oversip 0.9.0 → 0.9.1

data/{LICENSE.txt → LICENSE}

@@ -1,7 +1,10 @@
-The MIT LICENSE
-
+Name: OverSIP
+Maintainer: Iñaki Baz Castillo <ibc@aliax.net>
 Copyright (c) 2012 Iñaki Baz Castillo <ibc@aliax.net>
 
+
+License: The MIT LICENSE
+
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the
 "Software"), to deal in the Software without restriction, including

data/README.md

@@ -1,7 +1,7 @@
 OverSIP
 =======
 
-**UNDER CONSTRUCTION:** please wait a bit...
+**WEB UNDER CONSTRUCTION:** The code is stable and working. This web page and documentation is not... please wait a bit.
 
 OverSIP is an async SIP proxy/server programmable in Ruby language.
 

data/Rakefile

@@ -33,7 +33,7 @@ file "bin/oversip_stud" => "tmp" do
   FileUtils.remove_dir "tmp"
 end
 CLEAN.include("ext/stud/Makefile")
-CLEAN.include("ext/stud/mkmf.log")
+CLEAN.include("thirdparty/stud/mkmf.log")
 CLEAN.include("bin/oversip_stud")
 
 

data/debian/changelog

@@ -0,0 +1,5 @@
+oversip (1.0.0) stable; urgency=low
+
+  * Initial release.
+
+ -- Iñaki Baz Castillo <ibc@aliax.net>  Mon, 09 Jul 2012 21:21:00 +0100

data/debian/compat

@@ -0,0 +1 @@
+7

data/debian/control

@@ -0,0 +1,25 @@
+Source: oversip
+Section: comm
+Priority: optional
+Maintainer: Iñaki Baz Castillo <ibc@aliax.net>
+Homepage: http://www.oversip.net
+Build-Depends: debhelper (>= 7)
+Standards-Version: 3.9.3
+
+Package: oversip
+Architecture: all
+Depends: ${shlibs:Depends}, ${misc:Depends}, ruby1.9.1, ruby1.9.1-dev, make, g++, libssl-dev, libev-dev
+Recommends: unbound
+Description: OverSIP (the SIP dreams factory) is an async SIP proxy/server programmable in Ruby language.
+  Some features of OverSIP are:
+  - SIP transports: UDP, TCP, TLS and WebSocket.
+  - Full IPv4 and IPv6 support.
+  - RFC 3263: SIP DNS mechanism (NAPTR, SRV, A, AAAA) for failover and load
+    balancing based on DNS.
+  - RFC 5626: OverSIP is a perfect Outbound EDGE proxy, including an integrated
+    STUN server.
+  - Fully programmable in Ruby language (make SIP easy).
+  - Fast and efficient: OverSIP core is coded in C language.
+  OverSIP is build on top of EventMachine async library which follows the Reactor
+  Pattern design, allowing thousands of concurrent connections and requests in a
+  never-blocking fashion.

data/debian/copyright

@@ -0,0 +1,25 @@
+Name: OverSIP
+Maintainer: Iñaki Baz Castillo <ibc@aliax.net>
+Copyright (c) 2012 Iñaki Baz Castillo <ibc@aliax.net>
+
+
+License: The MIT LICENSE
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/debian/oversip.default

@@ -0,0 +1,12 @@
+#
+# oversip startup options
+#
+
+# Set to 'yes' when configured.
+RUN=no
+
+# User to run as.
+USER=oversip
+
+# Group to run as.
+GROUP=oversip

data/debian/oversip.init

@@ -0,0 +1,203 @@
+#! /bin/bash
+
+### BEGIN INIT INFO
+# Provides:          oversip
+# Required-Start:    $syslog $network $remote_fs
+# Required-Stop:     $syslog $network $remote_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start/stop OverSIP
+# Description:       Start/stop OverSIP
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/var/lib/gems/1.9.1/bin
+NAME=oversip
+DESC=OverSIP
+HOMEDIR=/var/run/$NAME
+PIDFILE_NAME=$NAME.pid
+RUN=no
+RUBY_GEM=$NAME
+RUBY_EXE=ruby1.9.1
+
+
+. /lib/lsb/init-functions
+
+# Debian LSB functions don't add \n in function log_begin_msg().
+# In Ubuntu such function is overriden in /etc/lsb-base-logging.sh.
+UBUNTU_LOGGING=0
+[ -r /etc/lsb-base-logging.sh ] && UBUNTU_LOGGING=1
+
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Ensure Ruby executable is installed.
+which $RUBY_EXE >/dev/null
+if [ $? -ne 0 ] ; then
+  log_failure_msg "ruby1.9.1 is not installed, exiting."
+  log_end_msg 5
+  exit 5
+fi
+
+# Check whether OverSIP Ruby Gem is installed and get the executable location.
+DAEMON=$(which $NAME)
+if [ $? -ne 0 ] ; then
+  log_failure_msg "$DESC ($NAME): Ruby Gem '$RUBY_GEM' is not installed, exiting."
+
+  case "$1" in
+  status)
+    # LSB - 4: program or service status is unknown.
+    log_end_msg 4
+    exit 4
+    ;;
+  *)
+    # LSB - 5: program is not installed.
+    log_end_msg 5
+    exit 5
+    ;;
+  esac
+fi
+
+if [ ! -x $DAEMON ]; then
+  log_failure_msg "$DESC ($NAME): executable '$DAEMON' does not exist or has not execution access. It should be provided by Ruby Gem '$RUBY_GEM'."
+
+  case "$1" in
+  status)
+    # LSB - 4: program or service status is unknown.
+    log_end_msg 4
+    exit 4
+    ;;
+  *)
+    # LSB - 5: program is not installed.
+    log_end_msg 5
+    exit 5
+    ;;
+  esac
+fi
+
+if [ "$RUN" != "yes" ] ; then
+  log_failure_msg "$DESC ($NAME) not yet configured. Set RUN=yes in /etc/default/$NAME."
+  exit 0
+fi
+
+PIDFILE="${HOMEDIR}/${PIDFILE_NAME}"
+OPTIONS="-P ${PIDFILE}"
+if [ -n "$USER" ] ; then
+ OPTIONS="${OPTIONS} -u ${USER}"
+fi
+if [ -n "$GROUP" ] ; then
+ OPTIONS="${OPTIONS} -g ${GROUP}"
+fi
+
+
+check_homedir ()
+{
+  # Create HOMEDIR directory in case it doesn't exist.
+  # Useful in Ubuntu as /var/run/ content is deleted in shutdown.
+  if [ ! -d $HOMEDIR ] ; then mkdir $HOMEDIR ; fi
+
+  # Set the appropiate owner and group
+  if [ -n "$USER" ] ; then chown ${USER} $HOMEDIR ; fi
+  if [ -n "$GROUP" ] ; then chgrp ${GROUP} $HOMEDIR ; fi
+}
+
+
+start() {
+  start-stop-daemon --start --quiet --pidfile $PIDFILE --quiet \
+    --exec $DAEMON -- $OPTIONS
+  res=$?
+
+  if [ $res -eq 0 ] ; then
+    log_end_msg 0
+    exit 0
+  else
+    if [ ! -r "$PIDFILE" ]; then
+      log_failure_msg "error, failed to start."
+      log_end_msg 1
+      exit 1
+    elif read pid < "$PIDFILE" && ps -p "$pid" > /dev/null 2>&1; then
+      log_warning_msg "already running."
+      exit 0
+    else
+      log_failure_msg "error, failed to start (and PID file '$PIDFILE' exists)."
+      log_end_msg 1
+      exit 1
+    fi
+  fi
+}
+
+
+set -e
+
+case "$1" in
+
+  start)
+    check_homedir
+    log_daemon_msg "Starting $DESC ($NAME)"
+    echo
+    set +e
+
+    start
+    ;;
+
+  stop)
+    log_daemon_msg "Stopping $DESC ($NAME)"
+    echo
+    set +e
+
+    start-stop-daemon --oknodo --stop --pidfile $PIDFILE --quiet \
+      --name $NAME
+    res=$?
+
+    # Posix MQueue for syslogging is created with owner root (to ensure
+    # rlimits and so) so it cannot be deleted by $USER when stopping the
+    # server. This command removes the mqueue when performing the "stop"
+    # action.
+    $DAEMON --remove-mqueue "/${NAME}_syslogger"
+
+    if [ $res -eq 0 ] ; then
+      log_end_msg 0
+      exit 0
+    else
+      log_failure_msg "error, failed to stop."
+      log_end_msg 1
+      exit 1
+    fi
+    ;;
+
+  restart|force-reload)
+    log_daemon_msg "Restarting $DESC ($NAME)"
+    echo
+    set +e
+
+    start-stop-daemon --oknodo --stop --pidfile $PIDFILE --retry=5 --quiet \
+      --name $NAME
+
+    if [ $? -ne 0 ] ; then
+      log_failure_msg "error, failed to stop."
+      log_end_msg 1
+      exit 1
+    fi
+
+    check_homedir
+    start
+    ;;
+
+  status)
+    if [ ! -r "$PIDFILE" ]; then
+      log_warning_msg "$DESC ($NAME) is not running."
+      exit 3
+    fi
+    if read pid < "$PIDFILE" && ps -p "$pid" > /dev/null 2>&1; then
+      log_begin_msg "$DESC ($NAME) is running."
+      [ $UBUNTU_LOGGING -eq 0 ] && echo
+      exit 0
+    else
+      log_warning_msg "$DESC ($NAME) is not running but PID file '$PIDFILE' exists."
+      exit 1
+    fi
+    ;;
+
+  *)
+    log_failure_msg "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|status}."
+    exit 1
+    ;;
+esac

data/debian/postinst

@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+# summary of how this script can be called:
+#        * <postinst> `configure' <most-recently-configured-version>
+#        * <old-postinst> `abort-upgrade' <new version>
+#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+#          <new-version>
+#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+#          <failed-install-package> <version> `removing'
+#          <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+#
+# quoting from the policy:
+#     Any necessary prompting should almost always be confined to the
+#     post-installation script, and should be protected with a conditional
+#     so that unnecessary prompting doesn't happen if a package's
+#     installation fails and the `postinst' is called with `abort-upgrade',
+#     `abort-remove' or `abort-deconfigure'.
+
+case "$1" in
+    configure)
+      adduser --quiet --system --group --disabled-password \
+              --shell /bin/false --gecos "OverSIP" \
+              --home /var/run/oversip oversip || true
+      ;;
+
+    abort-upgrade|abort-remove|abort-deconfigure)
+      ;;
+
+    *)
+      echo "postinst called with unknown argument \`$1'" >&2
+      exit 1
+      ;;
+esac
+
+#DEBHELPER#

data/debian/postrm

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+#DEBHELPER#
+
+if [ "$1" = "purge" ] ; then
+  # remove user/group on purge
+  deluser --quiet --remove-home oversip &>/dev/null || true
+fi
+
+exit 0

data/debian/rules

@@ -0,0 +1,66 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+build: build-stamp
+
+build-stamp:
+	dh_testdir
+	touch $@
+
+clean:
+	dh_testdir
+	dh_testroot
+	rm -rf build-stamp oversip
+	dh_clean
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k
+	dh_installdirs /etc
+
+	mkdir -p $(CURDIR)/debian/oversip/etc/oversip/
+	mkdir -p $(CURDIR)/debian/oversip/etc/oversip/tls/
+	mkdir -p $(CURDIR)/debian/oversip/etc/oversip/tls/ca/
+	mkdir -p $(CURDIR)/debian/oversip/etc/oversip/tls/utils/
+	mkdir -p $(CURDIR)/debian/oversip/usr/share/oversip/
+	install -m 644 etc/oversip.conf debian/oversip/etc/oversip/
+	install -m 644 etc/proxies.conf debian/oversip/etc/oversip/
+	install -m 644 etc/logic.rb debian/oversip/etc/oversip/
+	install -m 644 etc/websocket_policy.rb debian/oversip/etc/oversip/
+	install -m 755 etc/tls/upgrade-cacert.sh debian/oversip/etc/oversip/tls/
+	install -m 644 etc/tls/demo-tls.oversip.net.crt debian/oversip/etc/oversip/tls/
+	install -m 600 etc/tls/demo-tls.oversip.net.key debian/oversip/etc/oversip/tls/
+	install -m 644 etc/tls/ca/* debian/oversip/etc/oversip/tls/ca/
+	install -m 755 etc/tls/utils/* debian/oversip/etc/oversip/tls/utils/
+
+# Build architecture-dependent files here.
+binary-arch: install
+# We have nothing to do by default.
+
+# Build architecture-independent files here.
+binary-indep: install
+	dh_testdir
+	dh_testroot
+	dh_installchangelogs
+	dh_installdocs
+	dh_installexamples
+	dh_installman
+	dh_installinit --restart-after-upgrade -- defaults 20
+	dh_link
+	dh_strip
+	dh_compress
+	dh_fixperms
+	dh_installcron
+#	dh_makeshlibs
+	dh_installdeb
+	dh_shlibdeps
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install

data/etc/logic.rb

@@ -0,0 +1,181 @@
+# -*- encoding: utf-8 -*-
+
+#
+# OverSIP - Simple OverSIP logic example.
+#
+#
+
+
+class OverSIP::SIP::Logic
+
+  ### Custom configuration options:
+  #
+  # Set this to _true_ if the SIP registrar behind OverSIP does not support Path.
+  USE_MODULE_REGISTRAR_WITHOUT_PATH = true
+  #
+  # Set this to _true_ if the SIP proxy/server behind OverSIP performing the authentication
+  # is ready to accept a P-Asserted-Identity header from OverSIP indicating the already
+  # asserted SIP user of the client's connection (this avoids authenticating all the requests
+  # but the first one).
+  USE_MODULE_USER_ASSERTION = true
+
+
+  def run
+
+    log_info "#{@request.sip_method} from #{@request.from.uri} (UA: #{@request.header("User-Agent")}) to #{@request.ruri} via #{@request.transport.upcase} #{@request.source_ip} : #{@request.source_port}"
+
+    # Check Max-Forwards value (max 10).
+    return unless @request.check_max_forwards 10
+
+    # Assume all the traffic is from clients and help them with NAT issues
+    # by forcing rport usage and Outbound mechanism.
+    @request.fix_nat
+
+
+    ### In-dialog requests.
+
+    if @request.in_dialog?
+      if @request.loose_route
+        log_debug "proxying in-dialog #{@request.sip_method}"
+        @request.proxy(:proxy_in_dialog).route
+      else
+        unless @request.sip_method == :ACK
+          log_notice "forbidden in-dialog request without top Route pointing to us => 403"
+          @request.reply 403, "forbidden in-dialog request without top Route pointing to us"
+        else
+          log_notice "ignoring not loose routing ACK"
+        end
+      end
+      return
+    end
+
+
+    ### Initial requests.
+
+    # Check that the request does not contain a top Route pointing to another server.
+    if @request.loose_route
+      unless @request.sip_method == :ACK
+        log_notice "pre-loaded Route not allowed here => 403"
+        @request.reply 403, "Pre-loaded Route not allowed"
+      else
+        log_notice "ignoring ACK initial request"
+      end
+      return
+    end
+
+
+    if USE_MODULE_REGISTRAR_WITHOUT_PATH
+      # Extract the Outbound flow token from the RURI.
+      OverSIP::SIP::Modules::RegistrarWithoutPath.extract_outbound_from_ruri @request
+    end
+
+
+    # The request goes to a client using Outbound through OverSIP.
+    if @request.incoming_outbound_requested?
+      log_info "routing initial request to an Outbound client"
+
+      proxy = @request.proxy(:proxy_to_users)
+
+      proxy.on_success_response do |response|
+        log_info "incoming Outbound on_success_response: #{response.status_code} '#{response.reason_phrase}'"
+      end
+
+      proxy.on_failure_response do |response|
+        log_info "incoming Outbound on_failure_response: #{response.status_code} '#{response.reason_phrase}'"
+      end
+
+      # on_error() occurs when no SIP response was received fom the peer and, instead, we
+      # got some other internal error (timeout, connection error, DNS error....).
+      proxy.on_error do |status, reason|
+        log_notice "incoming Outbound on_error: #{status} '#{reason}'"
+      end
+
+      # Route the request and return.
+      proxy.route
+      return
+    end
+
+
+    # An initial request with us (OverSIP) as final destination, ok, received, bye...
+    if @request.destination_myself?
+      log_info "request for myself => 404"
+      @request.reply 404, "Ok, I'm here"
+      return
+    end
+
+
+    # An outgoing initial request.
+    case @request.sip_method
+
+    when :INVITE, :MESSAGE, :OPTIONS, :SUBSCRIBE, :PUBLISH
+
+      if USE_MODULE_USER_ASSERTION
+        ::OverSIP::SIP::Modules::UserAssertion.add_pai @request
+      end
+
+      proxy = @request.proxy(:proxy_out)
+
+      proxy.on_provisional_response do |response|
+        log_info "on_provisional_response: #{response.status_code} '#{response.reason_phrase}'"
+      end
+
+      proxy.on_success_response do |response|
+        log_info "on_success_response: #{response.status_code} '#{response.reason_phrase}'"
+      end
+
+      proxy.on_failure_response do |response|
+        log_info "on_failure_response: #{response.status_code} '#{response.reason_phrase}'"
+      end
+
+      proxy.on_error do |status, reason|
+        log_notice "on_error: #{status} '#{reason}'"
+      end
+
+      proxy.route
+      return
+
+    when :REGISTER
+
+      if USE_MODULE_REGISTRAR_WITHOUT_PATH
+        # Contact mangling for the case in which the registrar does not support Path.
+        ::OverSIP::SIP::Modules::RegistrarWithoutPath.add_outbound_to_contact @request
+      end
+
+      proxy = @request.proxy(:proxy_out)
+
+      proxy.on_success_response do |response|
+        if USE_MODULE_REGISTRAR_WITHOUT_PATH
+          # Undo changes done to the Contact header provided by the client, so it receives
+          # the same value in the 200 response from the registrar.
+          ::OverSIP::SIP::Modules::RegistrarWithoutPath.remove_outbound_from_contact response
+        end
+
+        if USE_MODULE_USER_ASSERTION
+          # The registrar replies 200 after a REGISTER with credentials so let's assert
+          # the current SIP user to this connection.
+          ::OverSIP::SIP::Modules::UserAssertion.assert_connection response
+        end
+      end
+
+      proxy.on_failure_response do |response|
+        if USE_MODULE_USER_ASSERTION
+          # We don't add PAI for re-REGISTER, so 401 will be replied, and after it let's
+          # revoke the current user assertion (will be re-added upon REGISTER with credentials).
+          ::OverSIP::SIP::Modules::UserAssertion.revoke_assertion response
+        end
+      end
+
+      proxy.route
+      return
+
+    else
+
+      log_info "method #{@request.sip_method} not implemented => 501"
+      @request.reply 501, "Not Implemented"
+      return
+
+    end
+
+  end  # def run
+
+end  # class OverSIP::SIP::Logic