oversip 1.1.2 → 1.2.0

data/lib/oversip/modules/user_assertion.rb

@@ -0,0 +1,73 @@
+module OverSIP::Modules
+
+  module UserAssertion
+
+    extend ::OverSIP::Logger
+
+    @log_id = "UserAssertion module"
+
+    def self.assert_connection message
+      case message
+      when ::OverSIP::SIP::Request
+        request = message
+      when ::OverSIP::SIP::Response
+        request = message.request
+      else
+        raise ::OverSIP::RuntimeError, "message must be a OverSIP::SIP::Request or OverSIP::SIP::Response"
+      end
+
+      # Don't do this stuf for UDP or for outbound connections.
+      return false  unless request.connection.class.reliable_transport_listener?
+      # Return if already set.
+      return request.cvars[:asserted_user]  if request.cvars[:asserted_user]
+      # Don't do this stuf in case of P-Preferred-Identity header is present.
+      return false  if request.headers["P-Preferred-Identity"]
+
+      log_system_debug "user #{request.from.uri} asserted to connection"  if $oversip_debug
+      # Store the request From URI as "asserted_user" for this connection.
+      request.cvars[:asserted_user] = request.from.uri
+    end
+
+    def self.revoke_assertion message
+      case message
+      when ::OverSIP::SIP::Request
+        request = message
+      when ::OverSIP::SIP::Response
+        request = message.request
+      else
+        raise ::OverSIP::RuntimeError, "message must be a OverSIP::SIP::Request or OverSIP::SIP::Response"
+      end
+
+      request.cvars.delete :asserted_user
+      true
+    end
+
+    def self.add_pai request
+      # Add P-Asserted-Identity if the user has previously been asserted but JUST
+      # in case it matches request From URI !
+      # NOTE: If the connection is not asserted (it's null) then it will not match this
+      # comparisson, so OK.
+      if request.cvars[:asserted_user] == request.from.uri
+        # Don't add P-Asserted-Identity if the request contains P-Preferred-Identity header.
+        unless request.headers["P-Preferred-Identity"]
+          log_system_debug "user asserted, adding P-Asserted-Identity for #{request.log_id}"  if $oversip_debug
+          request.set_header "P-Asserted-Identity", "<" << request.cvars[:asserted_user] << ">"
+          return true
+        else
+          # Remove posible P-Asserted-Identity header!
+          log_system_debug "user asserted but P-Preferred-Identity header present, P-Asserted-Identity not added for #{request.log_id}"  if $oversip_debug
+          request.headers.delete "P-Asserted-Identity"
+          return nil
+        end
+
+      # Otherwise ensure the request has no spoofed P-Asserted-Identity headers!
+      else
+        request.headers.delete "P-Asserted-Identity"
+        return false
+
+      end
+    end
+
+  end  # module UserAssertion
+
+end

data/lib/oversip/posix_mq.rb

@@ -27,10 +27,10 @@ module OverSIP
         ::POSIX_MQ.unlink mq_name
       rescue ::Errno::ENOENT
       rescue ::Errno::EACCES => e
-        fatal "queue already exists and cannot remove it due file permissions"
+        ::OverSIP::Launcher.fatal "queue already exists and cannot remove it due file permissions"
       # Kernel has no support for posix message queues.
       rescue ::Errno::ENOSYS => e
-        fatal "the kernel has no support for posix messages queues, enable it (#{e.class}: #{e.message})"
+        ::OverSIP::Launcher.fatal "the kernel has no support for posix messages queues, enable it (#{e.class}: #{e.message})"
       end
 
       # Set the UMASK in a way that the group has permission to delete the queue.
@@ -61,7 +61,7 @@ module OverSIP
         begin
           ::Process.setrlimit(12, mq_size)
         rescue ::Errno::EPERM
-          fatal "current user has no permissions to increase rlimits to #{mq_size} bytes (ulimit -q)"
+          ::OverSIP::Launcher.fatal "current user has no permissions to increase rlimits to #{mq_size} bytes (ulimit -q)"
         end
       else
         log_system_info "rlimits for Posix Message Queues is #{current_rlimit} bytes (>= #{mq_size}), no need to increase it"
@@ -79,7 +79,7 @@ module OverSIP
 
       # Kernel has no support for posix message queues.
       rescue ::Errno::ENOSYS => e
-        fatal "the kernel has no support for posix messages queues, enable it (#{e.class}: #{e.message})"
+        ::OverSIP::Launcher.fatal "the kernel has no support for posix messages queues, enable it (#{e.class}: #{e.message})"
 
       # http://linux.die.net/man/3/mq_open
       #
@@ -93,13 +93,13 @@ module OverSIP
         log_system_warn "cannot set queue attributes due to user permissions, using system default values"
         mq = ::POSIX_MQ.new mq_name, mq_mode | ::IO::CREAT | ::IO::NONBLOCK, 00660
       rescue ::Errno::ENOMEM => e
-        fatal "insufficient memory (#{e.class}: #{e.message})"
+        ::OverSIP::Launcher.fatal "insufficient memory (#{e.class}: #{e.message})"
       rescue ::Errno::EMFILE => e
-        fatal "the process already has the maximum number of files and message queues open (#{e.class}: #{e.message})"
+        ::OverSIP::Launcher.fatal "the process already has the maximum number of files and message queues open (#{e.class}: #{e.message})"
       rescue Errno::ENFILE => e
-        fatal "the system limit on the total number of open files and message queues has been reached (#{e.class}: #{e.message})"
+        ::OverSIP::Launcher.fatal "the system limit on the total number of open files and message queues has been reached (#{e.class}: #{e.message})"
       rescue ::Errno::ENOSPC => e
-        fatal "insufficient space for the creation of a new message queue, probably occurred because the queues_max limit was encountered (#{e.class}: #{e.message})"
+        ::OverSIP::Launcher.fatal "insufficient space for the creation of a new message queue, probably occurred because the queues_max limit was encountered (#{e.class}: #{e.message})"
 
       end
 

data/lib/oversip/proxies_config.rb

@@ -109,7 +109,7 @@ module OverSIP
 
       rescue ::Exception => e
         unless reload
-          fatal e.message
+          ::OverSIP::Launcher.fatal e.message
         else
           raise ::OverSIP::ConfigurationError, e.message
         end

data/lib/oversip/sip/core.rb

@@ -0,0 +1,189 @@
+module OverSIP::SIP
+
+  # This module is included by OverSIP::SIP::Request class.
+  module Core
+
+    # Create a server transaction for the incoming request.
+    def create_transaction
+      return false  if @server_transaction
+
+      case @sip_method
+      when :INVITE
+        ::OverSIP::SIP::InviteServerTransaction.new self
+        return true
+      when :ACK
+        return nil
+      when :CANCEL
+        return nil
+      else
+        ::OverSIP::SIP::NonInviteServerTransaction.new self
+        return true
+      end
+    end
+
+
+    def check_max_forwards max_forwards
+      if @max_forwards
+        unless @max_forwards.zero?
+          @new_max_forwards = ( @max_forwards > max_forwards ? max_forwards : @max_forwards - 1 )
+          return true
+        else
+          log_system_notice "Max-Forwards is 0 => 483"
+          reply 483
+          return false
+        end
+      else
+        @new_max_forwards = max_forwards
+        return true
+      end
+    end
+
+
+    def loose_route
+      num_removes = 0
+      has_preloaded_route_with_ob_param = false
+
+      # Remove all the Route's pointing to the proxy until a Route not pointing to us is found.
+      if @routes
+        @routes.each do |route|
+          if ::OverSIP::SIP::Tags.check_value_for_route_ovid(route.ovid_param)
+            num_removes += 1
+          else
+            if local_uri? route
+              has_preloaded_route_with_ob_param = true  if route.ob_param?
+              num_removes += 1
+            else
+              break
+            end
+          end
+        end
+      end
+
+      ### Outbound stuf. RFC 5626 section 5.3.
+
+      # Outgoing initial request asking for Outbound. Just valid when:
+      # - It's an initial request.
+      # - Single Via (so there is no a proxy in front of us).
+      # - It's an INVITE, REGISTER, SUBSCRIBE or REFER request.
+      # - Has a preloaded top Route with ;ob param pointing to us, or has Contact with ;ob, or
+      #   it's a REGISTER with ;+sip.instance.
+      #
+      if (
+            initial? and (
+              @force_outgoing_outbound or (
+                @num_vias == 1 and
+                outbound_aware? and (
+                  ( has_preloaded_route_with_ob_param or (@contact and @contact.ob_param?) ) or
+                  ( @sip_method == :REGISTER and contact_reg_id?)
+                )
+              )
+            )
+          )
+        @outgoing_outbound_requested = true
+        log_system_debug "applying outgoing Outbound support"  if $oversip_debug
+      end
+
+      # Incoming initial request or in-dialog incoming/outgoing request. Must only perform
+      # Outbound for the incoming case and just when:
+      # - There are 2 Route headers.
+      # - All the Route headers point to us.
+      # - The latest Route has a flow token and a valid ;ovid param (so has been generated
+      #   previously by us).
+      #     NOTE: But don't check its value so it still would work in case of server reboot.
+      # - It's an incoming Outbound request (so flow token in the Route does not match the
+      #   flow token of the incoming connection).
+      if (
+            num_removes == 2 and
+            @routes.size == 2 and
+            (outbound_route = @routes.last) and
+            outbound_route.ovid_param and
+            (@route_outbound_flow_token = outbound_route.user) != @connection_outbound_flow_token
+          )
+        @incoming_outbound_requested = true
+        log_system_debug "destination is an incoming Outbound connection"  if $oversip_debug
+      end
+
+      # If there are not Route headers return false.
+      return false  unless @routes
+
+      # Remove the Route values pointintg to us.
+      unless num_removes == 0
+        @headers["Route"].shift num_removes
+        @routes.shift num_removes
+      end
+      @routes.empty? and @routes = nil
+
+      # Return true if it is an in-dialog request and the top Route pointed to us.
+      # False otherwise as we shouldn't receive an in-dialog request with a top Route non
+      # pointing to us.
+      if in_dialog?
+        return ( num_removes > 0 ? true : false )
+      # Return true if it was an initial request and more Route headers remain after inspection.
+      elsif @routes
+        return true
+      # Return false if it was an initial request and all its Route headers pointed to the proxy.
+      else
+        return false
+      end
+    end
+
+
+    # Checks whether the RURI points to a local domain or address.
+    # Typically, prior to using this method the user has verified the return value of loose_route()
+    # in case it's an initial request (if it's _true_ then the request has pre-loaded Route).
+    def destination_myself?
+      return true if @destination_myself
+      return false if @destination_myself == false
+
+      if local_uri? @ruri
+        log_system_debug "RURI destination is myself"  if $oversip_debug
+        return @destination_myself = true
+      else
+        log_system_debug "RURI destination is not myself"  if $oversip_debug
+        return @destination_myself = false
+      end
+    end
+
+
+    def fix_nat
+      # Force rport usage for UDP clients.
+      @via_rport = @source_port
+
+      # Force outgoing Outbound.
+      if initial? and @num_vias == 1 and outbound_aware?
+        @force_outgoing_outbound = true
+      end
+    end
+
+
+    def outgoing_outbound_requested?       ; @outgoing_outbound_requested  end
+
+    def incoming_outbound_requested?       ; @incoming_outbound_requested  end
+
+
+    def connection_outbound_flow_token
+      @connection_outbound_flow_token ||= if @transport == :udp
+        # NOTE: Add "_" so later we can figure that this is for UDP.
+        # NOTE: Replace "=" with "-" so it can be added as a SIP URI param (when Contact mangling is used
+        # if the registrar does not support Path).
+        "_" << ::Base64.strict_encode64("#{@source_ip}_#{@source_port}").gsub(/=/,"-")
+      else
+        @connection.outbound_flow_token
+      end
+    end
+
+
+    private
+
+
+    def local_uri? uri
+      return false  unless uri.scheme == :sip or uri.scheme == :sips
+      # NOTE: uri.host has been normalized during parsing in case it's an IPv6 and it's
+      # an :ipv6_reference.
+      ( uri.port and ::OverSIP::SIP.local_aliases["#{uri.host}:#{uri.port}"] ) or
+      ( not uri.port and ::OverSIP::SIP.local_aliases[uri.host] )
+    end
+
+  end  # module Core
+
+end

data/lib/oversip/sip/grammar/name_addr.rb

@@ -22,6 +22,10 @@ module OverSIP::SIP
     end
     alias :inspect :to_s
 
+    def modified?
+      @uri_modified or @name_addr_modified
+    end
+
   end
 
 end

data/lib/oversip/sip/grammar/uri.rb

@@ -2,7 +2,6 @@ module OverSIP::SIP
 
   class Uri
     attr_reader :scheme, :user, :host, :host_type, :port, :params, :transport_param, :phone_context_param, :ovid_param, :headers
-    attr_accessor :uri_modified
 
     def scheme= value
       return nil  if unknown_scheme?
@@ -133,6 +132,31 @@ module OverSIP::SIP
     alias :to_s :uri
     alias :inspect :uri
 
+    # Returns a String with the AoR of the URI:
+    # - SIP URI: sip:user@domain.
+    # - TEL URI: tel:number
+    # - Others: nil
+    #
+    def aor
+      case @scheme
+        when :sip, :sips
+          aor = "sip:"
+          ( aor << ::EscapeUtils.escape_uri(@user) << "@" )  if @user
+          aor << @host
+
+        when :tel
+          aor = "tel:"
+          aor << @user
+
+        end
+
+      aor
+    end
+
+    def modified?
+      @uri_modified
+    end
+
   end  # class Uri
 
 end

data/lib/oversip/sip/launcher.rb

@@ -9,10 +9,7 @@ module OverSIP::SIP
       :ipv6 => "IPv6"
     }
 
-
-    def self.log_id
-      @log_id ||= "SIP launcher"
-    end
+    @log_id = "SIP launcher"
 
 
     def self.run enabled, ip_type, ip, port, transport, virtual_ip=nil, virtual_port=nil

data/lib/oversip/sip/listeners/udp_connection.rb

@@ -31,7 +31,7 @@ module OverSIP::SIP
 
       buffer_str = @buffer.to_str
 
-      # Quikly ignore single CRLF (widely used by SIP UDP clients as keep-alive.
+      # Quikly ignore single CRLF (widely used by SIP UDP clients as keep-alive).
       if buffer_str == CRLF
         @buffer.clear
         @state = :init
@@ -57,7 +57,7 @@ module OverSIP::SIP
           @state = :init
           return false
         # A valid STUN Binding Request so we get a response to be sent.
-        when String
+        when ::String
           log_system_debug "STUN Binding Request received, replying to it"  if $oversip_debug
           send_data stun_res
           @buffer.clear

data/lib/oversip/sip/message_processor.rb

@@ -93,7 +93,7 @@ module OverSIP::SIP
           # Run the callback.
           ::OverSIP::SipEvents.on_request @msg
         rescue ::Exception => e
-          log_system_error "error calling OverSIP::WebSocketEvents.on_request() => 500:"
+          log_system_error "error calling OverSIP::SipEvents.on_request() => 500:"
           log_system_error e
           @msg.reply 500, "Internal Error", ["Content-Type: text/plain"], "#{e.class}: #{e.message}"
         end

data/lib/oversip/sip/proxy.rb

@@ -35,11 +35,21 @@ module OverSIP::SIP
       @on_error_block = block
     end
 
+    def on_target &block
+      @on_target_block = block
+    end
+
     # If called, current response within the called callback won't be forwarded.
     def drop_response
       @drop_response = true
     end
 
+    # It must only be called within the on_target() callback. By calling this method,
+    # the request routing is aborted, no more DNS targets are tryed, a local 403 response
+    # is generated and on_error() callback is called with status 403.
+    def abort_routing
+      @aborted = true
+    end
 
     def route request, dst_host=nil, dst_port=nil, dst_transport=nil
       unless (@request = request).is_a? ::OverSIP::SIP::Request
@@ -346,8 +356,6 @@ module OverSIP::SIP
 
 
     def rfc3263_succeeded result
-      #log_system_debug "RFC3263 result: #{result.class}: #{result.inspect}"  if $oversip_debug
-
       # After RFC 3263 (DNS) resolution we get N targets.
       @num_target = 0  # First target is 0 (rather than 1).
 
@@ -365,10 +373,6 @@ module OverSIP::SIP
         log_system_debug "result is MultiTargets => flatting:"  if $oversip_debug
         @targets = result.flatten  # Array of Targets.
 
-      # NOTE: Should never happen.
-      else
-        raise "rfc3263_succeeded returns a #{result.class}: #{result.inspect}"
-
       end
 
       try_next_target
@@ -416,6 +420,18 @@ module OverSIP::SIP
 
 
     def use_target target
+      # Call the on_target() callback if set by the user.
+      @on_target_block && @on_target_block.call(target.ip_type, target.ip, target.port, target.transport)
+
+      # If the user has called to proxy.abort_routing() then stop next targets
+      # and call to on_error() callback.
+      if @aborted
+        log_system_notice "routing aborted for target #{target}"
+        @aborted = @target = @targets = nil
+        try_next_target 403, "Destination Not Allowed"
+        return
+      end
+
       @client_transaction = (::OverSIP::SIP::ClientTransaction.get_class @request).new self, @request, @proxy_conf, target.transport, target.ip, target.ip_type, target.port
       add_routing_headers
       @client_transaction.send_request

data/lib/oversip/sip/request.rb

@@ -2,6 +2,8 @@ module OverSIP::SIP
 
   class Request < Message
 
+    include ::OverSIP::SIP::Core
+
     SECURE_TRANSPORTS = { :tls=>true, :wss=>true }
 
     attr_accessor :server_transaction
@@ -9,9 +11,9 @@ module OverSIP::SIP
     attr_reader :new_max_forwards
     attr_accessor :antiloop_id
     attr_accessor :route_outbound_flow_token
-
     attr_writer :outgoing_outbound_requested, :incoming_outbound_requested
     attr_accessor :proxied   # If true it means that this request has been already proxied.
+    attr_reader :from_was_modified, :to_was_modified  # Set to true if the From / To has been modified prior to routing the request.
 
     # Used for internal purposes when doing proxy and adding the first Record-Route
     # or Path.
@@ -114,6 +116,19 @@ module OverSIP::SIP
     def to_s
       msg = "#{@sip_method.to_s} #{self.ruri.uri} SIP/2.0\r\n"
 
+      # Update From/To/Contact headers if modified.
+      if @from.modified?
+        @headers["From"] = [ @from.to_s << (@from_tag ? ";tag=#{@from_tag}" : "") ]
+        @from_was_modified = true
+      end
+      if @to.modified?
+        @headers["To"] = [ @to.to_s << (@to_tag ? ";tag=#{@to_tag}" : "") ]
+        @to_was_modified = true
+      end
+      if @contact and @contact.modified?
+        @headers["Contact"] = [ @contact.to_s << (@contact_params ? @contact_params : "") ]
+      end
+
       @headers.each do |key, values|
         values.each do |value|
           msg << key << ": #{value}\r\n"

data/lib/oversip/sip/response.rb

@@ -14,6 +14,13 @@ module OverSIP::SIP
     def to_s
       msg = "SIP/2.0 #{@status_code} #{@reason_phrase}\r\n"
 
+      # Revert changes to From/To headers if modified during the request processing.
+      @headers["From"] = [ request.hdr_from ]  if request.from_was_modified
+      if request.to_was_modified
+        hdr_to = @to_tag ? "#{request.hdr_to};tag=#{@to_tag}" : request.hdr_to
+        @headers["To"] = [ hdr_to ]  if request.to_was_modified
+      end
+
       @headers.each do |key, values|
         values.each do |value|
           msg << key << ": #{value}\r\n"

data/lib/oversip/sip/rfc3263.rb

@@ -126,6 +126,8 @@ module OverSIP::SIP
         @uri_port = uri_port
         @uri_transport = uri_transport
 
+        @log_id ||= ("RFC3263" << " " << @id)
+
         @use_dns = dns_conf[:use_dns]
         @transport_preference = dns_conf[:transport_preference]
 
@@ -144,10 +146,6 @@ module OverSIP::SIP
         end
       end
 
-      def log_id
-        @log_id ||= ("RFC3263" << " " << @id)
-      end
-
       def callback &block
         @on_success_block = block
       end

data/lib/oversip/syslogger_process.rb

@@ -1,7 +1,5 @@
 # Ruby external gems.
 
-gem "eventmachine-le", ">= 1.1.3"
-require "eventmachine-le"
 gem "em-posixmq", ">= 0.2.3"
 require "em-posixmq"
 

data/lib/oversip/system_callbacks.rb

@@ -0,0 +1,45 @@
+module OverSIP
+
+  # This module is intended for 3rd party modules that need custom code to be
+  # executed when OverSIP is started, reloaded or terminated.
+  #
+  module SystemCallbacks
+
+    extend ::OverSIP::Logger
+
+    @log_id = "SystemCallbacks"
+
+    class << self
+      attr_reader :on_started_callbacks
+      attr_reader :on_terminated_callbacks
+      attr_reader :on_reload_callbacks
+    end
+
+    @on_started_callbacks = []
+    @on_terminated_callbacks = []
+    @on_reload_callbacks = []
+
+    def self.on_started pr=nil, &bl
+      block = pr || bl
+      raise ::ArgumentError, "no block given"  unless block.is_a? ::Proc
+
+      @on_started_callbacks << block
+    end
+
+    def self.on_terminated pr=nil, &bl
+      block = pr || bl
+      raise ::ArgumentError, "no block given"  unless block.is_a? ::Proc
+
+      @on_terminated_callbacks << block
+    end
+
+    def self.on_reload pr=nil, &bl
+      block = pr || bl
+      raise ::ArgumentError, "no block given"  unless block.is_a? ::Proc
+
+      @on_reload_callbacks << block
+    end
+
+  end
+
+end

data/lib/oversip/tls.rb

@@ -6,10 +6,7 @@ module OverSIP
 
     TLS_PEM_CHAIN_REGEXP = /-{5}BEGIN CERTIFICATE-{5}\n.*?-{5}END CERTIFICATE-{5}\n/m
 
-
-    def self.log_id
-      @log_id ||= "TLS"
-    end
+    @log_id = "TLS"
 
 
     def self.module_init

data/lib/oversip/utils.rb

@@ -7,17 +7,22 @@ module OverSIP
     # For example in Ruby the following returns false:
     #   "iñaki".force_encoding(::Encoding::BINARY) == "iñaki"
     def self.string_compare string1, string2
-      string1.force_encoding(::Encoding::BINARY) == string2.force_encoding(::Encoding::BINARY)
+      string1.to_s.force_encoding(::Encoding::BINARY) == string2.to_s.force_encoding(::Encoding::BINARY)
     end
 
     # This avoid "invalid byte sequence in UTF-8" when the directly doing:
     #   string =~ /EXPRESSION/
     # and string has invalid UTF-8 bytes secuence.
-    # NOTE: expression argument must be a Regexp expression (with / symbols at the
-    # begining and at the end).
+    # Also avoids "incompatible encoding regexp match (UTF-8 regexp with ASCII-8BIT string)"
+    # NOTE: expression argument must be a String or a Regexp.
     def self.regexp_compare string, expression
-      return false  unless string && string.valid_encoding?
-      string.force_encoding(::Encoding::BINARY) =~ expression
+      string = string.to_s.force_encoding(::Encoding::BINARY)
+      if expression.is_a? ::Regexp
+        expression = /#{expression.source.force_encoding(::Encoding::BINARY)}/
+      else
+        expression = /#{expression.to_s.force_encoding(::Encoding::BINARY)}/
+      end
+      string =~ expression
     end
 
   end

data/lib/oversip/version.rb

@@ -4,8 +4,8 @@ module OverSIP
 
   module Version
     MAJOR = 1
-    MINOR = 1
-    TINY  = 2
+    MINOR = 2
+    TINY  = 0
     DEVEL = nil  # Set to nil for stable releases.
   end
 

data/lib/oversip/websocket/launcher.rb

@@ -10,9 +10,7 @@ module OverSIP::WebSocket
     }
 
 
-    def self.log_id
-      @log_id ||= "WebSocket launcher"
-    end
+    @log_id = "WebSocket launcher"
 
 
     def self.run enabled, ip_type, ip, port, transport, virtual_ip=nil, virtual_port=nil