From b713c19f0a7727a14b5ea4d72f8ddaaf01736027 Mon Sep 17 00:00:00 2001
From: spag <spag@golwen.net>
Date: Tue, 15 Jan 2013 12:30:29 +0100
Subject: tweaking authentication

---
 misc/freeswitch/scripts/dialplan/dialplan.lua | 70 +++++++++++----------------
 misc/freeswitch/scripts/dialplan_default.lua  | 29 ++++++++---
 2 files changed, 51 insertions(+), 48 deletions(-)

(limited to 'misc/freeswitch')

diff --git a/misc/freeswitch/scripts/dialplan/dialplan.lua b/misc/freeswitch/scripts/dialplan/dialplan.lua
index 3073aca..88670ca 100644
--- a/misc/freeswitch/scripts/dialplan/dialplan.lua
+++ b/misc/freeswitch/scripts/dialplan/dialplan.lua
@@ -113,55 +113,34 @@ function Dialplan.hangup(self, code, phrase, cause)
 end
 
 
-function Dialplan.check_auth(self)
-  local authenticated = false;
-
-  require 'common.str'
-  if self.caller.from_node then
-    self.log:info('AUTH_FIRST_STAGE - node authenticated - node_id: ', self.caller.node_id);
-    authenticated = true;
-  elseif not common.str.blank(self.caller.auth_account_type) then
-    self.log:info('AUTH_FIRST_STAGE - sipaccount autheticated by name/password: ', self.caller.auth_account_type, '=', self.caller.account_id, '/', self.caller.account_uuid);
-    authenticated = true;
-  elseif self.caller.from_gateway then
-    self.log:info('AUTH_FIRST_STAGE - gateway autheticated by name/password: gateway=', self.caller.gateway_id, ', name: ', self.caller.gateway_name);
-    authenticated = true;
-  else
-    require 'common.gateway'
-    local gateway = common.gateway.Gateway:new{ log = self.log, database = self.database}:authenticate('sip', self.caller);
-  
-    if gateway then
-      self.caller.gateway_name = gateway.name;
-      self.caller.gateway_id = gateway.id;
-      self.caller.from_gateway = true;
-      self.log:info('AUTH_FIRST_STAGE - gateway autheticated by: ', gateway.auth_source, ' ~ ', gateway.auth_pattern, ', gateway=', self.caller.gateway_id, ', name: ', self.caller.gateway_name, ', ip: ', self.caller.sip_contact_host);
-      authenticated = true;
-    end
-  end
-
-  return authenticated;
-end
-
-
-function Dialplan.check_auth_node(self)
+function Dialplan.auth_node(self)
   require 'common.node'
   local node = common.node.Node:new{ log = self.log, database = self.database }:find_by_address(self.caller.sip_contact_host);
 
-  return (node ~= nil);
+  if node then
+    self.log:info('AUTH_NODE - node_id: ', self.caller.node_id, ', contact address:', self.caller.sip_contact_host);
+    return true;
+  end
 end
 
 
-function Dialplan.check_auth_ip(self)
-  self.log:info('AUTH - node: ', self.caller.from_node, ', auth_account: ', self.caller.auth_account_type, ', gateway: ', self.caller.from_gateway);
+function Dialplan.auth_sip_account(self)
   require 'common.str'
-  if self.caller.from_node then
+  if not common.str.blank(self.caller.auth_account_type) then
+    self.log:info('AUTH_SIP_ACCOUNT - ', self.caller.auth_account_type, '=', self.caller.account_id, '/', self.caller.account_uuid);
     return true;
-  elseif not common.str.blank(self.caller.auth_account_type) then
-    return true;
-  elseif self.caller.from_gateway then
-    return true;
-  else
-    return nil;
+  end
+end
+
+
+function Dialplan.auth_gateway(self)
+  require 'common.gateway'
+  local gateway_class = common.gateway.Gateway:new{ log = self.log, database = self.database};
+  local gateway = gateway_class:authenticate('sip', self.caller);
+
+  if gateway then
+    log:info('AUTH_GATEWAY - ', gateway.auth_source, ' ~ ', gateway.auth_pattern, ', gateway=', gateway.id, ', name: ', gateway.name, ', ip: ', self.caller.sip_contact_host);
+    return gateway_class:find_by_id(gateway.id);
   end
 end
 
@@ -859,6 +838,8 @@ end
 
 
 function Dialplan.run(self, destination)
+  require 'common.str';
+
   self.caller:set_variable('hangup_after_bridge', false);
   self.caller:set_variable('bridge_early_media', 'true');
   self.caller:set_variable('default_language', self.default_language);
@@ -882,7 +863,12 @@ function Dialplan.run(self, destination)
     require 'dialplan.route'
     local route = nil;
 
-    if self.caller.from_gateway then
+    if self.caller.gateway then
+      if not common.str.blank(self.caller.gateway.settings.number_source) then
+        self.log:debug('INBOUND_NUMBER: number_source: ', self.caller.gateway.settings.number_source, ', number: ', self.caller:to_s(self.caller.gateway.settings.number_source));
+        self.caller.destination_number = self.caller:to_s(self.caller.gateway.settings.number_source);
+      end
+
       local route_object = dialplan.route.Route:new{ log = self.log, database = self.database, routing_table = self.routes };
       route = route_object:inbound(self.caller, self.caller.destination_number);
       local inbound_caller_id_number = route_object:inbound_cid_number(self.caller, self.caller.gateway_name, 'gateway');
diff --git a/misc/freeswitch/scripts/dialplan_default.lua b/misc/freeswitch/scripts/dialplan_default.lua
index 1c0a52e..42271b9 100644
--- a/misc/freeswitch/scripts/dialplan_default.lua
+++ b/misc/freeswitch/scripts/dialplan_default.lua
@@ -34,20 +34,37 @@ end
 -- dialplan object
 require 'dialplan.dialplan'
 
-start_dialplan = dialplan.dialplan.Dialplan:new{ log = log, caller = start_caller, database = database };
+local start_dialplan = dialplan.dialplan.Dialplan:new{ log = log, caller = start_caller, database = database };
 start_dialplan:configuration_read();
 start_caller.local_node_id = start_dialplan.node_id;
 start_caller:init_channel_variables();
 
 -- session:execute('info','notice');
 
-if not start_dialplan:check_auth() then
-  log:debug('AUTHENTICATION_REQUIRED - host: ' , start_caller.sip_contact_host, ', domain: ', start_dialplan.domain);
-  start_dialplan:hangup(407, start_dialplan.domain);
-  return false;
+if start_caller.from_node and not start_dialplan:auth_node() then
+  log:debug('DIALPLAN_DEFAULT - node unauthorized - node_id: ', start_caller.node_id, ', domain: ', start_dialplan.domain);
+  start_dialplan:hangup(401, start_dialplan.domain);
+else
+  if not start_dialplan:auth_sip_account() then
+    local gateway = start_dialplan:auth_gateway()
+
+    if gateway then
+      start_caller.gateway_name = gateway.name;
+      start_caller.gateway_id = gateway.id;
+      start_caller.from_gateway = true;
+      start_caller.gateway = gateway;
+    else
+      log:debug('AUTHENTICATION_REQUIRED_SIP_ACCOUNT - contact host: ' , start_caller.sip_contact_host, ', ip: ', start_caller.sip_network_ip, ', domain: ', start_dialplan.domain);
+      start_dialplan:hangup(407, start_dialplan.domain);
+      if database then
+        database:release();
+      end
+      return;
+    end
+  end
 end
 
-if start_caller.from_node and not start_dialplan:check_auth_node() then
+if start_caller.from_node then
   log:debug('AUTHENTICATION_REQUIRED_NODE - node_id: ', start_caller.node_id, ', domain: ', start_dialplan.domain);
   start_dialplan:hangup(407, start_dialplan.domain);
 else
-- 
cgit v1.2.3