sysmocom/asterisk
11
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
asterisk/apps/app_authenticate.c
Leif Madsen a525edea59 Merged revisions 328247 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/branches/1.10

................
  r328247 | lmadsen | 2011-07-14 16:25:31 -0400 (Thu, 14 Jul 2011) | 14 lines
  
  Merged revisions 328209 via svnmerge from 
  https://origsvn.digium.com/svn/asterisk/branches/1.8
  
  ........
    r328209 | lmadsen | 2011-07-14 16:13:06 -0400 (Thu, 14 Jul 2011) | 6 lines
    
    Introduce <support_level> tags in MODULEINFO.
    This change introduces MODULEINFO into many modules in Asterisk in order to show
    the community support level for those modules. This is used by changes committed
    to menuselect by Russell Bryant recently (r917 in menuselect). More information about
    the support level types and what they mean is available on the wiki at
    https://wiki.asterisk.org/wiki/display/AST/Asterisk+Module+Support+States
  ........
................


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@328259 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2011-07-14 20:28:54 +00:00

265 lines
7.1 KiB
C
Raw Blame History

/*
* Asterisk -- An open source telephony toolkit.
*
* Copyright (C) 1999 - 2005, Digium, Inc.
*
* Mark Spencer <markster@digium.com>
*
* See http://www.asterisk.org for more information about
* the Asterisk project. Please do not directly contact
* any of the maintainers of this project for assistance;
* the project provides a web site, mailing lists and IRC
* channels for your use.
*
* This program is free software, distributed under the terms of
* the GNU General Public License Version 2. See the LICENSE file
* at the top of the source tree.
*/
/*! \file
*
* \brief Execute arbitrary authenticate commands
*
* \author Mark Spencer <markster@digium.com>
*
* \ingroup applications
*/
/*** MODULEINFO
<support_level>core</support_level>
***/
#include "asterisk.h"
ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
#include "asterisk/lock.h"
#include "asterisk/file.h"
#include "asterisk/channel.h"
#include "asterisk/pbx.h"
#include "asterisk/module.h"
#include "asterisk/app.h"
#include "asterisk/astdb.h"
#include "asterisk/utils.h"
enum {
OPT_ACCOUNT = (1 << 0),
OPT_DATABASE = (1 << 1),
OPT_MULTIPLE = (1 << 3),
OPT_REMOVE = (1 << 4),
};
AST_APP_OPTIONS(auth_app_options, {
AST_APP_OPTION('a', OPT_ACCOUNT),
AST_APP_OPTION('d', OPT_DATABASE),
AST_APP_OPTION('m', OPT_MULTIPLE),
AST_APP_OPTION('r', OPT_REMOVE),
});
static const char app[] = "Authenticate";
/*** DOCUMENTATION
<application name="Authenticate" language="en_US">
<synopsis>
Authenticate a user
</synopsis>
<syntax>
<parameter name="password" required="true">
<para>Password the user should know</para>
</parameter>
<parameter name="options" required="false">
<optionlist>
<option name="a">
<para>Set the channels' account code to the password that is entered</para>
</option>
<option name="d">
<para>Interpret the given path as database key, not a literal file</para>
</option>
<option name="m">
<para>Interpret the given path as a file which contains a list of account
codes and password hashes delimited with <literal>:</literal>, listed one per line in
the file. When one of the passwords is matched, the channel will have
its account code set to the corresponding account code in the file.</para>
</option>
<option name="r">
<para>Remove the database key upon successful entry (valid with <literal>d</literal> only)</para>
</option>
</optionlist>
</parameter>
<parameter name="maxdigits" required="false">
<para>maximum acceptable number of digits. Stops reading after
maxdigits have been entered (without requiring the user to press the <literal>#</literal> key).
Defaults to 0 - no limit - wait for the user press the <literal>#</literal> key.</para>
</parameter>
<parameter name="prompt" required="false">
<para>Override the agent-pass prompt file.</para>
</parameter>
</syntax>
<description>
<para>This application asks the caller to enter a given password in order to continue dialplan execution.</para>
<para>If the password begins with the <literal>/</literal> character,
it is interpreted as a file which contains a list of valid passwords, listed 1 password per line in the file.</para>
<para>When using a database key, the value associated with the key can be anything.</para>
<para>Users have three attempts to authenticate before the channel is hung up.</para>
</description>
<see-also>
<ref type="application">VMAuthenticate</ref>
<ref type="application">DISA</ref>
</see-also>
</application>
***/
static int auth_exec(struct ast_channel *chan, const char *data)
{
int res = 0, retries, maxdigits;
char passwd[256], *prompt = "agent-pass", *argcopy = NULL;
struct ast_flags flags = {0};
AST_DECLARE_APP_ARGS(arglist,
AST_APP_ARG(password);
AST_APP_ARG(options);
AST_APP_ARG(maxdigits);
AST_APP_ARG(prompt);
);
if (ast_strlen_zero(data)) {
ast_log(LOG_WARNING, "Authenticate requires an argument(password)\n");
return -1;
}
if (chan->_state != AST_STATE_UP) {
if ((res = ast_answer(chan)))
return -1;
}
argcopy = ast_strdupa(data);
AST_STANDARD_APP_ARGS(arglist, argcopy);
if (!ast_strlen_zero(arglist.options))
ast_app_parse_options(auth_app_options, &flags, NULL, arglist.options);
if (!ast_strlen_zero(arglist.maxdigits)) {
maxdigits = atoi(arglist.maxdigits);
if ((maxdigits<1) || (maxdigits>sizeof(passwd)-2))
maxdigits = sizeof(passwd) - 2;
} else {
maxdigits = sizeof(passwd) - 2;
}
if (!ast_strlen_zero(arglist.prompt)) {
prompt = arglist.prompt;
} else {
prompt = "agent-pass";
}
/* Start asking for password */
for (retries = 0; retries < 3; retries++) {
if ((res = ast_app_getdata(chan, prompt, passwd, maxdigits, 0)) < 0)
break;
res = 0;
if (arglist.password[0] != '/') {
/* Compare against a fixed password */
if (!strcmp(passwd, arglist.password))
break;
} else if (ast_test_flag(&flags,OPT_DATABASE)) {
char tmp[256];
/* Compare against a database key */
if (!ast_db_get(arglist.password + 1, passwd, tmp, sizeof(tmp))) {
/* It's a good password */
if (ast_test_flag(&flags,OPT_REMOVE))
ast_db_del(arglist.password + 1, passwd);
break;
}
} else {
/* Compare against a file */
FILE *f;
char buf[256] = "", md5passwd[33] = "", *md5secret = NULL;
if (!(f = fopen(arglist.password, "r"))) {
ast_log(LOG_WARNING, "Unable to open file '%s' for authentication: %s\n", arglist.password, strerror(errno));
continue;
}
for (;;) {
size_t len;
if (feof(f))
break;
if (!fgets(buf, sizeof(buf), f)) {
continue;
}
if (ast_strlen_zero(buf))
continue;
len = strlen(buf) - 1;
if (buf[len] == '\n')
buf[len] = '\0';
if (ast_test_flag(&flags, OPT_MULTIPLE)) {
md5secret = buf;
strsep(&md5secret, ":");
if (!md5secret)
continue;
ast_md5_hash(md5passwd, passwd);
if (!strcmp(md5passwd, md5secret)) {
if (ast_test_flag(&flags,OPT_ACCOUNT))
ast_cdr_setaccount(chan, buf);
break;
}
} else {
if (!strcmp(passwd, buf)) {
if (ast_test_flag(&flags, OPT_ACCOUNT))
ast_cdr_setaccount(chan, buf);
break;
}
}
}
fclose(f);
if (!ast_strlen_zero(buf)) {
if (ast_test_flag(&flags, OPT_MULTIPLE)) {
if (md5secret && !strcmp(md5passwd, md5secret))
break;
} else {
if (!strcmp(passwd, buf))
break;
}
}
}
prompt = "auth-incorrect";
}
if ((retries < 3) && !res) {
if (ast_test_flag(&flags,OPT_ACCOUNT) && !ast_test_flag(&flags,OPT_MULTIPLE))
ast_cdr_setaccount(chan, passwd);
if (!(res = ast_streamfile(chan, "auth-thankyou", chan->language)))
res = ast_waitstream(chan, "");
} else {
if (!ast_streamfile(chan, "vm-goodbye", chan->language))
res = ast_waitstream(chan, "");
res = -1;
}
return res;
}
static int unload_module(void)
{
return ast_unregister_application(app);
}
static int load_module(void)
{
if (ast_register_application_xml(app, auth_exec))
return AST_MODULE_LOAD_FAILURE;
return AST_MODULE_LOAD_SUCCESS;
}
AST_MODULE_INFO_STANDARD(ASTERISK_GPL_KEY, "Authentication Application");
Reference in a new issue View git blame Copy permalink