82a995cb6a51b1e546f74a07081521e06376bef0
[asterisk/asterisk.git] / res / res_pjsip / config_transport.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2013, Digium, Inc.
5  *
6  * Joshua Colp <jcolp@digium.com>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18
19 #include "asterisk.h"
20
21 #include <pjsip.h>
22 #include <pjlib.h>
23
24 #include "asterisk/res_pjsip.h"
25 #include "asterisk/logger.h"
26 #include "asterisk/astobj2.h"
27 #include "asterisk/sorcery.h"
28 #include "asterisk/acl.h"
29
30 static int destroy_transport_state(void *data)
31 {
32         pjsip_transport *transport = data;
33         pjsip_transport_shutdown(transport);
34         return 0;
35 }
36
37 /*! \brief Destructor for transport state information */
38 static void transport_state_destroy(void *obj)
39 {
40         struct ast_sip_transport_state *state = obj;
41
42         if (state->transport) {
43                 ast_sip_push_task_synchronous(NULL, destroy_transport_state, state->transport);
44         }
45 }
46
47 /*! \brief Destructor for transport */
48 static void transport_destroy(void *obj)
49 {
50         struct ast_sip_transport *transport = obj;
51
52         ast_string_field_free_memory(transport);
53         ast_free_ha(transport->localnet);
54
55         if (transport->external_address_refresher) {
56                 ast_dnsmgr_release(transport->external_address_refresher);
57         }
58
59         ao2_cleanup(transport->state);
60 }
61
62 /*! \brief Allocator for transport */
63 static void *transport_alloc(const char *name)
64 {
65         struct ast_sip_transport *transport = ast_sorcery_generic_alloc(sizeof(*transport), transport_destroy);
66
67         if (!transport) {
68                 return NULL;
69         }
70
71         if (ast_string_field_init(transport, 256)) {
72                 ao2_cleanup(transport);
73                 return NULL;
74         }
75
76         pjsip_tls_setting_default(&transport->tls);
77         transport->tls.ciphers = transport->ciphers;
78
79         return transport;
80 }
81
82 static void set_qos(struct ast_sip_transport *transport, pj_qos_params *qos)
83 {
84         if (transport->tos) {
85                 qos->flags |= PJ_QOS_PARAM_HAS_DSCP;
86                 qos->dscp_val = transport->tos;
87         }
88         if (transport->cos) {
89                 qos->flags |= PJ_QOS_PARAM_HAS_SO_PRIO;
90                 qos->so_prio = transport->cos;
91         }
92 }
93
94 /*! \brief Apply handler for transports */
95 static int transport_apply(const struct ast_sorcery *sorcery, void *obj)
96 {
97         struct ast_sip_transport *transport = obj;
98         RAII_VAR(struct ast_sip_transport *, existing, ast_sorcery_retrieve_by_id(sorcery, "transport", ast_sorcery_object_get_id(obj)), ao2_cleanup);
99         pj_status_t res = -1;
100
101         if (!existing || !existing->state) {
102                 if (!(transport->state = ao2_alloc(sizeof(*transport->state), transport_state_destroy))) {
103                         ast_log(LOG_ERROR, "Transport state for '%s' could not be allocated\n", ast_sorcery_object_get_id(obj));
104                         return -1;
105                 }
106         } else {
107                 transport->state = existing->state;
108                 ao2_ref(transport->state, +1);
109         }
110
111         /* Once active a transport can not be reconfigured */
112         if (transport->state->transport || transport->state->factory) {
113                 return -1;
114         }
115
116         if (transport->host.addr.sa_family != PJ_AF_INET && transport->host.addr.sa_family != PJ_AF_INET6) {
117                 ast_log(LOG_ERROR, "Transport '%s' could not be started as binding not specified\n", ast_sorcery_object_get_id(obj));
118                 return -1;
119         }
120
121         /* Set default port if not present */
122         if (!pj_sockaddr_get_port(&transport->host)) {
123                 pj_sockaddr_set_port(&transport->host, (transport->type == AST_TRANSPORT_TLS) ? 5061 : 5060);
124         }
125
126         /* Now that we know what address family we can set up a dnsmgr refresh for the external media address if present */
127         if (!ast_strlen_zero(transport->external_signaling_address)) {
128                 if (transport->host.addr.sa_family == pj_AF_INET()) {
129                         transport->external_address.ss.ss_family = AF_INET;
130                 } else if (transport->host.addr.sa_family == pj_AF_INET6()) {
131                         transport->external_address.ss.ss_family = AF_INET6;
132                 } else {
133                         ast_log(LOG_ERROR, "Unknown address family for transport '%s', could not get external signaling address\n",
134                                         ast_sorcery_object_get_id(obj));
135                         return -1;
136                 }
137
138                 if (ast_dnsmgr_lookup(transport->external_signaling_address, &transport->external_address, &transport->external_address_refresher, NULL) < 0) {
139                         ast_log(LOG_ERROR, "Could not create dnsmgr for external signaling address on '%s'\n", ast_sorcery_object_get_id(obj));
140                         return -1;
141                 }
142         }
143
144         if (transport->type == AST_TRANSPORT_UDP) {
145                 if (transport->host.addr.sa_family == pj_AF_INET()) {
146                         res = pjsip_udp_transport_start(ast_sip_get_pjsip_endpoint(), &transport->host.ipv4, NULL, transport->async_operations, &transport->state->transport);
147                 } else if (transport->host.addr.sa_family == pj_AF_INET6()) {
148                         res = pjsip_udp_transport_start6(ast_sip_get_pjsip_endpoint(), &transport->host.ipv6, NULL, transport->async_operations, &transport->state->transport);
149                 }
150
151                 if (res == PJ_SUCCESS && (transport->tos || transport->cos)) {
152                         pj_sock_t sock;
153                         pj_qos_params qos_params;
154
155                         sock = pjsip_udp_transport_get_socket(transport->state->transport);
156                         pj_sock_get_qos_params(sock, &qos_params);
157                         set_qos(transport, &qos_params);
158                         pj_sock_set_qos_params(sock, &qos_params);
159                 }
160         } else if (transport->type == AST_TRANSPORT_TCP) {
161                 pjsip_tcp_transport_cfg cfg;
162
163                 pjsip_tcp_transport_cfg_default(&cfg, transport->host.addr.sa_family);
164                 cfg.bind_addr = transport->host;
165                 cfg.async_cnt = transport->async_operations;
166                 set_qos(transport, &cfg.qos_params);
167
168                 res = pjsip_tcp_transport_start3(ast_sip_get_pjsip_endpoint(), &cfg, &transport->state->factory);
169         } else if (transport->type == AST_TRANSPORT_TLS) {
170                 transport->tls.ca_list_file = pj_str((char*)transport->ca_list_file);
171                 transport->tls.cert_file = pj_str((char*)transport->cert_file);
172                 transport->tls.privkey_file = pj_str((char*)transport->privkey_file);
173                 transport->tls.password = pj_str((char*)transport->password);
174                 set_qos(transport, &transport->tls.qos_params);
175
176                 res = pjsip_tls_transport_start2(ast_sip_get_pjsip_endpoint(), &transport->tls, &transport->host, NULL, transport->async_operations, &transport->state->factory);
177         } else if ((transport->type == AST_TRANSPORT_WS) || (transport->type == AST_TRANSPORT_WSS)) {
178                 if (transport->cos || transport->tos) {
179                         ast_log(LOG_WARNING, "TOS and COS values ignored for websocket transport\n");
180                 }
181                 res = PJ_SUCCESS;
182         }
183
184         if (res != PJ_SUCCESS) {
185                 char msg[PJ_ERR_MSG_SIZE];
186
187                 pjsip_strerror(res, msg, sizeof(msg));
188                 ast_log(LOG_ERROR, "Transport '%s' could not be started: %s\n", ast_sorcery_object_get_id(obj), msg);
189                 return -1;
190         }
191         return 0;
192 }
193
194 /*! \brief Custom handler for turning a string protocol into an enum */
195 static int transport_protocol_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
196 {
197         struct ast_sip_transport *transport = obj;
198
199         if (!strcasecmp(var->value, "udp")) {
200                 transport->type = AST_TRANSPORT_UDP;
201         } else if (!strcasecmp(var->value, "tcp")) {
202                 transport->type = AST_TRANSPORT_TCP;
203         } else if (!strcasecmp(var->value, "tls")) {
204                 transport->type = AST_TRANSPORT_TLS;
205         } else if (!strcasecmp(var->value, "ws")) {
206                 transport->type = AST_TRANSPORT_WS;
207         } else if (!strcasecmp(var->value, "wss")) {
208                 transport->type = AST_TRANSPORT_WSS;
209         } else {
210                 return -1;
211         }
212
213         return 0;
214 }
215
216 /*! \brief Custom handler for turning a string bind into a pj_sockaddr */
217 static int transport_bind_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
218 {
219         struct ast_sip_transport *transport = obj;
220         pj_str_t buf;
221
222         return (pj_sockaddr_parse(pj_AF_UNSPEC(), 0, pj_cstr(&buf, var->value), &transport->host) != PJ_SUCCESS) ? -1 : 0;
223 }
224
225 /*! \brief Custom handler for TLS boolean settings */
226 static int transport_tls_bool_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
227 {
228         struct ast_sip_transport *transport = obj;
229
230         if (!strcasecmp(var->name, "verify_server")) {
231                 transport->tls.verify_server = ast_true(var->value) ? PJ_TRUE : PJ_FALSE;
232         } else if (!strcasecmp(var->name, "verify_client")) {
233                 transport->tls.verify_client = ast_true(var->value) ? PJ_TRUE : PJ_FALSE;
234         } else if (!strcasecmp(var->name, "require_client_cert")) {
235                 transport->tls.require_client_cert = ast_true(var->value) ? PJ_TRUE : PJ_FALSE;
236         } else {
237                 return -1;
238         }
239
240         return 0;
241 }
242
243 /*! \brief Custom handler for TLS method setting */
244 static int transport_tls_method_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
245 {
246         struct ast_sip_transport *transport = obj;
247
248         if (!strcasecmp(var->value, "default")) {
249                 transport->tls.method = PJSIP_SSL_DEFAULT_METHOD;
250         } else if (!strcasecmp(var->value, "unspecified")) {
251                 transport->tls.method = PJSIP_SSL_UNSPECIFIED_METHOD;
252         } else if (!strcasecmp(var->value, "tlsv1")) {
253                 transport->tls.method = PJSIP_TLSV1_METHOD;
254         } else if (!strcasecmp(var->value, "sslv2")) {
255                 transport->tls.method = PJSIP_SSLV2_METHOD;
256         } else if (!strcasecmp(var->value, "sslv3")) {
257                 transport->tls.method = PJSIP_SSLV3_METHOD;
258         } else if (!strcasecmp(var->value, "sslv23")) {
259                 transport->tls.method = PJSIP_SSLV23_METHOD;
260         } else {
261                 return -1;
262         }
263
264         return 0;
265 }
266
267 /*! \brief Custom handler for TLS cipher setting */
268 static int transport_tls_cipher_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
269 {
270         struct ast_sip_transport *transport = obj;
271         pj_ssl_cipher cipher;
272
273         if (transport->tls.ciphers_num == (SIP_TLS_MAX_CIPHERS - 1)) {
274                 return -1;
275         }
276
277         /* TODO: Check this over/tweak - it's taken from pjsua for now */
278         if (!strnicmp(var->value, "0x", 2)) {
279                 pj_str_t cipher_st = pj_str((char*)var->value + 2);
280                 cipher = pj_strtoul2(&cipher_st, NULL, 16);
281         } else {
282                 cipher = atoi(var->value);
283         }
284
285         if (pj_ssl_cipher_is_supported(cipher)) {
286                 transport->ciphers[transport->tls.ciphers_num++] = cipher;
287                 return 0;
288         } else {
289                 ast_log(LOG_ERROR, "Cipher '%s' is unsupported\n", var->value);
290                 return -1;
291         }
292 }
293
294 /*! \brief Custom handler for localnet setting */
295 static int transport_localnet_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
296 {
297         struct ast_sip_transport *transport = obj;
298         int error = 0;
299
300         if (!(transport->localnet = ast_append_ha("d", var->value, transport->localnet, &error))) {
301                 return -1;
302         }
303
304         return error;
305 }
306
307 /*! \brief Initialize sorcery with transport support */
308 int ast_sip_initialize_sorcery_transport(struct ast_sorcery *sorcery)
309 {
310         ast_sorcery_apply_default(sorcery, "transport", "config", "pjsip.conf,criteria=type=transport");
311
312         if (ast_sorcery_object_register(sorcery, "transport", transport_alloc, NULL, transport_apply)) {
313                 return -1;
314         }
315
316         ast_sorcery_object_field_register(sorcery, "transport", "type", "", OPT_NOOP_T, 0, 0);
317         ast_sorcery_object_field_register_custom(sorcery, "transport", "protocol", "udp", transport_protocol_handler, NULL, 0, 0);
318         ast_sorcery_object_field_register_custom(sorcery, "transport", "bind", "", transport_bind_handler, NULL, 0, 0);
319         ast_sorcery_object_field_register(sorcery, "transport", "async_operations", "1", OPT_UINT_T, 0, FLDSET(struct ast_sip_transport, async_operations));
320         ast_sorcery_object_field_register(sorcery, "transport", "ca_list_file", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, ca_list_file));
321         ast_sorcery_object_field_register(sorcery, "transport", "cert_file", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, cert_file));
322         ast_sorcery_object_field_register(sorcery, "transport", "privkey_file", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, privkey_file));
323         ast_sorcery_object_field_register(sorcery, "transport", "password", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, password));
324         ast_sorcery_object_field_register(sorcery, "transport", "external_signaling_address", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, external_signaling_address));
325         ast_sorcery_object_field_register(sorcery, "transport", "external_signaling_port", "0", OPT_UINT_T, PARSE_IN_RANGE, FLDSET(struct ast_sip_transport, external_signaling_port), 0, 65535);
326         ast_sorcery_object_field_register(sorcery, "transport", "external_media_address", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, external_media_address));
327         ast_sorcery_object_field_register(sorcery, "transport", "domain", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_transport, domain));
328         ast_sorcery_object_field_register_custom(sorcery, "transport", "verify_server", "", transport_tls_bool_handler, NULL, 0, 0);
329         ast_sorcery_object_field_register_custom(sorcery, "transport", "verify_client", "", transport_tls_bool_handler, NULL, 0, 0);
330         ast_sorcery_object_field_register_custom(sorcery, "transport", "require_client_cert", "", transport_tls_bool_handler, NULL, 0, 0);
331         ast_sorcery_object_field_register_custom(sorcery, "transport", "method", "", transport_tls_method_handler, NULL, 0, 0);
332         ast_sorcery_object_field_register_custom(sorcery, "transport", "cipher", "", transport_tls_cipher_handler, NULL, 0, 0);
333         ast_sorcery_object_field_register_custom(sorcery, "transport", "localnet", "", transport_localnet_handler, NULL, 0, 0);
334         ast_sorcery_object_field_register(sorcery, "transport", "tos", "0", OPT_UINT_T, 0, FLDSET(struct ast_sip_transport, tos));
335         ast_sorcery_object_field_register(sorcery, "transport", "cos", "0", OPT_UINT_T, 0, FLDSET(struct ast_sip_transport, cos));
336
337         return 0;
338 }