summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorspag <spag@golwen.net>2013-01-15 12:30:29 +0100
committerspag <spag@golwen.net>2013-01-15 12:30:29 +0100
commitb713c19f0a7727a14b5ea4d72f8ddaaf01736027 (patch)
tree3c5278d17fdff5ad2d9ebd50ed87e48ba463d524
parent4ce6146b0883fd9f7557d6ccf118a4dac7adbbe9 (diff)
tweaking authentication
-rw-r--r--misc/freeswitch/scripts/dialplan/dialplan.lua70
-rw-r--r--misc/freeswitch/scripts/dialplan_default.lua29
2 files changed, 51 insertions, 48 deletions
diff --git a/misc/freeswitch/scripts/dialplan/dialplan.lua b/misc/freeswitch/scripts/dialplan/dialplan.lua
index 3073aca..88670ca 100644
--- a/misc/freeswitch/scripts/dialplan/dialplan.lua
+++ b/misc/freeswitch/scripts/dialplan/dialplan.lua
@@ -113,55 +113,34 @@ function Dialplan.hangup(self, code, phrase, cause)
end
-function Dialplan.check_auth(self)
- local authenticated = false;
-
- require 'common.str'
- if self.caller.from_node then
- self.log:info('AUTH_FIRST_STAGE - node authenticated - node_id: ', self.caller.node_id);
- authenticated = true;
- elseif not common.str.blank(self.caller.auth_account_type) then
- self.log:info('AUTH_FIRST_STAGE - sipaccount autheticated by name/password: ', self.caller.auth_account_type, '=', self.caller.account_id, '/', self.caller.account_uuid);
- authenticated = true;
- elseif self.caller.from_gateway then
- self.log:info('AUTH_FIRST_STAGE - gateway autheticated by name/password: gateway=', self.caller.gateway_id, ', name: ', self.caller.gateway_name);
- authenticated = true;
- else
- require 'common.gateway'
- local gateway = common.gateway.Gateway:new{ log = self.log, database = self.database}:authenticate('sip', self.caller);
-
- if gateway then
- self.caller.gateway_name = gateway.name;
- self.caller.gateway_id = gateway.id;
- self.caller.from_gateway = true;
- self.log:info('AUTH_FIRST_STAGE - gateway autheticated by: ', gateway.auth_source, ' ~ ', gateway.auth_pattern, ', gateway=', self.caller.gateway_id, ', name: ', self.caller.gateway_name, ', ip: ', self.caller.sip_contact_host);
- authenticated = true;
- end
- end
-
- return authenticated;
-end
-
-
-function Dialplan.check_auth_node(self)
+function Dialplan.auth_node(self)
require 'common.node'
local node = common.node.Node:new{ log = self.log, database = self.database }:find_by_address(self.caller.sip_contact_host);
- return (node ~= nil);
+ if node then
+ self.log:info('AUTH_NODE - node_id: ', self.caller.node_id, ', contact address:', self.caller.sip_contact_host);
+ return true;
+ end
end
-function Dialplan.check_auth_ip(self)
- self.log:info('AUTH - node: ', self.caller.from_node, ', auth_account: ', self.caller.auth_account_type, ', gateway: ', self.caller.from_gateway);
+function Dialplan.auth_sip_account(self)
require 'common.str'
- if self.caller.from_node then
+ if not common.str.blank(self.caller.auth_account_type) then
+ self.log:info('AUTH_SIP_ACCOUNT - ', self.caller.auth_account_type, '=', self.caller.account_id, '/', self.caller.account_uuid);
return true;
- elseif not common.str.blank(self.caller.auth_account_type) then
- return true;
- elseif self.caller.from_gateway then
- return true;
- else
- return nil;
+ end
+end
+
+
+function Dialplan.auth_gateway(self)
+ require 'common.gateway'
+ local gateway_class = common.gateway.Gateway:new{ log = self.log, database = self.database};
+ local gateway = gateway_class:authenticate('sip', self.caller);
+
+ if gateway then
+ log:info('AUTH_GATEWAY - ', gateway.auth_source, ' ~ ', gateway.auth_pattern, ', gateway=', gateway.id, ', name: ', gateway.name, ', ip: ', self.caller.sip_contact_host);
+ return gateway_class:find_by_id(gateway.id);
end
end
@@ -859,6 +838,8 @@ end
function Dialplan.run(self, destination)
+ require 'common.str';
+
self.caller:set_variable('hangup_after_bridge', false);
self.caller:set_variable('bridge_early_media', 'true');
self.caller:set_variable('default_language', self.default_language);
@@ -882,7 +863,12 @@ function Dialplan.run(self, destination)
require 'dialplan.route'
local route = nil;
- if self.caller.from_gateway then
+ if self.caller.gateway then
+ if not common.str.blank(self.caller.gateway.settings.number_source) then
+ self.log:debug('INBOUND_NUMBER: number_source: ', self.caller.gateway.settings.number_source, ', number: ', self.caller:to_s(self.caller.gateway.settings.number_source));
+ self.caller.destination_number = self.caller:to_s(self.caller.gateway.settings.number_source);
+ end
+
local route_object = dialplan.route.Route:new{ log = self.log, database = self.database, routing_table = self.routes };
route = route_object:inbound(self.caller, self.caller.destination_number);
local inbound_caller_id_number = route_object:inbound_cid_number(self.caller, self.caller.gateway_name, 'gateway');
diff --git a/misc/freeswitch/scripts/dialplan_default.lua b/misc/freeswitch/scripts/dialplan_default.lua
index 1c0a52e..42271b9 100644
--- a/misc/freeswitch/scripts/dialplan_default.lua
+++ b/misc/freeswitch/scripts/dialplan_default.lua
@@ -34,20 +34,37 @@ end
-- dialplan object
require 'dialplan.dialplan'
-start_dialplan = dialplan.dialplan.Dialplan:new{ log = log, caller = start_caller, database = database };
+local start_dialplan = dialplan.dialplan.Dialplan:new{ log = log, caller = start_caller, database = database };
start_dialplan:configuration_read();
start_caller.local_node_id = start_dialplan.node_id;
start_caller:init_channel_variables();
-- session:execute('info','notice');
-if not start_dialplan:check_auth() then
- log:debug('AUTHENTICATION_REQUIRED - host: ' , start_caller.sip_contact_host, ', domain: ', start_dialplan.domain);
- start_dialplan:hangup(407, start_dialplan.domain);
- return false;
+if start_caller.from_node and not start_dialplan:auth_node() then
+ log:debug('DIALPLAN_DEFAULT - node unauthorized - node_id: ', start_caller.node_id, ', domain: ', start_dialplan.domain);
+ start_dialplan:hangup(401, start_dialplan.domain);
+else
+ if not start_dialplan:auth_sip_account() then
+ local gateway = start_dialplan:auth_gateway()
+
+ if gateway then
+ start_caller.gateway_name = gateway.name;
+ start_caller.gateway_id = gateway.id;
+ start_caller.from_gateway = true;
+ start_caller.gateway = gateway;
+ else
+ log:debug('AUTHENTICATION_REQUIRED_SIP_ACCOUNT - contact host: ' , start_caller.sip_contact_host, ', ip: ', start_caller.sip_network_ip, ', domain: ', start_dialplan.domain);
+ start_dialplan:hangup(407, start_dialplan.domain);
+ if database then
+ database:release();
+ end
+ return;
+ end
+ end
end
-if start_caller.from_node and not start_dialplan:check_auth_node() then
+if start_caller.from_node then
log:debug('AUTHENTICATION_REQUIRED_NODE - node_id: ', start_caller.node_id, ', domain: ', start_dialplan.domain);
start_dialplan:hangup(407, start_dialplan.domain);
else