void tcp_send(struct queries *q)
{
int len;
len = send(q->fd, &q->send, q->sendlen, MSG_NOSIGNAL);
#ifdef DEBUG
printf("tcp_send no=%d fd=%d %d:%d:%d\n", q->no, q->fd, len, q->wpos, q->sendlen);
#endif
if (len < 0) {
if (errno == ENOTCONN) {
printf("tcp_send no=%d fd=%d ENOTCONN return\n", q->no, q->fd);
return;
}
register_response(q, ERROROFFSET - errno, "tcp_send");
tcp_close(q);
return;
}
if (len != q->sendlen) {
register_response(q, ERROROFFSET - errno, "tcp_send:sendto");
tcp_close(q);
return;
}
FD_CLR(q->fd, &fdset0w);
FD_SET(q->fd, &fdset0r);
}
void tcp_receive(struct queries *q)
{
int len, len2;
timediff_t tmp;
unsigned char *recvp;
/*printf("tcp_receive %s\n", q->nameserverlabel);*/
len = read(q->fd, q->recvbuf + q->rpos, len2 = RECVBUFSIZ - q->rpos);
if (len < 0) {
if (errno == EAGAIN)
return;
register_response(q, ERROROFFSET - errno, "tcp_receive:read");
tcp_close(q);
return;
}
if (len == 0) {
register_response(q, ERRZEROREAD, "tcp_receive:read");
tcp_close(q);
return;
}
q->rpos += len;
if (q->rpos < 2)
return;
//len2 = ntohs(*(unsigned short *)(q->recvbuf));
len2 = ntohs((unsigned short)*q->recvbuf);
if (q->rpos >= len2 + 2) {
/* finished */
recvp = q->recvbuf + 2;
if (memcmp(recvp, q->send.u.dnsdata, 2) == 0) {
if ((recvp[2] & 1) == 0 /* RA bit */
|| (recvp[3] & 15) != 0 /* RCODE must be 0 */
) {
/*
fprintf(stderr, "WRONG AA=%d RCODE=%d\n",
((recvp[2]>>2) & 1), recvp[3]&15);
*/
}
tmp = timediff(¤t, &q->sent);
register_response(q, tmp, "tcp_receive");
tcp_close(q);
return;
} else {
printf("no=%d fd=%d unknown recv %d bytes, len=%d\n", q->no, q->fd, q->rpos, ntohs((unsigned short)*q->recvbuf));
hexdump("", q->recvbuf, len);
/*
fprintf(stderr, "unknown recv from %s, %d bytes %02x %02x\n", q->nameserverlabel, q->rpos, recvp[0], recvp[1]);
*/
tcp_close(q);
}
}
}
int UpdateQuery()
{
int i;
timediff_t t, min = Timeout;
struct queries *q;
int free = 0;
if (!finished && TimeLimit > 0) {
if ((t = timediff(¤t, &start)) > TimeLimit * 1000000LL) {
finished = 1;
send_finished = current;
}
}
for(i = 0; i < nQueries; i++) {
q = &Queries[i];
if (q->sent_flag) {
if ((t = timediff(¤t, &q->sent)) > Timeout) {
/* timeouted */
register_response(q, TIMEOUTERROR, "UpdateQuery");
tcp_close(q);
} else
if (t < min)
min = t;
}
if (!q->sent_flag) {
if (!finished)
send_query(q);
else
free++;
}
}
if (free == nQueries)
min = -1; /* finished */
return min;
}
void send_query(struct queries *q)
{
u_char *p, *lim;
char *qname;
int qclass;
int qtype;
int tmp;
struct typecodes *t = typecodes;
u_char buff[512];
static char sep[] = "\n\t ";
static int lineno = 0;
/*
SEND E[send_packet_pos]
*/
if (q->sent_flag) {
register_response(q, TIMEOUTERROR, "send_query");
tcp_close(q);
}
if (fp == NULL) {
qname = "version.bind";
qclass = ns_c_chaos;
qtype = ns_t_txt;
} else {
do {
if (fgets((char*)buff, sizeof(char)*512, fp) == NULL) {
if (datafileloop == 1) {
finished = 1;
fclose(fp);
fp = NULL;
return;
}
if (datafileloop > 0)
datafileloop--;
rewind(fp);
lineno = 0;
if (fgets((char*)buff, sizeof(char)*512, fp) == NULL)
err(1, "cannot rewind input file");
}
lineno++;
} while(buff[0] == '#');
qname = strtok((char*)buff, sep);
p = (u_char*) strtok(NULL, sep);
if (p != NULL) {
while(t->name != NULL) {
if (!strcasecmp(t->name, (char*)p))
break;
t++;
}
qtype = t->code;
} else {
qtype = ns_t_a;
}
if (qname == NULL || qtype < 0)
err(1, "datafile format error at line %d, qname=%s qtype=%d", lineno, qname, qtype);
qclass = ns_c_in;
}
q->send.u.h.id = counter++;
q->send.u.h.flag1 = recursion ? 1 : 0; /* Query,OP=0,AA=0,TC=0,RD=0/1 */
q->send.u.h.flag2 = 0;
q->send.u.h.qdcount = htons(1);
q->send.u.h.ancount = 0;
q->send.u.h.nscount = 0;
q->send.u.h.arcount = 0;
p = q->send.u.dnsdata + sizeof(q->send.u.h);
lim = p + sizeof(q->send.u.dnsdata);
if ((tmp = stringtodname((u_char*) qname, p, lim)) < 0)
send_query_error(qname);
p += tmp;
*(unsigned short *)p = htons(qtype);
p += sizeof(unsigned short);
*(unsigned short *)p = htons(qclass);
p += sizeof(unsigned short);
q->sendlen = p - q->send.u.dnsdata;
if (EDNS0) {
#define EDNS0size 11
if (q->sendlen + EDNS0size >= sizeof(q->send.u.dnsdata))
send_query_error("ENDS0");
*p++ = 0; /* . */
*(unsigned short *)p = htons(ns_t_opt);
p += 2;
*(unsigned short *)p = htons(4096);
p += 2;
*p++ = 0;
*p++ = 0;
*p++ = (DNSSEC == 0) ? 0 : 0x80; /* eflag: DO bit */
*p++ = 0;
*p++ = 0;
*p++ = 0;
q->sendlen += EDNS0size;
p = (u_char*) &q->send.u.dnsdata;
// q->send.u.h.ancount = htons(1);
q->send.u.h.arcount = htons(1); //this is the typo Fujiwara fixed on 2012/10/16 ??
}
q->send.len = htons(q->sendlen);
q->sendlen += sizeof(q->send.len);
q->wpos = 0;
q->rpos = 0;
q->sent = current;
if (verbose > 0) {
//int id = ntohs(*(unsigned short *)&q->send.u.dnsdata);
int id = ntohs((unsigned short)*q->send.u.dnsdata);
printf("sending query(%s,%d,%d) id=%d %d bytes to %s\n", qname, qclass, qtype, id, q->sendlen, ServerName);
hexdump("sending packet header:", (unsigned char*) &q->send.u.h, 12);
}
if (q->fd > 0)
err(1, "q->fd > 0 but ignored\n");
q->fd = socket(remote.ss_family, SOCK_STREAM, 0);
tmp = fcntl(q->fd, F_GETFL, 0);
fcntl(q->fd, F_SETFL, O_NONBLOCK | tmp);
int conn_ret = connect(q->fd, (struct sockaddr *)&remote, remote_len);
if(conn_ret < 0 && errno != EINPROGRESS) {
register_response(q, ERROROFFSET - errno, "send_query:socket+fcntl+connect");
tcp_close(q);
return;
}
#ifdef DEBUG
printf("send_query no=%d fd=%d socket|connect\n", q->no, q->fd);
#endif
q->tcpstate = TCP_WRITABLE;
FD_SET(q->fd, &fdset0w);
FD_CLR(q->fd, &fdset0r);
if (nfds <= q->fd) {
nfds = q->fd + 1;
}
q->sent = current;
q->sent_flag = 1;
}
/*
* handles register requests and updates the URL mapping table
*
* RETURNS:
* STS_SUCCESS : successfully registered
* STS_FAILURE : registration failed
* STS_NEED_AUTH : authentication needed
*/
int register_client(sip_ticket_t *ticket, int force_lcl_masq) {
int i, j, n, sts;
int expires;
time_t time_now;
osip_contact_t *contact;
osip_uri_t *url1_to, *url1_contact=NULL;
osip_uri_t *url2_to;
osip_header_t *expires_hdr;
osip_uri_param_t *expires_param=NULL;
/*
* Authorization - do only if I'm not just acting as outbound proxy
* but am ment to be the registrar
*/
if (force_lcl_masq == 0) {
/*
* RFC 3261, Section 16.3 step 6
* Proxy Behavior - Request Validation - Proxy-Authorization
*/
sts = authenticate_proxy(ticket->sipmsg);
if (sts == STS_FAILURE) {
/* failed */
WARN("proxy authentication failed for %s@%s",
(ticket->sipmsg->to->url->username)?
ticket->sipmsg->to->url->username : "******",
ticket->sipmsg->to->url->host);
return STS_FAILURE;
} else if (sts == STS_NEED_AUTH) {
/* needed */
DEBUGC(DBCLASS_REG,"proxy authentication needed for %s@%s",
ticket->sipmsg->to->url->username,
ticket->sipmsg->to->url->host);
return STS_NEED_AUTH;
}
}
/*
fetch 1st Via entry and remember this address. Incoming requests
for the registered address have to be passed on to that host.
To: -> address to be registered
Contact: -> host is reachable there
Note: in case of un-REGISTER, the contact header may
contain '*' only - which means "all registrations
made by this UA"
=> Mapping is
To: <1--n> Contact
*/
time(&time_now);
DEBUGC(DBCLASS_BABBLE,"sip_register:");
/*
* First make sure, we have a proper Contact header:
* - url
* - url -> hostname
*
* Libosip parses an:
* "Contact: *"
* the following way (Note: Display name!! and URL is NULL)
* (gdb) p *((osip_contact_t*)(sip->contacts.node->element))
* $5 = {displayname = 0x8af8848 "*", url = 0x0, gen_params = 0x8af8838}
*/
osip_message_get_contact(ticket->sipmsg, 0, &contact);
if ((contact == NULL) ||
(contact->url == NULL) ||
(contact->url->host == NULL)) {
/* Don't have required Contact fields.
This may be a Registration query or unregistering all registered
records for this UA. We should simply forward this request to its
destination. However, if this is an unregistration from a client
that is not registered (Grandstream "unregister at startup" option)
-> How do I handle this one?
Right now we do a direction lookup and if this fails we generate
an OK message by ourself (fake) */
DEBUGC(DBCLASS_REG, "empty Contact header - "
"seems to be a registration query");
sts = sip_find_direction(ticket, NULL);
if (sts != STS_SUCCESS) {
/* answer the request myself. Most likely this is an UNREGISTER
* request when the client just booted */
sts = register_response(ticket, STS_SUCCESS);
return STS_SIP_SENT;
}
return STS_SUCCESS;
}
url1_contact=contact->url;
/* evaluate Expires Header field */
osip_message_get_expires(ticket->sipmsg, 0, &expires_hdr);
/*
* look for an Contact expires parameter - in case of REGISTER
* these two are equal. The Contact expires has higher priority!
*/
if (ticket->sipmsg->contacts.node &&
ticket->sipmsg->contacts.node->element) {
osip_contact_param_get_byname(
(osip_contact_t*) ticket->sipmsg->contacts.node->element,
EXPIRES, &expires_param);
}
if (expires_param && expires_param->gvalue) {
/* get expires from contact Header */
expires=atoi(expires_param->gvalue);
if ((expires < 0) || (expires >= UINT_MAX ))
expires=configuration.default_expires;
} else if (expires_hdr && expires_hdr->hvalue) {
/* get expires from expires Header */
expires=atoi(expires_hdr->hvalue);
if ((expires < 0) || (expires >= UINT_MAX ))
expires=configuration.default_expires;
} else {
char tmp[16];
/* it seems, the expires field is not present everywhere... */
DEBUGC(DBCLASS_REG,"no 'expires' header found - set time to %i sec",
configuration.default_expires);
expires=configuration.default_expires;
sprintf(tmp,"%i",expires);
osip_message_set_expires(ticket->sipmsg, tmp);
}
url1_to=ticket->sipmsg->to->url;
/*
* REGISTER
*/
if (expires > 0) {
DEBUGC(DBCLASS_REG,"register: %s@%s expires=%i seconds",
(url1_contact->username) ? url1_contact->username : "******",
(url1_contact->host) ? url1_contact->host : "*NULL*",
expires);
/*
* Update registration. There are two possibilities:
* - already registered, then update the existing record
* - not registered, then create a new record
*/
j=-1;
for (i=0; i<URLMAP_SIZE; i++) {
if (urlmap[i].active == 0) {
if (j < 0) j=i; /* remember first hole */
continue;
}
url2_to=urlmap[i].reg_url;
/* check address-of-record ("public address" of user) */
if (compare_url(url1_to, url2_to)==STS_SUCCESS) {
DEBUGC(DBCLASS_REG, "found entry for %s@%s <-> %s@%s at "
"slot=%i, exp=%li",
(url1_contact->username) ? url1_contact->username : "******",
(url1_contact->host) ? url1_contact->host : "*NULL*",
(url2_to->username) ? url2_to->username : "******",
(url2_to->host) ? url2_to->host : "*NULL*",
i, (long)urlmap[i].expires-time_now);
break;
}
}
if ( (j < 0) && (i >= URLMAP_SIZE) ) {
/* oops, no free entries left... */
ERROR("URLMAP is full - registration failed");
return STS_FAILURE;
}
if (i >= URLMAP_SIZE) {
/* entry not existing, create new one */
i=j;
/* write entry */
urlmap[i].active=1;
/* Contact: field */
osip_uri_clone( ((osip_contact_t*)
(ticket->sipmsg->contacts.node->element))->url,
&urlmap[i].true_url);
/* To: field */
osip_uri_clone( ticket->sipmsg->to->url,
&urlmap[i].reg_url);
DEBUGC(DBCLASS_REG,"create new entry for %s@%s <-> %s@%s at slot=%i",
(url1_contact->username) ? url1_contact->username : "******",
(url1_contact->host) ? url1_contact->host : "*NULL*",
(urlmap[i].reg_url->username) ? urlmap[i].reg_url->username : "******",
(urlmap[i].reg_url->host) ? urlmap[i].reg_url->host : "*NULL*",
i);
/*
* try to figure out if we ought to do some masquerading
*/
osip_uri_clone( ticket->sipmsg->to->url,
&urlmap[i].masq_url);
n=configuration.mask_host.used;
if (n != configuration.masked_host.used) {
ERROR("# of mask_host is not equal to # of masked_host in config!");
n=0;
}
DEBUG("%i entries in MASK config table", n);
for (j=0; j<n; j++) {
DEBUG("compare [%s] <-> [%s]",configuration.mask_host.string[j],
ticket->sipmsg->to->url->host);
if (strcmp(configuration.mask_host.string[j],
ticket->sipmsg->to->url->host)==0)
break;
}
if (j<n) {
/* we are masquerading this UA, replace the host part of the url */
DEBUGC(DBCLASS_REG,"masquerading UA %s@%s as %s@%s",
(url1_contact->username) ? url1_contact->username : "******",
(url1_contact->host) ? url1_contact->host : "*NULL*",
(url1_contact->username) ? url1_contact->username : "******",
configuration.masked_host.string[j]);
urlmap[i].masq_url->host=realloc(urlmap[i].masq_url->host,
strlen(configuration.masked_host.string[j])+1);
strcpy(urlmap[i].masq_url->host, configuration.masked_host.string[j]);
}
} else { /* if new entry */
/* This is an existing entry */
/*
* Some phones (like BudgeTones *may* dynamically grab a SIP port
* so we might want to update the true_url and reg_url each time
* we get an REGISTER
*/
/* Contact: field (true_url) */
osip_uri_free(urlmap[i].true_url);
osip_uri_clone( ((osip_contact_t*)
(ticket->sipmsg->contacts.node->element))->url,
&urlmap[i].true_url);
/* To: field (reg_url) */
osip_uri_free(urlmap[i].reg_url);
osip_uri_clone( ticket->sipmsg->to->url,
&urlmap[i].reg_url);
}
/*
* for proxying: force device to be masqueraded
* as with the outbound IP (masq_url)
*/
if (force_lcl_masq) {
struct in_addr addr;
char *addrstr;
if (get_interface_ip(IF_OUTBOUND, &addr) != STS_SUCCESS) {
return STS_FAILURE;
}
/* host part */
addrstr = utils_inet_ntoa(addr);
DEBUGC(DBCLASS_REG,"masquerading UA %s@%s local %s@%s",
(url1_contact->username) ? url1_contact->username : "******",
(url1_contact->host) ? url1_contact->host : "*NULL*",
(url1_contact->username) ? url1_contact->username : "******",
addrstr);
urlmap[i].masq_url->host=realloc(urlmap[i].masq_url->host,
strlen(addrstr)+1);
strcpy(urlmap[i].masq_url->host, addrstr);
/* port number if required */
if (configuration.sip_listen_port != SIP_PORT) {
urlmap[i].masq_url->port=realloc(urlmap[i].masq_url->port, 16);
sprintf(urlmap[i].masq_url->port, "%i",
configuration.sip_listen_port);
}
}
/* give some safety margin for the next update */
if (expires > 0) expires+=30;
/* update registration timeout */
urlmap[i].expires=time_now+expires;
/*
* un-REGISTER
*/
} else { /* expires > 0 */
/*
* Remove registration
* Siproxd will ALWAYS remove ALL bindings for a given
* address-of-record
*/
for (i=0; i<URLMAP_SIZE; i++) {
if (urlmap[i].active == 0) continue;
url2_to=urlmap[i].reg_url;
if (compare_url(url1_to, url2_to)==STS_SUCCESS) {
DEBUGC(DBCLASS_REG, "removing registration for %s@%s at slot=%i",
(url2_to->username) ? url2_to->username : "******",
(url2_to->host) ? url2_to->host : "*NULL*", i);
urlmap[i].expires=0;
break;
}
}
}
return STS_SUCCESS;
}
int main (int argc, char *argv[])
{
int sts;
int i;
int buflen;
int access;
char buff [BUFFER_SIZE];
sip_ticket_t ticket;
extern char *optarg; /* Defined in libc getopt and unistd.h */
int ch1;
char configfile[64]="siproxd"; /* basename of configfile */
int config_search=1; /* search the config file */
int cmdline_debuglevel=0;
char *pidfilename=NULL;
struct sigaction act;
log_set_stderr(1);
/*
* setup signal handlers
*/
act.sa_handler=sighandler;
sigemptyset(&act.sa_mask);
act.sa_flags=SA_RESTART;
if (sigaction(SIGTERM, &act, NULL)) {
ERROR("Failed to install SIGTERM handler");
}
if (sigaction(SIGINT, &act, NULL)) {
ERROR("Failed to install SIGINT handler");
}
if (sigaction(SIGUSR2, &act, NULL)) {
ERROR("Failed to install SIGUSR2 handler");
}
/*
* prepare default configuration
*/
make_default_config();
log_set_pattern(configuration.debuglevel);
/*
* parse command line
*/
{
#ifdef HAVE_GETOPT_LONG
int option_index = 0;
static struct option long_options[] = {
{"help", no_argument, NULL, 'h'},
{"config", required_argument, NULL, 'c'},
{"debug", required_argument, NULL, 'd'},
{"pid-file", required_argument, NULL,'p'},
{0,0,0,0}
};
while ((ch1 = getopt_long(argc, argv, "hc:d:p:",
long_options, &option_index)) != -1) {
#else /* ! HAVE_GETOPT_LONG */
while ((ch1 = getopt(argc, argv, "hc:d:p:")) != -1) {
#endif
switch (ch1) {
case 'h': /* help */
DEBUGC(DBCLASS_CONFIG,"option: help");
fprintf(stderr,str_helpmsg);
exit(0);
break;
case 'c': /* load config file */
DEBUGC(DBCLASS_CONFIG,"option: config file=%s",optarg);
i=sizeof(configfile)-1;
strncpy(configfile,optarg,i-1);
configfile[i]='\0';
config_search=0;
break;
case 'd': /* set debug level */
DEBUGC(DBCLASS_CONFIG,"option: set debug level: %s",optarg);
cmdline_debuglevel=atoi(optarg);
log_set_pattern(cmdline_debuglevel);
break;
case 'p':
pidfilename = optarg;
break;
default:
DEBUGC(DBCLASS_CONFIG,"no command line options");
break;
}
}
}
/*
* Init stuff
*/
INFO(PACKAGE"-"VERSION"-"BUILDSTR" "UNAME" starting up");
/* read the config file */
if (read_config(configfile, config_search) == STS_FAILURE) exit(1);
/* if a debug level > 0 has been given on the commandline use its
value and not what is in the config file */
if (cmdline_debuglevel != 0) {
configuration.debuglevel=cmdline_debuglevel;
}
/*
* open a the pwfile instance, so we still have access after
* we possibly have chroot()ed to somewhere.
*/
if (configuration.proxy_auth_pwfile) {
siproxd_passwordfile = fopen(configuration.proxy_auth_pwfile, "r");
} else {
siproxd_passwordfile = NULL;
}
/* set debug level as desired */
log_set_pattern(configuration.debuglevel);
log_set_listen_port(configuration.debugport);
/* change user and group IDs */
secure_enviroment();
/* daemonize if requested to */
if (configuration.daemonize) {
DEBUGC(DBCLASS_CONFIG,"daemonizing");
if (fork()!=0) exit(0);
setsid();
if (fork()!=0) exit(0);
log_set_stderr(0);
INFO("daemonized, pid=%i", getpid());
}
/* write PID file of main thread */
if (pidfilename == NULL) pidfilename = configuration.pid_file;
if (pidfilename) {
FILE *pidfile;
DEBUGC(DBCLASS_CONFIG,"creating PID file [%s]", pidfilename);
sts=unlink(configuration.pid_file);
if ((sts==0) ||(errno == ENOENT)) {
if ((pidfile=fopen(pidfilename, "w"))) {
fprintf(pidfile,"%i\n",(int)getpid());
fclose(pidfile);
} else {
WARN("couldn't create new PID file: %s", strerror(errno));
}
} else {
WARN("couldn't delete old PID file: %s", strerror(errno));
}
}
/* initialize the RTP proxy */
sts=rtpproxy_init();
if (sts != STS_SUCCESS) {
ERROR("unable to initialize RTP proxy - aborting");
exit(1);
}
/* init the oSIP parser */
parser_init();
/* listen for incoming messages */
sts=sipsock_listen();
if (sts == STS_FAILURE) {
/* failure to allocate SIP socket... */
ERROR("unable to bind to SIP listening socket - aborting");
exit(1);
}
/* initialize the registration facility */
register_init();
/*
* silence the log - if so required...
*/
log_set_silence(configuration.silence_log);
INFO(PACKAGE"-"VERSION"-"BUILDSTR" "UNAME" started");
/*****************************
* Main loop
*****************************/
while (!exit_program) {
DEBUGC(DBCLASS_BABBLE,"going into sipsock_wait\n");
while (sipsock_wait()<=0) {
/* got no input, here by timeout. do aging */
register_agemap();
/* TCP log: check for a connection */
log_tcp_connect();
/* dump memory stats if requested to do so */
if (dmalloc_dump) {
dmalloc_dump=0;
#ifdef DMALLOC
INFO("SIGUSR2 - DMALLOC statistics is dumped");
dmalloc_log_stats();
dmalloc_log_unfreed();
#else
INFO("SIGUSR2 - DMALLOC support is not compiled in");
#endif
}
if (exit_program) goto exit_prg;
}
/*
* got input, process
*/
DEBUGC(DBCLASS_BABBLE,"back from sipsock_wait");
ticket.direction=0;
buflen=sipsock_read(&buff, sizeof(buff)-1, &ticket.from,
&ticket.protocol);
buff[buflen]='\0';
/*
* evaluate the access lists (IP based filter)
*/
access=accesslist_check(ticket.from);
if (access == 0) {
DEBUGC(DBCLASS_ACCESS,"access for this packet was denied");
continue; /* there are no resources to free */
}
/*
* integrity checks
*/
sts=security_check_raw(buff, buflen);
if (sts != STS_SUCCESS) {
DEBUGC(DBCLASS_SIP,"security check (raw) failed");
continue; /* there are no resources to free */
}
/*
* init sip_msg
*/
sts=osip_message_init(&ticket.sipmsg);
ticket.sipmsg->message=NULL;
if (sts != 0) {
ERROR("osip_message_init() failed... this is not good");
continue; /* skip, there are no resources to free */
}
/*
* RFC 3261, Section 16.3 step 1
* Proxy Behavior - Request Validation - Reasonable Syntax
* (parse the received message)
*/
sts=sip_message_parse(ticket.sipmsg, buff, buflen);
if (sts != 0) {
ERROR("sip_message_parse() failed... this is not good");
DUMP_BUFFER(-1, buff, buflen);
goto end_loop; /* skip and free resources */
}
/*
* integrity checks - parsed buffer
*/
sts=security_check_sip(&ticket);
if (sts != STS_SUCCESS) {
ERROR("security_check_sip() failed... this is not good");
DUMP_BUFFER(-1, buff, buflen);
goto end_loop; /* skip and free resources */
}
/*
* RFC 3261, Section 16.3 step 2
* Proxy Behavior - Request Validation - URI scheme
* (check request URI and refuse with 416 if not understood)
*/
/* NOT IMPLEMENTED */
/*
* RFC 3261, Section 16.3 step 3
* Proxy Behavior - Request Validation - Max-Forwards check
* (check Max-Forwards header and refuse with 483 if too many hops)
*/
{
osip_header_t *max_forwards;
int forwards_count = DEFAULT_MAXFWD;
osip_message_get_max_forwards(ticket.sipmsg, 0, &max_forwards);
if (max_forwards && max_forwards->hvalue) {
forwards_count = atoi(max_forwards->hvalue);
}
DEBUGC(DBCLASS_PROXY,"checking Max-Forwards (=%i)",forwards_count);
if (forwards_count <= 0) {
DEBUGC(DBCLASS_SIP, "Forward count reached 0 -> 483 response");
sip_gen_response(&ticket, 483 /*Too many hops*/);
goto end_loop; /* skip and free resources */
}
}
/*
* RFC 3261, Section 16.3 step 4
* Proxy Behavior - Request Validation - Loop Detection check
* (check for loop and return 482 if a loop is detected)
*/
if (check_vialoop(&ticket) == STS_TRUE) {
/* make sure we don't end up in endless loop when detecting
* an loop in an "loop detected" message - brrr */
if (MSG_IS_RESPONSE(ticket.sipmsg) &&
MSG_TEST_CODE(ticket.sipmsg, 482)) {
DEBUGC(DBCLASS_SIP,"loop in loop-response detected, ignoring");
} else {
DEBUGC(DBCLASS_SIP,"via loop detected, ignoring request");
sip_gen_response(&ticket, 482 /*Loop detected*/);
}
goto end_loop; /* skip and free resources */
}
/*
* RFC 3261, Section 16.3 step 5
* Proxy Behavior - Request Validation - Proxy-Require check
* (check Proxy-Require header and return 420 if unsupported option)
*/
/* NOT IMPLEMENTED */
/*
* RFC 3261, Section 16.5
* Proxy Behavior - Determining Request Targets
*/
/* NOT IMPLEMENTED */
DEBUGC(DBCLASS_SIP,"received SIP type %s:%s",
(MSG_IS_REQUEST(ticket.sipmsg))? "REQ" : "RES",
(MSG_IS_REQUEST(ticket.sipmsg) ?
((ticket.sipmsg->sip_method)?
ticket.sipmsg->sip_method : "NULL") :
((ticket.sipmsg->reason_phrase) ?
ticket.sipmsg->reason_phrase : "NULL")));
/*********************************
* The message did pass all the
* tests above and is now ready
* to be proxied.
* Before we do so, we apply some
* additional preprocessing
*********************************/
/* Dial shortcuts */
if (configuration.pi_shortdial) {
sts = plugin_shortdial(&ticket);
if (sts == STS_SIP_SENT) goto end_loop;
}
/*********************************
* finally proxy the message.
* This includes the masquerading
* of the local UA and starting/
* stopping the RTP proxy for this
* call
*********************************/
/*
* if a REQ REGISTER, check if it is directed to myself,
* or am I just the outbound proxy but no registrar.
* - If I'm the registrar, register & generate answer
* - If I'm just the outbound proxy, register, rewrite & forward
*/
if (MSG_IS_REGISTER(ticket.sipmsg) &&
MSG_IS_REQUEST(ticket.sipmsg)) {
if (access & ACCESSCTL_REG) {
osip_uri_t *url;
struct in_addr addr1, addr2, addr3;
int dest_port;
url = osip_message_get_uri(ticket.sipmsg);
dest_port= (url->port)?atoi(url->port):SIP_PORT;
if ( (get_ip_by_host(url->host, &addr1) == STS_SUCCESS) &&
(get_interface_ip(IF_INBOUND,&addr2) == STS_SUCCESS) &&
(get_interface_ip(IF_OUTBOUND,&addr3) == STS_SUCCESS)) {
if ((configuration.sip_listen_port == dest_port) &&
((memcmp(&addr1, &addr2, sizeof(addr1)) == 0) ||
(memcmp(&addr1, &addr3, sizeof(addr1)) == 0))) {
/* I'm the registrar, send response myself */
sts = register_client(&ticket, 0);
sts = register_response(&ticket, sts);
} else {
/* I'm just the outbound proxy */
DEBUGC(DBCLASS_SIP,"proxying REGISTER request to:%s",
url->host);
sts = register_client(&ticket, 1);
if (sts == STS_SUCCESS) {
sts = proxy_request(&ticket);
}
}
} else {
sip_gen_response(&ticket, 408 /*request timeout*/);
}
} else {
WARN("non-authorized registration attempt from %s",
utils_inet_ntoa(ticket.from.sin_addr));
}
/*
* check if outbound interface is UP.
* If not, send back error to UA and
* skip any proxying attempt
*/
} else if (get_interface_ip(IF_OUTBOUND,NULL) !=
STS_SUCCESS) {
DEBUGC(DBCLASS_SIP, "got a %s to proxy, but outbound interface "
"is down", (MSG_IS_REQUEST(ticket.sipmsg))? "REQ" : "RES");
if (MSG_IS_REQUEST(ticket.sipmsg))
sip_gen_response(&ticket, 408 /*request timeout*/);
/*
* MSG is a request, add current via entry,
* do a lookup in the URLMAP table and
* send to the final destination
*/
} else if (MSG_IS_REQUEST(ticket.sipmsg)) {
if (access & ACCESSCTL_SIP) {
sts = proxy_request(&ticket);
} else {
INFO("non-authorized request received from %s",
utils_inet_ntoa(ticket.from.sin_addr));
}
/*
* MSG is a response, remove current via and
* send to the next VIA in chain
*/
} else if (MSG_IS_RESPONSE(ticket.sipmsg)) {
if (access & ACCESSCTL_SIP) {
sts = proxy_response(&ticket);
} else {
INFO("non-authorized response received from %s",
utils_inet_ntoa(ticket.from.sin_addr));
}
/*
* unsupported message
*/
} else {
ERROR("received unsupported SIP type %s %s",
(MSG_IS_REQUEST(ticket.sipmsg))? "REQ" : "RES",
ticket.sipmsg->sip_method);
}
/*********************************
* Done with proxying. Message
* has been sent to its destination.
*********************************/
/*
* free the SIP message buffers
*/
end_loop:
osip_message_free(ticket.sipmsg);
} /* while TRUE */
exit_prg:
/* save current known SIP registrations */
register_save();
INFO("properly terminating siproxd");
/* remove PID file */
if (pidfilename) {
DEBUGC(DBCLASS_CONFIG,"deleting PID file [%s]", pidfilename);
sts=unlink(pidfilename);
if (sts != 0) {
WARN("couldn't delete old PID file: %s", strerror(errno));
}
}
/* END */
return 0;
} /* main */
/*
* Signal handler
*
* this one is called asynchronously whevener a registered
* signal is applied. Just set a flag and don't do any funny
* things here.
*/
static void sighandler(int sig) {
if (sig==SIGTERM) exit_program=1;
if (sig==SIGINT) exit_program=1;
if (sig==SIGUSR2) dmalloc_dump=1;
return;
}
