summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/astmanproxy.c711
-rw-r--r--src/common.c135
-rw-r--r--src/config.c305
-rw-r--r--src/config_perms.c125
-rw-r--r--src/csv.c30
-rw-r--r--src/dlfcn.c1282
-rw-r--r--src/http.c155
-rw-r--r--src/include/astmanproxy.h149
-rw-r--r--src/include/dlfcn-compat.h83
-rw-r--r--src/include/endian.h60
-rw-r--r--src/include/md5.h18
-rw-r--r--src/include/poll-compat.h101
-rw-r--r--src/include/ssl.h89
-rw-r--r--src/log.c57
-rw-r--r--src/md5.c260
-rw-r--r--src/poll.c306
-rw-r--r--src/proxyfunc.c390
-rw-r--r--src/ssl.c438
-rw-r--r--src/standard.c70
-rw-r--r--src/xml.c158
20 files changed, 4922 insertions, 0 deletions
diff --git a/src/astmanproxy.c b/src/astmanproxy.c
new file mode 100644
index 0000000..b84fdad
--- /dev/null
+++ b/src/astmanproxy.c
@@ -0,0 +1,711 @@
+/* Asterisk Manager Proxy
+ Copyright (c) 2005 David C. Troy <dave@popvox.com>
+
+ This program is free software, distributed under the terms of
+ the GNU General Public License.
+
+*/
+
+#include "astmanproxy.h"
+
+extern int LoadHandlers( void );
+extern void ReadConfig( void );
+extern void ReadPerms( void );
+extern FILE *OpenLogfile( void );
+extern int SetProcUID( void );
+
+extern void *proxyaction_do(char *proxyaction, struct message *m, struct mansession *s);
+extern void *ProxyLogin(struct mansession *s, struct message *m);
+extern void *ProxyLogoff(struct mansession *s);
+extern int ValidateAction(struct message *m, struct mansession *s, int inbound);
+
+int ConnectAsterisk(struct mansession *s);
+
+struct proxyconfig pc;
+struct mansession *sessions = NULL;
+struct iohandler *iohandlers = NULL;
+
+pthread_mutex_t sessionlock;
+pthread_mutex_t serverlock;
+pthread_mutex_t userslock;
+pthread_mutex_t loglock;
+pthread_mutex_t debuglock;
+static int asock = -1;
+FILE *proxylog;
+int debug = 0;
+
+void hup(int sig) {
+ if (proxylog) {
+ fflush(proxylog);
+ fclose(proxylog);
+ }
+ proxylog = OpenLogfile();
+ logmsg("Received HUP -- reopened log");
+ ReadPerms();
+ logmsg("Received HUP -- reread permissions");
+}
+
+void leave(int sig) {
+ struct mansession *c;
+ struct message sm, cm;
+ struct iohandler *io;
+ struct ast_server *srv;
+ char iabuf[INET_ADDRSTRLEN];
+
+ /* Message to send to servers */
+ memset(&sm, 0, sizeof(struct message));
+ AddHeader(&sm, "Action: Logoff");
+
+ /* Message to send to clients */
+ memset(&cm, 0, sizeof(struct message));
+ AddHeader(&cm, PROXY_SHUTDOWN);
+
+ if (debug)
+ debugmsg("Notifying and closing sessions");
+ pthread_mutex_lock (&sessionlock);
+ while (sessions) {
+ c = sessions;
+ sessions = sessions->next;
+
+ if (c->server) {
+ if (debug)
+ debugmsg("asterisk@%s: closing session", ast_inet_ntoa(iabuf, sizeof(iabuf), c->sin.sin_addr));
+ c->output->write(c, &sm);
+ logmsg("Shutdown, closed server %s", ast_inet_ntoa(iabuf, sizeof(iabuf), c->sin.sin_addr));
+ } else {
+ if (debug)
+ debugmsg("client@%s: closing session", ast_inet_ntoa(iabuf, sizeof(iabuf), c->sin.sin_addr));
+ c->output->write(c, &cm);
+ logmsg("Shutdown, closed client %s", ast_inet_ntoa(iabuf, sizeof(iabuf), c->sin.sin_addr));
+ }
+ close_sock(c->fd); /* close tcp & ssl socket */
+ pthread_mutex_destroy(&c->lock);
+ free(c);
+ }
+ pthread_mutex_unlock (&sessionlock);
+
+ /* unload server list */
+ while (pc.serverlist) {
+ srv = pc.serverlist;
+ pc.serverlist = srv->next;
+ if (debug)
+ debugmsg("asterisk@%s: forgetting", srv->ast_host);
+ free(srv);
+ }
+
+ if (debug)
+ debugmsg("Closing listener socket");
+ close_sock(asock); /* close tcp & ssl socket */
+
+ /* unload io handlers */
+ while (iohandlers) {
+ io = iohandlers;
+ iohandlers = iohandlers->next;
+ if (debug)
+ debugmsg("unloading: %s", io->formatname);
+ dlclose(io->dlhandle);
+ free(io);
+ }
+
+ if(debug)
+ debugmsg("Done!\n");
+ logmsg("Proxy stopped; shutting down.");
+
+ fclose(proxylog);
+ pthread_mutex_destroy(&sessionlock);
+ pthread_mutex_destroy(&loglock);
+ pthread_mutex_destroy(&debuglock);
+ exit(sig);
+}
+
+void Version( void )
+{
+ printf("astmanproxy: Version %s, (C) David C. Troy 2005-2006\n", PROXY_VERSION);
+ return;
+}
+
+void Usage( void )
+{
+ printf("Usage: astmanproxy [-d|-h|-v]\n");
+ printf(" -d : Start in Debug Mode\n");
+ printf(" -h : Displays this message\n");
+ printf(" -v : Displays version information\n");
+ printf("Start with no options to run as daemon\n");
+ return;
+}
+
+void destroy_session(struct mansession *s)
+{
+ struct mansession *cur, *prev = NULL;
+ char iabuf[INET_ADDRSTRLEN];
+
+ pthread_mutex_lock(&sessionlock);
+ cur = sessions;
+ while(cur) {
+ if (cur == s)
+ break;
+ prev = cur;
+ cur = cur->next;
+ }
+ if (cur) {
+ if (prev)
+ prev->next = cur->next;
+ else
+ sessions = cur->next;
+ debugmsg("Connection closed: %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr));
+ close_sock(s->fd); /* close tcp/ssl socket */
+ pthread_mutex_destroy(&s->lock);
+ free(s);
+ } else
+ debugmsg("Trying to delete non-existent session %p?\n", s);
+ pthread_mutex_unlock(&sessionlock);
+
+ /* If there are no servers and no clients, why are we here? */
+ if (!sessions) {
+ logmsg("Cannot connect to any servers! Leaving!");
+ leave(0);
+ }
+}
+
+int WriteClients(struct message *m) {
+ struct mansession *c;
+ char *actionid;
+
+ c = sessions;
+ while (c) {
+ if ( !c->server && m->hdrcount>1 && ValidateAction(m, c, 1) ) {
+ if (c->autofilter && c->actionid) {
+ actionid = astman_get_header(m, ACTION_ID);
+ if ( !strcmp(actionid, c->actionid) ) {
+ c->output->write(c, m);
+ }
+ } else
+ c->output->write(c, m);
+ if (c->inputcomplete) {
+ pthread_mutex_lock(&c->lock);
+ c->outputcomplete = 1;
+ pthread_mutex_unlock(&c->lock);
+ }
+ }
+ c = c->next;
+ }
+ return 1;
+}
+
+int WriteAsterisk(struct message *m) {
+ int i;
+ char outstring[MAX_LEN], *dest;
+ struct mansession *s, *first;
+
+ first = NULL;
+ dest = NULL;
+
+ s = sessions;
+
+ dest = astman_get_header(m, "Server");
+ if (debug && *dest) debugmsg("set destination: %s", dest);
+ while ( s ) {
+ if ( s->server && (s->connected > 0) ) {
+ if ( !first )
+ first = s;
+ if (*dest && !strcasecmp(dest, s->server->ast_host) )
+ break;
+ }
+ s = s->next;
+ }
+
+ if (!s)
+ s = first;
+
+ /* Check for no servers and empty block -- Don't pester Asterisk if it is one*/
+ if (!s || !s->server || (!m->hdrcount && !m->headers[0][0]) )
+ return 1;
+
+ debugmsg("writing block to %s", s->server->ast_host);
+
+ pthread_mutex_lock(&s->lock);
+ for (i=0; i<m->hdrcount; i++) {
+ if (strcasecmp(m->headers[i], "Server:") ) {
+ sprintf(outstring, "%s\r\n", m->headers[i]);
+ ast_carefulwrite(s->fd, outstring, strlen(outstring), s->writetimeout );
+ }
+ }
+ ast_carefulwrite(s->fd, "\r\n", 2, s->writetimeout);
+ pthread_mutex_unlock(&s->lock);
+ return 1;
+}
+
+void *setactionid(char *actionid, struct message *m, struct mansession *s)
+{
+ pthread_mutex_lock(&s->lock);
+ strncpy(s->actionid, actionid, MAX_LEN);
+ pthread_mutex_unlock(&s->lock);
+
+ return 0;
+}
+
+/* Handles proxy client sessions; closely based on session_do from asterisk's manager.c */
+void *session_do(struct mansession *s)
+{
+ struct message m;
+ int res;
+ char *proxyaction, *actionid, *action, *key;
+
+ if (s->input->onconnect)
+ s->input->onconnect(s, &m);
+
+ for (;;) {
+ /* Get a complete message block from input handler */
+ memset(&m, 0, sizeof(struct message) );
+ if (debug > 3)
+ debugmsg("calling %s_read...", s->input->formatname);
+ res = s->input->read(s, &m);
+ if (debug > 3)
+ debugmsg("%s_read result = %d", s->input->formatname, res);
+ m.session = s;
+
+ if (res > 0) {
+ /* Check for anything that requires proxy-side processing */
+ if (pc.key[0] != '\0' && !s->authenticated) {
+ key = astman_get_header(&m, "ProxyKey");
+ if (!strcmp(key, pc.key) ) {
+ pthread_mutex_lock(&s->lock);
+ s->authenticated = 1;
+ pthread_mutex_unlock(&s->lock);
+ } else
+ break;
+ }
+
+ proxyaction = astman_get_header(&m, "ProxyAction");
+ actionid = astman_get_header(&m, ACTION_ID);
+ action = astman_get_header(&m, "Action");
+ if ( !strcasecmp(action, "Login") )
+ if (!s->authenticated)
+ ProxyLogin(s, &m);
+ else
+ break;
+ else if ( !strcasecmp(action, "Logoff") )
+ ProxyLogoff(s);
+ else if ( !strcasecmp(action, "Challenge") )
+ ProxyChallenge(s, &m);
+ else if ( !(*proxyaction == '\0') )
+ proxyaction_do(proxyaction, &m, s);
+ else if ( ValidateAction(&m, s, 0) ) {
+ if ( !(*actionid == '\0') )
+ setactionid(actionid, &m, s);
+ if ( !WriteAsterisk(&m) )
+ break;
+ } else {
+ SendError(s, "Action Filtered");
+ }
+ } else if (res < 0)
+ break;
+ }
+
+ destroy_session(s);
+ if (debug)
+ debugmsg("--- exiting session_do thread ---");
+ pthread_exit(NULL);
+ return NULL;
+}
+
+void *HandleAsterisk(struct mansession *s)
+{
+ struct message m;
+ int res,i;
+ char iabuf[INET_ADDRSTRLEN];
+
+ if (ConnectAsterisk(s))
+ goto leave;
+ for (;;) {
+
+ debugmsg("asterisk@%s: attempting read...", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr));
+ memset(&m, 0, sizeof(struct message) );
+ res = s->input->read(s, &m);
+ m.session = s;
+
+ if (res > 0) {
+ if (debug) {
+ for(i=0; i<m.hdrcount; i++) {
+ debugmsg("asterisk@%s got: %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr), m.headers[i]);
+ }
+ }
+
+ if (!s->connected) {
+ if ( !strcmp("Authentication accepted", astman_get_header(&m, "Message")) ) {
+ s->connected = 1;
+ if (debug)
+ debugmsg("asterisk@%s: connected successfully!", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr) );
+ }
+ if ( !strcmp("Authentication failed", astman_get_header(&m, "Message")) ) {
+ s->connected = -1;
+ }
+ }
+
+ m.session = s;
+ AddHeader(&m, "Server: %s", m.session->server->ast_host);
+
+ if (!WriteClients(&m))
+ break;
+ } else if (res < 0) {
+ /* TODO: do we need to do more than this here? or something different? */
+ if ( debug )
+ debugmsg("asterisk@%s: Not connected", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr));
+ if ( ConnectAsterisk(s) )
+ break;
+ }
+ }
+
+leave:
+ if (debug)
+ debugmsg("asterisk@%s: Giving up and exiting thread", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr) );
+ destroy_session(s);
+ pthread_exit(NULL);
+ return NULL;
+}
+
+int ConnectAsterisk(struct mansession *s) {
+ char iabuf[INET_ADDRSTRLEN];
+ int r = 1, res = 0;
+ struct message m;
+
+ /* Don't try to do this if auth has already failed! */
+ if (s->connected < 0 )
+ return 1;
+ else
+ s->connected = 0;
+
+ if (debug)
+ debugmsg("asterisk@%s: Connecting (u=%s, p=%s, ssl=%s)", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr),
+ s->server->ast_user, s->server->ast_pass, s->server->use_ssl ? "on" : "off");
+
+ /* Construct auth message just once */
+ memset( &m, 0, sizeof(struct message) );
+ AddHeader(&m, "Action: Login");
+ AddHeader(&m, "Username: %s", s->server->ast_user);
+ AddHeader(&m, "Secret: %s", s->server->ast_pass);
+ AddHeader(&m, "Events: %s", s->server->ast_events);
+
+ for ( ;; ) {
+ if ( ast_connect(s) == -1 ) {
+ if (debug)
+ debugmsg("asterisk@%s: Connect failed, Retrying (%d) %s [%d]",
+ ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr), r, strerror(errno), errno );
+ if (pc.maxretries && (++r>pc.maxretries) ) {
+ res = 1;
+ break;
+ } else
+ sleep(pc.retryinterval);
+ } else {
+ /* Send login */
+ s->output->write(s, &m);
+ res = 0;
+ break;
+ }
+ }
+
+ return res;
+}
+
+int StartServer(struct ast_server *srv) {
+
+ struct mansession *s;
+ struct hostent *ast_hostent;
+
+ char iabuf[INET_ADDRSTRLEN];
+ pthread_attr_t attr;
+
+ pthread_attr_init(&attr);
+ pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
+
+ ast_hostent = gethostbyname(srv->ast_host);
+ if (!ast_hostent) {
+ logmsg("Cannot resolve host %s, cannot add!", srv->ast_host);
+ debugmsg("Cannot resolve host %s, cannot add!", srv->ast_host);
+ return 1;
+ }
+
+ s = malloc(sizeof(struct mansession));
+ if ( !s ) {
+ logmsg("Failed to allocate server session: %s\n", strerror(errno));
+ debugmsg("Failed to allocate server session: %s\n", strerror(errno));
+ return 1;
+ }
+
+ memset(s, 0, sizeof(struct mansession));
+ SetIOHandlers(s, "standard", "standard");
+ s->server = srv;
+
+ bzero((char *) &s->sin,sizeof(s->sin));
+ s->sin.sin_family = AF_INET;
+ memcpy( &s->sin.sin_addr.s_addr, ast_hostent->h_addr, ast_hostent->h_length );
+ s->sin.sin_port = htons(atoi(s->server->ast_port));
+ s->fd = socket(AF_INET, SOCK_STREAM, 0);
+
+ pthread_mutex_lock(&sessionlock);
+ s->next = sessions;
+ sessions = s;
+ pthread_mutex_unlock(&sessionlock);
+
+ logmsg("Allocated Asterisk server session for %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr));
+ if (debug) {
+ debugmsg("asterisk@%s: Allocated server session", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr));
+ debugmsg("Set %s input format to %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr), s->input->formatname);
+ debugmsg("Set %s output format to %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr), s->output->formatname);
+ }
+
+ if (pthread_create(&s->t, &attr, (void *)HandleAsterisk, s))
+ destroy_session(s);
+ else
+ debugmsg("launched ast %s thread!", s->server->ast_host);
+
+ pthread_attr_destroy(&attr);
+ return 0;
+}
+
+int LaunchAsteriskThreads() {
+
+ struct ast_server *srv;
+
+ srv = pc.serverlist;
+ while (srv) {
+ StartServer(srv);
+ srv = srv->next;
+ }
+ return 0;
+}
+
+int SetIOHandlers(struct mansession *s, char *ifmt, char *ofmt)
+{
+ int res = 0;
+ struct iohandler *io;
+
+ io = iohandlers;
+ pthread_mutex_lock(&s->lock);
+ while (io) {
+ if ( !strcasecmp(io->formatname, ifmt) )
+ s->input = io;
+
+ if ( !strcasecmp(io->formatname, ofmt) )
+ s->output = io;
+
+ io = io->next;
+ }
+
+ /* set default handlers if non match was found */
+ if (!s->output) {
+ s->output = iohandlers;
+ res = 1;
+ }
+
+ if (!s->input) {
+ s->input = iohandlers;
+ res = 1;
+ }
+ pthread_mutex_unlock(&s->lock);
+
+ return res;
+}
+
+static void *accept_thread()
+{
+ int as;
+ struct sockaddr_in sin;
+ int sinlen;
+ struct mansession *s;
+ struct protoent *p;
+ int arg = 1;
+ int flags;
+ pthread_attr_t attr;
+ char iabuf[INET_ADDRSTRLEN];
+ int is_encrypted;
+
+ pthread_attr_init(&attr);
+ pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
+
+ for (;;) {
+ sinlen = sizeof(sin);
+ as = accept(asock, (struct sockaddr *)&sin, &sinlen);
+ if (as < 0) {
+ logmsg("Accept returned -1: %s\n", strerror(errno));
+ continue;
+ }
+ p = (struct protoent *)getprotobyname("tcp");
+ if( p ) {
+ if( setsockopt(as, p->p_proto, TCP_NODELAY, (char *)&arg, sizeof(arg) ) < 0 ) {
+ logmsg("Failed to set listener tcp connection to TCP_NODELAY mode: %s\n", strerror(errno));
+ }
+ }
+
+ /* SSL stuff below */
+ is_encrypted = is_encrypt_request(pc.sslclhellotimeout, as);
+ debugmsg("is_encrypted: %d", is_encrypted);
+ if (is_encrypted > 0) {
+ if (!pc.acceptencryptedconnection) {
+ if( debug )
+ debugmsg("Accepting encrypted connection disabled, closing the connection \n");
+ close_sock(as);
+ continue;
+ } else {
+ if((as = saccept(as)) >= 0 ) {
+ if( debug )
+ debugmsg("Can't accept the ssl connection, since SSL init has failed for certificate reason\n");
+ close_sock(as);
+ continue;
+ }
+ }
+ } else if (is_encrypted == -1) {
+ logmsg("SSL version 2 is unsecure, we don't support it\n");
+ close_sock(as);
+ continue;
+ }
+ if ( (! pc.acceptunencryptedconnection) && (as >= 0)) {
+ logmsg("Unencrypted connections are not accepted and we received an unencrypted connection request\n");
+ close_sock(as);
+ continue;
+ }
+ /* SSL stuff end */
+
+ s = malloc(sizeof(struct mansession));
+ if ( !s ) {
+ logmsg("Failed to allocate listener session: %s\n", strerror(errno));
+ continue;
+ }
+ memset(s, 0, sizeof(struct mansession));
+ memcpy(&s->sin, &sin, sizeof(sin));
+
+ /* For safety, make sure socket is non-blocking */
+ flags = fcntl(get_real_fd(as), F_GETFL);
+ fcntl(get_real_fd(as), F_SETFL, flags | O_NONBLOCK);
+
+ pthread_mutex_init(&s->lock, NULL);
+ s->fd = as;
+ SetIOHandlers(s, pc.inputformat, pc.outputformat);
+ s->autofilter = pc.autofilter;
+ s->server = NULL;
+
+ pthread_mutex_lock(&sessionlock);
+ s->next = sessions;
+ sessions = s;
+ pthread_mutex_unlock(&sessionlock);
+
+ logmsg("Connection received from %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr));
+ if (debug) {
+ debugmsg("Connection received from %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr));
+ debugmsg("Set %s input format to %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr), s->input->formatname);
+ debugmsg("Set %s output format to %s", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr), s->output->formatname);
+ }
+
+ if (pthread_create(&s->t, &attr, (void *)session_do, s))
+ destroy_session(s);
+ }
+ pthread_attr_destroy(&attr);
+ return NULL;
+}
+
+int main(int argc, char *argv[])
+{
+ struct sockaddr_in serv_sock_addr, client_sock_addr;
+ int cli_addrlen;
+ struct linger lingerstruct; /* for socket reuse */
+ int flag; /* for socket reuse */
+ pid_t pid;
+ char i;
+
+ /* Figure out if we are in debug mode, handle other switches */
+ while (( i = getopt( argc, argv, "dhv" ) ) != EOF )
+ {
+ switch( i ) {
+ case 'd':
+ debug++;
+ break;
+ case 'h':
+ Usage();
+ exit(0);
+ case 'v':
+ Version();
+ exit(0);
+ case '?':
+ Usage();
+ exit(1);
+ }
+ }
+
+
+ ReadConfig();
+ proxylog = OpenLogfile();
+ LoadHandlers();
+
+ if (SetProcUID()) {
+ fprintf(stderr,"Cannot set user/group! Check proc_user and proc_group config setting!\n");
+ exit(1);
+ }
+
+ /* If we are not in debug mode, then fork to background */
+ if (!debug) {
+ if ( (pid = fork()) < 0)
+ exit( 1 );
+ else if ( pid > 0)
+ exit( 0 );
+ }
+
+ /* Setup signal handlers */
+ (void) signal(SIGINT,leave);
+ (void) signal(SIGHUP,hup);
+ (void) signal(SIGTERM,leave);
+ (void) signal(SIGPIPE, SIG_IGN);
+
+ /* Initialize global mutexes */
+ pthread_mutex_init(&sessionlock, NULL);
+ pthread_mutex_init(&userslock, NULL);
+ pthread_mutex_init(&loglock, NULL);
+ pthread_mutex_init(&debuglock, NULL);
+
+ /* Read initial state for user permissions */
+ ReadPerms();
+
+ /* Initialize SSL Client-Side Context */
+ client_init_secure();
+
+ /* Initialize global client/server list */
+ sessions = NULL;
+ LaunchAsteriskThreads();
+
+ /* Setup listener socket to setup new sessions... */
+ if ((asock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
+ fprintf(stderr,"Cannot create listener socket!\n");
+ exit(1);
+ }
+ bzero((char *) &serv_sock_addr, sizeof serv_sock_addr );
+ serv_sock_addr.sin_family = AF_INET;
+
+ if ( !strcmp(pc.listen_addr,"*") )
+ serv_sock_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+ else
+ serv_sock_addr.sin_addr.s_addr = inet_addr( pc.listen_addr);
+ serv_sock_addr.sin_port = htons((short)pc.listen_port);
+
+ /* Set listener socket re-use options */
+ setsockopt(asock, SOL_SOCKET, SO_REUSEADDR, (void *)&flag, sizeof(flag));
+ lingerstruct.l_onoff = 1;
+ lingerstruct.l_linger = 5;
+ setsockopt(asock, SOL_SOCKET, SO_LINGER, (void *)&lingerstruct, sizeof(lingerstruct));
+
+ if (bind(asock, (struct sockaddr *) &serv_sock_addr, sizeof serv_sock_addr ) < 0) {
+ fprintf(stderr,"Cannot bind to listener socket!\n");
+ exit(1);
+ }
+
+ listen(asock, 5);
+ cli_addrlen = sizeof(client_sock_addr);
+ if (debug)
+ debugmsg("Listening for connections");
+ logmsg("Proxy Started: Listening for connections");
+
+ /* Launch listener thread */
+ accept_thread();
+
+ pthread_exit(NULL);
+ exit(0);
+}
+
diff --git a/src/common.c b/src/common.c
new file mode 100644
index 0000000..d6bea7a
--- /dev/null
+++ b/src/common.c
@@ -0,0 +1,135 @@
+#include "astmanproxy.h"
+
+/* This routine based on get_input from Asterisk manager.c */
+/* Good generic line-based input routine for \r\n\r\n terminated input */
+/* Used by standard.c and other input handlers */
+int get_input(struct mansession *s, char *output)
+{
+ /* output must have at least sizeof(s->inbuf) space */
+ int res;
+ int x;
+ struct pollfd fds[1];
+ char iabuf[INET_ADDRSTRLEN];
+
+ /* Look for \r\n from the front, our preferred end of line */
+ for (x=0;x<s->inlen;x++) {
+ int xtra = 0;
+ if (s->inbuf[x] == '\n') {
+ if (x && s->inbuf[x-1] == '\r') {
+ xtra = 1;
+ }
+ /* Copy output data not including \r\n */
+ memcpy(output, s->inbuf, x - xtra);
+ /* Add trailing \0 */
+ output[x-xtra] = '\0';
+ /* Move remaining data back to the front */
+ memmove(s->inbuf, s->inbuf + x + 1, s->inlen - x);
+ s->inlen -= (x + 1);
+ return 1;
+ }
+ }
+
+ if (s->inlen >= sizeof(s->inbuf) - 1) {
+ if (debug)
+ debugmsg("Warning: Got long line with no end from %s: %s\n", ast_inet_ntoa(iabuf, sizeof(iabuf), s->sin.sin_addr), s->inbuf);
+ s->inlen = 0;
+ }
+ /* get actual fd, even if a negative SSL fd */
+ fds[0].fd = get_real_fd(s->fd);
+
+ fds[0].events = POLLIN;
+ do {
+ res = poll(fds, 1, -1);
+ if (res < 0) {
+ if (errno == EINTR) {
+ if (s->dead)
+ return -1;
+ continue;
+ }
+ if (debug)
+ debugmsg("Select returned error");
+ return -1;
+ } else if (res > 0) {
+ pthread_mutex_lock(&s->lock);
+ /* read from socket; SSL or otherwise */
+ res = m_recv(s->fd, s->inbuf + s->inlen, sizeof(s->inbuf) - 1 - s->inlen, 0);
+ pthread_mutex_unlock(&s->lock);
+ if (res < 1)
+ return -1;
+ break;
+
+ }
+ } while(1);
+
+ /* We have some input, but it's not ready for processing */
+ s->inlen += res;
+ s->inbuf[s->inlen] = '\0';
+ return 0;
+}
+
+char *astman_get_header(struct message *m, char *var)
+{
+ char cmp[80];
+ int x;
+ snprintf(cmp, sizeof(cmp), "%s: ", var);
+ for (x=0;x<m->hdrcount;x++)
+ if (!strncasecmp(cmp, m->headers[x], strlen(cmp)))
+ return m->headers[x] + strlen(cmp);
+ return "";
+}
+
+int AddHeader(struct message *m, const char *fmt, ...) {
+ va_list ap;
+
+ int res;
+
+ if (m->hdrcount < MAX_HEADERS - 1) {
+ va_start(ap, fmt);
+ vsprintf(m->headers[m->hdrcount], fmt, ap);
+ va_end(ap);
+ m->hdrcount++;
+ res = 0;
+ } else
+ res = 1;
+
+ return res;
+}
+
+/* Recursive thread safe replacement of inet_ntoa */
+const char *ast_inet_ntoa(char *buf, int bufsiz, struct in_addr ia)
+{
+ return inet_ntop(AF_INET, &ia, buf, bufsiz);
+}
+
+
+/*! If you are calling ast_carefulwrite, it is assumed that you are calling
+ it on a file descriptor that _DOES_ have NONBLOCK set. This way,
+ there is only one system call made to do a write, unless we actually
+ have a need to wait. This way, we get better performance. */
+int ast_carefulwrite(int fd, char *s, int len, int timeoutms)
+{
+ /* Try to write string, but wait no more than ms milliseconds
+ before timing out */
+ int res=0;
+ struct pollfd fds[1];
+ while(len) {
+ res = m_send(fd, s, len);
+ if ((res < 0) && (errno != EAGAIN)) {
+ return -1;
+ }
+ if (res < 0) res = 0;
+ len -= res;
+ s += res;
+ res = 0;
+ if (len) {
+ fds[0].fd = get_real_fd(fd);
+ fds[0].events = POLLOUT;
+ /* Wait until writable again */
+ res = poll(fds, 1, timeoutms);
+ if (res < 1)
+ return -1;
+ }
+ }
+ return res;
+}
+
diff --git a/src/config.c b/src/config.c
new file mode 100644
index 0000000..f642aa6
--- /dev/null
+++ b/src/config.c
@@ -0,0 +1,305 @@
+#include <pwd.h>
+#include <grp.h>
+#include "astmanproxy.h"
+
+extern struct iohandler *iohandlers;
+
+void *add_server(char *srvspec) {
+
+ int ccount = 0;
+ struct ast_server *srv;
+ char *s;
+ char usessl[10];
+
+ /* malloc ourselves a server credentials structure */
+ srv = malloc(sizeof(struct ast_server));
+ if ( !srv ) {
+ fprintf(stderr, "Failed to allocate server credentials: %s\n", strerror(errno));
+ exit(1);
+ }
+ memset(srv, 0, sizeof (struct ast_server) );
+ memset(usessl, 0, sizeof (usessl) );
+
+ s = srvspec;
+ do {
+ *s = tolower(*s);
+ if ( *s == ',' ) {
+ ccount++;
+ continue;
+ }
+ switch(ccount) {
+ case 0:
+ strncat(srv->ast_host, s, 1);
+ break;
+ case 1:
+ strncat(srv->ast_port, s, 1);
+ break;
+ case 2:
+ strncat(srv->ast_user, s, 1);
+ break;
+ case 3:
+ strncat(srv->ast_pass, s, 1);
+ break;
+ case 4:
+ strncat(srv->ast_events, s, 1);
+ break;
+ case 5:
+ strncat(usessl, s, 1);
+ break;
+ }
+ } while (*(s++));
+
+
+ if (!*srv->ast_host || !*srv->ast_port || !*srv->ast_user || !*srv->ast_pass || !*srv->ast_events || !*usessl) {
+ fprintf(stderr, "Aborting: server spec incomplete: %s\n", srvspec);
+ free(srv);
+ exit(1);
+ }
+
+ srv->use_ssl = (!strcmp(usessl,"on"));
+ srv->next = pc.serverlist;
+ pc.serverlist = srv;
+
+ return 0;
+}
+
+void *processline(char *s) {
+ char name[80],value[80];
+ int nvstate = 0;
+
+
+ memset (name,0,sizeof name);
+ memset (value,0,sizeof value);
+
+ do {
+ *s = tolower(*s);
+
+ if ( *s == ' ' || *s == '\t')
+ continue;
+ if ( *s == ';' || *s == '#' || *s == '\r' || *s == '\n' )
+ break;
+ if ( *s == '=' ) {
+ nvstate = 1;
+ continue;
+ }
+ if (!nvstate)
+ strncat(name, s, 1);
+ else
+ strncat(value, s, 1);
+ } while (*(s++));
+
+ if (debug)
+ debugmsg("config: %s, %s", name, value);
+
+ if ( !strcmp(name,"host") )
+ add_server(value);
+ else if (!strcmp(name,"retryinterval") )
+ pc.retryinterval = atoi(value);
+ else if (!strcmp(name,"maxretries") )
+ pc.maxretries = atoi(value);
+ else if (!strcmp(name,"listenaddress") )
+ strcpy(pc.listen_addr, value);
+ else if (!strcmp(name,"listenport") )
+ pc.listen_port = atoi(value);
+ else if (!strcmp(name,"asteriskwritetimeout") )
+ pc.asteriskwritetimeout = atoi(value);
+ else if (!strcmp(name,"clientwritetimeout") )
+ pc.clientwritetimeout = atoi(value);
+ else if (!strcmp(name,"sslclienthellotimeout") )
+ pc.sslclhellotimeout = atoi(value);
+ else if (!strcmp(name,"authrequired") )
+ pc.authrequired = strcmp(value,"yes") ? 0 : 1;
+ else if (!strcmp(name,"acceptencryptedconnection") )
+ pc.acceptencryptedconnection = strcmp(value,"yes") ? 0 : 1;
+ else if (!strcmp(name,"acceptunencryptedconnection") )
+ pc.acceptunencryptedconnection = strcmp(value,"yes") ? 0 : 1;
+ else if (!strcmp(name,"certfile") )
+ strcpy(pc.certfile, value);
+ else if (!strcmp(name,"proxykey") )
+ strcpy(pc.key, value);
+ else if (!strcmp(name,"proc_user") )
+ strcpy(pc.proc_user, value);
+ else if (!strcmp(name,"proc_group") )
+ strcpy(pc.proc_group, value);
+ else if (!strcmp(name,"logfile") )
+ strcpy(pc.logfile, value);
+ else if (!strcmp(name,"autofilter") )
+ pc.autofilter = strcmp(value,"on") ? 0 : 1;
+ else if (!strcmp(name,"outputformat") )
+ strcpy(pc.outputformat, value);
+ else if (!strcmp(name,"inputformat") )
+ strcpy(pc.inputformat, value);
+
+ return 0;
+}
+
+int LoadHandlers() {
+
+ void *dlhandle = NULL;
+ const char *error;
+ char fmt[20], moddir[80] = MDIR, modfile[80];
+ DIR *mods;
+ struct dirent *d;
+ void *rh, *wh, *och;
+ struct iohandler *io = NULL;
+
+ mods = opendir(moddir);
+ if (!mods)
+ exit(1);
+
+ while((d = readdir(mods))) {
+ /* Must end in .so to load it. */
+ if ( (strlen(d->d_name) > 3) && !strcasecmp(d->d_name + strlen(d->d_name) - 3, ".so") ) {
+
+ memset(fmt, 0, sizeof fmt);
+ strncpy(fmt, d->d_name, strlen(d->d_name) - 3);
+
+ sprintf(modfile, "%s/%s", moddir, d->d_name);
+ if (debug)
+ debugmsg("loading: module %s (%s)", fmt, modfile);
+
+ dlhandle = dlopen (modfile, RTLD_LAZY);
+ if (!dlhandle) {
+ fprintf(stderr, "dlopen failed: %s\n", dlerror());
+ exit(1);
+ }
+
+ rh = dlsym(dlhandle, "_read");
+ if ((error = dlerror()) != NULL) {
+ if (debug)
+ debugmsg("loading: note, %s_read does not exist; ignoring", fmt);
+ }
+
+ wh = dlsym(dlhandle, "_write");
+ if ((error = dlerror()) != NULL) {
+ if (debug)
+ debugmsg("loading: note, %s_write does not exist; ignoring", fmt);
+ }
+
+ och = dlsym(dlhandle, "_onconnect");
+ if ((error = dlerror()) != NULL) {
+ if (debug)
+ debugmsg("loading: note, %s_onconnect does not exist; ignoring", fmt);
+ }
+
+ if (rh || wh) {
+ io = malloc(sizeof(struct iohandler));
+ memset(io, 0, sizeof(struct iohandler));
+ strcpy(io->formatname, fmt);
+ if (rh)
+ io->read = rh;
+ if (wh)
+ io->write = wh;
+ if (och)
+ io->onconnect = och;
+
+ io->dlhandle = dlhandle;
+ io->next = iohandlers;
+ iohandlers = io;
+ } else
+ dlclose(dlhandle);
+
+ }
+ }
+ closedir(mods);
+
+ if (!iohandlers) {
+ fprintf(stderr, "Unable to load *ANY* IO Handlers from %s!\n", MDIR);
+ exit(1);
+ }
+
+ return 0;
+}
+
+
+int ReadConfig() {
+ FILE *FP;
+ char buf[1024];
+ char cfn[80];
+
+
+ memset( &pc, 0, sizeof pc );
+
+ /* Set nonzero config defaults */
+ pc.asteriskwritetimeout = 100;
+ pc.clientwritetimeout = 100;
+ pc.sslclhellotimeout = 500;
+
+ sprintf(cfn, "%s/%s", CDIR, CFILE);
+ FP = fopen( cfn, "r" );
+
+ if ( !FP )
+ {
+ fprintf(stderr, "Unable to open config file: %s/%s!\n", CDIR, CFILE);
+ exit( 1 );
+ }
+
+ if (debug)
+ debugmsg("config: parsing configuration file: %s", cfn);
+
+ while ( fgets( buf, sizeof buf, FP ) ) {
+ if (*buf == ';' || *buf == '\r' || *buf == '\n' || *buf == '#') continue;
+ processline(buf);
+ }
+
+ fclose(FP);
+
+ /* initialize SSL layer with our server certfile */
+ init_secure(pc.certfile);
+
+ return 0;
+}
+
+FILE *OpenLogfile() {
+ FILE *FP;
+ FP = fopen( pc.logfile, "a" );
+ if ( !FP ) {
+ fprintf(stderr, "Unable to open logfile: %s!\n", pc.logfile);
+ exit( 1 );
+ }
+
+ return FP;
+}
+
+int SetProcUID() {
+
+ struct passwd *pwent;
+ struct group *gp;
+ uid_t newuid = 0;
+ gid_t newgid = 0;
+
+ if ((pwent = (struct passwd *)getpwnam( pc.proc_user )) == NULL) {
+ fprintf(stderr, "getpwnam(%s) failed.\n", pc.proc_user);
+ return(-1);
+ } else
+ newuid = pwent->pw_uid;
+
+ if ( newuid == 0 ) {
+ fprintf(stderr, "getpwnam(%s) returned root user; aborting!\n", pc.proc_user);
+ return(-1);
+ }
+
+ if ((gp = (struct group *)getgrnam( pc.proc_group )) == NULL) {
+ fprintf(stderr, "getgrnam(%s) failed.\n", pc.proc_group);
+ return(-1);
+ } else
+ newgid = gp->gr_gid;
+
+ if ( chown( pc.logfile, newuid, newgid ) < 0 )
+ {
+ fprintf(stderr, "chown(%d,%d) of %s failed!\n", newuid, newgid, pc.logfile);
+ return( -1 );
+ }
+
+ if (setgid(newgid) < 0) {
+ fprintf(stderr, "setgid(%d) failed.\n", newgid);
+ return(-1);
+ }
+
+ if (setuid(newuid) < 0) {
+ fprintf(stderr, "setuid(%d) failed.\n", newuid);
+ return(-1);
+ }
+
+ return 0;
+}
diff --git a/src/config_perms.c b/src/config_perms.c
new file mode 100644
index 0000000..4dbeeb0
--- /dev/null
+++ b/src/config_perms.c
@@ -0,0 +1,125 @@
+#include "astmanproxy.h"
+
+extern pthread_mutex_t userslock;
+
+void *free_userperm(struct proxy_user *pu) {
+ struct proxy_user *next_pu;
+
+ while( pu ) {
+ next_pu = pu->next;
+ free( pu );
+ pu = next_pu;
+ }
+ return 0;
+}
+
+void *add_userperm(char* username, char *userspec, struct proxy_user **pu) {
+
+ int ccount = 0;
+ struct proxy_user *user;
+ char *s;
+
+ /* malloc ourselves a server credentials structure */
+ user = malloc(sizeof(struct proxy_user));
+ if ( !user ) {
+ fprintf(stderr, "Failed to allocate user credentials: %s\n", strerror(errno));
+ exit(1);
+ }
+ memset(user, 0, sizeof (struct proxy_user) );
+
+ s = userspec;
+ strncpy(user->username, username, sizeof(user->username)-1 );
+ do {
+ if ( *s == ',' ) {
+ ccount++;
+ continue;
+ }
+ switch(ccount) {
+ case 0:
+ strncat(user->secret, s, 1);
+ break;
+ case 1:
+ strncat(user->channel, s, 1);
+ break;
+ case 2:
+ strncat(user->ocontext, s, 1);
+ break;
+ case 3:
+ strncat(user->icontext, s, 1);
+ break;
+ }
+ } while (*(s++));
+
+ user->next = *pu;
+ *pu = user;
+
+ return 0;
+}
+
+void *processperm(char *s, struct proxy_user **pu) {
+ char name[80],value[80];
+ int nvstate = 0;
+
+
+ memset (name,0,sizeof name);
+ memset (value,0,sizeof value);
+
+ do {
+ *s = tolower(*s);
+
+ if ( *s == ' ' || *s == '\t')
+ continue;
+ if ( *s == ';' || *s == '#' || *s == '\r' || *s == '\n' )
+ break;
+ if ( *s == '=' ) {
+ nvstate = 1;
+ continue;
+ }
+ if (!nvstate)
+ strncat(name, s, 1);
+ else
+ strncat(value, s, 1);
+ } while (*(s++));
+
+ if (debug)
+ debugmsg("perm: %s, %s", name, value);
+
+ add_userperm(name,value,pu);
+
+ return 0;
+}
+
+int ReadPerms() {
+ FILE *FP;
+ char buf[1024];
+ char cfn[80];
+ struct proxy_user *pu;
+
+ pu=0;
+ sprintf(cfn, "%s/%s", PDIR, PFILE);
+ FP = fopen( cfn, "r" );
+
+ if ( !FP )
+ {
+ fprintf(stderr, "Unable to open permissions file: %s/%s!\n", PDIR, PFILE);
+ exit( 1 );
+ }
+
+ if (debug)
+ debugmsg("config: parsing configuration file: %s", cfn);
+
+ while ( fgets( buf, sizeof buf, FP ) ) {
+ if (*buf == ';' || *buf == '\r' || *buf == '\n' || *buf == '#') continue;
+ processperm(buf,&pu);
+ }
+
+ fclose(FP);
+
+ pthread_mutex_lock(&userslock);
+ free_userperm(pc.userlist);
+ pc.userlist=pu;
+ pthread_mutex_unlock(&userslock);
+
+ return 0;
+}
+
diff --git a/src/csv.c b/src/csv.c
new file mode 100644
index 0000000..94d9a00
--- /dev/null
+++ b/src/csv.c
@@ -0,0 +1,30 @@
+/* Asterisk Manager Proxy
+ Copyright (c) 2005 David C. Troy <dave@popvox.com>
+
+ This program is free software, distributed under the terms of
+ the GNU General Public License.
+
+ CSV I/O Handler
+*/
+
+#include "astmanproxy.h"
+
+/* TODO: catch and expand/handle commas in output */
+
+int _write(struct mansession *s, struct message *m) {
+ int i;
+ char outstring[MAX_LEN];
+
+ pthread_mutex_lock(&s->lock);
+ for (i=0; i<m->hdrcount; i++) {
+ sprintf(outstring, "\"%s\"", m->headers[i]);
+ if (i<m->hdrcount-1)
+ strcat(outstring, ", ");
+ ast_carefulwrite(s->fd, outstring, strlen(outstring), s->writetimeout);
+ }
+ ast_carefulwrite(s->fd, "\r\n\r\n", 4, s->writetimeout);
+ pthread_mutex_unlock(&s->lock);
+
+ return 0;
+}
+
diff --git a/src/dlfcn.c b/src/dlfcn.c
new file mode 100644
index 0000000..98d2373
--- /dev/null
+++ b/src/dlfcn.c
@@ -0,0 +1,1282 @@
+/*
+Copyright (c) 2002 Jorge Acereda <jacereda@users.sourceforge.net> &
+ Peter O'Gorman <ogorman@users.sourceforge.net>
+
+Portions may be copyright others, see the AUTHORS file included with this
+distribution.
+
+Maintained by Peter O'Gorman <ogorman@users.sourceforge.net>
+
+Bug Reports and other queries should go to <ogorman@users.sourceforge.net>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+#include <pthread.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <limits.h>
+#include <mach-o/dyld.h>
+#include <mach-o/nlist.h>
+#include <mach-o/getsect.h>
+/* Just playing to see if it would compile with the freebsd headers, it does,
+ * but because of the different values for RTLD_LOCAL etc, it would break binary
+ * compat... oh well
+ */
+#ifndef __BSD_VISIBLE
+#define __BSD_VISIBLE 1
+#endif
+#include "dlfcn-compat.h"
+
+#ifndef dl_restrict
+#define dl_restrict __restrict
+#endif
+/* This is not available on 10.1 */
+#ifndef LC_LOAD_WEAK_DYLIB
+#define LC_LOAD_WEAK_DYLIB (0x18 | LC_REQ_DYLD)
+#endif
+
+/* With this stuff here, this thing may actually compile/run on 10.0 systems
+ * Not that I have a 10.0 system to test it on anylonger
+ */
+#ifndef LC_REQ_DYLD
+#define LC_REQ_DYLD 0x80000000
+#endif
+#ifndef NSADDIMAGE_OPTION_RETURN_ONLY_IF_LOADED
+#define NSADDIMAGE_OPTION_RETURN_ONLY_IF_LOADED 0x4
+#endif
+#ifndef NSADDIMAGE_OPTION_RETURN_ON_ERROR
+#define NSADDIMAGE_OPTION_RETURN_ON_ERROR 0x1
+#endif
+#ifndef NSLOOKUPSYMBOLINIMAGE_OPTION_BIND
+#define NSLOOKUPSYMBOLINIMAGE_OPTION_BIND 0x0
+#endif
+#ifndef NSLOOKUPSYMBOLINIMAGE_OPTION_RETURN_ON_ERROR
+#define NSLOOKUPSYMBOLINIMAGE_OPTION_RETURN_ON_ERROR 0x4
+#endif
+/* These symbols will be looked for in dyld */
+static const struct mach_header *(*dyld_NSAddImage) (const char *, unsigned long) = 0;
+static int (*dyld_NSIsSymbolNameDefinedInImage) (const struct mach_header *, const char *) = 0;
+static NSSymbol(*dyld_NSLookupSymbolInImage)
+ (const struct mach_header *, const char *, unsigned long) = 0;
+
+/* Define this to make dlcompat reuse data block. This way in theory we save
+ * a little bit of overhead. However we then couldn't correctly catch excess
+ * calls to dlclose(). Hence we don't use this feature
+ */
+#undef REUSE_STATUS
+
+/* Size of the internal error message buffer (used by dlerror()) */
+#define ERR_STR_LEN 251
+
+/* Maximum number of search paths supported by getSearchPath */
+#define MAX_SEARCH_PATHS 32
+
+
+#define MAGIC_DYLIB_OFI ((NSObjectFileImage) 'DYOF')
+#define MAGIC_DYLIB_MOD ((NSModule) 'DYMO')
+
+/* internal flags */
+#define DL_IN_LIST 0x01
+
+/* our mutex */
+static pthread_mutex_t dlcompat_mutex;
+/* Our thread specific storage
+ */
+static pthread_key_t dlerror_key;
+
+struct dlthread
+{
+ int lockcnt;
+ unsigned char errset;
+ char errstr[ERR_STR_LEN];
+};
+
+/* This is our central data structure. Whenever a module is loaded via
+ * dlopen(), we create such a struct.
+ */
+struct dlstatus
+{
+ struct dlstatus *next; /* pointer to next element in the linked list */
+ NSModule module;
+ const struct mach_header *lib;
+ int refs; /* reference count */
+ int mode; /* mode in which this module was loaded */
+ dev_t device;
+ ino_t inode;
+ int flags; /* Any internal flags we may need */
+};
+
+/* Head node of the dlstatus list */
+static struct dlstatus mainStatus = { 0, MAGIC_DYLIB_MOD, NULL, -1, RTLD_GLOBAL, 0, 0, 0 };
+static struct dlstatus *stqueue = &mainStatus;
+
+
+/* Storage for the last error message (used by dlerror()) */
+/* static char err_str[ERR_STR_LEN]; */
+/* static int err_filled = 0; */
+
+/* Prototypes to internal functions */
+static void debug(const char *fmt, ...);
+static void error(const char *str, ...);
+static const char *safegetenv(const char *s);
+static const char *searchList(void);
+static const char *getSearchPath(int i);
+static const char *getFullPath(int i, const char *file);
+static const struct stat *findFile(const char *file, const char **fullPath);
+static int isValidStatus(struct dlstatus *status);
+static inline int isFlagSet(int mode, int flag);
+static struct dlstatus *lookupStatus(const struct stat *sbuf);
+static void insertStatus(struct dlstatus *dls, const struct stat *sbuf);
+static int promoteLocalToGlobal(struct dlstatus *dls);
+static void *reference(struct dlstatus *dls, int mode);
+static void *dlsymIntern(struct dlstatus *dls, const char *symbol, int canSetError);
+static struct dlstatus *allocStatus(void);
+static struct dlstatus *loadModule(const char *path, const struct stat *sbuf, int mode);
+static NSSymbol *search_linked_libs(const struct mach_header *mh, const char *symbol);
+static const char *get_lib_name(const struct mach_header *mh);
+static const struct mach_header *get_mach_header_from_NSModule(NSModule * mod);
+static void dlcompat_init_func(void);
+static inline void dlcompat_init_check(void);
+static inline void dolock(void);
+static inline void dounlock(void);
+static void dlerrorfree(void *data);
+static void resetdlerror(void);
+static const struct mach_header *my_find_image(const char *name);
+static const struct mach_header *image_for_address(const void *address);
+static inline const char *dyld_error_str(void);
+
+#if FINK_BUILD
+/* Two Global Functions */
+void *dlsym_prepend_underscore(void *handle, const char *symbol);
+void *dlsym_auto_underscore(void *handle, const char *symbol);
+
+/* And their _intern counterparts */
+static void *dlsym_prepend_underscore_intern(void *handle, const char *symbol);
+static void *dlsym_auto_underscore_intern(void *handle, const char *symbol);
+#endif
+
+/* Functions */
+
+static void debug(const char *fmt, ...)
+{
+#if DEBUG > 1
+ va_list arg;
+ va_start(arg, fmt);
+ fprintf(stderr, "DLDEBUG: ");
+ vfprintf(stderr, fmt, arg);
+ fprintf(stderr, "\n");
+ fflush(stderr);
+ va_end(arg);
+#endif
+}
+
+static void error(const char *str, ...)
+{
+ va_list arg;
+ struct dlthread *tss;
+ char * err_str;
+ va_start(arg, str);
+ tss = pthread_getspecific(dlerror_key);
+ err_str = tss->errstr;
+ strncpy(err_str, "dlcompat: ", ERR_STR_LEN);
+ vsnprintf(err_str + 10, ERR_STR_LEN - 10, str, arg);
+ va_end(arg);
+ debug("ERROR: %s\n", err_str);
+ tss->errset = 1;
+}
+
+static void warning(const char *str)
+{
+#if DEBUG > 0
+ fprintf(stderr, "WARNING: dlcompat: %s\n", str);
+#endif
+}
+
+static const char *safegetenv(const char *s)
+{
+ const char *ss = getenv(s);
+ return ss ? ss : "";
+}
+
+/* because this is only used for debugging and error reporting functions, we
+ * don't really care about how elegant it is... it could use the load
+ * commands to find the install name of the library, but...
+ */
+static const char *get_lib_name(const struct mach_header *mh)
+{
+ unsigned long count = _dyld_image_count();
+ unsigned long i;
+ const char *val = NULL;
+ if (mh)
+ {
+ for (i = 0; i < count; i++)
+ {
+ if (mh == _dyld_get_image_header(i))
+ {
+ val = _dyld_get_image_name(i);
+ break;
+ }
+ }
+ }
+ return val;
+}
+
+/* Returns the mach_header for the module bu going through all the loaded images
+ * and finding the one with the same name as the module. There really ought to be
+ * an api for doing this, would be faster, but there isn't one right now
+ */
+static const struct mach_header *get_mach_header_from_NSModule(NSModule * mod)
+{
+ const char *mod_name = NSNameOfModule(mod);
+ struct mach_header *mh = NULL;
+ unsigned long count = _dyld_image_count();
+ unsigned long i;
+ debug("Module name: %s", mod_name);
+ for (i = 0; i < count; i++)
+ {
+ if (!strcmp(mod_name, _dyld_get_image_name(i)))
+ {
+ mh = _dyld_get_image_header(i);
+ break;
+ }
+ }
+ return mh;
+}
+
+
+/* Compute and return a list of all directories that we should search when
+ * trying to locate a module. We first look at the values of LD_LIBRARY_PATH
+ * and DYLD_LIBRARY_PATH, and then finally fall back to looking into
+ * /usr/lib and /lib. Since both of the environments variables can contain a
+ * list of colon seperated paths, we simply concat them and the two other paths
+ * into one big string, which we then can easily parse.
+ * Splitting this string into the actual path list is done by getSearchPath()
+ */
+static const char *searchList()
+{
+ size_t buf_size;
+ static char *buf=NULL;
+ const char *ldlp = safegetenv("LD_LIBRARY_PATH");
+ const char *dyldlp = safegetenv("DYLD_LIBRARY_PATH");
+ const char *stdpath = getenv("DYLD_FALLBACK_LIBRARY_PATH");
+ if (!stdpath)
+ stdpath = "/usr/local/lib:/lib:/usr/lib";
+ if (!buf)
+ {
+ buf_size = strlen(ldlp) + strlen(dyldlp) + strlen(stdpath) + 4;
+ buf = malloc(buf_size);
+ snprintf(buf, buf_size, "%s%s%s%s%s%c", dyldlp, (dyldlp[0] ? ":" : ""), ldlp, (ldlp[0] ? ":" : ""),
+ stdpath, '\0');
+ }
+ return buf;
+}
+
+/* Returns the ith search path from the list as computed by searchList() */
+static const char *getSearchPath(int i)
+{
+ static const char *list = 0;
+ static char **path = (char **)0;
+ static int end = 0;
+ static int numsize = MAX_SEARCH_PATHS;
+ static char **tmp;
+ /* So we can call free() in the "destructor" we use i=-1 to return the alloc'd array */
+ if (i == -1)
+ {
+ return (const char*)path;
+ }
+ if (!path)
+ {
+ path = (char **)calloc(MAX_SEARCH_PATHS, sizeof(char **));
+ }
+ if (!list && !end)
+ list = searchList();
+ if (i >= (numsize))
+ {
+ debug("Increasing size for long PATH");
+ tmp = (char **)calloc((MAX_SEARCH_PATHS + numsize), sizeof(char **));
+ if (tmp)
+ {
+ memcpy(tmp, path, sizeof(char **) * numsize);
+ free(path);
+ path = tmp;
+ numsize += MAX_SEARCH_PATHS;
+ }
+ else
+ {
+ return 0;
+ }
+ }
+
+ while (!path[i] && !end)
+ {
+ path[i] = strsep((char **)&list, ":");
+
+ if (path[i][0] == 0)
+ path[i] = 0;
+ end = (list == 0);
+ }
+ return path[i];
+}
+
+static const char *getFullPath(int i, const char *file)
+{
+ static char buf[PATH_MAX];
+ const char *path = getSearchPath(i);
+ if (path)
+ {
+ snprintf(buf, PATH_MAX, "%s/%s", path, file);
+ }
+ return path ? buf : 0;
+}
+
+/* Given a file name, try to determine the full path for that file. Starts
+ * its search in the current directory, and then tries all paths in the
+ * search list in the order they are specified there.
+ */
+static const struct stat *findFile(const char *file, const char **fullPath)
+{
+ int i = 0;
+ static struct stat sbuf;
+ char *fileName;
+ debug("finding file %s", file);
+ *fullPath = file;
+ if (0 == stat(file, &sbuf))
+ return &sbuf;
+ if (strchr(file, '/'))
+ return 0; /* If the path had a / we don't look in env var places */
+ fileName = NULL;
+ if (!fileName)
+ fileName = (char *)file;
+ while ((*fullPath = getFullPath(i++, fileName)))
+ {
+ if (0 == stat(*fullPath, &sbuf))
+ return &sbuf;
+ }
+ ;
+ return 0;
+}
+
+/* Determine whether a given dlstatus is valid or not */
+static int isValidStatus(struct dlstatus *status)
+{
+ /* Walk the list to verify status is contained in it */
+ struct dlstatus *dls = stqueue;
+ while (dls && status != dls)
+ dls = dls->next;
+ if (dls == 0)
+ error("invalid handle");
+ else if ((dls->module == 0) || (dls->refs == 0))
+ error("handle to closed library");
+ else
+ return TRUE;
+ return FALSE;
+}
+
+static inline int isFlagSet(int mode, int flag)
+{
+ return (mode & flag) == flag;
+}
+
+static struct dlstatus *lookupStatus(const struct stat *sbuf)
+{
+ struct dlstatus *dls = stqueue;
+ debug("looking for status");
+ while (dls && ( /* isFlagSet(dls->mode, RTLD_UNSHARED) */ 0
+ || sbuf->st_dev != dls->device || sbuf->st_ino != dls->inode))
+ dls = dls->next;
+ return dls;
+}
+
+static void insertStatus(struct dlstatus *dls, const struct stat *sbuf)
+{
+ debug("inserting status");
+ dls->inode = sbuf->st_ino;
+ dls->device = sbuf->st_dev;
+ dls->refs = 0;
+ dls->mode = 0;
+ if ((dls->flags & DL_IN_LIST) == 0)
+ {
+ dls->next = stqueue;
+ stqueue = dls;
+ dls->flags |= DL_IN_LIST;
+ }
+}
+
+static struct dlstatus *allocStatus()
+{
+ struct dlstatus *dls;
+#ifdef REUSE_STATUS
+ dls = stqueue;
+ while (dls && dls->module)
+ dls = dls->next;
+ if (!dls)
+#endif
+ dls = calloc(sizeof(*dls),1);
+ return dls;
+}
+
+static int promoteLocalToGlobal(struct dlstatus *dls)
+{
+ static int (*p) (NSModule module) = 0;
+ debug("promoting");
+ if (!p)
+ _dyld_func_lookup("__dyld_NSMakePrivateModulePublic", (unsigned long *)&p);
+ return (dls->module == MAGIC_DYLIB_MOD) || (p && p(dls->module));
+}
+
+static void *reference(struct dlstatus *dls, int mode)
+{
+ if (dls)
+ {
+ if (dls->module == MAGIC_DYLIB_MOD && isFlagSet(mode, RTLD_LOCAL))
+ {
+ warning("trying to open a .dylib with RTLD_LOCAL");
+ error("unable to open a .dylib with RTLD_LOCAL");
+ return NULL;
+ }
+ if (isFlagSet(mode, RTLD_GLOBAL) &&
+ !isFlagSet(dls->mode, RTLD_GLOBAL) && !promoteLocalToGlobal(dls))
+ {
+ error("unable to promote local module to global");
+ return NULL;
+ }
+ dls->mode |= mode;
+ dls->refs++;
+ }
+ else
+ debug("reference called with NULL argument");
+
+ return dls;
+}
+
+static const struct mach_header *my_find_image(const char *name)
+{
+ const struct mach_header *mh = 0;
+ const char *id = NULL;
+ int i = _dyld_image_count();
+ int j;
+ mh = (struct mach_header *)
+ dyld_NSAddImage(name, NSADDIMAGE_OPTION_RETURN_ONLY_IF_LOADED |
+ NSADDIMAGE_OPTION_RETURN_ON_ERROR);
+ if (!mh)
+ {
+ for (j = 0; j < i; j++)
+ {
+ id = _dyld_get_image_name(j);
+ if (!strcmp(id, name))
+ {
+ mh = _dyld_get_image_header(j);
+ break;
+ }
+ }
+ }
+ return mh;
+}
+
+/*
+ * dyld adds libraries by first adding the directly dependant libraries in link order, and
+ * then adding the dependencies for those libraries, so we should do the same... but we don't
+ * bother adding the extra dependencies, if the symbols are neither in the loaded image nor
+ * any of it's direct dependencies, then it probably isn't there.
+ */
+NSSymbol *search_linked_libs(const struct mach_header * mh, const char *symbol)
+{
+ unsigned int n;
+ struct load_command *lc = 0;
+ struct mach_header *wh;
+ NSSymbol *nssym = 0;
+ if (dyld_NSAddImage && dyld_NSIsSymbolNameDefinedInImage && dyld_NSLookupSymbolInImage)
+ {
+ lc = (struct load_command *)((char *)mh + sizeof(struct mach_header));
+ for (n = 0; n < mh->ncmds; n++, lc = (struct load_command *)((char *)lc + lc->cmdsize))
+ {
+ if ((LC_LOAD_DYLIB == lc->cmd) || (LC_LOAD_WEAK_DYLIB == lc->cmd))
+ {
+ if ((wh = (struct mach_header *)
+ my_find_image((char *)(((struct dylib_command *)lc)->dylib.name.offset +
+ (char *)lc))))
+ {
+ if (dyld_NSIsSymbolNameDefinedInImage(wh, symbol))
+ {
+ nssym = dyld_NSLookupSymbolInImage(wh,
+ symbol,
+ NSLOOKUPSYMBOLINIMAGE_OPTION_BIND |
+ NSLOOKUPSYMBOLINIMAGE_OPTION_RETURN_ON_ERROR);
+ break;
+ }
+ }
+ }
+ }
+ if ((!nssym) && NSIsSymbolNameDefined(symbol))
+ {
+ /* I've never seen this debug message...*/
+ debug("Symbol \"%s\" is defined but was not found", symbol);
+ }
+ }
+ return nssym;
+}
+
+/* Up to the caller to free() returned string */
+static inline const char *dyld_error_str()
+{
+ NSLinkEditErrors dylder;
+ int dylderno;
+ const char *dylderrstr;
+ const char *dyldfile;
+ const char* retStr = NULL;
+ NSLinkEditError(&dylder, &dylderno, &dyldfile, &dylderrstr);
+ if (dylderrstr && strlen(dylderrstr))
+ {
+ retStr = malloc(strlen(dylderrstr) +1);
+ strcpy((char*)retStr,dylderrstr);
+ }
+ return retStr;
+}
+
+static void *dlsymIntern(struct dlstatus *dls, const char *symbol, int canSetError)
+{
+ NSSymbol *nssym = 0;
+#ifdef __GCC__
+ void *caller = __builtin_return_address(1); /* Be *very* careful about inlining */
+#else
+ void *caller = NULL;
+#endif
+ const struct mach_header *caller_mh = 0;
+ const char* savedErrorStr = NULL;
+ resetdlerror();
+#ifndef RTLD_SELF
+#define RTLD_SELF ((void *) -3)
+#endif
+ if (NULL == dls)
+ dls = RTLD_SELF;
+ if ((RTLD_NEXT == dls) || (RTLD_SELF == dls))
+ {
+ if (dyld_NSIsSymbolNameDefinedInImage && dyld_NSLookupSymbolInImage && caller)
+ {
+ caller_mh = image_for_address(caller);
+ if (RTLD_SELF == dls)
+ {
+ /* FIXME: We should be using the NSModule api, if SELF is an MH_BUNDLE
+ * But it appears to work anyway, and looking at the code in dyld_libfuncs.c
+ * this is acceptable.
+ */
+ if (dyld_NSIsSymbolNameDefinedInImage(caller_mh, symbol))
+ {
+ nssym = dyld_NSLookupSymbolInImage(caller_mh,
+ symbol,
+ NSLOOKUPSYMBOLINIMAGE_OPTION_BIND |
+ NSLOOKUPSYMBOLINIMAGE_OPTION_RETURN_ON_ERROR);
+ }
+ }
+ if (!nssym)
+ {
+ if (RTLD_SELF == dls)
+ savedErrorStr = dyld_error_str();
+ nssym = search_linked_libs(caller_mh, symbol);
+ }
+ }
+ else
+ {
+ if (canSetError)
+ error("RTLD_SELF and RTLD_NEXT are not supported");
+ return NULL;
+ }
+ }
+ if (!nssym)
+ {
+
+ if (RTLD_DEFAULT == dls)
+ {
+ dls = &mainStatus;
+ }
+ if (!isValidStatus(dls))
+ return NULL;
+
+ if (dls->module != MAGIC_DYLIB_MOD)
+ {
+ nssym = NSLookupSymbolInModule(dls->module, symbol);
+ if (!nssym && NSIsSymbolNameDefined(symbol))
+ {
+ debug("Searching dependencies");
+ savedErrorStr = dyld_error_str();
+ nssym = search_linked_libs(get_mach_header_from_NSModule(dls->module), symbol);
+ }
+ }
+ else if (dls->lib && dyld_NSIsSymbolNameDefinedInImage && dyld_NSLookupSymbolInImage)
+ {
+ if (dyld_NSIsSymbolNameDefinedInImage(dls->lib, symbol))
+ {
+ nssym = dyld_NSLookupSymbolInImage(dls->lib,
+ symbol,
+ NSLOOKUPSYMBOLINIMAGE_OPTION_BIND |
+ NSLOOKUPSYMBOLINIMAGE_OPTION_RETURN_ON_ERROR);
+ }
+ else if (NSIsSymbolNameDefined(symbol))
+ {
+ debug("Searching dependencies");
+ savedErrorStr = dyld_error_str();
+ nssym = search_linked_libs(dls->lib, symbol);
+ }
+ }
+ else if (dls->module == MAGIC_DYLIB_MOD)
+ {
+ /* Global context, use NSLookupAndBindSymbol */
+ if (NSIsSymbolNameDefined(symbol))
+ {
+ /* There doesn't seem to be a return on error option for this call???
+ this is potentially broken, if binding fails, it will improperly
+ exit the application. */
+ nssym = NSLookupAndBindSymbol(symbol);
+ }
+ else
+ {
+ if (savedErrorStr)
+ free((char*)savedErrorStr);
+ savedErrorStr = malloc(256);
+ snprintf((char*)savedErrorStr, 256, "Symbol \"%s\" not in global context",symbol);
+ }
+ }
+ }
+ /* Error reporting */
+ if (!nssym)
+ {
+ if (!savedErrorStr || !strlen(savedErrorStr))
+ {
+ if (savedErrorStr)
+ free((char*)savedErrorStr);
+ savedErrorStr = malloc(256);
+ snprintf((char*)savedErrorStr, 256,"Symbol \"%s\" not found",symbol);
+ }
+ if (canSetError)
+ {
+ error(savedErrorStr);
+ }
+ else
+ {
+ debug(savedErrorStr);
+ }
+ if (savedErrorStr)
+ free((char*)savedErrorStr);
+ return NULL;
+ }
+ return NSAddressOfSymbol(nssym);
+}
+
+static struct dlstatus *loadModule(const char *path, const struct stat *sbuf, int mode)
+{
+ NSObjectFileImage ofi = 0;
+ NSObjectFileImageReturnCode ofirc;
+ struct dlstatus *dls;
+ NSLinkEditErrors ler;
+ int lerno;
+ const char *errstr;
+ const char *file;
+ void (*init) (void);
+ ofirc = NSCreateObjectFileImageFromFile(path, &ofi);
+ switch (ofirc)
+ {
+ case NSObjectFileImageSuccess:
+ break;
+ case NSObjectFileImageInappropriateFile:
+ if (dyld_NSAddImage && dyld_NSIsSymbolNameDefinedInImage && dyld_NSLookupSymbolInImage)
+ {
+ if (isFlagSet(mode, RTLD_LOCAL))
+ {
+ warning("trying to open a .dylib with RTLD_LOCAL");
+ error("unable to open this file with RTLD_LOCAL");
+ return NULL;
+ }
+ }
+ else
+ {
+ error("opening this file is unsupported on this system");
+ return NULL;
+ }
+ break;
+ case NSObjectFileImageFailure:
+ error("object file setup failure");
+ return NULL;
+ case NSObjectFileImageArch:
+ error("no object for this architecture");
+ return NULL;
+ case NSObjectFileImageFormat:
+ error("bad object file format");
+ return NULL;
+ case NSObjectFileImageAccess:
+ error("can't read object file");
+ return NULL;
+ default:
+ error("unknown error from NSCreateObjectFileImageFromFile()");
+ return NULL;
+ }
+ dls = lookupStatus(sbuf);
+ if (!dls)
+ {
+ dls = allocStatus();
+ }
+ if (!dls)
+ {
+ error("unable to allocate memory");
+ return NULL;
+ }
+ // dls->lib = 0;
+ if (ofirc == NSObjectFileImageInappropriateFile)
+ {
+ if ((dls->lib = dyld_NSAddImage(path, NSADDIMAGE_OPTION_RETURN_ON_ERROR)))
+ {
+ debug("Dynamic lib loaded at %ld", dls->lib);
+ ofi = MAGIC_DYLIB_OFI;
+ dls->module = MAGIC_DYLIB_MOD;
+ ofirc = NSObjectFileImageSuccess;
+ /* Although it is possible with a bit of work to modify this so it works and
+ functions with RTLD_NOW, I don't deem it necessary at the moment */
+ }
+ if (!(dls->module))
+ {
+ NSLinkEditError(&ler, &lerno, &file, &errstr);
+ if (!errstr || (!strlen(errstr)))
+ error("Can't open this file type");
+ else
+ error(errstr);
+ if ((dls->flags & DL_IN_LIST) == 0)
+ {
+ free(dls);
+ }
+ return NULL;
+ }
+ }
+ else
+ {
+ dls->module = NSLinkModule(ofi, path,
+ NSLINKMODULE_OPTION_RETURN_ON_ERROR |
+ NSLINKMODULE_OPTION_PRIVATE |
+ (isFlagSet(mode, RTLD_NOW) ? NSLINKMODULE_OPTION_BINDNOW : 0));
+ NSDestroyObjectFileImage(ofi);
+ if (dls->module)
+ {
+ dls->lib = get_mach_header_from_NSModule(dls->module);
+ }
+ }
+ if (!dls->module)
+ {
+ NSLinkEditError(&ler, &lerno, &file, &errstr);
+ if ((dls->flags & DL_IN_LIST) == 0)
+ {
+ free(dls);
+ }
+ error(errstr);
+ return NULL;
+ }
+
+ insertStatus(dls, sbuf);
+ dls = reference(dls, mode);
+ if ((init = dlsymIntern(dls, "__init", 0)))
+ {
+ debug("calling _init()");
+ init();
+ }
+ return dls;
+}
+
+inline static void dlcompat_init_check(void)
+{
+ static pthread_mutex_t l = PTHREAD_MUTEX_INITIALIZER;
+ static int init_done = 0;
+
+ pthread_mutex_lock(&l);
+ if (!init_done) {
+ dlcompat_init_func();
+ init_done = 1;
+ }
+ pthread_mutex_unlock(&l);
+}
+
+static void dlcompat_init_func(void)
+{
+ _dyld_func_lookup("__dyld_NSAddImage", (unsigned long *)&dyld_NSAddImage);
+ _dyld_func_lookup("__dyld_NSIsSymbolNameDefinedInImage",
+ (unsigned long *)&dyld_NSIsSymbolNameDefinedInImage);
+ _dyld_func_lookup("__dyld_NSLookupSymbolInImage", (unsigned long *)&dyld_NSLookupSymbolInImage);
+ if (pthread_mutex_init(&dlcompat_mutex, NULL))
+ exit(1);
+ if (pthread_key_create(&dlerror_key, &dlerrorfree))
+ exit(1);
+}
+
+static void resetdlerror()
+{
+ struct dlthread *tss;
+ tss = pthread_getspecific(dlerror_key);
+ tss->errset = 0;
+}
+
+static void dlerrorfree(void *data)
+{
+ free(data);
+}
+
+/* We kind of want a recursive lock here, but meet a little trouble
+ * because they are not available pre OS X 10.2, so we fake it
+ * using thread specific storage to keep a lock count
+ */
+static inline void dolock(void)
+{
+ int err = 0;
+ struct dlthread *tss;
+ dlcompat_init_check();
+ tss = pthread_getspecific(dlerror_key);
+ if (!tss)
+ {
+ tss = malloc(sizeof(struct dlthread));
+ tss->lockcnt = 0;
+ tss->errset = 0;
+ if (pthread_setspecific(dlerror_key, tss))
+ {
+ fprintf(stderr,"dlcompat: pthread_setspecific failed\n");
+ exit(1);
+ }
+ }
+ if (!tss->lockcnt)
+ err = pthread_mutex_lock(&dlcompat_mutex);
+ tss->lockcnt = tss->lockcnt +1;
+ if (err)
+ exit(err);
+}
+
+static inline void dounlock(void)
+{
+ int err = 0;
+ struct dlthread *tss;
+ tss = pthread_getspecific(dlerror_key);
+ tss->lockcnt = tss->lockcnt -1;
+ if (!tss->lockcnt)
+ err = pthread_mutex_unlock(&dlcompat_mutex);
+ if (err)
+ exit(err);
+}
+
+void *dlopen(const char *path, int mode)
+{
+ const struct stat *sbuf;
+ struct dlstatus *dls;
+ const char *fullPath;
+
+ dolock();
+ resetdlerror();
+ if (!path)
+ {
+ dls = &mainStatus;
+ goto dlopenok;
+ }
+ if (!(sbuf = findFile(path, &fullPath)))
+ {
+ error("file \"%s\" not found", path);
+ goto dlopenerror;
+ }
+ /* Now checks that it hasn't been closed already */
+ if ((dls = lookupStatus(sbuf)) && (dls->refs > 0))
+ {
+ debug("status found");
+ dls = reference(dls, mode);
+ goto dlopenok;
+ }
+#ifdef RTLD_NOLOAD
+ if (isFlagSet(mode, RTLD_NOLOAD))
+ {
+ error("no existing handle and RTLD_NOLOAD specified");
+ goto dlopenerror;
+ }
+#endif
+ if (isFlagSet(mode, RTLD_LAZY) && isFlagSet(mode, RTLD_NOW))
+ {
+ error("how can I load something both RTLD_LAZY and RTLD_NOW?");
+ goto dlopenerror;
+ }
+ dls = loadModule(fullPath, sbuf, mode);
+
+ dlopenok:
+ dounlock();
+ return (void *)dls;
+ dlopenerror:
+ dounlock();
+ return NULL;
+}
+
+#if !FINK_BUILD
+void *dlsym(void * dl_restrict handle, const char * dl_restrict symbol)
+{
+ int sym_len = strlen(symbol);
+ void *value = NULL;
+ char *malloc_sym = NULL;
+ dolock();
+ malloc_sym = malloc(sym_len + 2);
+ if (malloc_sym)
+ {
+ sprintf(malloc_sym, "_%s", symbol);
+ value = dlsymIntern(handle, malloc_sym, 1);
+ free(malloc_sym);
+ }
+ else
+ {
+ error("Unable to allocate memory");
+ goto dlsymerror;
+ }
+ dounlock();
+ return value;
+ dlsymerror:
+ dounlock();
+ return NULL;
+}
+#endif
+
+#if FINK_BUILD
+
+void *dlsym_prepend_underscore(void *handle, const char *symbol)
+{
+ void *answer;
+ dolock();
+ answer = dlsym_prepend_underscore_intern(handle, symbol);
+ dounlock();
+ return answer;
+}
+
+static void *dlsym_prepend_underscore_intern(void *handle, const char *symbol)
+{
+/*
+ * A quick and easy way for porting packages which call dlsym(handle,"sym")
+ * If the porter adds -Ddlsym=dlsym_prepend_underscore to the CFLAGS then
+ * this function will be called, and will add the required underscore.
+ *
+ * Note that I haven't figured out yet which should be "standard", prepend
+ * the underscore always, or not at all. These global functions need to go away
+ * for opendarwin.
+ */
+ int sym_len = strlen(symbol);
+ void *value = NULL;
+ char *malloc_sym = NULL;
+ malloc_sym = malloc(sym_len + 2);
+ if (malloc_sym)
+ {
+ sprintf(malloc_sym, "_%s", symbol);
+ value = dlsymIntern(handle, malloc_sym, 1);
+ free(malloc_sym);
+ }
+ else
+ {
+ error("Unable to allocate memory");
+ }
+ return value;
+}
+
+void *dlsym_auto_underscore(void *handle, const char *symbol)
+{
+ void *answer;
+ dolock();
+ answer = dlsym_auto_underscore_intern(handle, symbol);
+ dounlock();
+ return answer;
+
+}
+static void *dlsym_auto_underscore_intern(void *handle, const char *symbol)
+{
+ struct dlstatus *dls = handle;
+ void *addr = 0;
+ addr = dlsymIntern(dls, symbol, 0);
+ if (!addr)
+ addr = dlsym_prepend_underscore_intern(handle, symbol);
+ return addr;
+}
+
+
+void *dlsym(void * dl_restrict handle, const char * dl_restrict symbol)
+{
+ struct dlstatus *dls = handle;
+ void *addr = 0;
+ dolock();
+ addr = dlsymIntern(dls, symbol, 1);
+ dounlock();
+ return addr;
+}
+#endif
+
+int dlclose(void *handle)
+{
+ struct dlstatus *dls = handle;
+ dolock();
+ resetdlerror();
+ if (!isValidStatus(dls))
+ {
+ goto dlcloseerror;
+ }
+ if (dls->module == MAGIC_DYLIB_MOD)
+ {
+ const char *name;
+ if (!dls->lib)
+ {
+ name = "global context";
+ }
+ else
+ {
+ name = get_lib_name(dls->lib);
+ }
+ warning("trying to close a .dylib!");
+ error("Not closing \"%s\" - dynamic libraries cannot be closed", name);
+ goto dlcloseerror;
+ }
+ if (!dls->module)
+ {
+ error("module already closed");
+ goto dlcloseerror;
+ }
+
+ if (dls->refs == 1)
+ {
+ unsigned long options = 0;
+ void (*fini) (void);
+ if ((fini = dlsymIntern(dls, "__fini", 0)))
+ {
+ debug("calling _fini()");
+ fini();
+ }
+ options |= NSUNLINKMODULE_OPTION_RESET_LAZY_REFERENCES;
+#ifdef RTLD_NODELETE
+ if (isFlagSet(dls->mode, RTLD_NODELETE))
+ options |= NSUNLINKMODULE_OPTION_KEEP_MEMORY_MAPPED;
+#endif
+ if (!NSUnLinkModule(dls->module, options))
+ {
+ error("unable to unlink module");
+ goto dlcloseerror;
+ }
+ dls->refs--;
+ dls->module = 0;
+ /* Note: the dlstatus struct dls is neither removed from the list
+ * nor is the memory it occupies freed. This shouldn't pose a
+ * problem in mostly all cases, though.
+ */
+ }
+ dounlock();
+ return 0;
+ dlcloseerror:
+ dounlock();
+ return 1;
+}
+
+char *dlerror(void)
+{
+ struct dlthread *tss;
+ const char * err_str = NULL;
+ dlcompat_init_check();
+ tss = pthread_getspecific(dlerror_key);
+ if (tss != NULL && tss->errset != 0) {
+ tss->errset = 0;
+ err_str = tss->errstr;
+ }
+ return (err_str);
+}
+
+/* Given an address, return the mach_header for the image containing it
+ * or zero if the given address is not contained in any loaded images.
+ */
+const struct mach_header *image_for_address(const void *address)
+{
+ unsigned long i;
+ unsigned long j;
+ unsigned long count = _dyld_image_count();
+ struct mach_header *mh = 0;
+ struct load_command *lc = 0;
+ unsigned long addr = NULL;
+ for (i = 0; i < count; i++)
+ {
+ addr = (unsigned long)address - _dyld_get_image_vmaddr_slide(i);
+ mh = _dyld_get_image_header(i);
+ if (mh)
+ {
+ lc = (struct load_command *)((char *)mh + sizeof(struct mach_header));
+ for (j = 0; j < mh->ncmds; j++, lc = (struct load_command *)((char *)lc + lc->cmdsize))
+ {
+ if (LC_SEGMENT == lc->cmd &&
+ addr >= ((struct segment_command *)lc)->vmaddr &&
+ addr <
+ ((struct segment_command *)lc)->vmaddr + ((struct segment_command *)lc)->vmsize)
+ {
+ goto image_found;
+ }
+ }
+ }
+ mh = 0;
+ }
+ image_found:
+ return mh;
+}
+
+int dladdr(const void * dl_restrict p, Dl_info * dl_restrict info)
+{
+/*
+ FIXME: USe the routine image_for_address.
+*/
+ unsigned long i;
+ unsigned long j;
+ unsigned long count = _dyld_image_count();
+ struct mach_header *mh = 0;
+ struct load_command *lc = 0;
+ unsigned long addr = NULL;
+ unsigned long table_off = (unsigned long)0;
+ int found = 0;
+ if (!info)
+ return 0;
+ dolock();
+ resetdlerror();
+ info->dli_fname = 0;
+ info->dli_fbase = 0;
+ info->dli_sname = 0;
+ info->dli_saddr = 0;
+/* Some of this was swiped from code posted by Douglas Davidson <ddavidso AT apple DOT com>
+ * to darwin-development AT lists DOT apple DOT com and slightly modified
+ */
+ for (i = 0; i < count; i++)
+ {
+ addr = (unsigned long)p - _dyld_get_image_vmaddr_slide(i);
+ mh = _dyld_get_image_header(i);
+ if (mh)
+ {
+ lc = (struct load_command *)((char *)mh + sizeof(struct mach_header));
+ for (j = 0; j < mh->ncmds; j++, lc = (struct load_command *)((char *)lc + lc->cmdsize))
+ {
+ if (LC_SEGMENT == lc->cmd &&
+ addr >= ((struct segment_command *)lc)->vmaddr &&
+ addr <
+ ((struct segment_command *)lc)->vmaddr + ((struct segment_command *)lc)->vmsize)
+ {
+ info->dli_fname = _dyld_get_image_name(i);
+ info->dli_fbase = (void *)mh;
+ found = 1;
+ break;
+ }
+ }
+ if (found)
+ break;
+ }
+ }
+ if (!found)
+ {
+ dounlock();
+ return 0;
+ }
+ lc = (struct load_command *)((char *)mh + sizeof(struct mach_header));
+ for (j = 0; j < mh->ncmds; j++, lc = (struct load_command *)((char *)lc + lc->cmdsize))
+ {
+ if (LC_SEGMENT == lc->cmd)
+ {
+ if (!strcmp(((struct segment_command *)lc)->segname, "__LINKEDIT"))
+ break;
+ }
+ }
+ table_off =
+ ((unsigned long)((struct segment_command *)lc)->vmaddr) -
+ ((unsigned long)((struct segment_command *)lc)->fileoff) + _dyld_get_image_vmaddr_slide(i);
+ debug("table off %x", table_off);
+
+ lc = (struct load_command *)((char *)mh + sizeof(struct mach_header));
+ for (j = 0; j < mh->ncmds; j++, lc = (struct load_command *)((char *)lc + lc->cmdsize))
+ {
+ if (LC_SYMTAB == lc->cmd)
+ {
+
+ struct nlist *symtable = (struct nlist *)(((struct symtab_command *)lc)->symoff + table_off);
+ unsigned long numsyms = ((struct symtab_command *)lc)->nsyms;
+ struct nlist *nearest = NULL;
+ unsigned long diff = 0xffffffff;
+ unsigned long strtable = (unsigned long)(((struct symtab_command *)lc)->stroff + table_off);
+ debug("symtable %x", symtable);
+ for (i = 0; i < numsyms; i++)
+ {
+ /* Ignore the following kinds of Symbols */
+ if ((!symtable->n_value) /* Undefined */
+ || (symtable->n_type >= N_PEXT) /* Debug symbol */
+ || (!(symtable->n_type & N_EXT)) /* Local Symbol */
+ )
+ {
+ symtable++;
+ continue;
+ }
+ if ((addr >= symtable->n_value) && (diff >= (symtable->n_value - addr)))
+ {
+ diff = (unsigned long)symtable->n_value - addr;
+ nearest = symtable;
+ }
+ symtable++;
+ }
+ if (nearest)
+ {
+ info->dli_saddr = nearest->n_value + ((void *)p - addr);
+ info->dli_sname = (char *)(strtable + nearest->n_un.n_strx);
+ }
+ }
+ }
+ dounlock();
+ return 1;
+}
+
+
+/*
+ * Implement the dlfunc() interface, which behaves exactly the same as
+ * dlsym() except that it returns a function pointer instead of a data
+ * pointer. This can be used by applications to avoid compiler warnings
+ * about undefined behavior, and is intended as prior art for future
+ * POSIX standardization. This function requires that all pointer types
+ * have the same representation, which is true on all platforms FreeBSD
+ * runs on, but is not guaranteed by the C standard.
+ */
+#if 0
+dlfunc_t dlfunc(void * dl_restrict handle, const char * dl_restrict symbol)
+{
+ union
+ {
+ void *d;
+ dlfunc_t f;
+ } rv;
+ int sym_len = strlen(symbol);
+ char *malloc_sym = NULL;
+ dolock();
+ malloc_sym = malloc(sym_len + 2);
+ if (malloc_sym)
+ {
+ sprintf(malloc_sym, "_%s", symbol);
+ rv.d = dlsymIntern(handle, malloc_sym, 1);
+ free(malloc_sym);
+ }
+ else
+ {
+ error("Unable to allocate memory");
+ goto dlfuncerror;
+ }
+ dounlock();
+ return rv.f;
+ dlfuncerror:
+ dounlock();
+ return NULL;
+}
+#endif
diff --git a/src/http.c b/src/http.c
new file mode 100644
index 0000000..4f107db
--- /dev/null
+++ b/src/http.c
@@ -0,0 +1,155 @@
+/* Asterisk Manager Proxy
+ Copyright (c) 2005 David C. Troy <dave@popvox.com>
+
+ This program is free software, distributed under the terms of
+ the GNU General Public License.
+
+ HTTP Input Handler
+*/
+
+#include "astmanproxy.h"
+
+int ParseHTTPInput(char *buf, struct message *m) {
+ char *n, *v;
+
+ n = buf;
+ while ( (v = strstr(n, "=")) ) {
+ v += 1;
+ debugmsg("n: %s, v: %s", n, v);
+ strncat(m->headers[m->hdrcount], n, v-n-1);
+ strcat(m->headers[m->hdrcount], ": ");
+
+ if ( (n = strstr(v, "&")) ) {
+ n += 1;
+ } else {
+ n = (v + strlen(v) + 1);
+ }
+ strncat(m->headers[m->hdrcount], v, n-v-1);
+ debugmsg("got hdr: %s", m->headers[m->hdrcount]);
+ m->hdrcount++;
+ }
+
+ return (m->hdrcount > 0);
+}
+
+int HTTPHeader(struct mansession *s, char *status) {
+
+
+ time_t t;
+ struct tm tm;
+ char date[80];
+ char ctype[15], hdr[MAX_LEN];
+
+ time(&t);
+ localtime_r(&t, &tm);
+ strftime(date, sizeof(date), "%a, %d %b %Y %H:%M:%S %z", &tm);
+
+ if ( !strcasecmp("xml", s->output->formatname) )
+ sprintf(ctype, "text/xml");
+ else
+ sprintf(ctype, "text/plain");
+
+ if (!strcmp("200 OK", status) )
+ sprintf(hdr,
+ "HTTP/1.1 %s\r\n"
+ "Date: %s\r\n"
+ "Content-Type: %s\r\n"
+ "Connection: close\r\n"
+ "Server: %s/%s\r\n\r\n", status,
+ date, ctype, PROXY_BANNER, PROXY_VERSION);
+ else
+ sprintf(hdr,
+ "HTTP/1.1 %s\r\n"
+ "Date: %s\r\n"
+ "Status: %s\r\n"
+ "Server: %s/%s\r\n\r\n", status, date, status, PROXY_BANNER, PROXY_VERSION);
+
+ pthread_mutex_lock(&s->lock);
+ s->inputcomplete = 1;
+ ast_carefulwrite(s->fd, hdr, strlen(hdr), s->writetimeout);
+ pthread_mutex_unlock(&s->lock);
+ debugmsg("http header: %s", hdr);
+
+ return 0;
+}
+
+int _read(struct mansession *s, struct message *m) {
+
+ /* Note: No single line may be longer than MAX_LEN/s->inbuf, as per get_input */
+ /* No HTTP Input may be longer than BUFSIZE */
+
+ char line[MAX_LEN], method[10], formdata[MAX_LEN], status[15];
+ int res, clength = 0;
+
+ memset(method, 0, sizeof method);
+ memset(formdata, 0, sizeof formdata);
+ memset(status, 0, sizeof status);
+
+ /* for http, don't do get_input forever */
+ for (;;) {
+
+ if (s->inputcomplete && !s->outputcomplete)
+ continue;
+ else if (s->inputcomplete && s->outputcomplete)
+ return -1;
+
+ memset(line, 0, sizeof line);
+ res = get_input(s, line);
+ debugmsg("res=%d, line: %s",res, line);
+
+ if (res > 0) {
+ debugmsg("Got http: %s", line);
+
+ if ( !clength && !strncasecmp(line, "Content-Length: ", 16) )
+ clength = atoi(line+16);
+
+ if (!*method) {
+ if ( !strncmp(line,"POST",4) ) {
+ strncpy(method, line, 4);
+ } else if ( !strncmp(line,"GET",3)) {
+ if ( strlen(line) > 14 ) {
+ /* GET / HTTP/1.1 ---- this is bad */
+ /* GET /?Action=Ping&ActionID=Foo HTTP/1.1 */
+ strncpy(method, line, 3);
+ memcpy(formdata, line+6, strstr(line, " HTTP")-line-6);
+ sprintf(status, "200 OK");
+ } else
+ sprintf(status, "501 Not Implemented");
+ }
+ }
+ } else if (res == 0) {
+ /* x-www-form-urlencoded handler */
+ /* Content-Type: application/x-www-form-urlencoded */
+ if (*method && !*formdata) {
+ if ( !strcasecmp(method, "POST") && clength && s->inlen==clength) {
+ pthread_mutex_lock(&s->lock);
+ strncpy(formdata, s->inbuf, clength);
+ s->inlen = 0;
+ pthread_mutex_unlock(&s->lock);
+ sprintf(status, "200 OK");
+ }
+ }
+ }
+
+ if (res < 0)
+ break;
+
+ if (*status) {
+ HTTPHeader(s, status);
+
+ /* now, let's transform and copy into a standard message block */
+ if (!strcmp("200 OK", status) ) {
+ res = ParseHTTPInput(formdata, m);
+ return res;
+ } else {
+ pthread_mutex_lock(&s->lock);
+ s->outputcomplete = 1;
+ pthread_mutex_unlock(&s->lock);
+ return 0;
+ }
+ }
+ }
+ return -1;
+}
+
+/* We do not define a _write or _onconnect method */
diff --git a/src/include/astmanproxy.h b/src/include/astmanproxy.h
new file mode 100644
index 0000000..dc7ac87
--- /dev/null
+++ b/src/include/astmanproxy.h
@@ -0,0 +1,149 @@
+#include <pthread.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <string.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <netdb.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+#include <arpa/inet.h>
+#include <signal.h>
+#include <errno.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <stdarg.h>
+#include <dirent.h>
+#include <errno.h>
+#ifdef __APPLE__
+ #include "dlfcn-compat.h"
+ #include "poll-compat.h"
+#else
+ #include <dlfcn.h>
+ #include <sys/poll.h>
+#endif
+
+#define BUFSIZE 1024
+#define MAX_HEADERS 256
+#define MAX_LEN 1024
+
+#define PROXY_BANNER "Asterisk Call Manager Proxy"
+#define PROXY_SHUTDOWN "ProxyMessage: Proxy Shutting Down"
+#define ACTION_ID "ActionID"
+
+struct ast_server {
+ char nickname[80];
+ char ast_host[40];
+ char ast_port[10];
+ char ast_user[80];
+ char ast_pass[80];
+ char ast_events[10];
+ int use_ssl; /* Use SSL when Connecting to Server? */
+ int status; /* TODO: have this mean something */
+ struct ast_server *next;
+};
+
+struct proxy_user {
+ char username[80];
+ char secret[80];
+ char channel[80];
+ char icontext[80];
+ char ocontext[80];
+ struct proxy_user *next;
+};
+
+struct proxyconfig {
+ struct ast_server *serverlist;
+ struct proxy_user *userlist;
+ char listen_addr[INET_ADDRSTRLEN];
+ int listen_port;
+ char inputformat[80];
+ char outputformat[80];
+ int autofilter; /* enable autofiltering? */
+ int authrequired; /* is authentication required? */
+ char key[80];
+ char proc_user[40];
+ char proc_group[40];
+ char logfile[256];
+ int retryinterval;
+ int maxretries;
+ int asteriskwritetimeout; /* ms to wait when writing to asteriskfor ast_carefulwrite */
+ int clientwritetimeout; /* ms to wait when writing to client ast_carefulwrite */
+ int sslclhellotimeout; /* ssl client hello timeout -- how long to wait before assuming not ssl */
+ int acceptencryptedconnection; /* accept encrypted connections? */
+ int acceptunencryptedconnection; /* accept unencrypted connections? */
+ char certfile[256]; /* our SERVER-side SSL certificate file */
+};
+
+struct iohandler {
+ int (*read) ();
+ int (*write) ();
+ int (*onconnect) ();
+ char formatname[80];
+ void *dlhandle;
+ struct iohandler *next;
+};
+
+struct mansession {
+ pthread_t t;
+ pthread_mutex_t lock;
+ struct sockaddr_in sin;
+ int fd;
+ char inbuf[MAX_LEN];
+ int inlen;
+ struct iohandler *input;
+ struct iohandler *output;
+ int autofilter;
+ int authenticated;
+ int connected;
+ int dead; /* Whether we are dead */
+ int busy; /* Whether we are busy */
+ int inputcomplete; /* Whether we want any more input from this session (http) */
+ int outputcomplete; /* Whether output to this session is done (http) */
+ struct ast_server *server;
+ struct proxy_user user;
+ char actionid[MAX_LEN];
+ char challenge[10]; /*! Authentication challenge */
+ int writetimeout; /* Timeout for ast_carefulwrite() */
+ struct mansession *next;
+};
+
+struct message {
+ int hdrcount;
+ char headers[MAX_HEADERS][MAX_LEN];
+ int in_command;
+ struct mansession *session;
+};
+
+struct proxyconfig pc;
+extern int debug;
+
+/* Common Function Prototypes */
+void debugmsg (const char *, ...);
+const char *ast_inet_ntoa(char *buf, int bufsiz, struct in_addr ia);
+int AddHeader(struct message *m, const char *fmt, ...);
+void debugmsg (const char *fmt, ...);
+void logmsg (const char *fmt, ...);
+
+int StartServer(struct ast_server *srv);
+int WriteAsterisk(struct message *m);
+char *astman_get_header(struct message *m, char *var);
+int proxyerror_do(struct mansession *s, char *err);
+int get_input(struct mansession *s, char *output);
+int SetIOHandlers(struct mansession *s, char *ifmt, char *ofmt);
+void destroy_session(struct mansession *s);
+int ast_carefulwrite(int fd, char *s, int len, int timeoutms);
+extern void *SendError(struct mansession *s, char *errmsg);
+
+int close_sock(int socket);
+int ProxyChallenge(struct mansession *s, struct message *m);
+int ast_connect(struct mansession *a);
+int is_encrypt_request(int sslclhellotimeout, int fd);
+int saccept(int s);
+int get_real_fd(int fd);
+int client_init_secure(void);
+int init_secure(char *certfile);
+int m_send(int fd, const void *data, size_t len);
+int m_recv(int s, void *buf, size_t len, int flags);
diff --git a/src/include/dlfcn-compat.h b/src/include/dlfcn-compat.h
new file mode 100644
index 0000000..7c5e87f
--- /dev/null
+++ b/src/include/dlfcn-compat.h
@@ -0,0 +1,83 @@
+/*
+Copyright (c) 2002 Jorge Acereda <jacereda@users.sourceforge.net> &
+ Peter O'Gorman <ogorman@users.sourceforge.net>
+
+Portions may be copyright others, see the AUTHORS file included with this
+distribution.
+
+Maintained by Peter O'Gorman <ogorman@users.sourceforge.net>
+
+Bug Reports and other queries should go to <ogorman@users.sourceforge.net>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+#ifndef _DLFCN_H_
+#define _DLFCN_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined (__GNUC__) && __GNUC__ > 3
+#define dl_restrict __restrict
+#else
+#define dl_restrict
+#endif
+
+#ifndef _POSIX_SOURCE
+/*
+ * Structure filled in by dladdr().
+ */
+typedef struct dl_info {
+ const char *dli_fname; /* Pathname of shared object */
+ void *dli_fbase; /* Base address of shared object */
+ const char *dli_sname; /* Name of nearest symbol */
+ void *dli_saddr; /* Address of nearest symbol */
+} Dl_info;
+
+extern int dladdr(const void * dl_restrict, Dl_info * dl_restrict);
+#endif /* ! _POSIX_SOURCE */
+
+extern int dlclose(void * handle);
+extern char * dlerror(void);
+extern void * dlopen(const char *path, int mode);
+extern void * dlsym(void * dl_restrict handle, const char * dl_restrict symbol);
+
+#define RTLD_LAZY 0x1
+#define RTLD_NOW 0x2
+#define RTLD_LOCAL 0x4
+#define RTLD_GLOBAL 0x8
+
+#ifndef _POSIX_SOURCE
+#define RTLD_NOLOAD 0x10
+#define RTLD_NODELETE 0x80
+
+/*
+ * Special handle arguments for dlsym().
+ */
+#define RTLD_NEXT ((void *) -1) /* Search subsequent objects. */
+#define RTLD_DEFAULT ((void *) -2) /* Use default search algorithm. */
+#endif /* ! _POSIX_SOURCE */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _DLFCN_H_ */
diff --git a/src/include/endian.h b/src/include/endian.h
new file mode 100644
index 0000000..f5e20fb
--- /dev/null
+++ b/src/include/endian.h
@@ -0,0 +1,60 @@
+/*
+ * Asterisk -- A telephony toolkit for Linux.
+ *
+ * Asterisk architecture endianess compatibility definitions
+ *
+ * Copyright (C) 1999 - 2005, Digium, Inc.
+ *
+ * Mark Spencer <markster@digium.com>
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU Lesser General Public License. Other components of
+ * Asterisk are distributed under The GNU General Public License
+ * only.
+ */
+
+#ifndef _ASTERISK_ENDIAN_H
+#define _ASTERISK_ENDIAN_H
+
+/*
+ * Autodetect system endianess
+ */
+
+#ifdef SOLARIS
+#include "solaris-compat/compat.h"
+#endif
+
+#ifndef __BYTE_ORDER
+#ifdef __linux__
+#include <endian.h>
+#elif defined(__OpenBSD__) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__APPLE__)
+#if defined(__OpenBSD__)
+#include <machine/types.h>
+#endif /* __OpenBSD__ */
+#include <machine/endian.h>
+#define __BYTE_ORDER BYTE_ORDER
+#define __LITTLE_ENDIAN LITTLE_ENDIAN
+#define __BIG_ENDIAN BIG_ENDIAN
+#else
+#ifdef __LITTLE_ENDIAN__
+#define __BYTE_ORDER __LITTLE_ENDIAN
+#endif /* __LITTLE_ENDIAN */
+
+#if defined(i386) || defined(__i386__)
+#define __BYTE_ORDER __LITTLE_ENDIAN
+#endif /* defined i386 */
+
+#if defined(sun) && defined(unix) && defined(sparc)
+#define __BYTE_ORDER __BIG_ENDIAN
+#endif /* sun unix sparc */
+
+#endif /* linux */
+
+#endif /* __BYTE_ORDER */
+
+#ifndef __BYTE_ORDER
+#error Need to know endianess
+#endif /* __BYTE_ORDER */
+
+#endif /* _ASTERISK_ENDIAN_H */
+
diff --git a/src/include/md5.h b/src/include/md5.h
new file mode 100644
index 0000000..30ac30c
--- /dev/null
+++ b/src/include/md5.h
@@ -0,0 +1,18 @@
+#ifndef MD5_H
+#define MD5_H
+
+#include <inttypes.h>
+
+struct MD5Context {
+ uint32_t buf[4];
+ uint32_t bits[2];
+ unsigned char in[64];
+};
+
+void MD5Init(struct MD5Context *context);
+void MD5Update(struct MD5Context *context, unsigned char const *buf,
+ unsigned len);
+void MD5Final(unsigned char digest[16], struct MD5Context *context);
+void MD5Transform(uint32_t buf[4], uint32_t const in[16]);
+
+#endif /* !MD5_H */
diff --git a/src/include/poll-compat.h b/src/include/poll-compat.h
new file mode 100644
index 0000000..79eab15
--- /dev/null
+++ b/src/include/poll-compat.h
@@ -0,0 +1,101 @@
+/*---------------------------------------------------------------------------*\
+ $Id: poll-compat.h,v 1.1 2003/10/26 18:50:49 markster Exp $
+
+ NAME
+
+ poll - select(2)-based poll() emulation function for BSD systems.
+
+ SYNOPSIS
+ #include "poll.h"
+
+ struct pollfd
+ {
+ int fd;
+ short events;
+ short revents;
+ }
+
+ int poll (struct pollfd *pArray, unsigned long n_fds, int timeout)
+
+ DESCRIPTION
+
+ This file, and the accompanying "poll.c", implement the System V
+ poll(2) system call for BSD systems (which typically do not provide
+ poll()). Poll() provides a method for multiplexing input and output
+ on multiple open file descriptors; in traditional BSD systems, that
+ capability is provided by select(). While the semantics of select()
+ differ from those of poll(), poll() can be readily emulated in terms
+ of select() -- which is how this function is implemented.
+
+ REFERENCES
+ Stevens, W. Richard. Unix Network Programming. Prentice-Hall, 1990.
+
+ NOTES
+ 1. This software requires an ANSI C compiler.
+
+ LICENSE
+
+ This software is released under the following license:
+
+ Copyright (c) 1995-2002 Brian M. Clapper
+ All rights reserved.
+
+ Redistribution and use in source and binary forms are
+ permitted provided that: (1) source distributions retain
+ this entire copyright notice and comment; (2) modifications
+ made to the software are prominently mentioned, and a copy
+ of the original software (or a pointer to its location) are
+ included; and (3) distributions including binaries display
+ the following acknowledgement: "This product includes
+ software developed by Brian M. Clapper <bmc@clapper.org>"
+ in the documentation or other materials provided with the
+ distribution. The name of the author may not be used to
+ endorse or promote products derived from this software
+ without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS
+ OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE.
+
+ Effectively, this means you can do what you want with the software
+ except remove this notice or take advantage of the author's name.
+ If you modify the software and redistribute your modified version,
+ you must indicate that your version is a modification of the
+ original, and you must provide either a pointer to or a copy of the
+ original.
+\*---------------------------------------------------------------------------*/
+
+#ifndef _POLL_EMUL_H_
+#define _POLL_EMUL_H_
+
+#define POLLIN 0x01
+#define POLLPRI 0x02
+#define POLLOUT 0x04
+#define POLLERR 0x08
+#define POLLHUP 0x10
+#define POLLNVAL 0x20
+
+struct pollfd
+{
+ int fd;
+ short events;
+ short revents;
+};
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#if (__STDC__ > 0) || defined(__cplusplus)
+extern int poll (struct pollfd *pArray, unsigned long n_fds, int timeout);
+#else
+extern int poll();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _POLL_EMUL_H_ */
diff --git a/src/include/ssl.h b/src/include/ssl.h
new file mode 100644
index 0000000..123bd43
--- /dev/null
+++ b/src/include/ssl.h
@@ -0,0 +1,89 @@
+/*
+ * ssl_addon: Encrypts the asterisk management interface
+ *
+ * Copyrights:
+ * Copyright (C) 2005-2006, Tello Corporation, Inc.
+ *
+ * Contributors:
+ * Remco Treffkorn(Architect) and Mahesh Karoshi
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU Lesser (Library) General Public License
+ *
+ * Copyright on this file is disclaimed to Digium for inclusion in Asterisk
+ */
+
+#ifndef _SSL_ADDON_H_
+#define _SSL_ADDON_H_
+
+#include <openssl/ssl.h>
+#include "astmanproxy.h"
+
+int connect_nonb(struct mansession *a);
+
+/*! \brief
+ This data structure holds the additional SSL data needed to use the ssl functions.
+ The negative fd is used as an index into this data structure (after processing).
+ Choose SEC_MAX to be impossibly large for the application.
+*/
+#define SEC_MAX 16
+struct {
+ int fd;
+ SSL* ssl;
+} sec_channel[SEC_MAX];
+
+/*! \brief
+ this has to be called before any other function dealing with ssl.
+*/
+int init_secure(char* certfile);
+
+/*! \brief
+ Returns the real fd, that is received from os, when we accept the connection.
+*/
+int get_real_fd(int fd);
+
+/*! \brief
+ Returns the ssl structure from the fd.
+*/
+SSL *get_ssl(int fd);
+
+/*! \brief
+ Returns the availabe security slot. This restricts the maximun number of security connection,
+ the asterisk server can have for AMI.
+*/
+int sec_getslot(void);
+
+/*! \brief
+ Accepts the connection, if the security is enabled it returns the negative fd. -1 is flase, -2, -3
+ etc are ssl connections.
+*/
+int saccept(int s);
+
+/*! \brief
+ Sends the data over secured or unsecured connections.
+*/
+int m_send(int fd, const void *data, size_t len);
+
+
+/*! \brief
+ Receives the connection from either ssl or fd.
+*/
+int m_recv(int s, void *buf, size_t len, int flags);
+
+
+/*! \brief
+ Needs to be called instead of close() to close a socket.
+ It also closes the ssl meta connection.
+*/
+
+int close_sock(int socket);
+
+int errexit(char s[]);
+
+int is_encrypt_request(int sslclhellotimeout, int fd);
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif
diff --git a/src/log.c b/src/log.c
new file mode 100644
index 0000000..d3f8d15
--- /dev/null
+++ b/src/log.c
@@ -0,0 +1,57 @@
+#include "astmanproxy.h"
+
+#define DATEFORMAT "%b %e %T"
+
+extern FILE *proxylog;
+extern int debug;
+extern pthread_mutex_t loglock;
+extern pthread_mutex_t debuglock;
+
+void debugmsg (const char *fmt, ...)
+{
+ va_list ap;
+
+ time_t t;
+ struct tm tm;
+ char date[80];
+
+ if (!debug)
+ return;
+
+ time(&t);
+ localtime_r(&t, &tm);
+ strftime(date, sizeof(date), DATEFORMAT, &tm);
+
+ pthread_mutex_lock(&debuglock);
+ va_start(ap, fmt);
+ printf("%s: ", date);
+ vprintf(fmt, ap);
+ printf("\n");
+ va_end(ap);
+ pthread_mutex_unlock(&debuglock);
+}
+
+
+void logmsg (const char *fmt, ...)
+{
+ va_list ap;
+
+ time_t t;
+ struct tm tm;
+ char date[80];
+
+ time(&t);
+ localtime_r(&t, &tm);
+ strftime(date, sizeof(date), DATEFORMAT, &tm);
+
+ if (proxylog) {
+ pthread_mutex_lock(&loglock);
+ va_start(ap, fmt);
+ fprintf(proxylog, "%s: ", date);
+ vfprintf(proxylog, fmt, ap);
+ fprintf(proxylog, "\n");
+ va_end(ap);
+ fflush(proxylog);
+ pthread_mutex_unlock(&loglock);
+ }
+}
diff --git a/src/md5.c b/src/md5.c
new file mode 100644
index 0000000..cda3441
--- /dev/null
+++ b/src/md5.c
@@ -0,0 +1,260 @@
+/* MD5 checksum routines used for authentication. Not covered by GPL, but
+ in the public domain as per the copyright below */
+
+/*
+ * This code implements the MD5 message-digest algorithm.
+ * The algorithm is due to Ron Rivest. This code was
+ * written by Colin Plumb in 1993, no copyright is claimed.
+ * This code is in the public domain; do with it what you wish.
+ *
+ * Equivalent code is available from RSA Data Security, Inc.
+ * This code has been tested against that, and is equivalent,
+ * except that you don't need to include two pages of legalese
+ * with every copy.
+ *
+ * To compute the message digest of a chunk of bytes, declare an
+ * MD5Context structure, pass it to MD5Init, call MD5Update as
+ * needed on buffers full of bytes, and then call MD5Final, which
+ * will fill a supplied 16-byte array with the digest.
+ */
+
+#include "endian.h"
+#include "astmanproxy.h"
+#include "md5.h"
+
+# if __BYTE_ORDER == __BIG_ENDIAN
+# define HIGHFIRST 1
+# endif
+#ifndef HIGHFIRST
+#define byteReverse(buf, len) /* Nothing */
+#else
+void byteReverse(unsigned char *buf, unsigned longs);
+
+#ifndef ASM_MD5
+/*
+ * Note: this code is harmless on little-endian machines.
+ */
+void byteReverse(unsigned char *buf, unsigned longs)
+{
+ uint32_t t;
+ do {
+ t = (uint32_t) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
+ ((unsigned) buf[1] << 8 | buf[0]);
+ *(uint32_t *) buf = t;
+ buf += 4;
+ } while (--longs);
+}
+#endif
+#endif
+
+/*
+ * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
+ * initialization constants.
+ */
+void MD5Init(struct MD5Context *ctx)
+{
+ ctx->buf[0] = 0x67452301;
+ ctx->buf[1] = 0xefcdab89;
+ ctx->buf[2] = 0x98badcfe;
+ ctx->buf[3] = 0x10325476;
+
+ ctx->bits[0] = 0;
+ ctx->bits[1] = 0;
+}
+
+/*
+ * Update context to reflect the concatenation of another buffer full
+ * of bytes.
+ */
+void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
+{
+ uint32_t t;
+
+ /* Update bitcount */
+
+ t = ctx->bits[0];
+ if ((ctx->bits[0] = t + ((uint32_t) len << 3)) < t)
+ ctx->bits[1]++; /* Carry from low to high */
+ ctx->bits[1] += len >> 29;
+
+ t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
+
+ /* Handle any leading odd-sized chunks */
+
+ if (t) {
+ unsigned char *p = (unsigned char *) ctx->in + t;
+
+ t = 64 - t;
+ if (len < t) {
+ memcpy(p, buf, len);
+ return;
+ }
+ memcpy(p, buf, t);
+ byteReverse(ctx->in, 16);
+ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ buf += t;
+ len -= t;
+ }
+ /* Process data in 64-byte chunks */
+
+ while (len >= 64) {
+ memcpy(ctx->in, buf, 64);
+ byteReverse(ctx->in, 16);
+ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ buf += 64;
+ len -= 64;
+ }
+
+ /* Handle any remaining bytes of data. */
+
+ memcpy(ctx->in, buf, len);
+}
+
+/*
+ * Final wrapup - pad to 64-byte boundary with the bit pattern
+ * 1 0* (64-bit count of bits processed, MSB-first)
+ */
+void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
+{
+ unsigned count;
+ unsigned char *p;
+
+ /* Compute number of bytes mod 64 */
+ count = (ctx->bits[0] >> 3) & 0x3F;
+
+ /* Set the first char of padding to 0x80. This is safe since there is
+ always at least one byte free */
+ p = ctx->in + count;
+ *p++ = 0x80;
+
+ /* Bytes of padding needed to make 64 bytes */
+ count = 64 - 1 - count;
+
+ /* Pad out to 56 mod 64 */
+ if (count < 8) {
+ /* Two lots of padding: Pad the first block to 64 bytes */
+ memset(p, 0, count);
+ byteReverse(ctx->in, 16);
+ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+
+ /* Now fill the next block with 56 bytes */
+ memset(ctx->in, 0, 56);
+ } else {
+ /* Pad block to 56 bytes */
+ memset(p, 0, count - 8);
+ }
+ byteReverse(ctx->in, 14);
+
+ /* Append length in bits and transform */
+ ((uint32_t *) ctx->in)[14] = ctx->bits[0];
+ ((uint32_t *) ctx->in)[15] = ctx->bits[1];
+
+ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ byteReverse((unsigned char *) ctx->buf, 4);
+ memcpy(digest, ctx->buf, 16);
+ memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
+}
+
+#ifndef ASM_MD5
+
+/* The four core functions - F1 is optimized somewhat */
+
+/* #define F1(x, y, z) (x & y | ~x & z) */
+#define F1(x, y, z) (z ^ (x & (y ^ z)))
+#define F2(x, y, z) F1(z, x, y)
+#define F3(x, y, z) (x ^ y ^ z)
+#define F4(x, y, z) (y ^ (x | ~z))
+
+/* This is the central step in the MD5 algorithm. */
+#define MD5STEP(f, w, x, y, z, data, s) \
+ ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
+
+/*
+ * The core of the MD5 algorithm, this alters an existing MD5 hash to
+ * reflect the addition of 16 longwords of new data. MD5Update blocks
+ * the data and converts bytes into longwords for this routine.
+ */
+void MD5Transform(uint32_t buf[4], uint32_t const in[16])
+{
+ register uint32_t a, b, c, d;
+
+ a = buf[0];
+ b = buf[1];
+ c = buf[2];
+ d = buf[3];
+
+ MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
+ MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
+ MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
+ MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
+ MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
+ MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
+ MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
+ MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
+ MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
+ MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
+ MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
+ MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
+ MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
+ MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
+ MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
+ MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
+
+ MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
+ MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
+ MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
+ MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
+ MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
+ MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
+ MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
+ MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
+ MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
+ MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
+ MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
+ MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
+ MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
+ MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
+ MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
+ MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
+
+ MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
+ MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
+ MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
+ MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
+ MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
+ MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
+ MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
+ MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
+ MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
+ MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
+ MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
+ MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
+ MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
+ MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
+ MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
+ MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
+
+ MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
+ MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
+ MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
+ MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
+ MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
+ MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
+ MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
+ MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
+ MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
+ MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
+ MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
+ MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
+ MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
+ MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
+ MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
+ MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
+
+ buf[0] += a;
+ buf[1] += b;
+ buf[2] += c;
+ buf[3] += d;
+}
+
+#endif
diff --git a/src/poll.c b/src/poll.c
new file mode 100644
index 0000000..a36539a
--- /dev/null
+++ b/src/poll.c
@@ -0,0 +1,306 @@
+/*---------------------------------------------------------------------------*\
+ $Id: poll.c,v 1.1 2003/10/26 19:17:28 tholo Exp $
+
+ NAME
+
+ poll - select(2)-based poll() emulation function for BSD systems.
+
+ SYNOPSIS
+ #include "poll.h"
+
+ struct pollfd
+ {
+ int fd;
+ short events;
+ short revents;
+ }
+
+ int poll (struct pollfd *pArray, unsigned long n_fds, int timeout)
+
+ DESCRIPTION
+
+ This file, and the accompanying "poll.h", implement the System V
+ poll(2) system call for BSD systems (which typically do not provide
+ poll()). Poll() provides a method for multiplexing input and output
+ on multiple open file descriptors; in traditional BSD systems, that
+ capability is provided by select(). While the semantics of select()
+ differ from those of poll(), poll() can be readily emulated in terms
+ of select() -- which is how this function is implemented.
+
+ REFERENCES
+ Stevens, W. Richard. Unix Network Programming. Prentice-Hall, 1990.
+
+ NOTES
+ 1. This software requires an ANSI C compiler.
+
+ LICENSE
+
+ This software is released under the following license:
+
+ Copyright (c) 1995-2002 Brian M. Clapper
+ All rights reserved.
+
+ Redistribution and use in source and binary forms are
+ permitted provided that: (1) source distributions retain
+ this entire copyright notice and comment; (2) modifications
+ made to the software are prominently mentioned, and a copy
+ of the original software (or a pointer to its location) are
+ included; and (3) distributions including binaries display
+ the following acknowledgement: "This product includes
+ software developed by Brian M. Clapper <bmc@clapper.org>"
+ in the documentation or other materials provided with the
+ distribution. The name of the author may not be used to
+ endorse or promote products derived from this software
+ without specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS
+ OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE.
+
+ Effectively, this means you can do what you want with the software
+ except remove this notice or take advantage of the author's name.
+ If you modify the software and redistribute your modified version,
+ you must indicate that your version is a modification of the
+ original, and you must provide either a pointer to or a copy of the
+ original.
+\*---------------------------------------------------------------------------*/
+
+
+/*---------------------------------------------------------------------------*\
+ Includes
+\*---------------------------------------------------------------------------*/
+
+#include <unistd.h> /* standard Unix definitions */
+#include <sys/types.h> /* system types */
+#include <sys/time.h> /* time definitions */
+#include <assert.h> /* assertion macros */
+#include <string.h> /* string functions */
+
+#include "poll-compat.h" /* this package */
+
+/*---------------------------------------------------------------------------*\
+ Macros
+\*---------------------------------------------------------------------------*/
+
+#ifndef MAX
+#define MAX(a,b) ((a) > (b) ? (a) : (b))
+#endif
+
+
+/*---------------------------------------------------------------------------*\
+ Private Functions
+\*---------------------------------------------------------------------------*/
+
+static int map_poll_spec
+#if __STDC__ > 0
+ (struct pollfd *pArray,
+ unsigned long n_fds,
+ fd_set *pReadSet,
+ fd_set *pWriteSet,
+ fd_set *pExceptSet)
+#else
+ (pArray, n_fds, pReadSet, pWriteSet, pExceptSet)
+ struct pollfd *pArray;
+ unsigned long n_fds;
+ fd_set *pReadSet;
+ fd_set *pWriteSet;
+ fd_set *pExceptSet;
+#endif
+{
+ register unsigned long i; /* loop control */
+ register struct pollfd *pCur; /* current array element */
+ register int max_fd = -1; /* return value */
+
+ /*
+ Map the poll() structures into the file descriptor sets required
+ by select().
+ */
+ for (i = 0, pCur = pArray; i < n_fds; i++, pCur++)
+ {
+ /* Skip any bad FDs in the array. */
+
+ if (pCur->fd < 0)
+ continue;
+
+ if (pCur->events & POLLIN)
+ {
+ /* "Input Ready" notification desired. */
+ FD_SET (pCur->fd, pReadSet);
+ }
+
+ if (pCur->events & POLLOUT)
+ {
+ /* "Output Possible" notification desired. */
+ FD_SET (pCur->fd, pWriteSet);
+ }
+
+ if (pCur->events & POLLPRI)
+ {
+ /*
+ "Exception Occurred" notification desired. (Exceptions
+ include out of band data.
+ */
+ FD_SET (pCur->fd, pExceptSet);
+ }
+
+ max_fd = MAX (max_fd, pCur->fd);
+ }
+
+ return max_fd;
+}
+
+static struct timeval *map_timeout
+#if __STDC__ > 0
+ (int poll_timeout, struct timeval *pSelTimeout)
+#else
+ (poll_timeout, pSelTimeout)
+ int poll_timeout;
+ struct timeval *pSelTimeout;
+#endif
+{
+ struct timeval *pResult;
+
+ /*
+ Map the poll() timeout value into a select() timeout. The possible
+ values of the poll() timeout value, and their meanings, are:
+
+ VALUE MEANING
+
+ -1 wait indefinitely (until signal occurs)
+ 0 return immediately, don't block
+ >0 wait specified number of milliseconds
+
+ select() uses a "struct timeval", which specifies the timeout in
+ seconds and microseconds, so the milliseconds value has to be mapped
+ accordingly.
+ */
+
+ assert (pSelTimeout != (struct timeval *) NULL);
+
+ switch (poll_timeout)
+ {
+ case -1:
+ /*
+ A NULL timeout structure tells select() to wait indefinitely.
+ */
+ pResult = (struct timeval *) NULL;
+ break;
+
+ case 0:
+ /*
+ "Return immediately" (test) is specified by all zeros in
+ a timeval structure.
+ */
+ pSelTimeout->tv_sec = 0;
+ pSelTimeout->tv_usec = 0;
+ pResult = pSelTimeout;
+ break;
+
+ default:
+ /* Wait the specified number of milliseconds. */
+ pSelTimeout->tv_sec = poll_timeout / 1000; /* get seconds */
+ poll_timeout %= 1000; /* remove seconds */
+ pSelTimeout->tv_usec = poll_timeout * 1000; /* get microseconds */
+ pResult = pSelTimeout;
+ break;
+ }
+
+
+ return pResult;
+}
+
+static void map_select_results
+#if __STDC__ > 0
+ (struct pollfd *pArray,
+ unsigned long n_fds,
+ fd_set *pReadSet,
+ fd_set *pWriteSet,
+ fd_set *pExceptSet)
+#else
+ (pArray, n_fds, pReadSet, pWriteSet, pExceptSet)
+ struct pollfd *pArray;
+ unsigned long n_fds;
+ fd_set *pReadSet;
+ fd_set *pWriteSet;
+ fd_set *pExceptSet;
+#endif
+{
+ register unsigned long i; /* loop control */
+ register struct pollfd *pCur; /* current array element */
+
+ for (i = 0, pCur = pArray; i < n_fds; i++, pCur++)
+ {
+ /* Skip any bad FDs in the array. */
+
+ if (pCur->fd < 0)
+ continue;
+
+ /* Exception events take priority over input events. */
+
+ pCur->revents = 0;
+ if (FD_ISSET (pCur->fd, pExceptSet))
+ pCur->revents |= POLLPRI;
+
+ else if (FD_ISSET (pCur->fd, pReadSet))
+ pCur->revents |= POLLIN;
+
+ if (FD_ISSET (pCur->fd, pWriteSet))
+ pCur->revents |= POLLOUT;
+ }
+
+ return;
+}
+
+/*---------------------------------------------------------------------------*\
+ Public Functions
+\*---------------------------------------------------------------------------*/
+
+int poll
+
+#if __STDC__ > 0
+ (struct pollfd *pArray, unsigned long n_fds, int timeout)
+#else
+ (pArray, n_fds, timeout)
+ struct pollfd *pArray;
+ unsigned long n_fds;
+ int timeout;
+#endif
+
+{
+ fd_set read_descs; /* input file descs */
+ fd_set write_descs; /* output file descs */
+ fd_set except_descs; /* exception descs */
+ struct timeval stime; /* select() timeout value */
+ int ready_descriptors; /* function result */
+ int max_fd; /* maximum fd value */
+ struct timeval *pTimeout; /* actually passed */
+
+ FD_ZERO (&read_descs);
+ FD_ZERO (&write_descs);
+ FD_ZERO (&except_descs);
+
+ assert (pArray != (struct pollfd *) NULL);
+
+ /* Map the poll() file descriptor list in the select() data structures. */
+
+ max_fd = map_poll_spec (pArray, n_fds,
+ &read_descs, &write_descs, &except_descs);
+
+ /* Map the poll() timeout value in the select() timeout structure. */
+
+ pTimeout = map_timeout (timeout, &stime);
+
+ /* Make the select() call. */
+
+ ready_descriptors = select (max_fd + 1, &read_descs, &write_descs,
+ &except_descs, pTimeout);
+
+ if (ready_descriptors >= 0)
+ {
+ map_select_results (pArray, n_fds,
+ &read_descs, &write_descs, &except_descs);
+ }
+
+ return ready_descriptors;
+}
diff --git a/src/proxyfunc.c b/src/proxyfunc.c
new file mode 100644
index 0000000..434baff
--- /dev/null
+++ b/src/proxyfunc.c
@@ -0,0 +1,390 @@
+#include "astmanproxy.h"
+#include "md5.h"
+
+extern struct mansession *sessions;
+extern struct iohandler *iohandlers;
+extern pthread_mutex_t serverlock;
+extern pthread_mutex_t userslock;
+
+void *ProxyListIOHandlers(struct mansession *s) {
+ struct message m;
+ struct iohandler *i;
+
+ memset(&m, 0, sizeof(struct message));
+ AddHeader(&m, "ProxyResponse: Success");
+
+ i = iohandlers;
+ while (i && (m.hdrcount < MAX_HEADERS - 1) ) {
+ if (i->read)
+ AddHeader(&m, "InputHandler: %s", i->formatname);
+ if (i->write)
+ AddHeader(&m, "OutputHandler: %s", i->formatname);
+ i = i->next;
+ }
+
+ s->output->write(s, &m);
+ return 0;
+}
+
+void *ProxyListSessions(struct mansession *s) {
+ struct message m;
+ struct mansession *c;
+ char iabuf[INET_ADDRSTRLEN];
+
+ memset(&m, 0, sizeof(struct message));
+ AddHeader(&m, "ProxyResponse: Success");
+
+ c = sessions;
+ while (c && (m.hdrcount < MAX_HEADERS - 1) ) {
+ if (!c->server) {
+ AddHeader(&m, "ProxyClientSession: %s", ast_inet_ntoa(iabuf, sizeof(iabuf), c->sin.sin_addr), c->actionid);
+ AddHeader(&m, "ProxyClientInputHandler: %s", c->input->formatname);
+ AddHeader(&m, "ProxyClientOutputHandler: %s", c->output->formatname);
+ } else
+ AddHeader(&m, "ProxyServerSession: %s", ast_inet_ntoa(iabuf, sizeof(iabuf), c->sin.sin_addr));
+ c = c->next;
+ }
+ s->output->write(s, &m);
+ return 0;
+}
+
+void *ProxySetOutputFormat(struct mansession *s, struct message *m) {
+ struct message mo;
+ char *value;
+
+ value = astman_get_header(m, "OutputFormat");
+ SetIOHandlers(s, s->input->formatname, value);
+
+ memset(&mo, 0, sizeof(struct message));
+ AddHeader(&mo, "ProxyResponse: Success");
+ AddHeader(&mo, "OutputFormat: %s", s->output->formatname );
+
+ s->output->write(s, &mo);
+
+ return 0;
+}
+
+int ProxyChallenge(struct mansession *s, struct message *m) {
+ struct message mo;
+
+ if ( strcasecmp("MD5", astman_get_header(m, "AuthType")) ) {
+ SendError(s, "Must specify AuthType");
+ return 1;
+ }
+
+ if (!*s->challenge)
+ snprintf(s->challenge, sizeof(s->challenge), "%d", rand());
+
+ memset(&mo, 0, sizeof(struct message));
+ AddHeader(&mo, "Response: Success");
+ AddHeader(&mo, "Challenge: %s", s->challenge);
+
+ s->output->write(s, &mo);
+ return 0;
+}
+
+void *ProxySetAutoFilter(struct mansession *s, struct message *m) {
+ struct message mo;
+ char *value;
+ int i;
+
+ value = astman_get_header(m, "AutoFilter");
+ if ( !strcasecmp(value, "on") )
+ i = 1;
+ else
+ i = 0;
+ pthread_mutex_lock(&s->lock);
+ s->autofilter = i;
+ pthread_mutex_unlock(&s->lock);
+
+ memset(&mo, 0, sizeof(struct message));
+ AddHeader(&mo, "ProxyResponse: Success");
+ AddHeader(&mo, "AutoFilter: %d", s->autofilter);
+
+ s->output->write(s, &mo);
+
+ return 0;
+}
+
+int AuthMD5(char *key, char *challenge, char *password) {
+ int x;
+ int len=0;
+ char md5key[256] = "";
+ struct MD5Context md5;
+ unsigned char digest[16];
+
+ if (!*key || !*challenge || !*password )
+ return 1;
+
+ if (debug)
+ debugmsg("MD5 password=%s, challenge=%s", password, challenge);
+
+ MD5Init(&md5);
+ MD5Update(&md5, (unsigned char *) challenge, strlen(challenge));
+ MD5Update(&md5, (unsigned char *) password, strlen(password));
+ MD5Final(digest, &md5);
+ for (x=0;x<16;x++)
+ len += sprintf(md5key + len, "%2.2x", digest[x]);
+ if( debug ) {
+ debugmsg("MD5 computed=%s, received=%s", md5key, key);
+ }
+ if (!strcmp(md5key, key))
+ return 0;
+ else
+ return 1;
+}
+
+void *ProxyLogin(struct mansession *s, struct message *m) {
+ struct message mo;
+ struct proxy_user *pu;
+ char *user, *secret, *key;
+
+ user = astman_get_header(m, "Username");
+ secret = astman_get_header(m, "Secret");
+ key = astman_get_header(m, "Key");
+
+ memset(&mo, 0, sizeof(struct message));
+ if( debug )
+ debugmsg("Login attempt as: %s/%s", user, secret);
+
+ pthread_mutex_lock(&userslock);
+ pu = pc.userlist;
+ while( pu ) {
+ if ( !strcmp(user, pu->username) ) {
+ if (!AuthMD5(key, s->challenge, pu->secret) ||
+ !strcmp(secret, pu->secret) ) {
+ AddHeader(&mo, "Response: Success");
+ AddHeader(&mo, "Message: Authentication accepted");
+ s->output->write(s, &mo);
+ pthread_mutex_lock(&s->lock);
+ s->authenticated = 1;
+ strcpy(s->user.channel, pu->channel);
+ strcpy(s->user.icontext, pu->icontext);
+ strcpy(s->user.ocontext, pu->ocontext);
+ pthread_mutex_unlock(&s->lock);
+ if( debug )
+ debugmsg("Login as: %s", user);
+ break;
+ }
+ }
+ pu = pu->next;
+ }
+ pthread_mutex_unlock(&userslock);
+
+ if( !pu ) {
+ SendError(s, "Authentication failed");
+ pthread_mutex_lock(&s->lock);
+ s->authenticated = 0;
+ pthread_mutex_unlock(&s->lock);
+ if( debug )
+ debugmsg("Login failed as: %s/%s", user, secret);
+ }
+
+
+ return 0;
+}
+
+void *ProxyLogoff(struct mansession *s) {
+ struct message m;
+
+ memset(&m, 0, sizeof(struct message));
+ AddHeader(&m, "Goodbye: Y'all come back now, y'hear?");
+
+ s->output->write(s, &m);
+
+ destroy_session(s);
+ if (debug)
+ debugmsg("Client logged off - exiting thread");
+ pthread_exit(NULL);
+ return 0;
+}
+
+int ProxyAddServer(struct mansession *s, struct message *m) {
+ struct message mo;
+ struct ast_server *srv;
+ int res = 0;
+
+ /* malloc ourselves a server credentials structure */
+ srv = malloc(sizeof(struct ast_server));
+ if ( !srv ) {
+ fprintf(stderr, "Failed to allocate server credentials: %s\n", strerror(errno));
+ exit(1);
+ }
+
+ memset(srv, 0, sizeof(struct ast_server) );
+ memset(&mo, 0, sizeof(struct message));
+ strcpy(srv->ast_host, astman_get_header(m, "Server"));
+ strcpy(srv->ast_user, astman_get_header(m, "Username"));
+ strcpy(srv->ast_pass, astman_get_header(m, "Secret"));
+ strcpy(srv->ast_port, astman_get_header(m, "Port"));
+ strcpy(srv->ast_events, astman_get_header(m, "Events"));
+
+ if (*srv->ast_host && *srv->ast_user && *srv->ast_pass && *srv->ast_port && *srv->ast_events) {
+ pthread_mutex_lock(&serverlock);
+ srv->next = pc.serverlist;
+ pc.serverlist = srv;
+ pthread_mutex_unlock(&serverlock);
+ res = StartServer(srv);
+ } else
+ res = 1;
+
+ if (res) {
+ AddHeader(&mo, "ProxyResponse: Failure");
+ AddHeader(&mo, "Message: Could not add %s", srv->ast_host);
+ } else {
+ AddHeader(&mo, "ProxyResponse: Success");
+ AddHeader(&mo, "Message: Added %s", srv->ast_host);
+ }
+
+ s->output->write(s, &mo);
+ return 0;
+}
+
+int ProxyDropServer(struct mansession *s, struct message *m) {
+ struct message mo;
+ struct mansession *srv;
+ char *value;
+ int res;
+
+ memset(&mo, 0, sizeof(struct message));
+ value = astman_get_header(m, "Server");
+ srv = sessions;
+ while (*value && srv) {
+ if (srv->server && !strcmp(srv->server->ast_host, value))
+ break;
+ srv = srv->next;
+ }
+
+ if (srv) {
+ destroy_session(srv);
+ debugmsg("Dropping Server %s", value);
+ AddHeader(&mo, "ProxyResponse: Success");
+ AddHeader(&mo, "Message: Dropped %s", value);
+ res = 0;
+ } else {
+ debugmsg("Failed to Drop Server %s -- not found", value);
+ AddHeader(&mo, "ProxyResponse: Failure");
+ AddHeader(&mo, "Message: Cannot Drop Server %s, Does Not Exist", value);
+ res = 1;
+ }
+
+ s->output->write(s, &mo);
+ return res;
+}
+
+void *ProxyListServers(struct mansession *s) {
+ struct message m;
+ struct mansession *c;
+ char iabuf[INET_ADDRSTRLEN];
+
+ memset(&m, 0, sizeof(struct message));
+ AddHeader(&m, "ProxyResponse: Success");
+
+ c = sessions;
+ while (c) {
+ if (c->server) {
+ AddHeader(&m, "ProxyListServer I: %s H: %s U: %s P: %s E: %s ",
+ ast_inet_ntoa(iabuf, sizeof(iabuf), c->sin.sin_addr),
+ c->server->ast_host, c->server->ast_user,
+ c->server->ast_port, c->server->ast_events);
+ }
+
+ c = c->next;
+ }
+ s->output->write(s, &m);
+ return 0;
+}
+
+
+void *proxyaction_do(char *proxyaction, struct message *m, struct mansession *s)
+{
+ if (!strcasecmp(proxyaction,"SetOutputFormat"))
+ ProxySetOutputFormat(s, m);
+ else if (!strcasecmp(proxyaction,"SetAutoFilter"))
+ ProxySetAutoFilter(s, m);
+ else if (!strcasecmp(proxyaction,"ListSessions"))
+ ProxyListSessions(s);
+ else if (!strcasecmp(proxyaction,"AddServer"))
+ ProxyAddServer(s, m);
+ else if (!strcasecmp(proxyaction,"DropServer"))
+ ProxyDropServer(s, m);
+ else if (!strcasecmp(proxyaction,"ListServers"))
+ ProxyListServers(s);
+ else if (!strcasecmp(proxyaction,"ListIOHandlers"))
+ ProxyListIOHandlers(s);
+ else if (!strcasecmp(proxyaction,"Logoff"))
+ ProxyLogoff(s);
+ else
+ proxyerror_do(s, "Invalid Proxy Action");
+
+ return 0;
+}
+
+int proxyerror_do(struct mansession *s, char *err)
+{
+ struct message mo;
+
+ memset(&mo, 0, sizeof(struct message));
+ AddHeader(&mo, "ProxyResponse: Error");
+ AddHeader(&mo, "Message: %s", err);
+
+ s->output->write(s, &mo);
+
+ return 0;
+}
+
+int ValidateAction(struct message *m, struct mansession *s, int inbound) {
+ char *channel, *channel1, *channel2;
+ char *context;
+ char *uchannel;
+ char *ucontext;
+
+ if( pc.authrequired && !s->authenticated )
+ return 0;
+
+ if( inbound )
+ ucontext = s->user.icontext;
+ else
+ ucontext = s->user.ocontext;
+ uchannel = s->user.channel;
+
+ channel = astman_get_header(m, "Channel");
+ if( channel[0] != '\0' && uchannel[0] != '\0' )
+ if( strncasecmp( channel, uchannel, strlen(uchannel) ) ) {
+ if( debug )
+ debugmsg("Message filtered (chan): %s != %s", channel, uchannel);
+ return 0;
+ }
+
+ channel1 = astman_get_header(m, "Channel1");
+ channel2 = astman_get_header(m, "Channel2");
+ if( (channel1[0] != '\0' || channel2[0] != '\0') && uchannel[0] != '\0' )
+ if( !(strncasecmp( channel1, uchannel, strlen(uchannel) ) == 0 ||
+ strncasecmp( channel2, uchannel, strlen(uchannel) ) == 0) ) {
+ if( debug )
+ debugmsg("Message filtered (chan): %s/%s != %s", channel1, channel2, uchannel);
+ return 0;
+ }
+
+ context = astman_get_header(m, "Context");
+ if( context[0] != '\0' && ucontext[0] != '\0' )
+ if( strcasecmp( context, ucontext ) ) {
+ if( debug )
+ debugmsg("Message filtered (ctxt): %s != %s", context, ucontext);
+ return 0;
+ }
+
+ return 1;
+}
+
+void *SendError(struct mansession *s, char *errmsg) {
+ struct message m;
+
+ memset(&m, 0, sizeof(struct message));
+ AddHeader(&m, "Response: Error");
+ AddHeader(&m, "Message: %s", errmsg);
+
+ s->output->write(s, &m);
+
+ return 0;
+}
diff --git a/src/ssl.c b/src/ssl.c
new file mode 100644
index 0000000..9f5b341
--- /dev/null
+++ b/src/ssl.c
@@ -0,0 +1,438 @@
+/*
+ * Asterisk -- An open source telephony toolkit.
+ *
+ * Copyright (C) 2006, Tello Corporation, Inc.
+ *
+ * Remco Treffkorn(Architect) and Mahesh Karoshi(Senior Software Developer)
+ *
+ * See http://www.asterisk.org for more information about
+ * the Asterisk project. Please do not directly contact
+ * any of the maintainers of this project for assistance;
+ * the project provides a web site, mailing lists and IRC
+ * channels for your use.
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU General Public License Version 2. See the LICENSE file
+ * at the top of the source tree.
+ */
+
+/*! \file
+ *
+ * \brief SSL for The Asterisk Management Interface - AMI
+ *
+ * Channel Management and more
+ *
+ * \author Remco Treffkorn(Architect) and Mahesh Karoshi(Senior Software Developer)
+ * \ref amiconf
+ */
+
+/*! \addtogroup Group_AMI AMI functions
+*/
+/*! @{
+ Doxygen group */
+
+/*! \note We use negative file descriptors for secure channels. The file descriptor
+ -1 is reseved for errors. -2 to -... are secure file descriptors. 0 to ...
+ are regular file descriptors.
+
+ NOTE: Commonly error checks for routines returning fd's are done with (value<0).
+ You must check for (value==-1) instead, since all other negative fd's now
+ are valid fd's.
+*/
+#include <sys/types.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <errno.h>
+#include <time.h>
+#include <sys/time.h>
+#include <stdio.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+
+#include "ssl.h"
+
+SSL_CTX *sctx;
+SSL_CTX *cctx;
+static long rec_bytes;
+static long sent_bytes;
+static int ssl_initialized;
+
+
+/*! \brief this has to be called before any other function dealing with ssl.
+ Initializes all the ssl related stuff here. */
+int init_secure(char *certfile)
+{
+ SSL_METHOD *meth;
+
+ SSLeay_add_ssl_algorithms();
+ SSL_load_error_strings();
+
+ /* server init */
+ meth = SSLv23_server_method();
+ sctx = SSL_CTX_new(meth);
+
+ if (!sctx) {
+ return errexit("Failed to create a server ssl context!");
+ }
+
+ if (SSL_CTX_use_certificate_file(sctx, certfile, SSL_FILETYPE_PEM) <= 0) {
+ return errexit("Failed to use the certificate file!");
+ }
+
+ if (SSL_CTX_use_PrivateKey_file(sctx, certfile, SSL_FILETYPE_PEM) <= 0) {
+ return errexit("Failed to use the key file!\n");
+ }
+
+ if (!SSL_CTX_check_private_key(sctx)) {
+ return errexit("Private key does not match the certificate public key");
+ }
+ ssl_initialized = 1;
+ return 0;
+}
+
+
+/* Initializes all the client-side ssl related stuff here.
+*/
+int client_init_secure(void)
+{
+ SSL_METHOD *meth;
+
+ /* client init */
+ SSLeay_add_ssl_algorithms();
+ meth = SSLv23_client_method();
+ SSL_load_error_strings();
+ cctx = SSL_CTX_new (meth);
+
+ if (!cctx)
+ debugmsg("Failed to create a client ssl context!");
+ else
+ debugmsg("Client SSL Context Initialized");
+ return 0;
+}
+
+/*! \brief Takes the negative ssl fd and returns the positive fd recieved from the os.
+ * It goes through arrray of fixed maximum number of secured channels.
+*/
+int get_real_fd(int fd)
+{
+ if (fd<-1) {
+ fd = -fd - 2;
+ if (fd>=0 && fd <SEC_MAX)
+ fd = sec_channel[fd].fd;
+ else fd = -1;
+
+ }
+ return fd;
+}
+
+/*! \brief Returns the SSL pointer from the fd. This structure is filled when we accept
+ * the ssl connection and used
+ * for reading and writing through ssl.
+*/
+SSL *get_ssl(int fd)
+{
+ SSL *ssl = NULL;
+
+ fd = -fd - 2;
+
+ if (fd>=0 && fd <SEC_MAX)
+ ssl = sec_channel[fd].ssl;
+
+ return ssl;
+}
+
+/*! \brief Returns the empty ssl slot. Used to save ssl information.
+*/
+int sec_getslot(void)
+{
+ int i;
+
+ for (i=0; i<SEC_MAX; i++) {
+ if(sec_channel[i].ssl==NULL)
+ break;
+ }
+
+ if (i==SEC_MAX)
+ return -1;
+ return i;
+}
+
+/*! \brief Accepts the ssl connection. Returns the negative fd. negative fd's are
+ * chosen to differentiate between ssl and non-ssl connections. Positive
+ * fd's are used for non-ssl connections and negative fd's are used for ssl
+ * connections. So we purposefully calculate and return negative fds.
+ * You can always get positive fd by calling get_real_fd(negative fd).
+ * The positive fd's are required for system calls.
+ *
+*/
+int saccept(int s)
+{
+ int fd, err;
+ SSL* ssl;
+
+ if (!ssl_initialized)
+ return s;
+
+ if (((fd=sec_getslot())!=-1)) {
+ ssl=SSL_new(sctx);
+ SSL_set_fd(ssl, s);
+ sec_channel[fd].ssl = ssl; /* remember ssl */
+ sec_channel[fd].fd = s; /* remember the real fd */
+ do {
+ err = SSL_accept(ssl);
+ err = SSL_get_error(ssl, err);
+ } while( err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE);
+
+ SSL_set_mode(ssl, SSL_MODE_ENABLE_PARTIAL_WRITE);
+ debugmsg("ssl_addon: Connection accepted");
+
+ err=1;
+
+ fd = -(fd+2);
+
+ if (err!=1 || !ssl) {
+ /* it did not work */
+ sec_channel[fd].ssl = NULL; /* free the slot */
+ fd = -1;
+ }
+ }
+ return fd;
+}
+
+/*!
+ * \brief Writes through secured ssl connection
+*/
+int m_send(int fd, const void *data, size_t len)
+{
+ sent_bytes += len;
+
+ if (fd < -1) {
+ SSL* ssl = get_ssl(fd);
+ return SSL_write(ssl, data, len);
+ }
+ return write(fd, data, len);
+}
+
+/*!
+ * \brief Receives data from the SSL connection.
+*/
+int m_recv(int s, void *buf, size_t len, int flags)
+{
+ int ret = 0;
+
+ if (s<-1) {
+ SSL* ssl = get_ssl(s);
+ ret = SSL_read (ssl, buf, len);
+ } else
+ ret = recv(s, buf, len, flags);
+
+ if (ret > 0)
+ rec_bytes += ret;
+
+ if (debug && s<-1)
+ debugmsg("Received %d bytes from SSL socket", ret);
+ return ret;
+}
+
+
+/*! \brief
+ Needs to be called instead of close() to close a socket.
+ It also closes the SSL meta connection.
+*/
+
+int close_sock(int socket)
+{
+ int ret=0;
+ SSL* ssl = NULL;
+
+ if (socket < -1) {
+ socket = - socket - 2;
+
+ ssl = sec_channel[socket].ssl;
+ sec_channel[socket].ssl = NULL;
+ socket = sec_channel[socket].fd;
+ }
+
+ ret= close(socket);
+
+ if (ssl)
+ SSL_free (ssl);
+
+ return(ret);
+}
+
+/*! \brief This process cannot continue without fixing this error.
+*/
+int errexit(char s[])
+{
+ debugmsg("SSL critical error: %s", s);
+ return -1;
+}
+
+/*! \brief Checks whether the client is requesting an ssl encrypted connection or not. If its encrypted
+ * request we expect "Client Hello" in the beginning of the message and ssl version 2.
+ * This can be verified by checking buf[0x02], buf[0x03] and buf[0x04]. If the contents are
+ * 0x01, 0x00, 0x02, then its an ssl packet with content "Client Hello", "SSL version 2".
+ * For SSL version 3, we might need to check for 0x01, 0x00, 0x03.
+ *
+*/
+int is_encrypt_request(int sslclhellotimeout, int fd)
+{
+ fd_set listeners;
+ struct timeval tv;
+ char buf[1024];
+ int ready_fdescriptors;
+ int ret;
+
+ tv.tv_sec = 0;
+ tv.tv_usec = sslclhellotimeout * 1000;
+
+ FD_ZERO(&listeners);
+ FD_SET(fd, &listeners);
+
+ ready_fdescriptors = select (fd + 1, &listeners, NULL, NULL, &tv);
+
+ if (ready_fdescriptors < 0 ) {
+ debugmsg("is_encrypt_request: select returned error, This should not happen:");
+ return 0;
+ } else if (ready_fdescriptors == 0) {
+ return 0;
+ }
+ ret = recv(fd, buf, 100, MSG_PEEK);
+ if(ret > 0) {
+ /* check for sslv3 or tls*/
+ if ((buf[0x00] == 0x16) && (buf[0x01] == 0x03) &&
+ /* for tls buf[0x02] = 0x01 and ssl v3 buf[0x02] = 0x02 */
+ ((buf[0x02] == 0x00) || (buf[0x02] == 0x01))) {
+ if (debug)
+ debugmsg("Received a SSL request");
+ return 1;
+ /* check for sslv23_client_method */
+ } else if ((buf[0x02] == 0x01) && (buf[0x03] == 0x03) && (buf[0x04] == 0x01)) {
+ if (debug)
+ debugmsg("Received a SSL request for SSLv23_client_method()");
+ return 1;
+ }
+ /* check for sslv2 and return -1 */
+ else if ((buf[0x02] == 0x01) && (buf[0x03] == 0x00) && (buf[0x04] == 0x02)) {
+ if (debug)
+ debugmsg("Received a SSLv2 request()");
+ return -1;
+ }
+ }
+ return 0;
+}
+
+
+/* Connects to an asterisk server either plain or SSL as appropriate
+*/
+int ast_connect(struct mansession *a) {
+ int s, err=-1, fd;
+ SSL* ssl;
+
+ fd = connect_nonb(a);
+ if ( fd < 0 )
+ return -1;
+
+ if (a->server->use_ssl) {
+ debugmsg("initiating ssl connection");
+ if ((s=sec_getslot())!=-1) { /* find a slot for the ssl handle */
+ sec_channel[s].fd = fd; /* remember the real fd */
+
+ if((ssl=SSL_new(cctx))) { /* get a new ssl */
+ sec_channel[s].ssl = ssl;
+ SSL_set_fd(ssl, fd); /* and attach the real fd */
+ err = SSL_connect(ssl); /* now try and connect */
+ } else
+ debugmsg("couldn't create ssl client context");
+ fd = -(s+2); /* offset by two and negate */
+ /* this tells us it is a ssl fd */
+ } else
+ debugmsg("couldn't get SSL slot!");
+
+ if (err==-1) {
+ close_sock(fd); /* that frees the ssl too */
+ fd = -1;
+ }
+ }
+
+ debugmsg("returning ast_connect with %d", fd);
+ pthread_mutex_lock(&a->lock);
+ a->fd = fd;
+ pthread_mutex_unlock(&a->lock);
+
+ return fd;
+}
+
+int connect_nonb(struct mansession *a)
+{
+ int flags, n, error;
+ socklen_t len;
+ fd_set rset, wset;
+ struct timeval tval;
+ int nsec = 1, sockfd;
+
+ sockfd = get_real_fd(a->fd);
+
+ flags = fcntl(sockfd, F_GETFL, 0);
+ fcntl(sockfd, F_SETFL, flags | O_NONBLOCK);
+
+ error = 0;
+ if ( (n = connect(sockfd, (struct sockaddr *) &a->sin, sizeof(a->sin)) ) < 0 ) {
+ /* TODO: This seems like the nine pound hammer to me... */
+ /* perhaps something a bit more elegant; errno seems to change too */
+ if (errno == EISCONN || errno == 103 || errno==111) {
+ debugmsg("connect_nonb: error %d, closing old fd and grabbing a new one...", errno);
+ /* looks like our old socket died, let's round up a new one and try again */
+ close_sock(a->fd);
+ pthread_mutex_lock(&a->lock);
+ a->fd = socket(AF_INET, SOCK_STREAM, 0);
+ pthread_mutex_unlock(&a->lock);
+ return(-1);
+ }
+ if (errno != EINPROGRESS)
+ return(-1);
+ }
+
+ /* Do whatever we want while the connect is taking place. */
+
+ if (n == 0)
+ goto done; /* connect completed immediately */
+
+ FD_ZERO(&rset);
+ FD_SET(sockfd, &rset);
+ wset = rset;
+ tval.tv_sec = nsec;
+ tval.tv_usec = 0;
+
+ if ( (n = select(sockfd+1, &rset, &wset, NULL,
+ nsec ? &tval : NULL)) == 0) {
+ /*close(sockfd);*/ /* we want to retry */
+ errno = ETIMEDOUT;
+ return(-1);
+ }
+
+ if (FD_ISSET(sockfd, &rset) || FD_ISSET(sockfd, &wset)) {
+ len = sizeof(error);
+ if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &error, &len) < 0)
+ return(-1); /* Solaris pending error */
+ } else {
+ /*err_quit("select error: sockfd not set");*/
+ logmsg("select error: sockfd not set");
+ return(-1);
+ }
+
+done:
+ fcntl(sockfd, F_SETFL, flags); /* restore file status flags */
+
+ if (error) {
+ /* close(sockfd); */ /* disable for now, we want to retry... */
+ errno = error;
+ return(-1);
+ }
+ return(sockfd);
+}
diff --git a/src/standard.c b/src/standard.c
new file mode 100644
index 0000000..9e8f200
--- /dev/null
+++ b/src/standard.c
@@ -0,0 +1,70 @@
+/* Asterisk Manager Proxy
+ Copyright (c) 2005 David C. Troy <dave@popvox.com>
+
+ This program is free software, distributed under the terms of
+ the GNU General Public License.
+
+ Standard I/O Handler
+*/
+
+#include "astmanproxy.h"
+
+extern struct mansession *sessions;
+
+/* Return a fully formed message block to session_do for processing */
+int _read(struct mansession *s, struct message *m) {
+ int res;
+
+ for (;;) {
+ res = get_input(s, m->headers[m->hdrcount]);
+
+ /*fprintf(stderr, "-------> %s\n", m->headers[m->hdrcount]);*/
+ if (strstr(m->headers[m->hdrcount], "--END COMMAND--")) {
+ if (debug) debugmsg("Found END COMMAND");
+ m->in_command = 0;
+ }
+ if (strstr(m->headers[m->hdrcount], "Response: Follows")) {
+ if (debug) debugmsg("Found Response Follows");
+ m->in_command = 1;
+ }
+ if (res > 0) {
+ if (!m->in_command && *(m->headers[m->hdrcount]) == '\0' ) {
+ break;
+ } else if (m->hdrcount < MAX_HEADERS - 1) {
+ m->hdrcount++;
+ } else {
+ m->in_command = 0; // reset when block full
+ }
+ } else if (res < 0)
+ break;
+ }
+
+ return res;
+}
+
+int _write(struct mansession *s, struct message *m) {
+ int i;
+
+ pthread_mutex_lock(&s->lock);
+ for (i=0; i<m->hdrcount; i++) {
+ ast_carefulwrite(s->fd, m->headers[i], strlen(m->headers[i]) , s->writetimeout);
+ ast_carefulwrite(s->fd, "\r\n", 2, s->writetimeout);
+ }
+ ast_carefulwrite(s->fd, "\r\n", 2, s->writetimeout);
+ pthread_mutex_unlock(&s->lock);
+
+ return 0;
+}
+
+int _onconnect(struct mansession *s, struct message *m) {
+
+ char banner[100];
+
+ sprintf(banner, "%s/%s\r\n", PROXY_BANNER, PROXY_VERSION);
+ pthread_mutex_lock(&s->lock);
+ ast_carefulwrite(s->fd, banner, strlen(banner), s->writetimeout);
+ pthread_mutex_unlock(&s->lock);
+
+ return 0;
+}
+
diff --git a/src/xml.c b/src/xml.c
new file mode 100644
index 0000000..72dc4fb
--- /dev/null
+++ b/src/xml.c
@@ -0,0 +1,158 @@
+/* Asterisk Manager Proxy
+ Copyright (c) 2005 David C. Troy <dave@popvox.com>
+
+ This program is free software, distributed under the terms of
+ the GNU General Public License.
+
+ XML I/O Handler
+*/
+
+#include "astmanproxy.h"
+
+#define XML_UNPARSED "UnparsedText"
+#define XML_BEGIN_INPUT "<AsteriskManagerInput>"
+#define XML_END_INPUT "</AsteriskManagerInput>"
+
+#define XML_SERVERTAG "AsteriskManagerOutput"
+#define XML_PROXYTAG "AsteriskManagerProxyOutput"
+
+void xml_quote_string(char *s, char *o);
+int ParseXMLInput(char *xb, struct message *m);
+
+int _read(struct mansession *s, struct message *m) {
+
+ /* Note: No single line may be longer than MAX_LEN/s->inbuf, as per get_input */
+ /* No XML Input may be longer than BUFSIZE */
+
+ char line[MAX_LEN], xmlbuf[BUFSIZE];
+ int res;
+
+ /* first let's read the whole xml block into our buffer */
+ memset(xmlbuf, 0, sizeof xmlbuf);
+ for (;;) {
+ memset(line, 0, sizeof line);
+ res = get_input(s, line);
+
+ if (res > 0) {
+ if (*line == '\0' ) {
+ break;
+ } else if (strlen(xmlbuf) < (BUFSIZE - strlen(line)) )
+ strcat(xmlbuf, line);
+ } else if (res < 0)
+ return res;
+ }
+
+ /* now, let's transform and copy into a standard message block */
+ debugmsg("Got xml: %s", xmlbuf);
+ res = ParseXMLInput(xmlbuf, m);
+
+ if (res < 0)
+ proxyerror_do(s, "Invalid XML Input");
+
+ /* Return res>0 to process block, return res<0 to kill client, res=0, continue */
+ return res;
+}
+
+void *setdoctag(char *tag, struct mansession *s) {
+
+ /* if message came from a server, say so; otherwise it must be from proxy */
+ /* right now there is no such thing as client<->client comms */
+ if (s && s->server)
+ strcpy(tag, XML_SERVERTAG);
+ else
+ strcpy(tag, XML_PROXYTAG);
+
+ return 0;
+}
+
+int _write(struct mansession *s, struct message *m) {
+ int i;
+ char buf[BUFSIZE], outstring[MAX_LEN*3], xmlescaped[MAX_LEN*3], xmldoctag[MAX_LEN];
+ char *dpos, *lpos;
+
+ setdoctag(xmldoctag, m->session);
+ sprintf(buf, "<%s>\r\n", xmldoctag);
+
+ pthread_mutex_lock(&s->lock);
+ ast_carefulwrite(s->fd, buf, strlen(buf), s->writetimeout);
+
+ for (i=0; i<m->hdrcount; i++) {
+ memset(xmlescaped, 0, sizeof xmlescaped);
+ xml_quote_string(m->headers[i], xmlescaped);
+ lpos = xmlescaped;
+ dpos = strstr(lpos, ": ");
+ if (dpos) {
+ strcpy(outstring, " <");
+ strncat(outstring, lpos, dpos-lpos);
+ strcat(outstring, " Value=\"");
+ strncat(outstring, dpos+2, strlen(dpos)-2);
+ strcat(outstring, "\"/>\r\n");
+ } else
+ sprintf(outstring, " <%s Value=\"%s\"/>\r\n", XML_UNPARSED, lpos);
+ ast_carefulwrite(s->fd, outstring, strlen(outstring), s->writetimeout);
+ }
+ sprintf(buf, "</%s>\r\n\r\n", xmldoctag);
+ ast_carefulwrite(s->fd, buf, strlen(buf), s->writetimeout);
+ pthread_mutex_unlock(&s->lock);
+
+ return 0;
+}
+
+/* Takes a single manager header line and converts xml entities */
+void xml_quote_string(char *s, char *o) {
+
+ char *c;
+ c = s;
+
+ do {
+ if (*c == '<')
+ strcat(o, "&lt;");
+ else if (*c == '>')
+ strcat(o, "&gt;");
+ else if (*c == '&')
+ strcat(o, "&amp;");
+ else if (*c == '"')
+ strcat(o, "&quot;");
+ else if (*c == '\n')
+ strcat(o, " ");
+ else
+ strncat(o, c, 1);
+ } while (*(c++));
+
+ return;
+}
+
+int ParseXMLInput(char *xb, struct message *m) {
+ char *b, *e, *bt, *et, tag[MAX_LEN], *i;
+ int res = 0;
+
+ /* just an empty block; go home */
+ if ( !(*xb) )
+ return 0;
+
+ /* initialize message block */
+ memset(m, 0, sizeof(struct message) );
+
+ b = strstr(xb, XML_BEGIN_INPUT);
+ e = strstr(xb, XML_END_INPUT);
+ if (b && e) {
+ bt = strstr((char *)(b + strlen(XML_BEGIN_INPUT) + 1), "<");
+ while (bt < e) {
+ et = strstr(bt+1, "<");
+ memset(tag, 0, sizeof tag);
+ strncpy(tag, bt, (et-bt) );
+ bt = et;
+
+ strncpy( m->headers[m->hdrcount], tag+1, strstr(tag+1," ")-(tag+1) );
+ strcat(m->headers[m->hdrcount], ": ");
+ i = strstr(tag+1, "\"") + 1;
+ strncat( m->headers[m->hdrcount], i, strstr(i, "\"") - i );
+ debugmsg("parsed: %s", m->headers[m->hdrcount]);
+ m->hdrcount++;
+ }
+ res = 1;
+ } else
+ res = -1;
+
+ return res;
+}
generated by cgit (git 2.34.1) at 2024-04-28 02:42:36 +0000