oversip_p 1.0.0

data/lib/oversip/config.rb

@@ -0,0 +1,597 @@
+module OverSIP
+
+  module Config
+
+    # Pre-declaration of Validators module (defined in other file).
+    module Config::Validators ; end
+
+    extend ::OverSIP::Logger
+    extend ::OverSIP::Config::Validators
+
+    DEFAULT_CONFIG_DIR = "/etc/oversip"
+    DEFAULT_TLS_DIR = "tls"
+    DEFAULT_TLS_CA_DIR = "tls/ca"
+    DEFAULT_CONFIG_FILE = "oversip.conf"
+    PROXIES_FILE = "proxies.conf"
+    SERVER_FILE = "server.rb"
+
+    def self.log_id
+      @log_id ||= "Config"
+    end
+
+
+    @configuration = {
+      :core => {
+        :nameservers              => nil,
+        :syslog_facility          => "user",
+        :syslog_level             => "info"
+      },
+      :sip => {
+        :sip_udp                  => true,
+        :sip_tcp                  => true,
+        :sip_tls                  => false,
+        :enable_ipv4              => true,
+        :listen_ipv4              => nil,
+        :advertised_ipv4          => nil,
+        :enable_ipv6              => true,
+        :listen_ipv6              => nil,
+        :advertised_ipv6          => nil,
+        :listen_port              => 5060,
+        :listen_port_tls          => 5061,
+        :use_tls_tunnel           => false,
+        :listen_port_tls_tunnel   => 5062,
+        :callback_on_client_tls_handshake => true,
+        :local_domains            => nil,
+        :tcp_keepalive_interval   => nil,
+        :record_route_hostname_tls_ipv4 => nil,
+        :record_route_hostname_tls_ipv6 => nil
+      },
+      :websocket => {
+        :sip_ws                   => false,
+        :sip_wss                  => false,
+        :enable_ipv4              => true,
+        :listen_ipv4              => nil,
+        :advertised_ipv4          => nil,
+        :enable_ipv6              => true,
+        :listen_ipv6              => nil,
+        :advertised_ipv6          => nil,
+        :listen_port              => 10080,
+        :listen_port_tls          => 10443,
+        :use_tls_tunnel           => false,
+        :listen_port_tls_tunnel   => 10444,
+        :callback_on_client_tls_handshake => true,
+        :max_ws_message_size      => 65536,
+        :max_ws_frame_size        => 65536,
+        :ws_keepalive_interval    => nil
+      },
+      :tls => {
+        :public_cert              => nil,
+        :private_cert             => nil,
+        :ca_dir                   => nil
+      }
+    }
+
+    CONFIG_VALIDATIONS = {
+      :core => {
+        :nameservers                     => [ :ipv4, :multi_value ],
+        :syslog_facility                 => [
+          [ :choices,
+            %w{ kern user daemon local0 local1 local2 local3 local4 local5 local6 local7 } ]
+        ],
+        :syslog_level                    => [
+          [ :choices,
+            %w{ debug info notice warn error crit } ]
+        ],
+      },
+      :sip => {
+        :sip_udp                         => :boolean,
+        :sip_tcp                         => :boolean,
+        :sip_tls                         => :boolean,
+        :enable_ipv4                     => :boolean,
+        :listen_ipv4                     => :ipv4,
+        :advertised_ipv4                 => :ipv4,
+        :enable_ipv6                     => :boolean,
+        :listen_ipv6                     => :ipv6,
+        :advertised_ipv6                 => :ipv6,
+        :listen_port                     => :port,
+        :listen_port_tls                 => :port,
+        :use_tls_tunnel                  => :boolean,
+        :listen_port_tls_tunnel          => :port,
+        :callback_on_client_tls_handshake => :boolean,
+        :local_domains                   => [ :domain, :multi_value ],
+        :tcp_keepalive_interval          => [ :fixnum, [ :greater_equal_than, 180 ] ],
+        :record_route_hostname_tls_ipv4  => :domain,
+        :record_route_hostname_tls_ipv6  => :domain,
+      },
+      :websocket => {
+        :sip_ws                          => :boolean,
+        :sip_wss                         => :boolean,
+        :enable_ipv4                     => :boolean,
+        :listen_ipv4                     => :ipv4,
+        :advertised_ipv4                 => :ipv4,
+        :enable_ipv6                     => :boolean,
+        :listen_ipv6                     => :ipv6,
+        :advertised_ipv6                 => :ipv6,
+        :listen_port                     => :port,
+        :listen_port_tls                 => :port,
+        :use_tls_tunnel                  => :boolean,
+        :listen_port_tls_tunnel          => :port,
+        :callback_on_client_tls_handshake => :boolean,
+        :max_ws_message_size             => [ :fixnum, [ :minor_than, 1048576 ] ],
+        :max_ws_frame_size               => [ :fixnum, [ :minor_than, 1048576 ] ],
+        :ws_keepalive_interval           => [ :fixnum, [ :greater_equal_than, 180 ] ]
+      },
+      :tls => {
+        :public_cert                     => [ :readable_file, :tls_pem_chain ],
+        :private_cert                    => [ :readable_file, :tls_pem_private ],
+        :ca_dir                          => :readable_dir
+      }
+    }
+
+
+    def self.load config_dir=nil, config_file=nil
+      @config_dir = (::File.expand_path(config_dir) if config_dir) || DEFAULT_CONFIG_DIR
+      @config_file = ::File.join(@config_dir, config_file || DEFAULT_CONFIG_FILE)
+      @proxies_file = ::File.join(@config_dir, PROXIES_FILE)
+      @server_file = ::File.join(@config_dir, SERVER_FILE)
+
+      # Load the oversip.conf YAML file.
+      begin
+        conf_yaml = ::YAML.load_file @config_file
+      rescue ::Exception => e
+        log_system_crit "error loading Main Configuration file '#{@config_file}':"
+        ::OverSIP::Launcher.fatal e
+      end
+
+      # Load the proxies.conf YAML file.
+      begin
+        proxies_yaml = ::YAML.load_file @proxies_file
+      rescue ::Exception => e
+        log_system_crit "error loading Proxies Configuration file '#{@proxies_file}':"
+        ::OverSIP::Launcher.fatal e
+      end
+
+      # Load the server.rb file.
+      begin
+        require @server_file
+      rescue ::Exception => e
+        log_system_crit "error loading Server file '#{@server_file}':"
+        ::OverSIP::Launcher.fatal e
+      end
+
+      # Process the oversip.conf file.
+      begin
+        pre_check(conf_yaml)
+
+        CONFIG_VALIDATIONS.each_key do |section|
+          CONFIG_VALIDATIONS[section].each do |parameter, validations|
+            values = conf_yaml[section.to_s][parameter.to_s] rescue nil
+            validations = [ validations ]  unless validations.is_a?(Array)
+
+            if values == nil
+              if validations.include? :required
+                ::OverSIP::Launcher.fatal "#{section}[#{parameter}] requires a value"
+              end
+              next
+            end
+
+            if values.is_a? ::Array
+              unless validations.include? :multi_value
+                ::OverSIP::Launcher.fatal "#{section}[#{parameter}] does not allow multiple values"
+              end
+
+              if validations.include? :non_empty and values.empty?
+                ::OverSIP::Launcher.fatal "#{section}[#{parameter}] does not allow empty values"
+              end
+            end
+
+            values = ( values.is_a?(::Array) ? values : [ values ] )
+
+            values.each do |value|
+              validations.each do |validation|
+
+                if validation.is_a? ::Symbol
+                  args = []
+                elsif validation.is_a? ::Array
+                  args = validation[1..-1]
+                  validation = validation[0]
+                end
+
+                next if [:required, :multi_value, :non_empty].include? validation
+
+                unless send validation, value, *args
+                  ::OverSIP::Launcher.fatal "#{section}[#{parameter}] has invalid value '#{humanize_value value}' (does not satisfy '#{validation}' validation requirement)"
+                end
+              end
+
+              @configuration[section][parameter] = ( validations.include?(:multi_value) ? values : values[0] )
+            end
+
+          end  # CONFIG_VALIDATIONS[section].each
+        end  # CONFIG_VALIDATIONS.each_key
+
+        post_process
+        post_check
+
+      rescue ::OverSIP::ConfigurationError => e
+        ::OverSIP::Launcher.fatal "configuration error: #{e.message}"
+      rescue => e
+        ::OverSIP::Launcher.fatal e
+      end
+
+      ::OverSIP.configuration = @configuration
+
+      # Process the proxies.conf file.
+      begin
+        ::OverSIP::ProxiesConfig.load proxies_yaml
+      rescue ::OverSIP::ConfigurationError => e
+        ::OverSIP::Launcher.fatal "error loading Proxies Configuration file '#{@proxies_file}':  #{e.message}"
+      rescue ::Exception => e
+        log_system_crit "error loading Proxies Configuration file '#{@proxies_file}':"
+        ::OverSIP::Launcher.fatal e
+      end
+    end
+
+
+    def self.pre_check conf_yaml
+      # If TLS files/directories are given as relative path, convert them into absolute paths.
+
+      tls_public_cert = conf_yaml["tls"]["public_cert"] rescue nil
+      tls_private_cert = conf_yaml["tls"]["private_cert"] rescue nil
+      tls_ca_dir = conf_yaml["tls"]["ca_dir"] rescue nil
+
+      if tls_public_cert.is_a?(::String) and tls_public_cert[0] != "/"
+        conf_yaml["tls"]["public_cert"] = ::File.join(@config_dir, DEFAULT_TLS_DIR, tls_public_cert)
+      end
+
+      if tls_private_cert.is_a?(::String) and tls_private_cert[0] != "/"
+        conf_yaml["tls"]["private_cert"] = ::File.join(@config_dir, DEFAULT_TLS_DIR, tls_private_cert)
+      end
+
+      if tls_ca_dir.is_a?(::String) and tls_ca_dir[0] != "/"
+        conf_yaml["tls"]["ca_dir"] = ::File.join(@config_dir, DEFAULT_TLS_DIR, tls_ca_dir)
+      end
+    end
+
+    def self.post_process
+      if @configuration[:tls][:public_cert] and @configuration[:tls][:private_cert]
+        @use_tls = true
+        # Generate a full PEM file containing both the public and private certificate (for Stud).
+        full_cert = ::Tempfile.new("oversip_full_cert_")
+        full_cert.puts ::File.read(@configuration[:tls][:public_cert])
+        full_cert.puts ::File.read(@configuration[:tls][:private_cert])
+        @configuration[:tls][:full_cert] = full_cert.path
+        full_cert.close
+      else
+        @configuration[:sip][:sip_tls] = false
+        @configuration[:websocket][:sip_wss] = false
+      end
+
+      if @configuration[:sip][:sip_udp] or @configuration[:sip][:sip_tcp]
+        @use_sip_udp_or_tcp = true
+      else
+        @configuration[:sip][:listen_port] = nil
+      end
+
+      if @configuration[:sip][:sip_tls] and @use_tls
+        @use_sip_tls = true
+      else
+        @configuration[:sip][:listen_port_tls] = nil
+      end
+
+      unless @use_sip_udp_or_tcp or @use_sip_tls
+        @configuration[:sip][:listen_ipv4] = nil
+        @configuration[:sip][:listen_ipv6] = nil
+        @configuration[:sip][:enable_ipv4] = nil
+        @configuration[:sip][:enable_ipv6] = nil
+      end
+
+      unless @configuration[:sip][:enable_ipv4]
+        @configuration[:sip][:listen_ipv4] = nil
+        @configuration[:sip][:advertised_ipv4] = nil
+        @configuration[:sip][:record_route_hostname_tls_ipv4] = nil
+      end
+
+      unless @configuration[:sip][:enable_ipv6]
+        @configuration[:sip][:listen_ipv6] = nil
+        @configuration[:sip][:advertised_ipv6] = nil
+        @configuration[:sip][:record_route_hostname_tls_ipv6] = nil
+      end
+
+      if @configuration[:websocket][:sip_ws]
+        @use_sip_ws = true
+      else
+        @configuration[:websocket][:listen_port] = nil
+      end
+
+      if @configuration[:websocket][:sip_wss] and @use_tls
+        @use_sip_wss = true
+      else
+        @configuration[:websocket][:listen_port_tls] = nil
+      end
+
+      unless @use_sip_ws or @use_sip_wss
+        @configuration[:websocket][:listen_ipv4] = nil
+        @configuration[:websocket][:listen_ipv6] = nil
+        @configuration[:websocket][:enable_ipv4] = nil
+        @configuration[:websocket][:enable_ipv6] = nil
+      end
+
+      unless @configuration[:websocket][:enable_ipv4]
+        @configuration[:websocket][:listen_ipv4] = nil
+        @configuration[:websocket][:advertised_ipv4] = nil
+      end
+
+      unless @configuration[:websocket][:enable_ipv6]
+        @configuration[:websocket][:listen_ipv6] = nil
+        @configuration[:websocket][:advertised_ipv6] = nil
+      end
+
+      if ( @use_sip_udp_or_tcp or @use_sip_tls ) and @configuration[:sip][:listen_ipv4] == nil and @configuration[:sip][:enable_ipv4]
+        unless (@configuration[:sip][:listen_ipv4] = discover_local_ip(:ipv4))
+          # log_system_notice "disabling IPv4 for SIP"
+          @configuration[:sip][:listen_ipv4] = nil
+          @configuration[:sip][:enable_ipv4] = false
+        end
+      end
+
+      if ( @use_sip_udp_or_tcp or @use_sip_tls ) and @configuration[:sip][:listen_ipv6] == nil and @configuration[:sip][:enable_ipv6]
+        unless (@configuration[:sip][:listen_ipv6] = discover_local_ip(:ipv6))
+          # log_system_notice "disabling IPv6 for SIP"
+          @configuration[:sip][:listen_ipv6] = nil
+          @configuration[:sip][:enable_ipv6] = false
+        end
+      end
+
+      if ( @use_sip_ws or @use_sip_wss ) and @configuration[:websocket][:listen_ipv4] == nil and @configuration[:websocket][:enable_ipv4]
+        unless (@configuration[:websocket][:listen_ipv4] = discover_local_ip(:ipv4))
+          # log_system_notice "disabling IPv4 for WebSocket"
+          @configuration[:websocket][:listen_ipv4] = nil
+          @configuration[:websocket][:enable_ipv4] = false
+        end
+      end
+
+      if ( @use_sip_ws or @use_sip_wss ) and @configuration[:websocket][:listen_ipv6] == nil and @configuration[:websocket][:enable_ipv6]
+        unless (@configuration[:websocket][:listen_ipv6] = discover_local_ip(:ipv6))
+          # log_system_notice "disabling IPv6 for WebSocket"
+          @configuration[:websocket][:listen_ipv6] = nil
+          @configuration[:websocket][:enable_ipv6] = false
+        end
+      end
+
+      if @configuration[:sip][:local_domains]
+        if @configuration[:sip][:local_domains].is_a? ::String
+          @configuration[:sip][:local_domains] = [ @configuration[:sip][:local_domains].downcase ]
+        end
+        @configuration[:sip][:local_domains].each {|local_domain| local_domain.downcase!}
+      end
+    end  # def self.post_process
+
+
+    def self.post_check
+      binds = { :udp => [], :tcp => [] }
+
+      if @configuration[:sip][:enable_ipv4]
+        ipv4 = @configuration[:sip][:listen_ipv4]
+
+        if @configuration[:sip][:sip_udp]
+          binds[:udp] << [ ipv4, @configuration[:sip][:listen_port] ]
+        end
+
+        if @configuration[:sip][:sip_tcp]
+          binds[:tcp] << [ ipv4, @configuration[:sip][:listen_port] ]
+        end
+
+        if @configuration[:sip][:sip_tls]
+          unless @configuration[:sip][:use_tls_tunnel]
+            binds[:tcp] << [ ipv4, @configuration[:sip][:listen_port_tls] ]
+          else
+            binds[:tcp] << [ "127.0.0.1", @configuration[:sip][:listen_port_tls_tunnel] ]
+          end
+        end
+      end
+
+      if @configuration[:sip][:enable_ipv6]
+        ipv6 = @configuration[:sip][:listen_ipv6]
+
+        if @configuration[:sip][:sip_udp]
+          binds[:udp] << [ ipv6, @configuration[:sip][:listen_port] ]
+        end
+
+        if @configuration[:sip][:sip_tcp]
+          binds[:tcp] << [ ipv6, @configuration[:sip][:listen_port] ]
+        end
+
+        if @configuration[:sip][:sip_tls]
+          unless @configuration[:sip][:use_tls_tunnel]
+            binds[:tcp] << [ ipv6, @configuration[:sip][:listen_port_tls] ]
+          else
+            binds[:tcp] << [ "::1", @configuration[:sip][:listen_port_tls_tunnel] ]
+          end
+        end
+      end
+
+      if @configuration[:websocket][:enable_ipv4]
+        ipv4 = @configuration[:websocket][:listen_ipv4]
+
+        if @configuration[:websocket][:sip_ws]
+          binds[:tcp] << [ ipv4, @configuration[:websocket][:listen_port] ]
+        end
+
+        if @configuration[:websocket][:sip_wss]
+          unless @configuration[:sip][:use_tls_tunnel]
+            binds[:tcp] << [ ipv4, @configuration[:websocket][:listen_port_tls] ]
+          else
+            binds[:tcp] << [ "127.0.0.1", @configuration[:websocket][:listen_port_tls_tunnel] ]
+          end
+        end
+      end
+
+      if @configuration[:websocket][:enable_ipv6]
+        ipv6 = @configuration[:websocket][:listen_ipv6]
+
+        if @configuration[:websocket][:sip_ws]
+          binds[:tcp] << [ ipv6, @configuration[:websocket][:listen_port] ]
+        end
+
+        if @configuration[:websocket][:sip_wss]
+          unless @configuration[:sip][:use_tls_tunnel]
+            binds[:tcp] << [ ipv6, @configuration[:websocket][:listen_port_tls] ]
+          else
+            binds[:tcp] << [ "::1", @configuration[:websocket][:listen_port_tls_tunnel] ]
+          end
+        end
+      end
+
+      unless @configuration[:sip][:use_tls_tunnel]
+        @configuration[:sip][:listen_port_tls_tunnel] = nil
+      end
+
+      unless @configuration[:websocket][:use_tls_tunnel]
+        @configuration[:websocket][:listen_port_tls_tunnel] = nil
+      end
+
+      [:udp, :tcp].each do |transport|
+        transport_str = transport.to_s.upcase
+        binds[transport].each do |ip, port|
+          begin
+            unless (ip_type = ::OverSIP::Utils.ip_type(ip))
+              raise ::OverSIP::ConfigurationError, "given IP '#{ip}' is not IPv4 nor IPv6"
+            end
+
+            case transport
+            when :udp
+              case ip_type
+              when :ipv4
+                socket = ::UDPSocket.new ::Socket::AF_INET
+              when :ipv6
+                socket = ::UDPSocket.new ::Socket::AF_INET6
+              end
+              socket.bind ip, port
+            when :tcp
+              socket = ::TCPServer.open ip, port
+            end
+
+            socket.close
+
+          rescue ::Errno::EADDRNOTAVAIL
+            raise ::OverSIP::ConfigurationError, "cannot bind in #{transport_str} IP '#{ip}', address not available"
+          rescue ::Errno::EADDRINUSE
+            raise ::OverSIP::ConfigurationError, "#{transport_str} IP '#{ip}' and port #{port} already in use"
+          rescue ::Errno::EACCES
+            raise ::OverSIP::ConfigurationError, "no permission to bind in #{transport_str} IP '#{ip}' and port #{port}"
+          rescue => e
+            raise e.class, "error binding in #{transport_str} IP '#{ip}' and port #{port} (#{e.class}: #{e.message})"
+          end
+        end
+      end
+    end  # def self.post_check
+
+
+    def self.print colorize=true
+      color = ::Term::ANSIColor  if colorize
+
+      puts
+      @configuration.each_key do |section|
+        if colorize
+          puts "  #{color.bold(section.to_s)}:"
+        else
+          puts "  #{section.to_s}:"
+        end
+        @configuration[section].each do |parameter, value|
+          humanized_value = humanize_value value
+          color_value = case value
+            when ::TrueClass
+              colorize ? color.bold(color.green(humanized_value)) : humanized_value
+            when ::FalseClass
+              colorize ? color.bold(color.red(humanized_value)) : humanized_value
+            when ::NilClass
+              humanized_value
+            when ::String, ::Symbol
+              colorize ? color.yellow(humanized_value) : humanized_value
+            when ::Array
+              colorize ? color.yellow(humanized_value) : humanized_value
+            when ::Fixnum, ::Float
+              colorize ? color.bold(color.blue(humanized_value)) : humanized_value
+            else
+              humanized_value
+            end
+          printf("    %-32s:  %s\n", parameter, color_value)
+        end
+        puts
+      end
+    end
+
+    def self.humanize_value value
+      case value
+        when ::TrueClass        ; "yes"
+        when ::FalseClass       ; "no"
+        when ::NilClass         ; "null"
+        when ::String           ; value
+        when ::Symbol           ; value.to_s
+        when ::Array            ; value.join(", ")
+        when ::Fixnum, ::Float  ; value.to_s
+        else                    ; value.to_s
+        end
+    end
+
+    def self.discover_local_ip(type)
+      begin
+        if type == :ipv4
+          socket = ::UDPSocket.new ::Socket::AF_INET
+          socket.connect("1.2.3.4", 1)
+          ip = socket.local_address.ip_address
+          socket.close
+          socket = ::UDPSocket.new ::Socket::AF_INET
+        elsif type == :ipv6
+          socket = ::UDPSocket.new ::Socket::AF_INET6
+          socket.connect("2001::1", 1)
+          ip = socket.local_address.ip_address
+          socket.close
+          socket = ::UDPSocket.new ::Socket::AF_INET6
+        end
+        # Test whether the IP is in fact bindeable (not true for link-scope IPv6 addresses).
+        begin
+          socket.bind ip, 0
+        rescue => e
+          # log_system_debug "cannot bind in autodiscovered local #{type == :ipv4 ? "IPv4" : "IPv6"} '#{ip}': #{e.message} (#{e.class})"
+          return false
+        ensure
+          socket.close
+        end
+        # Valid IP, return it.
+        return ip
+      rescue => e
+        # log_system_debug "cannot autodiscover local #{type == :ipv4 ? "IPv4" : "IPv6"}: #{e.message} (#{e.class})"
+        return false
+      end
+    end
+
+    def self.system_reload
+      log_system_notice "reloading OverSIP..."
+
+      # Load and process the proxies.conf file.
+      begin
+        proxies_yaml = ::YAML.load_file @proxies_file
+        ::OverSIP::ProxiesConfig.load proxies_yaml, reload=true
+        log_system_notice "Proxies Configuration file '#{@proxies_file}' reloaded"
+      rescue ::OverSIP::ConfigurationError => e
+        log_system_crit "error reloading Proxies Configuration file '#{@proxies_file}':  #{e.message}"
+      rescue ::Exception => e
+        log_system_crit "error reloading Proxies Configuration file '#{@proxies_file}':"
+        log_system_crit e
+      end
+
+      # Load the server.rb file.
+      begin
+        ::Kernel.load @server_file
+        log_system_notice "Server file '#{@server_file}' reloaded"
+      rescue ::Exception => e
+        log_system_crit "error reloading Server file '#{@server_file}':"
+        log_system_crit e
+      end
+    end
+
+  end
+
+end