<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[Freeswitch-trunk][16557] </title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<div id="header">FreeSWITCH Subversion</div>
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://fisheye.freeswitch.org/changelog/FreeSWITCH?cs=16557">16557</a></dd>
<dt>Author</dt> <dd>rupa</dd>
<dt>Date</dt> <dd>2010-02-02 15:04:41 -0600 (Tue, 02 Feb 2010)</dd>
</dl>
<h3>Log Message</h3>
<pre><a href="http://jira.freeswitch.org/browse/BOUNTY-15">BOUNTY-15</a> - add user-agent-filter and max-registrations-per-extension</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#freeswitchtrunksrcmodendpointsmod_sofiamod_sofiac">freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.c</a></li>
<li><a href="#freeswitchtrunksrcmodendpointsmod_sofiamod_sofiah">freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.h</a></li>
<li><a href="#freeswitchtrunksrcmodendpointsmod_sofiasofiac">freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c</a></li>
<li><a href="#freeswitchtrunksrcmodendpointsmod_sofiasofia_regc">freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia_reg.c</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="freeswitchtrunksrcmodendpointsmod_sofiamod_sofiac"></a>
<div class="modfile"><h4>Modified: freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.c (16556 => 16557)</h4>
<pre class="diff"><span>
<span class="info">--- freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.c 2010-02-02 20:55:09 UTC (rev 16556)
+++ freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.c 2010-02-02 21:04:41 UTC (rev 16557)
</span><span class="lines">@@ -2161,6 +2161,12 @@
</span><span class="cx"> stream->write_function(stream, "AGGRESSIVENAT \t%s\n", sofia_test_pflag(profile, PFLAG_AGGRESSIVE_NAT_DETECTION) ? "true" : "false");
</span><span class="cx"> stream->write_function(stream, "STUN-ENABLED \t%s\n", sofia_test_pflag(profile, PFLAG_STUN_ENABLED) ? "true" : "false");
</span><span class="cx"> stream->write_function(stream, "STUN-AUTO-DISABLE\t%s\n", sofia_test_pflag(profile, PFLAG_STUN_AUTO_DISABLE) ? "true" : "false");
</span><ins>+ if (profile->user_agent_filter) {
+ stream->write_function(stream, "USER-AGENT-FILTER\t%s\n", switch_str_nil(profile->user_agent_filter));
+ }
+ if (profile->max_registrations_perext > 0) {
+ stream->write_function(stream, "MAX-REG-PEREXT \t%d\n", profile->max_registrations_perext);
+ }
</ins><span class="cx"> stream->write_function(stream, "CALLS-IN \t%d\n", profile->ib_calls);
</span><span class="cx"> stream->write_function(stream, "FAILED-CALLS-IN \t%d\n", profile->ib_failed_calls);
</span><span class="cx"> stream->write_function(stream, "CALLS-OUT \t%d\n", profile->ob_calls);
</span><span class="lines">@@ -2382,6 +2388,8 @@
</span><span class="cx"> stream->write_function(stream, " <stun-enabled>%s</stun-enabled>\n", sofia_test_pflag(profile, PFLAG_STUN_ENABLED) ? "true" : "false");
</span><span class="cx"> stream->write_function(stream, " <stun-auto-disable>%s</stun-auto-disable>\n",
</span><span class="cx"> sofia_test_pflag(profile, PFLAG_STUN_AUTO_DISABLE) ? "true" : "false");
</span><ins>+ stream->write_function(stream, " <user-agent-filter>%s</user-agent-filter>\n", switch_str_nil(profile->user_agent_filter));
+ stream->write_function(stream, " <max-registrations-per-extension>%d</max-registrations-per-extension>\n", profile->max_registrations_perext);
</ins><span class="cx"> stream->write_function(stream, " <calls-in>%d</calls-in>\n", profile->ib_calls);
</span><span class="cx"> stream->write_function(stream, " <calls-out>%d</calls-out>\n", profile->ob_calls);
</span><span class="cx"> stream->write_function(stream, " <failed-calls-in>%d</failed-calls-in>\n", profile->ib_failed_calls);
</span></span></pre></div>
<a id="freeswitchtrunksrcmodendpointsmod_sofiamod_sofiah"></a>
<div class="modfile"><h4>Modified: freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.h (16556 => 16557)</h4>
<pre class="diff"><span>
<span class="info">--- freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.h 2010-02-02 20:55:09 UTC (rev 16556)
+++ freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.h 2010-02-02 21:04:41 UTC (rev 16557)
</span><span class="lines">@@ -515,6 +515,8 @@
</span><span class="cx"> sofia_presence_type_t pres_type;
</span><span class="cx"> sofia_media_options_t media_options;
</span><span class="cx"> uint32_t force_subscription_expires;
</span><ins>+ char *user_agent_filter;
+ uint32_t max_registrations_perext;
</ins><span class="cx"> switch_rtp_bug_flag_t auto_rtp_bugs;
</span><span class="cx"> uint32_t ib_calls;
</span><span class="cx"> uint32_t ob_calls;
</span></span></pre></div>
<a id="freeswitchtrunksrcmodendpointsmod_sofiasofiac"></a>
<div class="modfile"><h4>Modified: freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c (16556 => 16557)</h4>
<pre class="diff"><span>
<span class="info">--- freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c 2010-02-02 20:55:09 UTC (rev 16556)
+++ freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c 2010-02-02 21:04:41 UTC (rev 16557)
</span><span class="lines">@@ -2191,6 +2191,10 @@
</span><span class="cx"> } else {
</span><span class="cx"> switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Max acl records of %d reached\n", SOFIA_MAX_ACL);
</span><span class="cx"> }
</span><ins>+ } else if (!strcasecmp(var, "user-agent-filter")) {
+ profile->user_agent_filter = switch_core_strdup(profile->pool, val);
+ } else if (!strcasecmp(var, "max-registrations-per-extension")) {
+ profile->max_registrations_perext = atoi(val);
</ins><span class="cx"> } else if (!strcasecmp(var, "rfc2833-pt")) {
</span><span class="cx"> profile->te = (switch_payload_t) atoi(val);
</span><span class="cx"> } else if (!strcasecmp(var, "cng-pt") && !(sofia_test_pflag(profile, PFLAG_SUPPRESS_CNG))) {
</span><span class="lines">@@ -2726,6 +2730,10 @@
</span><span class="cx"> } else {
</span><span class="cx"> sofia_clear_pflag(profile, PFLAG_STUN_AUTO_DISABLE);
</span><span class="cx"> }
</span><ins>+ } else if (!strcasecmp(var, "user-agent-filter")) {
+ profile->user_agent_filter = switch_core_strdup(profile->pool, val);
+ } else if (!strcasecmp(var, "max-registrations-per-extension")) {
+ profile->max_registrations_perext = atoi(val);
</ins><span class="cx"> } else if (!strcasecmp(var, "rfc2833-pt")) {
</span><span class="cx"> profile->te = (switch_payload_t) atoi(val);
</span><span class="cx"> } else if (!strcasecmp(var, "cng-pt") && !sofia_test_pflag(profile, PFLAG_SUPPRESS_CNG)) {
</span></span></pre></div>
<a id="freeswitchtrunksrcmodendpointsmod_sofiasofia_regc"></a>
<div class="modfile"><h4>Modified: freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia_reg.c (16556 => 16557)</h4>
<pre class="diff"><span>
<span class="info">--- freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia_reg.c 2010-02-02 20:55:09 UTC (rev 16556)
+++ freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia_reg.c 2010-02-02 21:04:41 UTC (rev 16557)
</span><span class="lines">@@ -1647,6 +1647,15 @@
</span><span class="cx"> return 0;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+static int sofia_reg_regcount_callback(void *pArg, int argc, char **argv, char **columnNames)
+{
+ int *ret = (int *) pArg;
+ if (argc == 1) {
+ *ret = atoi(argv[0]);
+ }
+ return 0;
+}
+
</ins><span class="cx"> auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile,
</span><span class="cx"> sip_authorization_t const *authorization,
</span><span class="cx"> sip_t const *sip,
</span><span class="lines">@@ -1682,6 +1691,9 @@
</span><span class="cx"> const char *auth_acl = NULL;
</span><span class="cx"> long ncl = 0;
</span><span class="cx"> sip_unknown_t *un;
</span><ins>+ const char *user_agent = NULL;
+ const char *user_agent_filter = profile->user_agent_filter;
+ uint32_t max_registrations_perext = profile->max_registrations_perext;
</ins><span class="cx">
</span><span class="cx"> username = realm = nonce = uri = qop = cnonce = nc = response = NULL;
</span><span class="cx">
</span><span class="lines">@@ -1741,6 +1753,8 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ user_agent = (sip && sip->sip_user_agent) ? sip->sip_user_agent->g_string : "unknown";
+
</ins><span class="cx"> if (zstr(np)) {
</span><span class="cx"> nonce_cb_t cb = { 0 };
</span><span class="cx"> long nc_long = 0;
</span><span class="lines">@@ -1777,8 +1791,7 @@
</span><span class="cx"> switch_assert(params);
</span><span class="cx"> switch_event_add_header_string(params, SWITCH_STACK_BOTTOM, "action", "sip_auth");
</span><span class="cx"> switch_event_add_header_string(params, SWITCH_STACK_BOTTOM, "sip_profile", profile->name);
</span><del>- switch_event_add_header_string(params, SWITCH_STACK_BOTTOM, "sip_user_agent",
- (sip && sip->sip_user_agent) ? sip->sip_user_agent->g_string : "unknown");
</del><ins>+ switch_event_add_header_string(params, SWITCH_STACK_BOTTOM, "sip_user_agent", user_agent);
</ins><span class="cx"> switch_event_add_header_string(params, SWITCH_STACK_BOTTOM, "sip_auth_username", username);
</span><span class="cx"> switch_event_add_header_string(params, SWITCH_STACK_BOTTOM, "sip_auth_realm", realm);
</span><span class="cx"> switch_event_add_header_string(params, SWITCH_STACK_BOTTOM, "sip_auth_nonce", nonce);
</span><span class="lines">@@ -1905,6 +1918,13 @@
</span><span class="cx"> if (!strcasecmp(var, "mwi-account")) {
</span><span class="cx"> mwi_account = val;
</span><span class="cx"> }
</span><ins>+
+ if (!strcasecmp(var, "user-agent-filter")) {
+ user_agent_filter = val;
+ }
+ if (!strcasecmp(var, "max-registrations-per-extension")) {
+ max_registrations_perext = atoi(val);
+ }
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -1932,6 +1952,13 @@
</span><span class="cx"> if (!strcasecmp(var, "mwi-account")) {
</span><span class="cx"> mwi_account = val;
</span><span class="cx"> }
</span><ins>+
+ if (!strcasecmp(var, "user-agent-filter")) {
+ user_agent_filter = val;
+ }
+ if (!strcasecmp(var, "max-registrations-per-extension")) {
+ max_registrations_perext = atoi(val);
+ }
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -1959,6 +1986,12 @@
</span><span class="cx"> if (!strcasecmp(var, "mwi-account")) {
</span><span class="cx"> mwi_account = val;
</span><span class="cx"> }
</span><ins>+ if (!strcasecmp(var, "user-agent-filter")) {
+ user_agent_filter = val;
+ }
+ if (!strcasecmp(var, "max-registrations-per-extension")) {
+ max_registrations_perext = atoi(val);
+ }
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -2046,6 +2079,41 @@
</span><span class="cx">
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ if (user_agent_filter) {
+ if (switch_regex_match(user_agent, user_agent_filter) == SWITCH_STATUS_SUCCESS) {
+ if (sofia_test_pflag(profile, PFLAG_LOG_AUTH_FAIL)) {
+ switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "SIP auth OK (REGISTER) due to user-agent-filter. Filter \"%s\" User-Agent \"%s\"\n", user_agent_filter, user_agent);
+ }
+ } else {
+ ret = AUTH_FORBIDDEN;
+ if (sofia_test_pflag(profile, PFLAG_LOG_AUTH_FAIL)) {
+ switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_WARNING, "SIP auth failure (REGISTER) due to user-agent-filter. Filter \"%s\" User-Agent \"%s\"\n", user_agent_filter, user_agent);
+ }
+ goto end;
+ }
+ }
+
+ if (max_registrations_perext > 0 &&
+ (sip && sip->sip_contact &&
+ (sip->sip_contact->m_expires == NULL || atol(sip->sip_contact->m_expires) > 0))) {
+ /* if expires is null still process */
+ /* expires == 0 means the phone is going to unregiser, so don't count against max */
+ int count = 0;
+
+ sql = switch_mprintf("select count(sip_user) from sip_registrations where sip_user='%q'", username);
+ switch_assert(sql != NULL);
+ sofia_glue_execute_sql_callback(profile, NULL, sql, sofia_reg_regcount_callback, &count);
+ free(sql);
+
+ if (count+1 > max_registrations_perext) {
+ ret = AUTH_FORBIDDEN;
+ if (sofia_test_pflag(profile, PFLAG_LOG_AUTH_FAIL)) {
+ switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_WARNING, "SIP auth failure (REGISTER) due to reaching max allowed registrations. Count: %d\n", count);
+ }
+ goto end;
+ }
+ }
+
</ins><span class="cx"> for_the_sake_of_interop:
</span><span class="cx">
</span><span class="cx"> if ((input = switch_mprintf("%s:%q", regstr, uri))) {
</span></span></pre>
</div>
</div>
<div id="footer">See you at ClueCon</div>
</body>
</html>