4a58261694
Git does not support the ability to replace a token with a version string during check-in. While it does have support for replacing a token on clone, this is somewhat sub-optimal: the token is replaced with the object hash, which is not particularly easy for human consumption. What's more, in practice, the source file version was often not terribly useful. Generally, when triaging bugs, the overall version of Asterisk is far more useful than an individual SVN version of a file. As a result, this patch removes Asterisk's support for showing source file versions. Specifically, it does the following: * Rename ASTERISK_FILE_VERSION macro to ASTERISK_REGISTER_FILE, and remove passing the version in with the macro. Other facilities than 'core show file version' make use of the file names, such as setting a debug level only on a specific file. As such, the act of registering source files with the Asterisk core still has use. The macro rename now reflects the new macro purpose. * main/asterisk: - Refactor the file_version structure to reflect that it no longer tracks a version field. - Remove the "core show file version" CLI command. Without the file version, it is no longer useful. - Remove the ast_file_version_find function. The file version is no longer tracked. - Rename ast_register_file_version/ast_unregister_file_version to ast_register_file/ast_unregister_file, respectively. * main/manager: Remove value from the Version key of the ModuleCheck Action. The actual key itself has not been removed, as doing so would absolutely constitute a backwards incompatible change. However, since the file version is no longer tracked, there is no need to attempt to include it in the Version key. * UPGRADE: Add notes for: - Modification to the ModuleCheck AMI Action - Removal of the "core show file version" CLI command Change-Id: I6cf0ff280e1668bf4957dc21f32a5ff43444a40e
280 lines
7.7 KiB
C
280 lines
7.7 KiB
C
/*
|
|
* Asterisk -- An open source telephony toolkit.
|
|
*
|
|
* Copyright (C) 1999 - 2005, Digium, Inc.
|
|
*
|
|
* Mark Spencer <markster@digium.com>
|
|
*
|
|
* See http://www.asterisk.org for more information about
|
|
* the Asterisk project. Please do not directly contact
|
|
* any of the maintainers of this project for assistance;
|
|
* the project provides a web site, mailing lists and IRC
|
|
* channels for your use.
|
|
*
|
|
* This program is free software, distributed under the terms of
|
|
* the GNU General Public License Version 2. See the LICENSE file
|
|
* at the top of the source tree.
|
|
*/
|
|
|
|
/*! \file
|
|
*
|
|
* \brief Execute arbitrary authenticate commands
|
|
*
|
|
* \author Mark Spencer <markster@digium.com>
|
|
*
|
|
* \ingroup applications
|
|
*/
|
|
|
|
/*** MODULEINFO
|
|
<support_level>core</support_level>
|
|
***/
|
|
|
|
#include "asterisk.h"
|
|
|
|
ASTERISK_REGISTER_FILE()
|
|
|
|
#include "asterisk/lock.h"
|
|
#include "asterisk/file.h"
|
|
#include "asterisk/channel.h"
|
|
#include "asterisk/pbx.h"
|
|
#include "asterisk/module.h"
|
|
#include "asterisk/app.h"
|
|
#include "asterisk/astdb.h"
|
|
#include "asterisk/utils.h"
|
|
|
|
enum {
|
|
OPT_ACCOUNT = (1 << 0),
|
|
OPT_DATABASE = (1 << 1),
|
|
OPT_MULTIPLE = (1 << 3),
|
|
OPT_REMOVE = (1 << 4),
|
|
};
|
|
|
|
AST_APP_OPTIONS(auth_app_options, {
|
|
AST_APP_OPTION('a', OPT_ACCOUNT),
|
|
AST_APP_OPTION('d', OPT_DATABASE),
|
|
AST_APP_OPTION('m', OPT_MULTIPLE),
|
|
AST_APP_OPTION('r', OPT_REMOVE),
|
|
});
|
|
|
|
|
|
static const char app[] = "Authenticate";
|
|
/*** DOCUMENTATION
|
|
<application name="Authenticate" language="en_US">
|
|
<synopsis>
|
|
Authenticate a user
|
|
</synopsis>
|
|
<syntax>
|
|
<parameter name="password" required="true">
|
|
<para>Password the user should know</para>
|
|
</parameter>
|
|
<parameter name="options" required="false">
|
|
<optionlist>
|
|
<option name="a">
|
|
<para>Set the channels' account code to the password that is entered</para>
|
|
</option>
|
|
<option name="d">
|
|
<para>Interpret the given path as database key, not a literal file.</para>
|
|
<note>
|
|
<para>The value is not used at all in the authentication when using this option.
|
|
If the family/key is set to <literal>/pin/100</literal> (value does not matter)
|
|
then the password field needs to be set to <literal>/pin</literal> and the pin entered
|
|
by the user would be authenticated against <literal>100</literal>.</para>
|
|
</note>
|
|
</option>
|
|
<option name="m">
|
|
<para>Interpret the given path as a file which contains a list of account
|
|
codes and password hashes delimited with <literal>:</literal>, listed one per line in
|
|
the file. When one of the passwords is matched, the channel will have
|
|
its account code set to the corresponding account code in the file.</para>
|
|
</option>
|
|
<option name="r">
|
|
<para>Remove the database key upon successful entry (valid with <literal>d</literal> only)</para>
|
|
</option>
|
|
</optionlist>
|
|
</parameter>
|
|
<parameter name="maxdigits" required="false">
|
|
<para>maximum acceptable number of digits. Stops reading after
|
|
maxdigits have been entered (without requiring the user to press the <literal>#</literal> key).
|
|
Defaults to 0 - no limit - wait for the user press the <literal>#</literal> key.</para>
|
|
</parameter>
|
|
<parameter name="prompt" required="false">
|
|
<para>Override the agent-pass prompt file.</para>
|
|
</parameter>
|
|
</syntax>
|
|
<description>
|
|
<para>This application asks the caller to enter a given password in order to continue dialplan execution.</para>
|
|
<para>If the password begins with the <literal>/</literal> character,
|
|
it is interpreted as a file which contains a list of valid passwords, listed 1 password per line in the file.</para>
|
|
<para>When using a database key, the value associated with the key can be anything.</para>
|
|
<para>Users have three attempts to authenticate before the channel is hung up.</para>
|
|
</description>
|
|
<see-also>
|
|
<ref type="application">VMAuthenticate</ref>
|
|
<ref type="application">DISA</ref>
|
|
</see-also>
|
|
</application>
|
|
***/
|
|
|
|
static int auth_exec(struct ast_channel *chan, const char *data)
|
|
{
|
|
int res = 0, retries, maxdigits;
|
|
char passwd[256], *prompt = "agent-pass", *argcopy = NULL;
|
|
struct ast_flags flags = {0};
|
|
|
|
AST_DECLARE_APP_ARGS(arglist,
|
|
AST_APP_ARG(password);
|
|
AST_APP_ARG(options);
|
|
AST_APP_ARG(maxdigits);
|
|
AST_APP_ARG(prompt);
|
|
);
|
|
|
|
if (ast_strlen_zero(data)) {
|
|
ast_log(LOG_WARNING, "Authenticate requires an argument(password)\n");
|
|
return -1;
|
|
}
|
|
|
|
if (ast_channel_state(chan) != AST_STATE_UP) {
|
|
if ((res = ast_answer(chan)))
|
|
return -1;
|
|
}
|
|
|
|
argcopy = ast_strdupa(data);
|
|
|
|
AST_STANDARD_APP_ARGS(arglist, argcopy);
|
|
|
|
if (!ast_strlen_zero(arglist.options))
|
|
ast_app_parse_options(auth_app_options, &flags, NULL, arglist.options);
|
|
|
|
if (!ast_strlen_zero(arglist.maxdigits)) {
|
|
maxdigits = atoi(arglist.maxdigits);
|
|
if ((maxdigits<1) || (maxdigits>sizeof(passwd)-2))
|
|
maxdigits = sizeof(passwd) - 2;
|
|
} else {
|
|
maxdigits = sizeof(passwd) - 2;
|
|
}
|
|
|
|
if (!ast_strlen_zero(arglist.prompt)) {
|
|
prompt = arglist.prompt;
|
|
} else {
|
|
prompt = "agent-pass";
|
|
}
|
|
|
|
/* Start asking for password */
|
|
for (retries = 0; retries < 3; retries++) {
|
|
if ((res = ast_app_getdata(chan, prompt, passwd, maxdigits, 0)) < 0)
|
|
break;
|
|
|
|
res = 0;
|
|
|
|
if (arglist.password[0] != '/') {
|
|
/* Compare against a fixed password */
|
|
if (!strcmp(passwd, arglist.password))
|
|
break;
|
|
} else if (ast_test_flag(&flags,OPT_DATABASE)) {
|
|
char tmp[256];
|
|
/* Compare against a database key */
|
|
if (!ast_db_get(arglist.password + 1, passwd, tmp, sizeof(tmp))) {
|
|
/* It's a good password */
|
|
if (ast_test_flag(&flags,OPT_REMOVE))
|
|
ast_db_del(arglist.password + 1, passwd);
|
|
break;
|
|
}
|
|
} else {
|
|
/* Compare against a file */
|
|
FILE *f;
|
|
char buf[256] = "", md5passwd[33] = "", *md5secret = NULL;
|
|
|
|
if (!(f = fopen(arglist.password, "r"))) {
|
|
ast_log(LOG_WARNING, "Unable to open file '%s' for authentication: %s\n", arglist.password, strerror(errno));
|
|
continue;
|
|
}
|
|
|
|
for (;;) {
|
|
size_t len;
|
|
|
|
if (feof(f))
|
|
break;
|
|
|
|
if (!fgets(buf, sizeof(buf), f)) {
|
|
continue;
|
|
}
|
|
|
|
if (ast_strlen_zero(buf))
|
|
continue;
|
|
|
|
len = strlen(buf) - 1;
|
|
if (buf[len] == '\n')
|
|
buf[len] = '\0';
|
|
|
|
if (ast_test_flag(&flags, OPT_MULTIPLE)) {
|
|
md5secret = buf;
|
|
strsep(&md5secret, ":");
|
|
if (!md5secret)
|
|
continue;
|
|
ast_md5_hash(md5passwd, passwd);
|
|
if (!strcmp(md5passwd, md5secret)) {
|
|
if (ast_test_flag(&flags, OPT_ACCOUNT)) {
|
|
ast_channel_lock(chan);
|
|
ast_channel_accountcode_set(chan, buf);
|
|
ast_channel_unlock(chan);
|
|
}
|
|
break;
|
|
}
|
|
} else {
|
|
if (!strcmp(passwd, buf)) {
|
|
if (ast_test_flag(&flags, OPT_ACCOUNT)) {
|
|
ast_channel_lock(chan);
|
|
ast_channel_accountcode_set(chan, buf);
|
|
ast_channel_unlock(chan);
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
fclose(f);
|
|
|
|
if (!ast_strlen_zero(buf)) {
|
|
if (ast_test_flag(&flags, OPT_MULTIPLE)) {
|
|
if (md5secret && !strcmp(md5passwd, md5secret))
|
|
break;
|
|
} else {
|
|
if (!strcmp(passwd, buf))
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
prompt = "auth-incorrect";
|
|
}
|
|
|
|
if ((retries < 3) && !res) {
|
|
if (ast_test_flag(&flags,OPT_ACCOUNT) && !ast_test_flag(&flags,OPT_MULTIPLE)) {
|
|
ast_channel_lock(chan);
|
|
ast_channel_accountcode_set(chan, passwd);
|
|
ast_channel_unlock(chan);
|
|
}
|
|
if (!(res = ast_streamfile(chan, "auth-thankyou", ast_channel_language(chan))))
|
|
res = ast_waitstream(chan, "");
|
|
} else {
|
|
if (!ast_streamfile(chan, "vm-goodbye", ast_channel_language(chan)))
|
|
res = ast_waitstream(chan, "");
|
|
res = -1;
|
|
}
|
|
|
|
return res;
|
|
}
|
|
|
|
static int unload_module(void)
|
|
{
|
|
return ast_unregister_application(app);
|
|
}
|
|
|
|
static int load_module(void)
|
|
{
|
|
if (ast_register_application_xml(app, auth_exec))
|
|
return AST_MODULE_LOAD_FAILURE;
|
|
return AST_MODULE_LOAD_SUCCESS;
|
|
}
|
|
|
|
AST_MODULE_INFO_STANDARD(ASTERISK_GPL_KEY, "Authentication Application");
|