summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Troy <dave@popvox.com>2006-04-07 20:55:51 +0000
committerDavid Troy <dave@popvox.com>2006-04-07 20:55:51 +0000
commit27aa7a3382cf0ed4973fa7e207d4ffc9733f69d5 (patch)
treef8a9824b3a235fa45ebe2724668881a73e9e59ae
parentce35268086acbc958c33e8b39e2440c7ed1d2592 (diff)
downloadastmanproxy-27aa7a3382cf0ed4973fa7e207d4ffc9733f69d5.zip
astmanproxy-27aa7a3382cf0ed4973fa7e207d4ffc9733f69d5.tar.gz
astmanproxy-27aa7a3382cf0ed4973fa7e207d4ffc9733f69d5.tar.xz
git-svn-id: http://svncommunity.digium.com/svn/astmanproxy/branches/1.20pre@94 f02b47b9-160a-0410-81a6-dc3441afb0ec
-rw-r--r--Makefile4
-rw-r--r--configs/astmanproxy.conf3
-rw-r--r--src/astmanproxy.c7
-rw-r--r--src/config.c2
-rw-r--r--src/config_perms.c2
-rw-r--r--src/include/astmanproxy.h3
-rw-r--r--src/proxyfunc.c9
7 files changed, 21 insertions, 9 deletions
diff --git a/Makefile b/Makefile
index 7257bbc..4b22697 100644
--- a/Makefile
+++ b/Makefile
@@ -60,7 +60,7 @@ DEFINES+='-DMDIR="$(MODDIR)"' '-DPDIR="$(PERMDIR)"' '-DPFILE="$(PERMFILE)"'
VPATH = src
# Add -g below for debug/GDB symbols
-CFLAGS+= $(DEFINES) -g -Wall -O2 -D_REENTRANT -fPIC -Isrc/include -I/usr/include/openssl -I-
+CFLAGS+= $(DEFINES) -Wall -O2 -D_REENTRANT -fPIC -Isrc/include -I/usr/include/openssl -I-
# For printing only
SRCS := $(MODS:%=%.c)
@@ -77,7 +77,7 @@ $(OBJS): %.o: %.c
$(SOBJS): %.so: %.o
$(CC) $(SOLINK) $< -o $@
-SERIAL=0
+SERIAL=`date "+%Y%m%d%H%M%S"`
cert:
if [ ! -f $(PROXYCERT) ]; then \
diff --git a/configs/astmanproxy.conf b/configs/astmanproxy.conf
index 3a017ac..6164e9c 100644
--- a/configs/astmanproxy.conf
+++ b/configs/astmanproxy.conf
@@ -57,6 +57,9 @@ listenport = 1234
; in place and well understood.
; proxykey = foobar
+; Do we require authentication (either proxykey or astmanproxy.users entry)?
+authrequired = no
+
; user and group for proxy to run as; will NOT run as root!
proc_user = nobody
proc_group = nobody
diff --git a/src/astmanproxy.c b/src/astmanproxy.c
index f6c0cd5..b84fdad 100644
--- a/src/astmanproxy.c
+++ b/src/astmanproxy.c
@@ -280,14 +280,17 @@ void *session_do(struct mansession *s)
actionid = astman_get_header(&m, ACTION_ID);
action = astman_get_header(&m, "Action");
if ( !strcasecmp(action, "Login") )
- ProxyLogin(s, &m);
+ if (!s->authenticated)
+ ProxyLogin(s, &m);
+ else
+ break;
else if ( !strcasecmp(action, "Logoff") )
ProxyLogoff(s);
else if ( !strcasecmp(action, "Challenge") )
ProxyChallenge(s, &m);
else if ( !(*proxyaction == '\0') )
proxyaction_do(proxyaction, &m, s);
- else if ( ValidateAction(&m, s ,0) ) {
+ else if ( ValidateAction(&m, s, 0) ) {
if ( !(*actionid == '\0') )
setactionid(actionid, &m, s);
if ( !WriteAsterisk(&m) )
diff --git a/src/config.c b/src/config.c
index c8c9d80..f642aa6 100644
--- a/src/config.c
+++ b/src/config.c
@@ -107,6 +107,8 @@ void *processline(char *s) {
pc.clientwritetimeout = atoi(value);
else if (!strcmp(name,"sslclienthellotimeout") )
pc.sslclhellotimeout = atoi(value);
+ else if (!strcmp(name,"authrequired") )
+ pc.authrequired = strcmp(value,"yes") ? 0 : 1;
else if (!strcmp(name,"acceptencryptedconnection") )
pc.acceptencryptedconnection = strcmp(value,"yes") ? 0 : 1;
else if (!strcmp(name,"acceptunencryptedconnection") )
diff --git a/src/config_perms.c b/src/config_perms.c
index 939d90f..4dbeeb0 100644
--- a/src/config_perms.c
+++ b/src/config_perms.c
@@ -1,5 +1,3 @@
-/* #include <pwd.h> */
-/* #include <grp.h> */
#include "astmanproxy.h"
extern pthread_mutex_t userslock;
diff --git a/src/include/astmanproxy.h b/src/include/astmanproxy.h
index db370dc..dc7ac87 100644
--- a/src/include/astmanproxy.h
+++ b/src/include/astmanproxy.h
@@ -61,7 +61,8 @@ struct proxyconfig {
int listen_port;
char inputformat[80];
char outputformat[80];
- int autofilter;
+ int autofilter; /* enable autofiltering? */
+ int authrequired; /* is authentication required? */
char key[80];
char proc_user[40];
char proc_group[40];
diff --git a/src/proxyfunc.c b/src/proxyfunc.c
index d1d5f38..434baff 100644
--- a/src/proxyfunc.c
+++ b/src/proxyfunc.c
@@ -156,10 +156,12 @@ void *ProxyLogin(struct mansession *s, struct message *m) {
AddHeader(&mo, "Response: Success");
AddHeader(&mo, "Message: Authentication accepted");
s->output->write(s, &mo);
- s->authenticated = 1;
+ pthread_mutex_lock(&s->lock);
+ s->authenticated = 1;
strcpy(s->user.channel, pu->channel);
strcpy(s->user.icontext, pu->icontext);
strcpy(s->user.ocontext, pu->ocontext);
+ pthread_mutex_unlock(&s->lock);
if( debug )
debugmsg("Login as: %s", user);
break;
@@ -171,11 +173,14 @@ void *ProxyLogin(struct mansession *s, struct message *m) {
if( !pu ) {
SendError(s, "Authentication failed");
+ pthread_mutex_lock(&s->lock);
s->authenticated = 0;
+ pthread_mutex_unlock(&s->lock);
if( debug )
debugmsg("Login failed as: %s/%s", user, secret);
}
+
return 0;
}
@@ -334,7 +339,7 @@ int ValidateAction(struct message *m, struct mansession *s, int inbound) {
char *uchannel;
char *ucontext;
- if( !s->authenticated )
+ if( pc.authrequired && !s->authenticated )
return 0;
if( inbound )