis>
565                 <syntax>
566                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
567                         <parameter name="Channel" required="true">
568                                 <para>Channel name to hangup.</para>
569                         </parameter>
570                         <parameter name="Timeout" required="true">
571                                 <para>Maximum duration of the call (sec).</para>
572                         </parameter>
573                 </syntax>
574                 <description>
575                         <para>Hangup a channel after a certain time. Acknowledges set time with
576                         <literal>Timeout Set</literal> message.</para>
577                 </description>
578         </manager>
579         <manager name="MailboxStatus" language="en_US">
580                 <synopsis>
581                         Check mailbox.
582                 </synopsis>
583                 <syntax>
584                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
585                         <parameter name="Mailbox" required="true">
586                                 <para>Full mailbox ID <replaceable>mailbox</replaceable>@<replaceable>vm-context</replaceable>.</para>
587                         </parameter>
588                 </syntax>
589                 <description>
590                         <para>Checks a voicemail account for status.</para>
591                         <para>Returns number of messages.</para>
592                         <para>Message: Mailbox Status.</para>
593                         <para>Mailbox: <replaceable>mailboxid</replaceable>.</para>
594                         <para>Waiting: <literal>0</literal> if messages waiting, <literal>1</literal>
595                         if no messages waiting.</para>
596                 </description>
597         </manager>
598         <manager name="MailboxCount" language="en_US">
599                 <synopsis>
600                         Check Mailbox Message Count.
601                 </synopsis>
602                 <syntax>
603                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
604                         <parameter name="Mailbox" required="true">
605                                 <para>Full mailbox ID <replaceable>mailbox</replaceable>@<replaceable>vm-context</replaceable>.</para>
606                         </parameter>
607                 </syntax>
608                 <description>
609                         <para>Checks a voicemail account for new messages.</para>
610                         <para>Returns number of urgent, new and old messages.</para>
611                         <para>Message: Mailbox Message Count</para>
612                         <para>Mailbox: <replaceable>mailboxid</replaceable></para>
613                         <para>UrgentMessages: <replaceable>count</replaceable></para>
614                         <para>NewMessages: <replaceable>count</replaceable></para>
615                         <para>OldMessages: <replaceable>count</replaceable></para>
616                 </description>
617         </manager>
618         <manager name="ListCommands" language="en_US">
619                 <synopsis>
620                         List available manager commands.
621                 </synopsis>
622                 <syntax>
623                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
624                 </syntax>
625                 <description>
626                         <para>Returns the action name and synopsis for every action that
627                         is available to the user.</para>
628                 </description>
629         </manager>
630         <manager name="SendText" language="en_US">
631                 <synopsis>
632                         Send text message to channel.
633                 </synopsis>
634                 <syntax>
635                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
636                         <parameter name="Channel" required="true">
637                                 <para>Channel to send message to.</para>
638                         </parameter>
639                         <parameter name="Message" required="true">
640                                 <para>Message to send.</para>
641                         </parameter>
642                 </syntax>
643                 <description>
644                         <para>Sends A Text Message to a channel while in a call.</para>
645                 </description>
646         </manager>
647         <manager name="UserEvent" language="en_US">
648                 <synopsis>
649                         Send an arbitrary event.
650                 </synopsis>
651                 <syntax>
652                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
653                         <parameter name="UserEvent" required="true">
654                                 <para>Event string to send.</para>
655                         </parameter>
656                         <parameter name="Header1">
657                                 <para>Content1.</para>
658                         </parameter>
659                         <parameter name="HeaderN">
660                                 <para>ContentN.</para>
661                         </parameter>
662                 </syntax>
663                 <description>
664                         <para>Send an event to manager sessions.</para>
665                 </description>
666         </manager>
667         <manager name="WaitEvent" language="en_US">
668                 <synopsis>
669                         Wait for an event to occur.
670                 </synopsis>
671                 <syntax>
672                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
673                         <parameter name="Timeout" required="true">
674                                 <para>Maximum time (in seconds) to wait for events, <literal>-1</literal> means forever.</para>
675                         </parameter>
676                 </syntax>
677                 <description>
678                         <para>This action will ellicit a <literal>Success</literal> response. Whenever
679                         a manager event is queued. Once WaitEvent has been called on an HTTP manager
680                         session, events will be generated and queued.</para>
681                 </description>
682         </manager>
683         <manager name="CoreSettings" language="en_US">
684                 <synopsis>
685                         Show PBX core settings (version etc).
686                 </synopsis>
687                 <syntax>
688                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
689                 </syntax>
690                 <description>
691                         <para>Query for Core PBX settings.</para>
692                 </description>
693         </manager>
694         <manager name="CoreStatus" language="en_US">
695                 <synopsis>
696                         Show PBX core status variables.
697                 </synopsis>
698                 <syntax>
699                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
700                 </syntax>
701                 <description>
702                         <para>Query for Core PBX status.</para>
703                 </description>
704         </manager>
705         <manager name="Reload" language="en_US">
706                 <synopsis>
707                         Send a reload event.
708                 </synopsis>
709                 <syntax>
710                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
711                         <parameter name="Module">
712                                 <para>Name of the module to reload.</para>
713                         </parameter>
714                 </syntax>
715                 <description>
716                         <para>Send a reload event.</para>
717                 </description>
718         </manager>
719         <manager name="CoreShowChannels" language="en_US">
720                 <synopsis>
721                         List currently active channels.
722                 </synopsis>
723                 <syntax>
724                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
725                 </syntax>
726                 <description>
727                         <para>List currently defined channels and some information about them.</para>
728                 </description>
729         </manager>
730         <manager name="ModuleLoad" language="en_US">
731                 <synopsis>
732                         Module management.
733                 </synopsis>
734                 <syntax>
735                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
736                         <parameter name="Module">
737                                 <para>Asterisk module name (including .so extension) or subsystem identifier:</para>
738                                 <enumlist>
739                                         <enum name="cdr" />
740                                         <enum name="dnsmgr" />
741                                         <enum name="extconfig" />
742                                         <enum name="enum" />
743                                         <enum name="acl" />
744                                         <enum name="manager" />
745                                         <enum name="http" />
746                                         <enum name="logger" />
747                                         <enum name="features" />
748                                         <enum name="dsp" />
749                                         <enum name="udptl" />
750                                         <enum name="indications" />
751                                         <enum name="cel" />
752                                         <enum name="plc" />
753                                 </enumlist>
754                         </parameter>
755                         <parameter name="LoadType" required="true">
756                                 <para>The operation to be done on module. Subsystem identifiers may only
757                                 be reloaded.</para>
758                                 <enumlist>
759                                         <enum name="load" />
760                                         <enum name="unload" />
761                                         <enum name="reload" />
762                                 </enumlist>
763                                 <para>If no module is specified for a <literal>reload</literal> loadtype,
764                                 all modules are reloaded.</para>
765                         </parameter>
766                 </syntax>
767                 <description>
768                         <para>Loads, unloads or reloads an Asterisk module in a running system.</para>
769                 </description>
770         </manager>
771         <manager name="ModuleCheck" language="en_US">
772                 <synopsis>
773                         Check if module is loaded.
774                 </synopsis>
775                 <syntax>
776                         <parameter name="Module" required="true">
777                                 <para>Asterisk module name (not including extension).</para>
778                         </parameter>
779                 </syntax>
780                 <description>
781                         <para>Checks if Asterisk module is loaded. Will return Success/Failure.
782                         For success returns, the module revision number is included.</para>
783                 </description>
784         </manager>
785         <manager name="AOCMessage" language="en_US">
786                 <synopsis>
787                         Generate an Advice of Charge message on a channel.
788                 </synopsis>
789                 <syntax>
790                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
791                         <parameter name="Channel" required="true">
792                                 <para>Channel name to generate the AOC message on.</para>
793                         </parameter>
794                         <parameter name="ChannelPrefix">
795                                 <para>Partial channel prefix.  By using this option one can match the beginning part
796                                 of a channel name without having to put the entire name in.  For example
797                                 if a channel name is SIP/snom-00000001 and this value is set to SIP/snom, then
798                                 that channel matches and the message will be sent.  Note however that only
799                                 the first matched channel has the message sent on it. </para>
800                         </parameter>
801                         <parameter name="MsgType" required="true">
802                                 <para>Defines what type of AOC message to create, AOC-D or AOC-E</para>
803                                 <enumlist>
804                                         <enum name="D" />
805                                         <enum name="E" />
806                                 </enumlist>
807                         </parameter>
808                         <parameter name="ChargeType" required="true">
809                                 <para>Defines what kind of charge this message represents.</para>
810                                 <enumlist>
811                                         <enum name="NA" />
812                                         <enum name="FREE" />
813                                         <enum name="Currency" />
814                                         <enum name="Unit" />
815                                 </enumlist>
816                         </parameter>
817                         <parameter name="UnitAmount(0)">
818                                 <para>This represents the amount of units charged. The ETSI AOC standard specifies that
819                                 this value along with the optional UnitType value are entries in a list.  To accommodate this
820                                 these values take an index value starting at 0 which can be used to generate this list of
821                                 unit entries.  For Example, If two unit entires were required this could be achieved by setting the
822                                 paramter UnitAmount(0)=1234 and UnitAmount(1)=5678.  Note that UnitAmount at index 0 is
823                                 required when ChargeType=Unit, all other entries in the list are optional.
824                                 </para>
825                         </parameter>
826                         <parameter name="UnitType(0)">
827                                 <para>Defines the type of unit.  ETSI AOC standard specifies this as an integer
828                                 value between 1 and 16, but this value is left open to accept any positive
829                                 integer.  Like the UnitAmount parameter, this value represents a list entry
830                                 and has an index parameter that starts at 0.
831                                 </para>
832                         </parameter>
833                         <parameter name="CurrencyName">
834                                 <para>Specifies the currency's name.  Note that this value is truncated after 10 characters.</para>
835                         </parameter>
836                         <parameter name="CurrencyAmount">
837                                 <para>Specifies the charge unit amount as a positive integer.  This value is required
838                                 when ChargeType==Currency.</para>
839                         </parameter>
840                         <parameter name="CurrencyMultiplier">
841                                 <para>Specifies the currency multiplier.  This value is required when ChargeType==Currency.</para>
842                                 <enumlist>
843                                         <enum name="OneThousandth" />
844                                         <enum name="OneHundredth" />
845                                         <enum name="OneTenth" />
846                                         <enum name="One" />
847                                         <enum name="Ten" />
848                                         <enum name="Hundred" />
849                                         <enum name="Thousand" />
850                                 </enumlist>
851                         </parameter>
852                         <parameter name="TotalType" default="Total">
853                                 <para>Defines what kind of AOC-D total is represented.</para>
854                                 <enumlist>
855                                         <enum name="Total" />
856                                         <enum name="SubTotal" />
857                                 </enumlist>
858                         </parameter>
859                         <parameter name="AOCBillingId">
860                                 <para>Represents a billing ID associated with an AOC-D or AOC-E message. Note
861                                 that only the first 3 items of the enum are valid AOC-D billing IDs</para>
862                                 <enumlist>
863                                         <enum name="Normal" />
864                                         <enum name="ReverseCharge" />
865                                         <enum name="CreditCard" />
866                                         <enum name="CallFwdUnconditional" />
867                                         <enum name="CallFwdBusy" />
868                                         <enum name="CallFwdNoReply" />
869                                         <enum name="CallDeflection" />
870                                         <enum name="CallTransfer" />
871                                 </enumlist>
872                         </parameter>
873                         <parameter name="ChargingAssociationId">
874                                 <para>Charging association identifier.  This is optional for AOC-E and can be
875                                 set to any value between -32768 and 32767</para>
876                         </parameter>
877                         <parameter name="ChargingAssociationNumber">
878                                 <para>Represents the charging association party number.  This value is optional
879                                 for AOC-E.</para>
880                         </parameter>
881                         <parameter name="ChargingAssociationPlan">
882                                 <para>Integer representing the charging plan associated with the ChargingAssociationNumber.
883                                 The value is bits 7 through 1 of the Q.931 octet containing the type-of-number and
884                                 numbering-plan-identification fields.</para>
885                         </parameter>
886                 </syntax>
887                 <description>
888                         <para>Generates an AOC-D or AOC-E message on a channel.</para>
889                 </description>
890         </manager>
891         <function name="AMI_CLIENT" language="en_US">
892                 <synopsis>
893                         Checks attributes of manager accounts
894                 </synopsis>
895                 <syntax>
896                         <parameter name="loginname" required="true">
897                                 <para>Login name, specified in manager.conf</para>
898                         </parameter>
899                         <parameter name="field" required="true">
900                                 <para>The manager account attribute to return</para>
901                                 <enumlist>
902                                         <enum name="sessions"><para>The number of sessions for this AMI account</para></enum>
903                                 </enumlist>
904                         </parameter>
905                 </syntax>
906                 <description>
907                         <para>
908                                 Currently, the only supported  parameter is "sessions" which will return the current number of
909                                 active sessions for this AMI account.
910                         </para>
911                 </description>
912         </function>
913         <manager name="Filter" language="en_US">
914                 <synopsis>
915                         Dynamically add filters for the current manager session.
916                 </synopsis>
917                 <syntax>
918                         <xi:include xpointer="xpointer(/docs/manager[@name='Login']/syntax/parameter[@name='ActionID'])" />
919                         <parameter name="Operation">
920                                 <enumlist>
921                                         <enum name="Add">
922                                                 <para>Add a filter.</para>
923                                         </enum>
924                                 </enumlist>
925                         </parameter>
926                         <parameter name="Filter">
927                                 <para>Filters can be whitelist or blacklist</para>
928                                 <para>Example whitelist filter: "Event: Newchannel"</para>
929                                 <para>Example blacklist filter: "!Channel: DAHDI.*"</para>
930                                 <para>This filter option is used to whitelist or blacklist events per user to be
931                                 reported with regular expressions and are allowed if both the regex matches
932                                 and the user has read access as defined in manager.conf. Filters are assumed to be for whitelisting
933                                 unless preceeded by an exclamation point, which marks it as being black.
934                                 Evaluation of the filters is as follows:</para>
935                                 <para>- If no filters are configured all events are reported as normal.</para>
936                                 <para>- If there are white filters only: implied black all filter processed first, then white filters.</para>
937                                 <para>- If there are black filters only: implied white all filter processed first, then black filters.</para>
938                                 <para>- If there are both white and black filters: implied black all filter processed first, then white
939                                 filters, and lastly black filters.</para>
940                         </parameter>
941                 </syntax>
942                 <description>
943                         <para>The filters added are only used for the current session.
944                         Once the connection is closed the filters are removed.</para>
945                         <para>This comand requires the system permission because
946                         this command can be used to create filters that may bypass
947                         filters defined in manager.conf</para>
948                 </description>
949         </manager>
950         <manager name="FilterList" language="en_US">
951                 <synopsis>
952                         Show current event filters for this session
953                 </synopsis>
954                 <description>
955                         <para>The filters displayed are for the current session.  Only those filters defined in
956                         manager.conf will be present upon starting a new session.</para>
957                 </description>
958         </manager>
959  ***/
960
961 enum error_type {
962         UNKNOWN_ACTION = 1,
963         UNKNOWN_CATEGORY,
964         UNSPECIFIED_CATEGORY,
965         UNSPECIFIED_ARGUMENT,
966         FAILURE_ALLOCATION,
967         FAILURE_NEWCAT,
968         FAILURE_DELCAT,
969         FAILURE_EMPTYCAT,
970         FAILURE_UPDATE,
971         FAILURE_DELETE,
972         FAILURE_APPEND
973 };
974
975 enum add_filter_result {
976         FILTER_SUCCESS,
977         FILTER_ALLOC_FAILED,
978         FILTER_COMPILE_FAIL,
979 };
980
981 /*!
982  * Linked list of events.
983  * Global events are appended to the list by append_event().
984  * The usecount is the number of stored pointers to the element,
985  * excluding the list pointers. So an element that is only in
986  * the list has a usecount of 0, not 1.
987  *
988  * Clients have a pointer to the last event processed, and for each
989  * of these clients we track the usecount of the elements.
990  * If we have a pointer to an entry in the list, it is safe to navigate
991  * it forward because elements will not be deleted, but only appended.
992  * The worst that can happen is seeing the pointer still NULL.
993  *
994  * When the usecount of an element drops to 0, and the element is the
995  * first in the list, we can remove it. Removal is done within the
996  * main thread, which is woken up for the purpose.
997  *
998  * For simplicity of implementation, we make sure the list is never empty.
999  */
1000 struct eventqent {
1001         int usecount;           /*!< # of clients who still need the event */
1002         int category;
1003         unsigned int seq;       /*!< sequence number */
1004         struct timeval tv;  /*!< When event was allocated */
1005         AST_RWLIST_ENTRY(eventqent) eq_next;
1006         char eventdata[1];      /*!< really variable size, allocated by append_event() */
1007 };
1008
1009 static AST_RWLIST_HEAD_STATIC(all_events, eventqent);
1010
1011 static int displayconnects = 1;
1012 static int allowmultiplelogin = 1;
1013 static int timestampevents;
1014 static int httptimeout = 60;
1015 static int broken_events_action = 0;
1016 static int manager_enabled = 0;
1017 static int webmanager_enabled = 0;
1018 static int manager_debug = 0;   /*!< enable some debugging code in the manager */
1019 static int authtimeout;
1020 static int authlimit;
1021 static char *manager_channelvars;
1022
1023 #define DEFAULT_REALM           "asterisk"
1024 static char global_realm[MAXHOSTNAMELEN];       /*!< Default realm */
1025
1026 static int block_sockets;
1027 static int unauth_sessions = 0;
1028 static struct ast_event_sub *acl_change_event_subscription;
1029
1030 /*! \brief
1031  * Descriptor for a manager session, either on the AMI socket or over HTTP.
1032  *
1033  * \note
1034  * AMI session have managerid == 0; the entry is created upon a connect,
1035  * and destroyed with the socket.
1036  * HTTP sessions have managerid != 0, the value is used as a search key
1037  * to lookup sessions (using the mansession_id cookie, or nonce key from
1038  * Digest Authentication http header).
1039  */
1040 #define MAX_BLACKLIST_CMD_LEN 2
1041 static const struct {
1042         const char *words[AST_MAX_CMD_LEN];
1043 } command_blacklist[] = {
1044         {{ "module", "load", NULL }},
1045         {{ "module", "unload", NULL }},
1046         {{ "restart", "gracefully", NULL }},
1047 };
1048
1049 static void acl_change_event_cb(const struct ast_event *event, void *userdata);
1050
1051 static void acl_change_event_subscribe(void)
1052 {
1053         if (!acl_change_event_subscription) {
1054                 acl_change_event_subscription = ast_event_subscribe(AST_EVENT_ACL_CHANGE,
1055                         acl_change_event_cb, "Manager must react to Named ACL changes", NULL, AST_EVENT_IE_END);
1056         }
1057 }
1058
1059 static void acl_change_event_unsubscribe(void)
1060 {
1061         if (acl_change_event_subscription) {
1062                 acl_change_event_subscription = ast_event_unsubscribe(acl_change_event_subscription);
1063         }
1064 }
1065
1066 /* In order to understand what the heck is going on with the
1067  * mansession_session and mansession structs, we need to have a bit of a history
1068  * lesson.
1069  *
1070  * In the beginning, there was the mansession. The mansession contained data that was
1071  * intrinsic to a manager session, such as the time that it started, the name of the logged-in
1072  * user, etc. In addition to these parameters were the f and fd parameters. For typical manager
1073  * sessions, these were used to represent the TCP socket over which the AMI session was taking
1074  * place. It makes perfect sense for these fields to be a part of the session-specific data since
1075  * the session actually defines this information.
1076  *
1077  * Then came the HTTP AMI sessions. With these, the f and fd fields need to be opened and closed
1078  * for every single action that occurs. Thus the f and fd fields aren't really specific to the session
1079  * but rather to the action that is being executed. Because a single session may execute many commands
1080  * at once, some sort of safety needed to be added in order to be sure that we did not end up with fd
1081  * leaks from one action overwriting the f and fd fields used by a previous action before the previous action
1082  * has had a chance to properly close its handles.
1083  *
1084  * The initial idea to solve this was to use thread synchronization, but this prevented multiple actions
1085  * from being run at the same time in a single session. Some manager actions may block for a long time, thus
1086  * creating a large queue of actions to execute. In addition, this fix did not address the basic architectural
1087  * issue that for HTTP manager sessions, the f and fd variables are not really a part of the session, but are
1088  * part of the action instead.
1089  *
1090  * The new idea was to create a structure on the stack for each HTTP Manager action. This structure would
1091  * contain the action-specific information, such as which file to write to. In order to maintain expectations
1092  * of action handlers and not have to change the public API of the manager code, we would need to name this
1093  * new stacked structure 'mansession' and contain within it the old mansession struct that we used to use.
1094  * We renamed the old mansession struct 'mansession_session' to hopefully convey that what is in this structure
1095  * is session-specific data. The structure that it is wrapped in, called a 'mansession' really contains action-specific
1096  * data.
1097  */
1098 struct mansession_session {
1099                                 /*! \todo XXX need to document which fields it is protecting */
1100         struct ast_sockaddr addr;       /*!< address we are connecting from */
1101         FILE *f;                /*!< fdopen() on the underlying fd */
1102         int fd;                 /*!< descriptor used for output. Either the socket (AMI) or a temporary file (HTTP) */
1103         int inuse;              /*!< number of HTTP sessions using this entry */
1104         int needdestroy;        /*!< Whether an HTTP session should be destroyed */
1105         pthread_t waiting_thread;       /*!< Sleeping thread using this descriptor */
1106         uint32_t managerid;     /*!< Unique manager identifier, 0 for AMI sessions */
1107         time_t sessionstart;    /*!< Session start time */
1108         struct timeval sessionstart_tv; /*!< Session start time */
1109         time_t sessiontimeout;  /*!< Session timeout if HTTP */
1110         char username[80];      /*!< Logged in username */
1111         char challenge[10];     /*!< Authentication challenge */
1112         int authenticated;      /*!< Authentication status */
1113         int readperm;           /*!< Authorization for reading */
1114         int writeperm;          /*!< Authorization for writing */
1115         char inbuf[1025];       /*!< Buffer -  we use the extra byte to add a '\0' and simplify parsing */
1116         int inlen;              /*!< number of buffered bytes */
1117         struct ao2_container *whitefilters;     /*!< Manager event filters - white list */
1118         struct ao2_container *blackfilters;     /*!< Manager event filters - black list */
1119         struct ast_variable *chanvars;  /*!< Channel variables to set for originate */
1120         int send_events;        /*!<  XXX what ? */
1121         struct eventqent *last_ev;      /*!< last event processed. */
1122         int writetimeout;       /*!< Timeout for ast_carefulwrite() */
1123         time_t authstart;
1124         int pending_event;         /*!< Pending events indicator in case when waiting_thread is NULL */
1125         time_t noncetime;       /*!< Timer for nonce value expiration */
1126         unsigned long oldnonce; /*!< Stale nonce value */
1127         unsigned long nc;       /*!< incremental  nonce counter */
1128         AST_LIST_HEAD_NOLOCK(mansession_datastores, ast_datastore) datastores; /*!< Data stores on the session */
1129         AST_LIST_ENTRY(mansession_session) list;
1130 };
1131
1132 /*! \brief In case you didn't read that giant block of text above the mansession_session struct, the
1133  * \ref struct mansession is named this solely to keep the API the same in Asterisk. This structure really
1134  * represents data that is different from Manager action to Manager action. The mansession_session pointer
1135  * contained within points to session-specific data.
1136  */
1137 struct mansession {
1138         struct mansession_session *session;
1139         struct ast_tcptls_session_instance *tcptls_session;
1140         FILE *f;
1141         int fd;
1142         int write_error:1;
1143         struct manager_custom_hook *hook;
1144         ast_mutex_t lock;
1145 };
1146
1147 static struct ao2_container *sessions = NULL;
1148
1149 struct manager_channel_variable {
1150         AST_LIST_ENTRY(manager_channel_variable) entry;
1151         unsigned int isfunc:1;
1152         char name[0]; /* allocate off the end the real size. */
1153 };
1154
1155 static AST_RWLIST_HEAD_STATIC(channelvars, manager_channel_variable);
1156
1157 /*! \brief user descriptor, as read from the config file.
1158  *
1159  * \note It is still missing some fields -- e.g. we can have multiple permit and deny
1160  * lines which are not supported here, and readperm/writeperm/writetimeout
1161  * are not stored.
1162  */
1163 struct ast_manager_user {
1164         char username[80];
1165         char *secret;                   /*!< Secret for logging in */
1166         int readperm;                   /*!< Authorization for reading */
1167         int writeperm;                  /*!< Authorization for writing */
1168         int writetimeout;               /*!< Per user Timeout for ast_carefulwrite() */
1169         int displayconnects;            /*!< XXX unused */
1170         int keep;                       /*!< mark entries created on a reload */
1171         struct ao2_container *whitefilters; /*!< Manager event filters - white list */
1172         struct ao2_container *blackfilters; /*!< Manager event filters - black list */
1173         struct ast_acl_list *acl;       /*!< ACL setting */
1174         char *a1_hash;                  /*!< precalculated A1 for Digest auth */
1175         struct ast_variable *chanvars;  /*!< Channel variables to set for originate */
1176         AST_RWLIST_ENTRY(ast_manager_user) list;
1177 };
1178
1179 /*! \brief list of users found in the config file */
1180 static AST_RWLIST_HEAD_STATIC(users, ast_manager_user);
1181
1182 /*! \brief list of actions registered */
1183 static AST_RWLIST_HEAD_STATIC(actions, manager_action);
1184
1185 /*! \brief list of hooks registered */
1186 static AST_RWLIST_HEAD_STATIC(manager_hooks, manager_custom_hook);
1187
1188 /*! \brief A container of event documentation nodes */
1189 AO2_GLOBAL_OBJ_STATIC(event_docs);
1190
1191 static void free_channelvars(void);
1192
1193 static enum add_filter_result manager_add_filter(const char *filter_pattern, struct ao2_container *whitefilters, struct ao2_container *blackfilters);
1194
1195 /*!
1196  * \internal
1197  * \brief Find a registered action object.
1198  *
1199  * \param name Name of AMI action to find.
1200  *
1201  * \return Reffed action found or NULL
1202  */
1203 static struct manager_action *action_find(const char *name)
1204 {
1205         struct manager_action *act;
1206
1207         AST_RWLIST_RDLOCK(&actions);
1208         AST_RWLIST_TRAVERSE(&actions, act, list) {
1209                 if (!strcasecmp(name, act->action)) {
1210                         ao2_t_ref(act, +1, "found action object");
1211                         break;
1212                 }
1213         }
1214         AST_RWLIST_UNLOCK(&actions);
1215
1216         return act;
1217 }
1218
1219 /*! \brief Add a custom hook to be called when an event is fired */
1220 void ast_manager_register_hook(struct manager_custom_hook *hook)
1221 {
1222         AST_RWLIST_WRLOCK(&manager_hooks);
1223         AST_RWLIST_INSERT_TAIL(&manager_hooks, hook, list);
1224         AST_RWLIST_UNLOCK(&manager_hooks);
1225 }
1226
1227 /*! \brief Delete a custom hook to be called when an event is fired */
1228 void ast_manager_unregister_hook(struct manager_custom_hook *hook)
1229 {
1230         AST_RWLIST_WRLOCK(&manager_hooks);
1231         AST_RWLIST_REMOVE(&manager_hooks, hook, list);
1232         AST_RWLIST_UNLOCK(&manager_hooks);
1233 }
1234
1235 int check_manager_enabled(void)
1236 {
1237         return manager_enabled;
1238 }
1239
1240 int check_webmanager_enabled(void)
1241 {
1242         return (webmanager_enabled && manager_enabled);
1243 }
1244
1245 /*!
1246  * Grab a reference to the last event, update usecount as needed.
1247  * Can handle a NULL pointer.
1248  */
1249 static struct eventqent *grab_last(void)
1250 {
1251         struct eventqent *ret;
1252
1253         AST_RWLIST_WRLOCK(&all_events);
1254         ret = AST_RWLIST_LAST(&all_events);
1255         /* the list is never empty now, but may become so when
1256          * we optimize it in the future, so be prepared.
1257          */
1258         if (ret) {
1259                 ast_atomic_fetchadd_int(&ret->usecount, 1);
1260         }
1261         AST_RWLIST_UNLOCK(&all_events);
1262         return ret;
1263 }
1264
1265 /*!
1266  * Purge unused events. Remove elements from the head
1267  * as long as their usecount is 0 and there is a next element.
1268  */
1269 static void purge_events(void)
1270 {
1271         struct eventqent *ev;
1272         struct timeval now = ast_tvnow();
1273
1274         AST_RWLIST_WRLOCK(&all_events);
1275         while ( (ev = AST_RWLIST_FIRST(&all_events)) &&
1276             ev->usecount == 0 && AST_RWLIST_NEXT(ev, eq_next)) {
1277                 AST_RWLIST_REMOVE_HEAD(&all_events, eq_next);
1278                 ast_free(ev);
1279         }
1280
1281         AST_RWLIST_TRAVERSE_SAFE_BEGIN(&all_events, ev, eq_next) {
1282                 /* Never release the last event */
1283                 if (!AST_RWLIST_NEXT(ev, eq_next)) {
1284                         break;
1285                 }
1286
1287                 /* 2.5 times whatever the HTTP timeout is (maximum 2.5 hours) is the maximum time that we will definitely cache an event */
1288                 if (ev->usecount == 0 && ast_tvdiff_sec(now, ev->tv) > (httptimeout > 3600 ? 3600 : httptimeout) * 2.5) {
1289                         AST_RWLIST_REMOVE_CURRENT(eq_next);
1290                         ast_free(ev);
1291                 }
1292         }
1293         AST_RWLIST_TRAVERSE_SAFE_END;
1294         AST_RWLIST_UNLOCK(&all_events);
1295 }
1296
1297 /*!
1298  * helper functions to convert back and forth between
1299  * string and numeric representation of set of flags
1300  */
1301 static const struct permalias {
1302         int num;
1303         const char *label;
1304 } perms[] = {
1305         { EVENT_FLAG_SYSTEM, "system" },
1306         { EVENT_FLAG_CALL, "call" },
1307         { EVENT_FLAG_LOG, "log" },
1308         { EVENT_FLAG_VERBOSE, "verbose" },
1309         { EVENT_FLAG_COMMAND, "command" },
1310         { EVENT_FLAG_AGENT, "agent" },
1311         { EVENT_FLAG_USER, "user" },
1312         { EVENT_FLAG_CONFIG, "config" },
1313         { EVENT_FLAG_DTMF, "dtmf" },
1314         { EVENT_FLAG_REPORTING, "reporting" },
1315         { EVENT_FLAG_CDR, "cdr" },
1316         { EVENT_FLAG_DIALPLAN, "dialplan" },
1317         { EVENT_FLAG_ORIGINATE, "originate" },
1318         { EVENT_FLAG_AGI, "agi" },
1319         { EVENT_FLAG_CC, "cc" },
1320         { EVENT_FLAG_AOC, "aoc" },
1321         { EVENT_FLAG_TEST, "test" },
1322         { EVENT_FLAG_MESSAGE, "message" },
1323         { INT_MAX, "all" },
1324         { 0, "none" },
1325 };
1326
1327 /*! \brief Checks to see if a string which can be used to evaluate functions should be rejected */
1328 static int function_capable_string_allowed_with_auths(const char *evaluating, int writepermlist)
1329 {
1330         if (!(writepermlist & EVENT_FLAG_SYSTEM)
1331                 && (
1332                         strstr(evaluating, "SHELL") ||       /* NoOp(${SHELL(rm -rf /)})  */
1333                         strstr(evaluating, "EVAL")           /* NoOp(${EVAL(${some_var_containing_SHELL})}) */
1334                 )) {
1335                 return 0;
1336         }
1337         return 1;
1338 }
1339
1340 /*! \brief Convert authority code to a list of options */
1341 static const char *authority_to_str(int authority, struct ast_str **res)
1342 {
1343         int i;
1344         char *sep = "";
1345
1346         ast_str_reset(*res);
1347         for (i = 0; i < ARRAY_LEN(perms) - 1; i++) {
1348                 if (authority & perms[i].num) {
1349                         ast_str_append(res, 0, "%s%s", sep, perms[i].label);
1350                         sep = ",";
1351                 }
1352         }
1353
1354         if (ast_str_strlen(*res) == 0)  /* replace empty string with something sensible */
1355                 ast_str_append(res, 0, "<none>");
1356
1357         return ast_str_buffer(*res);
1358 }
1359
1360 /*! Tells you if smallstr exists inside bigstr
1361    which is delim by delim and uses no buf or stringsep
1362    ast_instring("this|that|more","this",'|') == 1;
1363
1364    feel free to move this to app.c -anthm */
1365 static int ast_instring(const char *bigstr, const char *smallstr, const char delim)
1366 {
1367         const char *val = bigstr, *next;
1368
1369         do {
1370                 if ((next = strchr(val, delim))) {
1371                         if (!strncmp(val, smallstr, (next - val))) {
1372                                 return 1;
1373                         } else {
1374                                 continue;
1375                         }
1376                 } else {
1377                         return !strcmp(smallstr, val);
1378                 }
1379         } while (*(val = (next + 1)));
1380
1381         return 0;
1382 }
1383
1384 static int get_perm(const char *instr)
1385 {
1386         int x = 0, ret = 0;
1387
1388         if (!instr) {
1389                 return 0;
1390         }
1391
1392         for (x = 0; x < ARRAY_LEN(perms); x++) {
1393                 if (ast_instring(instr, perms[x].label, ',')) {
1394                         ret |= perms[x].num;
1395                 }
1396         }
1397
1398         return ret;
1399 }
1400
1401 /*!
1402  * A number returns itself, false returns 0, true returns all flags,
1403  * other strings return the flags that are set.
1404  */
1405 static int strings_to_mask(const char *string)
1406 {
1407         const char *p;
1408
1409         if (ast_strlen_zero(string)) {
1410                 return -1;
1411         }
1412
1413         for (p = string; *p; p++) {
1414                 if (*p < '0' || *p > '9') {
1415                         break;
1416                 }
1417         }
1418         if (!*p) { /* all digits */
1419                 return atoi(string);
1420         }
1421         if (ast_false(string)) {
1422                 return 0;
1423         }
1424         if (ast_true(string)) { /* all permissions */
1425                 int x, ret = 0;
1426                 for (x = 0; x < ARRAY_LEN(perms); x++) {
1427                         ret |= perms[x].num;
1428                 }
1429                 return ret;
1430         }
1431         return get_perm(string);
1432 }
1433
1434 /*! \brief Unreference manager session object.
1435      If no more references, then go ahead and delete it */
1436 static struct mansession_session *unref_mansession(struct mansession_session *s)
1437 {
1438         int refcount = ao2_ref(s, -1);
1439         if (manager_debug) {
1440                 ast_debug(1, "Mansession: %p refcount now %d\n", s, refcount - 1);
1441         }
1442         return s;
1443 }
1444
1445 static void event_filter_destructor(void *obj)
1446 {
1447         regex_t *regex_filter = obj;
1448         regfree(regex_filter);
1449 }
1450
1451 static void session_destructor(void *obj)
1452 {
1453         struct mansession_session *session = obj;
1454         struct eventqent *eqe = session->last_ev;
1455         struct ast_datastore *datastore;
1456
1457         /* Get rid of each of the data stores on the session */
1458         while ((datastore = AST_LIST_REMOVE_HEAD(&session->datastores, entry))) {
1459                 /* Free the data store */
1460                 ast_datastore_free(datastore);
1461         }
1462
1463         if (session->f != NULL) {
1464                 fclose(session->f);
1465         }
1466         if (eqe) {
1467                 ast_atomic_fetchadd_int(&eqe->usecount, -1);
1468         }
1469         if (session->chanvars) {
1470                 ast_variables_destroy(session->chanvars);
1471         }
1472
1473         if (session->whitefilters) {
1474                 ao2_t_callback(session->whitefilters, OBJ_UNLINK | OBJ_NODATA | OBJ_MULTIPLE, NULL, NULL, "unlink all white filters");
1475                 ao2_t_ref(session->whitefilters, -1 , "decrement ref for white container, should be last one");
1476         }
1477
1478         if (session->blackfilters) {
1479                 ao2_t_callback(session->blackfilters, OBJ_UNLINK | OBJ_NODATA | OBJ_MULTIPLE, NULL, NULL, "unlink all black filters");
1480                 ao2_t_ref(session->blackfilters, -1 , "decrement ref for black container, should be last one");
1481         }
1482 }
1483
1484 /*! \brief Allocate manager session structure and add it to the list of sessions */
1485 static struct mansession_session *build_mansession(const struct ast_sockaddr *addr)
1486 {
1487         struct mansession_session *newsession;
1488
1489         if (!(newsession = ao2_alloc(sizeof(*newsession), session_destructor))) {
1490                 return NULL;
1491         }
1492
1493         if (!(newsession->whitefilters = ao2_container_alloc(1, NULL, NULL))) {
1494                 ao2_ref(newsession, -1);
1495                 return NULL;
1496         }
1497
1498         if (!(newsession->blackfilters = ao2_container_alloc(1, NULL, NULL))) {
1499                 ao2_ref(newsession, -1); /* session_destructor will cleanup the other filter */
1500                 return NULL;
1501         }
1502
1503         newsession->fd = -1;
1504         newsession->waiting_thread = AST_PTHREADT_NULL;
1505         newsession->writetimeout = 100;
1506         newsession->send_events = -1;
1507         ast_sockaddr_copy(&newsession->addr, addr);
1508
1509         ao2_link(sessions, newsession);
1510
1511         return newsession;
1512 }
1513
1514 static int mansession_cmp_fn(void *obj, void *arg, int flags)
1515 {
1516         struct mansession_session *s = obj;
1517         char *str = arg;
1518         return !strcasecmp(s->username, str) ? CMP_MATCH : 0;
1519 }
1520
1521 static void session_destroy(struct mansession_session *s)
1522 {
1523         unref_mansession(s);
1524         ao2_unlink(sessions, s);
1525 }
1526
1527
1528 static int check_manager_session_inuse(const char *name)
1529 {
1530         struct mansession_session *session = ao2_find(sessions, (char *) name, 0);
1531         int inuse = 0;
1532
1533         if (session) {
1534                 inuse = 1;
1535                 unref_mansession(session);
1536         }
1537         return inuse;
1538 }
1539
1540
1541 /*!
1542  * lookup an entry in the list of registered users.
1543  * must be called with the list lock held.
1544  */
1545 static struct ast_manager_user *get_manager_by_name_locked(const char *name)
1546 {
1547         struct ast_manager_user *user = NULL;
1548
1549         AST_RWLIST_TRAVERSE(&users, user, list) {
1550                 if (!strcasecmp(user->username, name)) {
1551                         break;
1552                 }
1553         }
1554
1555         return user;
1556 }
1557
1558 /*! \brief Get displayconnects config option.
1559  *  \param session manager session to get parameter from.
1560  *  \return displayconnects config option value.
1561  */
1562 static int manager_displayconnects (struct mansession_session *session)
1563 {
1564         struct ast_manager_user *user = NULL;
1565         int ret = 0;
1566
1567         AST_RWLIST_RDLOCK(&users);
1568         if ((user = get_manager_by_name_locked (session->username))) {
1569                 ret = user->displayconnects;
1570         }
1571         AST_RWLIST_UNLOCK(&users);
1572
1573         return ret;
1574 }
1575
1576 static char *handle_showmancmd(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1577 {
1578         struct manager_action *cur;
1579         struct ast_str *authority;
1580         int num, l, which;
1581         char *ret = NULL;
1582 #ifdef AST_XML_DOCS
1583         char syntax_title[64], description_title[64], synopsis_title[64], seealso_title[64], arguments_title[64];
1584 #endif
1585
1586         switch (cmd) {
1587         case CLI_INIT:
1588                 e->command = "manager show command";
1589                 e->usage =
1590                         "Usage: manager show command <actionname> [<actionname> [<actionname> [...]]]\n"
1591                         "       Shows the detailed description for a specific Asterisk manager interface command.\n";
1592                 return NULL;
1593         case CLI_GENERATE:
1594                 l = strlen(a->word);
1595                 which = 0;
1596                 AST_RWLIST_RDLOCK(&actions);
1597                 AST_RWLIST_TRAVERSE(&actions, cur, list) {
1598                         if (!strncasecmp(a->word, cur->action, l) && ++which > a->n) {
1599                                 ret = ast_strdup(cur->action);
1600                                 break;  /* make sure we exit even if ast_strdup() returns NULL */
1601                         }
1602                 }
1603                 AST_RWLIST_UNLOCK(&actions);
1604                 return ret;
1605         }
1606         authority = ast_str_alloca(80);
1607         if (a->argc < 4) {
1608                 return CLI_SHOWUSAGE;
1609         }
1610
1611 #ifdef AST_XML_DOCS
1612         /* setup the titles */
1613         term_color(synopsis_title, "[Synopsis]\n", COLOR_MAGENTA, 0, 40);
1614         term_color(description_title, "[Description]\n", COLOR_MAGENTA, 0, 40);
1615         term_color(syntax_title, "[Syntax]\n", COLOR_MAGENTA, 0, 40);
1616         term_color(seealso_title, "[See Also]\n", COLOR_MAGENTA, 0, 40);
1617         term_color(arguments_title, "[Arguments]\n", COLOR_MAGENTA, 0, 40);
1618 #endif
1619
1620         AST_RWLIST_RDLOCK(&actions);
1621         AST_RWLIST_TRAVERSE(&actions, cur, list) {
1622                 for (num = 3; num < a->argc; num++) {
1623                         if (!strcasecmp(cur->action, a->argv[num])) {
1624 #ifdef AST_XML_DOCS
1625                                 if (cur->docsrc == AST_XML_DOC) {
1626                                         ast_cli(a->fd, "%s%s\n\n%s%s\n\n%s%s\n\n%s%s\n\n%s%s\n\n",
1627                                                 syntax_title,
1628                                                 ast_xmldoc_printable(S_OR(cur->syntax, "Not available"), 1),
1629                                                 synopsis_title,
1630                                                 ast_xmldoc_printable(S_OR(cur->synopsis, "Not available"), 1),
1631                                                 description_title,
1632                                                 ast_xmldoc_printable(S_OR(cur->description, "Not available"), 1),
1633                                                 arguments_title,
1634                                                 ast_xmldoc_printable(S_OR(cur->arguments, "Not available"), 1),
1635                                                 seealso_title,
1636                                                 ast_xmldoc_printable(S_OR(cur->seealso, "Not available"), 1));
1637                                 } else
1638 #endif
1639                                 {
1640                                         ast_cli(a->fd, "Action: %s\nSynopsis: %s\nPrivilege: %s\n%s\n",
1641                                                 cur->action, cur->synopsis,
1642                                                 authority_to_str(cur->authority, &authority),
1643                                                 S_OR(cur->description, ""));
1644                                 }
1645                         }
1646                 }
1647         }
1648         AST_RWLIST_UNLOCK(&actions);
1649
1650         return CLI_SUCCESS;
1651 }
1652
1653 static char *handle_mandebug(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1654 {
1655         switch (cmd) {
1656         case CLI_INIT:
1657                 e->command = "manager set debug [on|off]";
1658                 e->usage = "Usage: manager set debug [on|off]\n Show, enable, disable debugging of the manager code.\n";
1659                 return NULL;
1660         case CLI_GENERATE:
1661                 return NULL;
1662         }
1663
1664         if (a->argc == 3) {
1665                 ast_cli(a->fd, "manager debug is %s\n", manager_debug? "on" : "off");
1666         } else if (a->argc == 4) {
1667                 if (!strcasecmp(a->argv[3], "on")) {
1668                         manager_debug = 1;
1669                 } else if (!strcasecmp(a->argv[3], "off")) {
1670                         manager_debug = 0;
1671                 } else {
1672                         return CLI_SHOWUSAGE;
1673                 }
1674         }
1675         return CLI_SUCCESS;
1676 }
1677
1678 static char *handle_showmanager(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1679 {
1680         struct ast_manager_user *user = NULL;
1681         int l, which;
1682         char *ret = NULL;
1683         struct ast_str *rauthority = ast_str_alloca(128);
1684         struct ast_str *wauthority = ast_str_alloca(128);
1685         struct ast_variable *v;
1686
1687         switch (cmd) {
1688         case CLI_INIT:
1689                 e->command = "manager show user";
1690                 e->usage =
1691                         " Usage: manager show user <user>\n"
1692                         "        Display all information related to the manager user specified.\n";
1693                 return NULL;
1694         case CLI_GENERATE:
1695                 l = strlen(a->word);
1696                 which = 0;
1697                 if (a->pos != 3) {
1698                         return NULL;
1699                 }
1700                 AST_RWLIST_RDLOCK(&users);
1701                 AST_RWLIST_TRAVERSE(&users, user, list) {
1702                         if ( !strncasecmp(a->word, user->username, l) && ++which > a->n ) {
1703                                 ret = ast_strdup(user->username);
1704                                 break;
1705                         }
1706                 }
1707                 AST_RWLIST_UNLOCK(&users);
1708                 return ret;
1709         }
1710
1711         if (a->argc != 4) {
1712                 return CLI_SHOWUSAGE;
1713         }
1714
1715         AST_RWLIST_RDLOCK(&users);
1716
1717         if (!(user = get_manager_by_name_locked(a->argv[3]))) {
1718                 ast_cli(a->fd, "There is no manager called %s\n", a->argv[3]);
1719                 AST_RWLIST_UNLOCK(&users);
1720                 return CLI_SUCCESS;
1721         }
1722
1723         ast_cli(a->fd, "\n");
1724         ast_cli(a->fd,
1725                 "       username: %s\n"
1726                 "         secret: %s\n"
1727                 "            ACL: %s\n"
1728                 "      read perm: %s\n"
1729                 "     write perm: %s\n"
1730                 "displayconnects: %s\n",
1731                 (user->username ? user->username : "(N/A)"),
1732                 (user->secret ? "<Set>" : "(N/A)"),
1733                 ((user->acl && !ast_acl_list_is_empty(user->acl)) ? "yes" : "no"),
1734                 authority_to_str(user->readperm, &rauthority),
1735                 authority_to_str(user->writeperm, &wauthority),
1736                 (user->displayconnects ? "yes" : "no"));
1737         ast_cli(a->fd, "      Variables: \n");
1738                 for (v = user->chanvars ; v ; v = v->next) {
1739                         ast_cli(a->fd, "                 %s = %s\n", v->name, v->value);
1740                 }
1741
1742         AST_RWLIST_UNLOCK(&users);
1743
1744         return CLI_SUCCESS;
1745 }
1746
1747 static char *handle_showmanagers(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1748 {
1749         struct ast_manager_user *user = NULL;
1750         int count_amu = 0;
1751         switch (cmd) {
1752         case CLI_INIT:
1753                 e->command = "manager show users";
1754                 e->usage =
1755                         "Usage: manager show users\n"
1756                         "       Prints a listing of all managers that are currently configured on that\n"
1757                         " system.\n";
1758                 return NULL;
1759         case CLI_GENERATE:
1760                 return NULL;
1761         }
1762         if (a->argc != 3) {
1763                 return CLI_SHOWUSAGE;
1764         }
1765
1766         AST_RWLIST_RDLOCK(&users);
1767
1768         /* If there are no users, print out something along those lines */
1769         if (AST_RWLIST_EMPTY(&users)) {
1770                 ast_cli(a->fd, "There are no manager users.\n");
1771                 AST_RWLIST_UNLOCK(&users);
1772                 return CLI_SUCCESS;
1773         }
1774
1775         ast_cli(a->fd, "\nusername\n--------\n");
1776
1777         AST_RWLIST_TRAVERSE(&users, user, list) {
1778                 ast_cli(a->fd, "%s\n", user->username);
1779                 count_amu++;
1780         }
1781
1782         AST_RWLIST_UNLOCK(&users);
1783
1784         ast_cli(a->fd,"-------------------\n"
1785                       "%d manager users configured.\n", count_amu);
1786         return CLI_SUCCESS;
1787 }
1788
1789 /*! \brief  CLI command  manager list commands */
1790 static char *handle_showmancmds(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1791 {
1792         struct manager_action *cur;
1793         struct ast_str *authority;
1794 #define HSMC_FORMAT "  %-15.15s  %-15.15s  %-55.55s\n"
1795         switch (cmd) {
1796         case CLI_INIT:
1797                 e->command = "manager show commands";
1798                 e->usage =
1799                         "Usage: manager show commands\n"
1800                         "       Prints a listing of all the available Asterisk manager interface commands.\n";
1801                 return NULL;
1802         case CLI_GENERATE:
1803                 return NULL;
1804         }
1805         authority = ast_str_alloca(80);
1806         ast_cli(a->fd, HSMC_FORMAT, "Action", "Privilege", "Synopsis");
1807         ast_cli(a->fd, HSMC_FORMAT, "------", "---------", "--------");
1808
1809         AST_RWLIST_RDLOCK(&actions);
1810         AST_RWLIST_TRAVERSE(&actions, cur, list) {
1811                 ast_cli(a->fd, HSMC_FORMAT, cur->action, authority_to_str(cur->authority, &authority), cur->synopsis);
1812         }
1813         AST_RWLIST_UNLOCK(&actions);
1814
1815         return CLI_SUCCESS;
1816 }
1817
1818 /*! \brief CLI command manager list connected */
1819 static char *handle_showmanconn(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1820 {
1821         struct mansession_session *session;
1822         time_t now = time(NULL);
1823 #define HSMCONN_FORMAT1 "  %-15.15s  %-55.55s  %-10.10s  %-10.10s  %-8.8s  %-8.8s  %-5.5s  %-5.5s\n"
1824 #define HSMCONN_FORMAT2 "  %-15.15s  %-55.55s  %-10d  %-10d  %-8d  %-8d  %-5.5d  %-5.5d\n"
1825         int count = 0;
1826         struct ao2_iterator i;
1827
1828         switch (cmd) {
1829         case CLI_INIT:
1830                 e->command = "manager show connected";
1831                 e->usage =
1832                         "Usage: manager show connected\n"
1833                         "       Prints a listing of the users that are currently connected to the\n"
1834                         "Asterisk manager interface.\n";
1835                 return NULL;
1836         case CLI_GENERATE:
1837                 return NULL;
1838         }
1839
1840         ast_cli(a->fd, HSMCONN_FORMAT1, "Username", "IP Address", "Start", "Elapsed", "FileDes", "HttpCnt", "Read", "Write");
1841
1842         i = ao2_iterator_init(sessions, 0);
1843         while ((session = ao2_iterator_next(&i))) {
1844                 ao2_lock(session);
1845                 ast_cli(a->fd, HSMCONN_FORMAT2, session->username, ast_sockaddr_stringify_addr(&session->addr), (int)(session->sessionstart), (int)(now - session->sessionstart), session->fd, session->inuse, session->readperm, session->writeperm);
1846                 count++;
1847                 ao2_unlock(session);
1848                 unref_mansession(session);
1849         }
1850         ao2_iterator_destroy(&i);
1851         ast_cli(a->fd, "%d users connected.\n", count);
1852
1853         return CLI_SUCCESS;
1854 }
1855
1856 /*! \brief CLI command manager list eventq */
1857 /* Should change to "manager show connected" */
1858 static char *handle_showmaneventq(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1859 {
1860         struct eventqent *s;
1861         switch (cmd) {
1862         case CLI_INIT:
1863                 e->command = "manager show eventq";
1864                 e->usage =
1865                         "Usage: manager show eventq\n"
1866                         "       Prints a listing of all events pending in the Asterisk manger\n"
1867                         "event queue.\n";
1868                 return NULL;
1869         case CLI_GENERATE:
1870                 return NULL;
1871         }
1872         AST_RWLIST_RDLOCK(&all_events);
1873         AST_RWLIST_TRAVERSE(&all_events, s, eq_next) {
1874                 ast_cli(a->fd, "Usecount: %d\n", s->usecount);
1875                 ast_cli(a->fd, "Category: %d\n", s->category);
1876                 ast_cli(a->fd, "Event:\n%s", s->eventdata);
1877         }
1878         AST_RWLIST_UNLOCK(&all_events);
1879
1880         return CLI_SUCCESS;
1881 }
1882
1883 /*! \brief CLI command manager reload */
1884 static char *handle_manager_reload(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
1885 {
1886         switch (cmd) {
1887         case CLI_INIT:
1888                 e->command = "manager reload";
1889                 e->usage =
1890                         "Usage: manager reload\n"
1891                         "       Reloads the manager configuration.\n";
1892                 return NULL;
1893         case CLI_GENERATE:
1894                 return NULL;
1895         }
1896         if (a->argc > 2) {
1897                 return CLI_SHOWUSAGE;
1898         }
1899         reload_manager();
1900         return CLI_SUCCESS;
1901 }
1902
1903 static struct eventqent *advance_event(struct eventqent *e)
1904 {
1905         struct eventqent *next;
1906
1907         AST_RWLIST_RDLOCK(&all_events);
1908         if ((next = AST_RWLIST_NEXT(e, eq_next))) {
1909                 ast_atomic_fetchadd_int(&next->usecount, 1);
1910                 ast_atomic_fetchadd_int(&e->usecount, -1);
1911         }
1912         AST_RWLIST_UNLOCK(&all_events);
1913         return next;
1914 }
1915
1916 #define GET_HEADER_FIRST_MATCH  0
1917 #define GET_HEADER_LAST_MATCH   1
1918 #define GET_HEADER_SKIP_EMPTY   2
1919
1920 /*!
1921  * \brief Return a matching header value.
1922  *
1923  * \details
1924  * Generic function to return either the first or the last
1925  * matching header from a list of variables, possibly skipping
1926  * empty strings.
1927  *
1928  * \note At the moment there is only one use of this function in
1929  * this file, so we make it static.
1930  *
1931  * \note Never returns NULL.
1932  */
1933 static const char *__astman_get_header(const struct message *m, char *var, int mode)
1934 {
1935         int x, l = strlen(var);
1936         const char *result = "";
1937
1938         for (x = 0; x < m->hdrcount; x++) {
1939                 const char *h = m->headers[x];
1940                 if (!strncasecmp(var, h, l) && h[l] == ':') {
1941                         const char *value = h + l + 1;
1942                         value = ast_skip_blanks(value); /* ignore leading spaces in the value */
1943                         /* found a potential candidate */
1944                         if ((mode & GET_HEADER_SKIP_EMPTY) && ast_strlen_zero(value)) {
1945                                 continue;       /* not interesting */
1946                         }
1947                         if (mode & GET_HEADER_LAST_MATCH) {
1948                                 result = value; /* record the last match so far */
1949                         } else {
1950                                 return value;
1951                         }
1952                 }
1953         }
1954
1955         return result;
1956 }
1957
1958 /*!
1959  * \brief Return the first matching variable from an array.
1960  *
1961  * \note This is the legacy function and is implemented in
1962  * therms of __astman_get_header().
1963  *
1964  * \note Never returns NULL.
1965  */
1966 const char *astman_get_header(const struct message *m, char *var)
1967 {
1968         return __astman_get_header(m, var, GET_HEADER_FIRST_MATCH);
1969 }
1970
1971 /*!
1972  * \internal
1973  * \brief Process one "Variable:" header value string.
1974  *
1975  * \param head Current list of AMI variables to get new values added.
1976  * \param hdr_val Header value string to process.
1977  *
1978  * \return New variable list head.
1979  */
1980 static struct ast_variable *man_do_variable_value(struct ast_variable *head, const char *hdr_val)
1981 {
1982         char *parse;
1983         AST_DECLARE_APP_ARGS(args,
1984                 AST_APP_ARG(vars)[64];
1985         );
1986
1987         hdr_val = ast_skip_blanks(hdr_val); /* ignore leading spaces in the value */
1988         parse = ast_strdupa(hdr_val);
1989
1990         /* Break the header value string into name=val pair items. */
1991         AST_STANDARD_APP_ARGS(args, parse);
1992         if (args.argc) {
1993                 int y;
1994
1995                 /* Process each name=val pair item. */
1996                 for (y = 0; y < args.argc; y++) {
1997                         struct ast_variable *cur;
1998                         char *var;
1999                         char *val;
2000
2001                         if (!args.vars[y]) {
2002                                 continue;
2003                         }
2004                         var = val = args.vars[y];
2005                         strsep(&val, "=");
2006
2007                         /* XXX We may wish to trim whitespace from the strings. */
2008                         if (!val || ast_strlen_zero(var)) {
2009                                 continue;
2010                         }
2011
2012                         /* Create new variable list node and prepend it to the list. */
2013                         cur = ast_variable_new(var, val, "");
2014                         if (cur) {
2015                                 cur->next = head;
2016                                 head = cur;
2017                         }
2018                 }
2019         }
2020
2021         return head;
2022 }
2023
2024 struct ast_variable *astman_get_variables(const struct message *m)
2025 {
2026         int varlen;
2027         int x;
2028         struct ast_variable *head = NULL;
2029
2030         static const char var_hdr[] = "Variable:";
2031
2032         /* Process all "Variable:" headers. */
2033         varlen = strlen(var_hdr);
2034         for (x = 0; x < m->hdrcount; x++) {
2035                 if (strncasecmp(var_hdr, m->headers[x], varlen)) {
2036                         continue;
2037                 }
2038                 head = man_do_variable_value(head, m->headers[x] + varlen);
2039         }
2040
2041         return head;
2042 }
2043
2044 /*! \brief access for hooks to send action messages to ami */
2045 int ast_hook_send_action(struct manager_custom_hook *hook, const char *msg)
2046 {
2047         const char *action;
2048         int ret = 0;
2049         struct manager_action *act_found;
2050         struct mansession s = {.session = NULL, };
2051         struct message m = { 0 };
2052         char *dup_str;
2053         char *src;
2054         int x = 0;
2055         int curlen;
2056
2057         if (hook == NULL) {
2058                 return -1;
2059         }
2060
2061         /* Create our own copy of the AMI action msg string. */
2062         src = dup_str = ast_strdup(msg);
2063         if (!dup_str) {
2064                 return -1;
2065         }
2066
2067         /* convert msg string to message struct */
2068         curlen = strlen(src);
2069         for (x = 0; x < curlen; x++) {
2070                 int cr; /* set if we have \r */
2071                 if (src[x] == '\r' && x+1 < curlen && src[x+1] == '\n')
2072                         cr = 2; /* Found. Update length to include \r\n */
2073                 else if (src[x] == '\n')
2074                         cr = 1; /* also accept \n only */
2075                 else
2076                         continue;
2077                 /* don't keep empty lines */
2078                 if (x && m.hdrcount < ARRAY_LEN(m.headers)) {
2079                         /* ... but trim \r\n and terminate the header string */
2080                         src[x] = '\0';
2081                         m.headers[m.hdrcount++] = src;
2082                 }
2083                 x += cr;
2084                 curlen -= x;            /* remaining size */
2085                 src += x;               /* update pointer */
2086                 x = -1;                 /* reset loop */
2087         }
2088
2089         action = astman_get_header(&m, "Action");
2090         if (strcasecmp(action, "login")) {
2091                 act_found = action_find(action);
2092                 if (act_found) {
2093                         /*
2094                          * we have to simulate a session for this action request
2095                          * to be able to pass it down for processing
2096                          * This is necessary to meet the previous design of manager.c
2097                          */
2098                         s.hook = hook;
2099                         s.f = (void*)1; /* set this to something so our request will make it through all functions that test it*/
2100
2101                         ao2_lock(act_found);
2102                         if (act_found->registered && act_found->func) {
2103                                 if (act_found->module) {
2104                                         ast_module_ref(act_found->module);
2105                                 }
2106                                 ao2_unlock(act_found);
2107                                 ret = act_found->func(&s, &m);
2108                                 ao2_lock(act_found);
2109                                 if (act_found->module) {
2110                                         ast_module_unref(act_found->module);
2111                                 }
2112                         } else {
2113                                 ret = -1;
2114                         }
2115                         ao2_unlock(act_found);
2116                         ao2_t_ref(act_found, -1, "done with found action object");
2117                 }
2118         }
2119         ast_free(dup_str);
2120         return ret;
2121 }
2122
2123
2124 /*!
2125  * helper function to send a string to the socket.
2126  * Return -1 on error (e.g. buffer full).
2127  */
2128 static int send_string(struct mansession *s, char *string)
2129 {
2130         int res;
2131         FILE *f = s->f ? s->f : s->session->f;
2132         int fd = s->f ? s->fd : s->session->fd;
2133
2134         /* It's a result from one of the hook's action invocation */
2135         if (s->hook) {
2136                 /*
2137                  * to send responses, we're using the same function
2138                  * as for receiving events. We call the event "HookResponse"
2139                  */
2140                 s->hook->helper(EVENT_FLAG_HOOKRESPONSE, "HookResponse", string);
2141                 return 0;
2142         }
2143
2144         if ((res = ast_careful_fwrite(f, fd, string, strlen(string), s->session->writetimeout))) {
2145                 s->write_error = 1;
2146         }
2147
2148         return res;
2149 }
2150
2151 /*!
2152  * \brief thread local buffer for astman_append
2153  *
2154  * \note This can not be defined within the astman_append() function
2155  *       because it declares a couple of functions that get used to
2156  *       initialize the thread local storage key.
2157  */
2158 AST_THREADSTORAGE(astman_append_buf);
2159
2160 AST_THREADSTORAGE(userevent_buf);
2161
2162 /*! \brief initial allocated size for the astman_append_buf and astman_send_*_va */
2163 #define ASTMAN_APPEND_BUF_INITSIZE   256
2164
2165 /*!
2166  * utility functions for creating AMI replies
2167  */
2168 void astman_append(struct mansession *s, const char *fmt, ...)
2169 {
2170         va_list ap;
2171         struct ast_str *buf;
2172
2173         if (!(buf = ast_str_thread_get(&astman_append_buf, ASTMAN_APPEND_BUF_INITSIZE))) {
2174                 return;
2175         }
2176
2177         va_start(ap, fmt);
2178         ast_str_set_va(&buf, 0, fmt, ap);
2179         va_end(ap);
2180
2181         if (s->f != NULL || s->session->f != NULL) {
2182                 send_string(s, ast_str_buffer(buf));
2183         } else {
2184                 ast_verbose("fd == -1 in astman_append, should not happen\n");
2185         }
2186 }
2187
2188 /*! \note NOTE: XXX this comment is unclear and possibly wrong.
2189    Callers of astman_send_error(), astman_send_response() or astman_send_ack() must EITHER
2190    hold the session lock _or_ be running in an action callback (in which case s->session->busy will
2191    be non-zero). In either of these cases, there is no need to lock-protect the session's
2192    fd, since no other output will be sent (events will be queued), and no input will
2193    be read until either the current action finishes or get_input() obtains the session
2194    lock.
2195  */
2196
2197 /*! \todo XXX MSG_MOREDATA should go to a header file. */
2198 #define MSG_MOREDATA    ((char *)astman_send_response)
2199
2200 /*! \brief send a response with an optional message,
2201  * and terminate it with an empty line.
2202  * m is used only to grab the 'ActionID' field.
2203  *
2204  * Use the explicit constant MSG_MOREDATA to remove the empty line.
2205  * XXX MSG_MOREDATA should go to a header file.
2206  */
2207 static void astman_send_response_full(struct mansession *s, const struct message *m, char *resp, char *msg, char *listflag)
2208 {
2209         const char *id = astman_get_header(m, "ActionID");
2210
2211         astman_append(s, "Response: %s\r\n", resp);
2212         if (!ast_strlen_zero(id)) {
2213                 astman_append(s, "ActionID: %s\r\n", id);
2214         }
2215         if (listflag) {
2216                 astman_append(s, "EventList: %s\r\n", listflag);        /* Start, complete, cancelled */
2217         }
2218         if (msg == MSG_MOREDATA) {
2219                 return;
2220         } else if (msg) {
2221                 astman_append(s, "Message: %s\r\n\r\n", msg);
2222         } else {
2223                 astman_append(s, "\r\n");
2224         }
2225 }
2226
2227 void astman_send_response(struct mansession *s, const struct message *m, char *resp, char *msg)
2228 {
2229         astman_send_response_full(s, m, resp, msg, NULL);
2230 }
2231
2232 void astman_send_error(struct mansession *s, const struct message *m, char *error)
2233 {
2234         astman_send_response_full(s, m, "Error", error, NULL);
2235 }
2236
2237 void astman_send_error_va(struct mansession *s, const struct message *m, const char *fmt, ...)
2238 {
2239         va_list ap;
2240         struct ast_str *buf;
2241
2242         if (!(buf = ast_str_thread_get(&astman_append_buf, ASTMAN_APPEND_BUF_INITSIZE))) {
2243                 return;
2244         }
2245
2246         va_start(ap, fmt);
2247         ast_str_set_va(&buf, 0, fmt, ap);
2248         va_end(ap);
2249
2250         astman_send_response_full(s, m, "Error", ast_str_buffer(buf), NULL);
2251         ast_free(buf);
2252 }
2253
2254 void astman_send_ack(struct mansession *s, const struct message *m, char *msg)
2255 {
2256         astman_send_response_full(s, m, "Success", msg, NULL);
2257 }
2258
2259 static void astman_start_ack(struct mansession *s, const struct message *m)
2260 {
2261         astman_send_response_full(s, m, "Success", MSG_MOREDATA, NULL);
2262 }
2263
2264 void astman_send_listack(struct mansession *s, const struct message *m, char *msg, char *listflag)
2265 {
2266         astman_send_response_full(s, m, "Success", msg, listflag);
2267 }
2268
2269 /*! \brief Lock the 'mansession' structure. */
2270 static void mansession_lock(struct mansession *s)
2271 {
2272         ast_mutex_lock(&s->lock);
2273 }
2274
2275 /*! \brief Unlock the 'mansession' structure. */
2276 static void mansession_unlock(struct mansession *s)
2277 {
2278         ast_mutex_unlock(&s->lock);
2279 }
2280
2281 /*! \brief
2282    Rather than braindead on,off this now can also accept a specific int mask value
2283    or a ',' delim list of mask strings (the same as manager.conf) -anthm
2284 */
2285 static int set_eventmask(struct mansession *s, const char *eventmask)
2286 {
2287         int maskint = strings_to_mask(eventmask);
2288
2289         ao2_lock(s->session);
2290         if (maskint >= 0) {
2291                 s->session->send_events = maskint;
2292         }
2293         ao2_unlock(s->session);
2294
2295         return maskint;
2296 }
2297
2298 static enum ast_security_event_transport_type mansession_get_transport(const struct mansession *s)
2299 {
2300         return s->tcptls_session->parent->tls_cfg ? AST_SECURITY_EVENT_TRANSPORT_TLS :
2301                         AST_SECURITY_EVENT_TRANSPORT_TCP;
2302 }
2303
2304 static void report_invalid_user(const struct mansession *s, const char *username)
2305 {
2306         char session_id[32];
2307         struct ast_security_event_inval_acct_id inval_acct_id = {
2308                 .common.event_type = AST_SECURITY_EVENT_INVAL_ACCT_ID,
2309                 .common.version    = AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION,
2310                 .common.service    = "AMI",
2311                 .common.account_id = username,
2312                 .common.session_tv = &s->session->sessionstart_tv,
2313                 .common.local_addr = {
2314                         .addr      = &s->tcptls_session->parent->local_address,
2315                         .transport = mansession_get_transport(s),
2316                 },
2317                 .common.remote_addr = {
2318                         .addr      = &s->session->addr,
2319                         .transport = mansession_get_transport(s),
2320                 },
2321                 .common.session_id = session_id,
2322         };
2323
2324         snprintf(session_id, sizeof(session_id), "%p", s);
2325
2326         ast_security_event_report(AST_SEC_EVT(&inval_acct_id));
2327 }
2328
2329 static void report_failed_acl(const struct mansession *s, const char *username)
2330 {
2331         char session_id[32];
2332         struct ast_security_event_failed_acl failed_acl_event = {
2333                 .common.event_type = AST_SECURITY_EVENT_FAILED_ACL,
2334                 .common.version    = AST_SECURITY_EVENT_FAILED_ACL_VERSION,
2335                 .common.service    = "AMI",
2336                 .common.account_id = username,
2337                 .common.session_tv = &s->session->sessionstart_tv,
2338                 .common.local_addr = {
2339                         .addr      = &s->tcptls_session->parent->local_address,
2340                         .transport = mansession_get_transport(s),
2341                 },
2342                 .common.remote_addr = {
2343                         .addr      = &s->session->addr,
2344                         .transport = mansession_get_transport(s),
2345                 },
2346                 .common.session_id = session_id,
2347         };
2348
2349         snprintf(session_id, sizeof(session_id), "%p", s->session);
2350
2351         ast_security_event_report(AST_SEC_EVT(&failed_acl_event));
2352 }
2353
2354 static void report_inval_password(const struct mansession *s, const char *username)
2355 {
2356         char session_id[32];
2357         struct ast_security_event_inval_password inval_password = {
2358                 .common.event_type = AST_SECURITY_EVENT_INVAL_PASSWORD,
2359                 .common.version    = AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION,
2360                 .common.service    = "AMI",
2361                 .common.account_id = username,
2362                 .common.session_tv = &s->session->sessionstart_tv,
2363                 .common.local_addr = {
2364                         .addr      = &s->tcptls_session->parent->local_address,
2365                         .transport = mansession_get_transport(s),
2366                 },
2367                 .common.remote_addr = {
2368                         .addr      = &s->session->addr,
2369                         .transport = mansession_get_transport(s),
2370                 },
2371                 .common.session_id = session_id,
2372         };
2373
2374         snprintf(session_id, sizeof(session_id), "%p", s->session);
2375
2376         ast_security_event_report(AST_SEC_EVT(&inval_password));
2377 }
2378
2379 static void report_auth_success(const struct mansession *s)
2380 {
2381         char session_id[32];
2382         struct ast_security_event_successful_auth successful_auth = {
2383                 .common.event_type = AST_SECURITY_EVENT_SUCCESSFUL_AUTH,
2384                 .common.version    = AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION,
2385                 .common.service    = "AMI",
2386                 .common.account_id = s->session->username,
2387                 .common.session_tv = &s->session->sessionstart_tv,
2388                 .common.local_addr = {
2389                         .addr      = &s->tcptls_session->parent->local_address,
2390                         .transport = mansession_get_transport(s),
2391                 },
2392                 .common.remote_addr = {
2393                         .addr      = &s->session->addr,
2394                         .transport = mansession_get_transport(s),
2395                 },
2396                 .common.session_id = session_id,
2397         };
2398
2399         snprintf(session_id, sizeof(session_id), "%p", s->session);
2400
2401         ast_security_event_report(AST_SEC_EVT(&successful_auth));
2402 }
2403
2404 static void report_req_not_allowed(const struct mansession *s, const char *action)
2405 {
2406         char session_id[32];
2407         char request_type[64];
2408         struct ast_security_event_req_not_allowed req_not_allowed = {
2409                 .common.event_type = AST_SECURITY_EVENT_REQ_NOT_ALLOWED,
2410                 .common.version    = AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION,
2411                 .common.service    = "AMI",
2412                 .common.account_id = s->session->username,
2413                 .common.session_tv = &s->session->sessionstart_tv,
2414                 .common.local_addr = {
2415                         .addr      = &s->tcptls_session->parent->local_address,
2416                         .transport = mansession_get_transport(s),
2417                 },
2418                 .common.remote_addr = {
2419                         .addr      = &s->session->addr,
2420                         .transport = mansession_get_transport(s),
2421                 },
2422                 .common.session_id = session_id,
2423
2424                 .request_type      = request_type,
2425         };
2426
2427         snprintf(session_id, sizeof(session_id), "%p", s->session);
2428         snprintf(request_type, sizeof(request_type), "Action: %s", action);
2429
2430         ast_security_event_report(AST_SEC_EVT(&req_not_allowed));
2431 }
2432
2433 static void report_req_bad_format(const struct mansession *s, const char *action)
2434 {
2435         char session_id[32];
2436         char request_type[64];
2437         struct ast_security_event_req_bad_format req_bad_format = {
2438                 .common.event_type = AST_SECURITY_EVENT_REQ_BAD_FORMAT,
2439                 .common.version    = AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION,
2440                 .common.service    = "AMI",
2441                 .common.account_id = s->session->username,
2442                 .common.session_tv = &s->session->sessionstart_tv,
2443                 .common.local_addr = {
2444                         .addr      = &s->tcptls_session->parent->local_address,
2445                         .transport = mansession_get_transport(s),
2446                 },
2447                 .common.remote_addr = {
2448                         .addr      = &s->session->addr,
2449                         .transport = mansession_get_transport(s),
2450                 },
2451                 .common.session_id = session_id,
2452
2453                 .request_type      = request_type,
2454         };
2455
2456         snprintf(session_id, sizeof(session_id), "%p", s->session);
2457         snprintf(request_type, sizeof(request_type), "Action: %s", action);
2458
2459         ast_security_event_report(AST_SEC_EVT(&req_bad_format));
2460 }
2461
2462 static void report_failed_challenge_response(const struct mansession *s,
2463                 const char *response, const char *expected_response)
2464 {
2465         char session_id[32];
2466         struct ast_security_event_chal_resp_failed chal_resp_failed = {
2467                 .common.event_type = AST_SECURITY_EVENT_CHAL_RESP_FAILED,
2468                 .common.version    = AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION,
2469                 .common.service    = "AMI",
2470                 .common.account_id = s->session->username,
2471                 .common.session_tv = &s->session->sessionstart_tv,
2472                 .common.local_addr = {
2473                         .addr      = &s->tcptls_session->parent->local_address,
2474                         .transport = mansession_get_transport(s),
2475                 },
2476                 .common.remote_addr = {
2477                         .addr      = &s->session->addr,
2478                         .transport = mansession_get_transport(s),
2479                 },
2480                 .common.session_id = session_id,
2481
2482                 .challenge         = s->session->challenge,
2483                 .response          = response,
2484                 .expected_response = expected_response,
2485         };
2486
2487         snprintf(session_id, sizeof(session_id), "%p", s->session);
2488
2489         ast_security_event_report(AST_SEC_EVT(&chal_resp_failed));
2490 }
2491
2492 static void report_session_limit(const struct mansession *s)
2493 {
2494         char session_id[32];
2495         struct ast_security_event_session_limit session_limit = {
2496                 .common.event_type = AST_SECURITY_EVENT_SESSION_LIMIT,
2497                 .common.version    = AST_SECURITY_EVENT_SESSION_LIMIT_VERSION,
2498                 .common.service    = "AMI",
2499                 .common.account_id = s->session->username,
2500                 .common.session_tv = &s->session->sessionstart_tv,
2501                 .common.local_addr = {
2502                         .addr      = &s->tcptls_session->parent->local_address,
2503                         .transport = mansession_get_transport(s),
2504                 },
2505                 .common.remote_addr = {
2506                         .addr      = &s->session->addr,
2507                         .transport = mansession_get_transport(s),
2508                 },
2509                 .common.session_id = session_id,
2510         };
2511
2512         snprintf(session_id, sizeof(session_id), "%p", s->session);
2513
2514         ast_security_event_report(AST_SEC_EVT(&session_limit));
2515 }
2516
2517 /*
2518  * Here we start with action_ handlers for AMI actions,
2519  * and the internal functions used by them.
2520  * Generally, the handlers are called action_foo()
2521  */
2522
2523 /* helper function for action_login() */
2524 static int authenticate(struct mansession *s, const struct message *m)
2525 {
2526         const char *username = astman_get_header(m, "Username");
2527         const char *password = astman_get_header(m, "Secret");
2528         int error = -1;
2529         struct ast_manager_user *user = NULL;
2530         regex_t *regex_filter;
2531         struct ao2_iterator filter_iter;
2532
2533         if (ast_strlen_zero(username)) {        /* missing username */
2534                 return -1;
2535         }
2536
2537         /* locate user in locked state */
2538         AST_RWLIST_WRLOCK(&users);
2539
2540         if (!(user = get_manager_by_name_locked(username))) {
2541                 report_invalid_user(s, username);
2542                 ast_log(LOG_NOTICE, "%s tried to authenticate with nonexistent user '%s'\n", ast_sockaddr_stringify_addr(&s->session->addr), username);
2543         } else if (user->acl && (ast_apply_acl(user->acl, &s->session->addr, "Manager User ACL: ") == AST_SENSE_DENY)) {
2544                 report_failed_acl(s, username);
2545                 ast_log(LOG_NOTICE, "%s failed to pass IP ACL as '%s'\n", ast_sockaddr_stringify_addr(&s->session->addr), username);
2546         } else if (!strcasecmp(astman_get_header(m, "AuthType"), "MD5")) {
2547                 const char *key = astman_get_header(m, "Key");
2548                 if (!ast_strlen_zero(key) && !ast_strlen_zero(s->session->challenge) && user->secret) {
2549                         int x;
2550                         int len = 0;
2551                         char md5key[256] = "";
2552                         struct MD5Context md5;
2553                         unsigned char digest[16];
2554
2555                         MD5Init(&md5);
2556                         MD5Update(&md5, (unsigned char *) s->session->challenge, strlen(s->session->challenge));
2557                         MD5Update(&md5, (unsigned char *) user->secret, strlen(user->secret));
2558                         MD5Final(digest, &md5);
2559                         for (x = 0; x < 16; x++)
2560                                 len += sprintf(md5key + len, "%2.2x", digest[x]);
2561                         if (!strcmp(md5key, key)) {
2562                                 error = 0;
2563                         } else {
2564                                 report_failed_challenge_response(s, key, md5key);
2565                         }
2566                 } else {
2567                         ast_debug(1, "MD5 authentication is not possible.  challenge: '%s'\n",
2568                                 S_OR(s->session->challenge, ""));
2569                 }
2570         } else if (user->secret) {
2571                 if (!strcmp(password, user->secret)) {
2572                         error = 0;
2573                 } else {
2574                         report_inval_password(s, username);
2575                 }
2576         }
2577
2578         if (error) {
2579                 ast_log(LOG_NOTICE, "%s failed to authenticate as '%s'\n", ast_sockaddr_stringify_addr(&s->session->addr), username);
2580                 AST_RWLIST_UNLOCK(&users);
2581                 return -1;
2582         }
2583
2584         /* auth complete */
2585
2586         /* All of the user parameters are copied to the session so that in the event
2587         * of a reload and a configuration change, the session parameters are not
2588         * changed. */
2589         ast_copy_string(s->session->username, username, sizeof(s->session->username));
2590         s->session->readperm = user->readperm;
2591         s->session->writeperm = user->writeperm;
2592         s->session->writetimeout = user->writetimeout;
2593         if (user->chanvars) {
2594                 s->session->chanvars = ast_variables_dup(user->chanvars);
2595         }
2596
2597         filter_iter = ao2_iterator_init(user->whitefilters, 0);
2598         while ((regex_filter = ao2_iterator_next(&filter_iter))) {
2599                 ao2_t_link(s->session->whitefilters, regex_filter, "add white user filter to session");
2600                 ao2_t_ref(regex_filter, -1, "remove iterator ref");
2601         }
2602         ao2_iterator_destroy(&filter_iter);
2603
2604         filter_iter = ao2_iterator_init(user->blackfilters, 0);
2605         while ((regex_filter = ao2_iterator_next(&filter_iter))) {
2606                 ao2_t_link(s->session->blackfilters, regex_filter, "add black user filter to session");
2607                 ao2_t_ref(regex_filter, -1, "remove iterator ref");
2608         }
2609         ao2_iterator_destroy(&filter_iter);
2610
2611         s->session->sessionstart = time(NULL);
2612         s->session->sessionstart_tv = ast_tvnow();
2613         set_eventmask(s, astman_get_header(m, "Events"));
2614
2615         report_auth_success(s);
2616
2617         AST_RWLIST_UNLOCK(&users);
2618         return 0;
2619 }
2620
2621 static int action_ping(struct mansession *s, const struct message *m)
2622 {
2623         const char *actionid = astman_get_header(m, "ActionID");
2624         struct timeval now = ast_tvnow();
2625
2626         astman_append(s, "Response: Success\r\n");
2627         if (!ast_strlen_zero(actionid)){
2628                 astman_append(s, "ActionID: %s\r\n", actionid);
2629         }
2630         astman_append(
2631                 s,
2632                 "Ping: Pong\r\n"
2633                 "Timestamp: %ld.%06lu\r\n"
2634                 "\r\n",
2635                 (long) now.tv_sec, (unsigned long) now.tv_usec);
2636         return 0;
2637 }
2638
2639 static int action_getconfig(struct mansession *s, const struct message *m)
2640 {
2641         struct ast_config *cfg;
2642         const char *fn = astman_get_header(m, "Filename");
2643         const char *category = astman_get_header(m, "Category");
2644         int catcount = 0;
2645         int lineno = 0;
2646         char *cur_category = NULL;
2647         struct ast_variable *v;
2648         struct ast_flags config_flags = { CONFIG_FLAG_WITHCOMMENTS | CONFIG_FLAG_NOCACHE };
2649
2650         if (ast_strlen_zero(fn)) {
2651                 astman_send_error(s, m, "Filename not specified");
2652                 return 0;
2653         }
2654         cfg = ast_config_load2(fn, "manager", config_flags);
2655         if (cfg == CONFIG_STATUS_FILEMISSING) {
2656                 astman_send_error(s, m, "Config file not found");
2657                 return 0;
2658         } else if (cfg == CONFIG_STATUS_FILEINVALID) {
2659                 astman_send_error(s, m, "Config file has invalid format");
2660                 return 0;
2661         }
2662
2663         astman_start_ack(s, m);
2664         while ((cur_category = ast_category_browse(cfg, cur_category))) {
2665                 if (ast_strlen_zero(category) || (!ast_strlen_zero(category) && !strcmp(category, cur_category))) {
2666                         lineno = 0;
2667                         astman_append(s, "Category-%06d: %s\r\n", catcount, cur_category);
2668                         for (v = ast_variable_browse(cfg, cur_category); v; v = v->next) {
2669                                 astman_append(s, "Line-%06d-%06d: %s=%s\r\n", catcount, lineno++, v->name, v->value);
2670                         }
2671                         catcount++;
2672                 }
2673         }
2674         if (!ast_strlen_zero(category) && catcount == 0) { /* TODO: actually, a config with no categories doesn't even get loaded */
2675                 astman_append(s, "No categories found\r\n");
2676         }
2677         ast_config_destroy(cfg);
2678         astman_append(s, "\r\n");
2679
2680         return 0;
2681 }
2682
2683 static int action_listcategories(struct mansession *s, const struct message *m)
2684 {
2685         struct ast_config *cfg;
2686         const char *fn = astman_get_header(m, "Filename");
2687         char *category = NULL;
2688         struct ast_flags config_flags = { CONFIG_FLAG_WITHCOMMENTS | CONFIG_FLAG_NOCACHE };
2689         int catcount = 0;
2690
2691         if (ast_strlen_zero(fn)) {
2692                 astman_send_error(s, m, "Filename not specified");
2693                 return 0;
2694         }
2695         if (!(cfg = ast_config_load2(fn, "manager", config_flags))) {
2696                 astman_send_error(s, m, "Config file not found");
2697                 return 0;
2698         } else if (cfg == CONFIG_STATUS_FILEINVALID) {
2699                 astman_send_error(s, m, "Config file has invalid format");
2700                 return 0;
2701         }
2702         astman_start_ack(s, m);
2703         while ((category = ast_category_browse(cfg, category))) {
2704                 astman_append(s, "Category-%06d: %s\r\n", catcount, category);
2705                 catcount++;
2706         }
2707         if (catcount == 0) { /* TODO: actually, a config with no categories doesn't even get loaded */
2708                 astman_append(s, "Error: no categories found\r\n");
2709         }
2710         ast_config_destroy(cfg);
2711         astman_append(s, "\r\n");
2712
2713         return 0;
2714 }
2715
2716
2717
2718
2719 /*! The amount of space in out must be at least ( 2 * strlen(in) + 1 ) */
2720 static void json_escape(char *out, const char *in)
2721 {
2722         for (; *in; in++) {
2723                 if (*in == '\\' || *in == '\"') {
2724                         *out++ = '\\';
2725                 }
2726                 *out++ = *in;
2727         }
2728         *out = '\0';
2729 }
2730
2731 /*!
2732  * \internal
2733  * \brief Append a JSON escaped string to the manager stream.
2734  *
2735  * \param s AMI stream to append a string.
2736  * \param str String to append to the stream after JSON escaping it.
2737  *
2738  * \return Nothing
2739  */
2740 static void astman_append_json(struct mansession *s, const char *str)
2741 {
2742         char *buf;
2743
2744         buf = ast_alloca(2 * strlen(str) + 1);
2745         json_escape(buf, str);
2746         astman_append(s, "%s", buf);
2747 }
2748
2749 static int action_getconfigjson(struct mansession *s, const struct message *m)
2750 {
2751         struct ast_config *cfg;
2752         const char *fn = astman_get_header(m, "Filename");
2753         char *category = NULL;
2754         struct ast_variable *v;
2755         int comma1 = 0;
2756         struct ast_flags config_flags = { CONFIG_FLAG_WITHCOMMENTS | CONFIG_FLAG_NOCACHE };
2757
2758         if (ast_strlen_zero(fn)) {
2759                 astman_send_error(s, m, "Filename not specified");
2760                 return 0;
2761         }
2762
2763         if (!(cfg = ast_config_load2(fn, "manager", config_flags))) {
2764                 astman_send_error(s, m, "Config file not found");
2765                 return 0;
2766         } else if (cfg == CONFIG_STATUS_FILEINVALID) {
2767                 astman_send_error(s, m, "Config file has invalid format");
2768                 return 0;
2769         }
2770
2771         astman_start_ack(s, m);
2772         astman_append(s, "JSON: {");
2773         while ((category = ast_category_browse(cfg, category))) {
2774                 int comma2 = 0;
2775
2776                 astman_append(s, "%s\"", comma1 ? "," : "");
2777                 astman_append_json(s, category);
2778                 astman_append(s, "\":[");
2779                 comma1 = 1;
2780                 for (v = ast_variable_browse(cfg, category); v; v = v->next) {
2781                         astman_append(s, "%s\"", comma2 ? "," : "");
2782                         astman_append_json(s, v->name);
2783                         astman_append(s, "\":\"");
2784                         astman_append_json(s, v->value);
2785                         astman_append(s, "\"");
2786                         comma2 = 1;
2787                 }
2788                 astman_append(s, "]");
2789         }
2790         astman_append(s, "}\r\n\r\n");
2791
2792         ast_config_destroy(cfg);
2793
2794         return 0;
2795 }
2796
2797 /*! \brief helper function for action_updateconfig */
2798 static enum error_type handle_updates(struct mansession *s, const struct message *m, struct ast_config *cfg, const char *dfn)
2799 {
2800         int x;
2801         char hdr[40];
2802         const char *action, *cat, *var, *value, *match, *line;
2803         struct ast_category *category;
2804         struct ast_variable *v;
2805         struct ast_str *str1 = ast_str_create(16), *str2 = ast_str_create(16);
2806         enum error_type result = 0;
2807
2808         for (x = 0; x < 100000; x++) {  /* 100000 = the max number of allowed updates + 1 */
2809                 unsigned int object = 0;
2810
2811                 snprintf(hdr, sizeof(hdr), "Action-%06d", x);
2812                 action = astman_get_header(m, hdr);
2813                 if (ast_strlen_zero(action))            /* breaks the for loop if no action header */
2814                         break;                          /* this could cause problems if actions come in misnumbered */
2815
2816                 snprintf(hdr, sizeof(hdr), "Cat-%06d", x);
2817                 cat = astman_get_header(m, hdr);
2818                 if (ast_strlen_zero(cat)) {             /* every action needs a category */
2819                         result =  UNSPECIFIED_CATEGORY;
2820                         break;
2821                 }
2822
2823                 snprintf(hdr, sizeof(hdr), "Var-%06d", x);
2824                 var = astman_get_header(m, hdr);
2825
2826                 snprintf(hdr, sizeof(hdr), "Value-%06d", x);
2827                 value = astman_get_header(m, hdr);
2828
2829                 if (!ast_strlen_zero(value) && *value == '>') {
2830                         object = 1;
2831                         value++;
2832                 }
2833
2834                 snprintf(hdr, sizeof(hdr), "Match-%06d", x);
2835                 match = astman_get_header(m, hdr);
2836
2837                 snprintf(hdr, sizeof(hdr), "Line-%06d", x);
2838                 line = astman_get_header(m, hdr);
2839
2840                 if (!strcasecmp(action, "newcat")) {
2841                         if (ast_category_get(cfg,cat)) {        /* check to make sure the cat doesn't */
2842                                 result = FAILURE_NEWCAT;        /* already exist */
2843                                 break;
2844                         }
2845                         if (!(category = ast_category_new(cat, dfn, -1))) {
2846                                 result = FAILURE_ALLOCATION;
2847                                 break;
2848                         }
2849                         if (ast_strlen_zero(match)) {
2850                                 ast_category_append(cfg, category);
2851                         } else {
2852                                 ast_category_insert(cfg, category, match);
2853                         }
2854                 } else if (!strcasecmp(action, "renamecat")) {
2855                         if (ast_strlen_zero(value)) {
2856                                 result = UNSPECIFIED_ARGUMENT;
2857                                 break;
2858                         }
2859                         if (!(category = ast_category_get(cfg, cat))) {
2860                                 result = UNKNOWN_CATEGORY;
2861                                 break;
2862                         }
2863                         ast_category_rename(category, value);
2864                 } else if (!strcasecmp(action, "delcat")) {
2865                         if (ast_category_delete(cfg, cat)) {
2866                                 result = FAILURE_DELCAT;
2867                                 break;
2868                         }
2869                 } else if (!strcasecmp(action, "emptycat")) {
2870                         if (ast_category_empty(cfg, cat)) {
2871                                 result = FAILURE_EMPTYCAT;
2872                                 break;
2873                         }
2874                 } else if (!strcasecmp(action, "update")) {
2875                         if (ast_strlen_zero(var)) {
2876                                 result = UNSPECIFIED_ARGUMENT;
2877                                 break;
2878                         }
2879                         if (!(category = ast_category_get(cfg,cat))) {
2880                                 result = UNKNOWN_CATEGORY;
2881                                 break;
2882                         }
2883                         if (ast_variable_update(category, var, value, match, object)) {
2884                                 result = FAILURE_UPDATE;
2885                                 break;
2886                         }
2887                 } else if (!strcasecmp(action, "delete")) {
2888                         if ((ast_strlen_zero(var) && ast_strlen_zero(line))) {
2889                                 result = UNSPECIFIED_ARGUMENT;
2890                                 break;
2891                         }
2892                         if (!(category = ast_category_get(cfg, cat))) {
2893                                 result = UNKNOWN_CATEGORY;
2894                                 break;
2895                         }
2896                         if (ast_variable_delete(category, var, match, line)) {
2897                                 result = FAILURE_DELETE;
2898                                 break;
2899                         }
2900                 } else if (!strcasecmp(action, "append")) {
2901                         if (ast_strlen_zero(var)) {
2902                                 result = UNSPECIFIED_ARGUMENT;
2903                                 break;
2904                         }
2905                         if (!(category = ast_category_get(cfg, cat))) {
2906                                 result = UNKNOWN_CATEGORY;
2907                                 break;
2908                         }
2909                         if (!(v = ast_variable_new(var, value, dfn))) {
2910                                 result = FAILURE_ALLOCATION;
2911                                 break;
2912                         }
2913                         if (object || (match && !strcasecmp(match, "object"))) {
2914                                 v->object = 1;
2915                         }
2916                         ast_variable_append(category, v);
2917                 } else if (!strcasecmp(action, "insert")) {
2918                         if (ast_strlen_zero(var) || ast_strlen_zero(line)) {
2919                                 result = UNSPECIFIED_ARGUMENT;
2920                                 break;
2921                         }
2922                         if (!(category = ast_category_get(cfg, cat))) {
2923                                 result = UNKNOWN_CATEGORY;
2924                                 break;
2925                         }
2926                         if (!(v = ast_variable_new(var, value, dfn))) {
2927                                 result = FAILURE_ALLOCATION;
2928                                 break;
2929                         }
2930                         ast_variable_insert(category, v, line);
2931                 }
2932                 else {
2933                         ast_log(LOG_WARNING, "Action-%06d: %s not handled\n", x, action);
2934                         result = UNKNOWN_ACTION;
2935                         break;
2936                 }
2937         }
2938         ast_free(str1);
2939         ast_free(str2);
2940         return result;
2941 }
2942
2943 static int action_updateconfig(struct mansession *s, const struct message *m)
2944 {
2945         struct ast_config *cfg;
2946         const char *sfn = astman_get_header(m, "SrcFilename");
2947         const char *dfn = astman_get_header(m, "DstFilename");
2948         int res;
2949         const char *rld = astman_get_header(m, "Reload");
2950         struct ast_flags config_flags = { CONFIG_FLAG_WITHCOMMENTS | CONFIG_FLAG_NOCACHE };
2951         enum error_type result;
2952
2953         if (ast_strlen_zero(sfn) || ast_strlen_zero(dfn)) {
2954                 astman_send_error(s, m, "Filename not specified");
2955                 return 0;
2956         }
2957         if (!(cfg = ast_config_load2(sfn, "manager", config_flags))) {
2958                 astman_send_error(s, m, "Config file not found");
2959                 return 0;
2960         } else if (cfg == CONFIG_STATUS_FILEINVALID) {
2961                 astman_send_error(s, m, "Config file has invalid format");
2962                 return 0;
2963         }
2964         result = handle_updates(s, m, cfg, dfn);
2965         if (!result) {
2966                 ast_include_rename(cfg, sfn, dfn); /* change the include references from dfn to sfn, so things match up */
2967                 res = ast_config_text_file_save(dfn, cfg, "Manager");
2968                 ast_config_destroy(cfg);
2969                 if (res) {
2970                         astman_send_error(s, m, "Save of config failed");
2971                         return 0;
2972                 }
2973                 astman_send_ack(s, m, NULL);
2974                 if (!ast_strlen_zero(rld)) {
2975                         if (ast_true(rld)) {
2976                                 rld = NULL;
2977                         }
2978                         ast_module_reload(rld);
2979                 }
2980         } else {
2981                 ast_config_destroy(cfg);
2982                 switch(result) {
2983                 case UNKNOWN_ACTION:
2984                         astman_send_error(s, m, "Unknown action command");
2985                         break;
2986                 case UNKNOWN_CATEGORY:
2987                         astman_send_error(s, m, "Given category does not exist");
2988                         break;
2989                 case UNSPECIFIED_CATEGORY:
2990                         astman_send_error(s, m, "Category not specified");
2991                         break;
2992                 case UNSPECIFIED_ARGUMENT:
2993                         astman_send_error(s, m, "Problem with category, value, or line (if required)");
2994                         break;
2995                 case FAILURE_ALLOCATION:
2996                         astman_send_error(s, m, "Memory allocation failure, this should not happen");
2997                         break;
2998                 case FAILURE_NEWCAT:
2999                         astman_send_error(s, m, "Create category did not complete successfully");
3000                         break;
3001                 case FAILURE_DELCAT:
3002                         astman_send_error(s, m, "Delete category did not complete successfully");
3003                         break;
3004                 case FAILURE_EMPTYCAT:
3005                         astman_send_error(s, m, "Empty category did not complete successfully");
3006                         break;
3007                 case FAILURE_UPDATE:
3008                         astman_send_error(s, m, "Update did not complete successfully");
3009                         break;
3010                 case FAILURE_DELETE:
3011                         astman_send_error(s, m, "Delete did not complete successfully");
3012                         break;
3013                 case FAILURE_APPEND:
3014                         astman_send_error(s, m, "Append did not complete successfully");
3015                         break;
3016                 }
3017         }
3018         return 0;
3019 }
3020
3021 static int action_createconfig(struct mansession *s, const struct message *m)
3022 {
3023         int fd;
3024         const char *fn = astman_get_header(m, "Filename");
3025         struct ast_str *filepath = ast_str_alloca(PATH_MAX);
3026         ast_str_set(&filepath, 0, "%s/", ast_config_AST_CONFIG_DIR);
3027         ast_str_append(&filepath, 0, "%s", fn);
3028
3029         if ((fd = open(ast_str_buffer(filepath), O_CREAT | O_EXCL, AST_FILE_MODE)) != -1) {
3030                 close(fd);
3031                 astman_send_ack(s, m, "New configuration file created successfully");
3032         } else {
3033                 astman_send_error(s, m, strerror(errno));
3034         }
3035
3036         return 0;
3037 }
3038
3039 static int action_waitevent(struct mansession *s, const struct message *m)
3040 {
3041         const char *timeouts = astman_get_header(m, "Timeout");
3042         int timeout = -1;
3043         int x;
3044         int needexit = 0;
3045         const char *id = astman_get_header(m, "ActionID");
3046         char idText[256];
3047
3048         if (!ast_strlen_zero(id)) {
3049                 snprintf(idText, sizeof(idText), "ActionID: %s\r\n", id);
3050         } else {
3051                 idText[0] = '\0';
3052         }
3053
3054         if (!ast_strlen_zero(timeouts)) {
3055                 sscanf(timeouts, "%30i", &timeout);
3056                 if (timeout < -1) {
3057                         timeout = -1;
3058                 }
3059                 /* XXX maybe put an upper bound, or prevent the use of 0 ? */
3060         }
3061
3062         ao2_lock(s->session);
3063         if (s->session->waiting_thread != AST_PTHREADT_NULL) {
3064                 pthread_kill(s->session->waiting_thread, SIGURG);
3065         }
3066
3067         if (s->session->managerid) { /* AMI-over-HTTP session */
3068                 /*
3069                  * Make sure the timeout is within the expire time of the session,
3070                  * as the client will likely abort the request if it does not see
3071                  * data coming after some amount of time.
3072                  */
3073                 time_t now = time(NULL);
3074                 int max = s->session->sessiontimeout - now - 10;
3075
3076                 if (max < 0) {  /* We are already late. Strange but possible. */
3077                         max = 0;
3078                 }
3079                 if (timeout < 0 || timeout > max) {
3080                         timeout = max;
3081                 }
3082                 if (!s->session->send_events) { /* make sure we record events */
3083                         s->session->send_events = -1;
3084                 }
3085         }
3086         ao2_unlock(s->session);
3087
3088         /* XXX should this go inside the lock ? */
3089         s->session->waiting_thread = pthread_self();    /* let new events wake up this thread */
3090         ast_debug(1, "Starting waiting for an event!\n");
3091
3092         for (x = 0; x < timeout || timeout < 0; x++) {
3093                 ao2_lock(s->session);
3094                 if (AST_RWLIST_NEXT(s->session->last_ev, eq_next)) {
3095                         needexit = 1;
3096                 }
3097                 /* We can have multiple HTTP session point to the same mansession entry.
3098                  * The way we deal with it is not very nice: newcomers kick out the previous
3099                  * HTTP session. XXX this needs to be improved.
3100                  */
3101                 if (s->session->waiting_thread != pthread_self()) {
3102                         needexit = 1;
3103                 }
3104                 if (s->session->needdestroy) {
3105                         needexit = 1;
3106                 }
3107                 ao2_unlock(s->session);
3108                 if (needexit) {
3109                         break;
3110                 }
3111                 if (s->session->managerid == 0) {       /* AMI session */
3112                         if (ast_wait_for_input(s->session->fd, 1000)) {
3113                                 break;
3114                         }
3115                 } else {        /* HTTP session */
3116                         sleep(1);
3117                 }
3118         }
3119         ast_debug(1, "Finished waiting for an event!\n");
3120
3121         ao2_lock(s->session);
3122         if (s->session->waiting_thread == pthread_self()) {
3123                 struct eventqent *eqe = s->session->last_ev;
3124                 astman_send_response(s, m, "Success", "Waiting for Event completed.");
3125                 while ((eqe = advance_event(eqe))) {
3126                         if (((s->session->readperm & eqe->category) == eqe->category) &&
3127                             ((s->session->send_events & eqe->category) == eqe->category)) {
3128                                 astman_append(s, "%s", eqe->eventdata);
3129                         }
3130                         s->session->last_ev = eqe;
3131                 }
3132                 astman_append(s,
3133                         "Event: WaitEventComplete\r\n"
3134                         "%s"
3135                         "\r\n", idText);
3136                 s->session->waiting_thread = AST_PTHREADT_NULL;
3137         } else {
3138                 ast_debug(1, "Abandoning event request!\n");
3139         }
3140         ao2_unlock(s->session);
3141
3142         return 0;
3143 }
3144
3145 static int action_listcommands(struct mansession *s, const struct message *m)
3146 {
3147         struct manager_action *cur;
3148         struct ast_str *temp = ast_str_alloca(256);
3149
3150         astman_start_ack(s, m);
3151         AST_RWLIST_RDLOCK(&actions);
3152         AST_RWLIST_TRAVERSE(&actions, cur, list) {
3153                 if ((s->session->writeperm & cur->authority) || cur->authority == 0) {
3154                         astman_append(s, "%s: %s (Priv: %s)\r\n",
3155                                 cur->action, cur->synopsis, authority_to_str(cur->authority, &temp));
3156                 }
3157         }
3158         AST_RWLIST_UNLOCK(&actions);
3159         astman_append(s, "\r\n");
3160
3161         return 0;
3162 }
3163
3164 static int action_events(struct mansession *s, const struct message *m)
3165 {
3166         const char *mask = astman_get_header(m, "EventMask");
3167         int res, x;
3168         const char *id = astman_get_header(m, "ActionID");
3169         char id_text[256];
3170
3171         if (!ast_strlen_zero(id)) {
3172                 snprintf(id_text, sizeof(id_text), "ActionID: %s\r\n", id);
3173         } else {
3174                 id_text[0] = '\0';
3175         }
3176
3177         res = set_eventmask(s, mask);
3178         if (broken_events_action) {
3179                 /* if this option is set we should not return a response on
3180                  * error, or when all events are set */
3181
3182                 if (res > 0) {
3183                         for (x = 0; x < ARRAY_LEN(perms); x++) {
3184                                 if (!strcasecmp(perms[x].label, "all") && res == perms[x].num) {
3185                                         return 0;
3186                                 }
3187                         }
3188                         astman_append(s, "Response: Success\r\n%s"
3189                                          "Events: On\r\n\r\n", id_text);
3190                 } else if (res == 0)
3191                         astman_append(s, "Response: Success\r\n%s"
3192                                          "Events: Off\r\n\r\n", id_text);
3193                 return 0;
3194         }
3195
3196         if (res > 0)
3197                 astman_append(s, "Response: Success\r\n%s"
3198                                  "Events: On\r\n\r\n", id_text);
3199         else if (res == 0)
3200                 astman_append(s, "Response: Success\r\n%s"
3201                                  "Events: Off\r\n\r\n", id_text);
3202         else
3203                 astman_send_error(s, m, "Invalid event mask");
3204
3205         return 0;
3206 }
3207
3208 static int action_logoff(struct mansession *s, const struct message *m)
3209 {
3210         astman_send_response(s, m, "Goodbye", "Thanks for all the fish.");
3211         return -1;
3212 }
3213
3214 static int action_login(struct mansession *s, const struct message *m)
3215 {
3216
3217         /* still authenticated - don't process again */
3218         if (s->session->authenticated) {
3219                 astman_send_ack(s, m, "Already authenticated");
3220                 return 0;
3221         }
3222
3223         if (authenticate(s, m)) {
3224                 sleep(1);
3225                 astman_send_error(s, m, "Authentication failed");
3226                 return -1;
3227         }
3228         s->session->authenticated = 1;
3229         ast_atomic_fetchadd_int(&unauth_sessions, -1);
3230         if (manager_displayconnects(s->session)) {
3231                 ast_verb(2, "%sManager '%s' logged on from %s\n", (s->session->managerid ? "HTTP " : ""), s->session->username, ast_sockaddr_stringify_addr(&s->session->addr));
3232         }
3233         astman_send_ack(s, m, "Authentication accepted");
3234         if ((s->session->send_events & EVENT_FLAG_SYSTEM)
3235                 && ast_test_flag(&ast_options, AST_OPT_FLAG_FULLY_BOOTED)) {
3236                 struct ast_str *auth = ast_str_alloca(80);
3237                 const char *cat_str = authority_to_str(EVENT_FLAG_SYSTEM, &auth);
3238                 astman_append(s, "Event: FullyBooted\r\n"
3239                         "Privilege: %s\r\n"
3240                         "Status: Fully Booted\r\n\r\n", cat_str);
3241         }
3242         return 0;
3243 }
3244
3245 static int action_challenge(struct mansession *s, const struct message *m)
3246 {
3247         const char *authtype = astman_get_header(m, "AuthType");
3248
3249         if (!strcasecmp(authtype, "MD5")) {
3250                 if (ast_strlen_zero(s->session->challenge)) {
3251                         snprintf(s->session->challenge, sizeof(s->session->challenge), "%ld", ast_random());
3252                 }
3253                 mansession_lock(s);
3254                 astman_start_ack(s, m);
3255                 astman_append(s, "Challenge: %s\r\n\r\n", s->session->challenge);
3256                 mansession_unlock(s);
3257         } else {
3258                 astman_send_error(s, m, "Must specify AuthType");
3259         }
3260         return 0;
3261 }
3262
3263 static int action_hangup(struct mansession *s, const struct message *m)
3264 {
3265         struct ast_channel *c = NULL;
3266         int causecode = 0; /* all values <= 0 mean 'do not set hangupcause in channel' */
3267         const char *id = astman_get_header(m, "ActionID");
3268         const char *name_or_regex = astman_get_header(m, "Channel");
3269         const char *cause = astman_get_header(m, "Cause");
3270         char idText[256];
3271         regex_t regexbuf;
3272         struct ast_channel_iterator *iter = NULL;
3273         struct ast_str *regex_string;
3274         int channels_matched = 0;
3275
3276         if (ast_strlen_zero(name_or_regex)) {
3277                 astman_send_error(s, m, "No channel specified");
3278                 return 0;
3279         }
3280
3281         if (!ast_strlen_zero(id)) {
3282                 snprintf(idText, sizeof(idText), "ActionID: %s\r\n", id);
3283         } else {
3284                 idText[0] = '\0';
3285         }
3286
3287         if (!ast_strlen_zero(cause)) {
3288                 char *endptr;
3289                 causecode = strtol(cause, &endptr, 10);
3290                 if (causecode < 0 || causecode > 127 || *endptr != '\0') {
3291                         ast_log(LOG_NOTICE, "Invalid 'Cause: %s' in manager action Hangup\n", cause);
3292                         /* keep going, better to hangup without cause than to not hang up at all */
3293                         causecode = 0; /* do not set channel's hangupcause */
3294                 }
3295         }
3296
3297         /************************************************/
3298         /* Regular explicit match channel byname hangup */
3299
3300         if (name_or_regex[0] != '/') {
3301                 if (!(c = ast_channel_get_by_name(name_or_regex))) {
3302                         ast_log(LOG_NOTICE, "!!!!!!!!!! Can't find channel to hang up!\n");
3303                         astman_send_error(s, m, "No such channel");
3304                         return 0;
3305                 }
3306
3307                 ast_verb(3, "%sManager '%s' from %s, hanging up channel: %s\n",
3308                         (s->session->managerid ? "HTTP " : ""),
3309                         s->session->username,
3310                         ast_sockaddr_stringify_addr(&s->session->addr),
3311                         ast_channel_name(c));
3312
3313                 ast_channel_softhangup_withcause_locked(c, causecode);
3314                 c = ast_channel_unref(c);
3315
3316                 astman_send_ack(s, m, "Channel Hungup");
3317
3318                 return 0;
3319         }
3320
3321         /***********************************************/
3322         /* find and hangup any channels matching regex */
3323
3324         regex_string = ast_str_create(strlen(name_or_regex));
3325         if (!regex_string) {
3326                 astman_send_error(s, m, "Memory Allocation Failure");
3327                 return 0;
3328         }
3329
3330         /* Make "/regex/" into "regex" */
3331         if (ast_regex_string_to_regex_pattern(name_or_regex, &regex_string) != 0) {
3332                 astman_send_error(s, m, "Regex format invalid, Channel param should be /regex/");
3333                 ast_free(regex_string);
3334                 return 0;
3335         }
3336
3337         /* if regex compilation fails, hangup fails */
3338         if (regcomp(&regexbuf, ast_str_buffer(regex_string), REG_EXTENDED | REG_NOSUB)) {
3339                 astman_send_error_va(s, m, "Regex compile failed on: %s\n", name_or_regex);
3340                 ast_free(regex_string);
3341                 return 0;
3342         }
3343
3344         astman_send_listack(s, m, "Channels hung up will follow", "start");
3345
3346         iter = ast_channel_iterator_all_new();
3347         if (iter) {
3348                 for (; (c = ast_channel_iterator_next(iter)); ast_channel_unref(c)) {
3349                         if (regexec(&regexbuf, ast_channel_name(c), 0, NULL, 0)) {
3350                                 continue;
3351                         }
3352
3353                         ast_verb(3, "%sManager '%s' from %s, hanging up channel: %s\n",
3354                                 (s->session->managerid ? "HTTP " : ""),
3355                                 s->session->username,
3356                                 ast_sockaddr_stringify_addr(&s->session->addr),
3357                                 ast_channel_name(c));
3358
3359                         ast_channel_softhangup_withcause_locked(c, causecode);
3360                         channels_matched++;
3361
3362                         astman_append(s,
3363                                 "Event: ChannelHungup\r\n"
3364                                 "Channel: %s\r\n"
3365                                 "%s"
3366                                 "\r\n", ast_channel_name(c), idText);
3367                 }
3368                 ast_channel_iterator_destroy(iter);
3369         }
3370
3371         regfree(&regexbuf);
3372         ast_free(regex_string);
3373
3374         astman_append(s,
3375                 "Event: ChannelsHungupListComplete\r\n"
3376                 "EventList: Complete\r\n"
3377                 "ListItems: %d\r\n"
3378                 "%s"
3379                 "\r\n", channels_matched, idText);
3380
3381         return 0;
3382 }
3383
3384 static int action_setvar(struct mansession *s, const struct message *m)
3385 {
3386         struct ast_channel *c = NULL;
3387         const char *name = astman_get_header(m, "Channel");
3388         const char *varname = astman_get_header(m, "Variable");
3389         const char *varval = astman_get_header(m, "Value");
3390         int res = 0;
3391
3392         if (ast_strlen_zero(varname)) {
3393                 astman_send_error(s, m, "No variable specified");
3394                 return 0;
3395         }
3396
3397         if (!ast_strlen_zero(name)) {
3398                 if (!(c = ast_channel_get_by_name(name))) {
3399                         astman_send_error(s, m, "No such channel");
3400                         return 0;
3401                 }
3402         }
3403
3404         res = pbx_builtin_setvar_helper(c, varname, S_OR(varval, ""));
3405
3406         if (c) {
3407                 c = ast_channel_unref(c);
3408         }
3409         if (res == 0) {
3410                 astman_send_ack(s, m, "Variable Set");
3411         } else {
3412                 astman_send_error(s, m, "Variable not set");
3413         }
3414         return 0;
3415 }
3416
3417 static int action_getvar(struct mansession *s, const struct message *m)
3418 {
3419         struct ast_channel *c = NULL;
3420         const char *name = astman_get_header(m, "Channel");
3421         const char *varname = astman_get_header(m, "Variable");
3422         char *varval;
3423         char workspace[1024];
3424
3425         if (ast_strlen_zero(varname)) {
3426                 astman_send_error(s, m, "No variable specified");
3427                 return 0;
3428         }
3429
3430         /* We don't want users with insufficient permissions using certain functions. */
3431         if (!(function_capable_string_allowed_with_auths(varname, s->session->writeperm))) {
3432                 astman_send_error(s, m, "GetVar Access Forbidden: Variable");
3433                 return 0;
3434         }
3435
3436         if (!ast_strlen_zero(name)) {
3437                 if (!(c = ast_channel_get_by_name(name))) {
3438                         astman_send_error(s, m, "No such channel");
3439                         return 0;
3440                 }
3441         }
3442
3443         workspace[0] = '\0';
3444         if (varname[strlen(varname) - 1] == ')') {
3445                 if (!c) {
3446                         c = ast_dummy_channel_alloc();
3447                         if (c) {
3448                                 ast_func_read(c, (char *) varname, workspace, sizeof(workspace));
3449                         } else
3450                                 ast_log(LOG_ERROR, "Unable to allocate bogus channel for variable substitution.  Function results may be blank.\n");
3451                 } else {
3452                         ast_func_read(c, (char *) varname, workspace, sizeof(workspace));
3453                 }
3454                 varval = workspace;
3455         } else {
3456                 pbx_retrieve_variable(c, varname, &varval, workspace, sizeof(workspace), NULL);
3457         }
3458
3459         if (c) {
3460                 c = ast_channel_unref(c);
3461         }
3462
3463         astman_start_ack(s, m);
3464         astman_append(s, "Variable: %s\r\nValue: %s\r\n\r\n", varname, S_OR(varval, ""));
3465
3466         return 0;
3467 }
3468
3469 /*! \brief Manager "status" command to show channels */
3470 /* Needs documentation... */
3471 static int action_status(struct mansession *s, const struct message *m)
3472 {
3473         const char *name = astman_get_header(m, "Channel");
3474         const char *cvariables = astman_get_header(m, "Variables");
3475         char *variables = ast_strdupa(S_OR(cvariables, ""));
3476         struct ast_channel *c;
3477         char bridge[256];
3478         struct timeval now = ast_tvnow();
3479         long elapsed_seconds = 0;
3480         int channels = 0;
3481         int all = ast_strlen_zero(name); /* set if we want all channels */
3482         const char *id = astman_get_header(m, "ActionID");
3483         char idText[256];