| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | /*
 | 
					
						
							| 
									
										
										
										
											2005-09-14 20:46:50 +00:00
										 |  |  |  * Asterisk -- An open source telephony toolkit. | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2005-09-14 20:46:50 +00:00
										 |  |  |  * Copyright (C) 1999 - 2005, Digium, Inc. | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * Mark Spencer <markster@digium.com> | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2005-09-14 20:46:50 +00:00
										 |  |  |  * See http://www.asterisk.org for more information about
 | 
					
						
							|  |  |  |  * the Asterisk project. Please do not directly contact | 
					
						
							|  |  |  |  * any of the maintainers of this project for assistance; | 
					
						
							|  |  |  |  * the project provides a web site, mailing lists and IRC | 
					
						
							|  |  |  |  * channels for your use. | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  |  * | 
					
						
							|  |  |  |  * This program is free software, distributed under the terms of | 
					
						
							| 
									
										
										
										
											2005-09-14 20:46:50 +00:00
										 |  |  |  * the GNU General Public License Version 2. See the LICENSE file | 
					
						
							|  |  |  |  * at the top of the source tree. | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-10-24 20:12:06 +00:00
										 |  |  | /*! \file
 | 
					
						
							| 
									
										
										
										
											2005-12-30 21:18:06 +00:00
										 |  |  |  * | 
					
						
							| 
									
										
										
										
											2005-10-24 20:12:06 +00:00
										 |  |  |  * \brief Execute arbitrary authenticate commands | 
					
						
							| 
									
										
										
										
											2005-12-30 21:18:06 +00:00
										 |  |  |  * | 
					
						
							|  |  |  |  * \author Mark Spencer <markster@digium.com> | 
					
						
							| 
									
										
										
										
											2005-09-14 20:46:50 +00:00
										 |  |  |  *  | 
					
						
							| 
									
										
										
										
											2005-11-06 15:09:47 +00:00
										 |  |  |  * \ingroup applications | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2006-06-07 18:54:56 +00:00
										 |  |  | #include "asterisk.h"
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ASTERISK_FILE_VERSION(__FILE__, "$Revision$") | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-06-06 22:39:32 +00:00
										 |  |  | #include <stdlib.h>
 | 
					
						
							|  |  |  | #include <unistd.h>
 | 
					
						
							|  |  |  | #include <string.h>
 | 
					
						
							|  |  |  | #include <errno.h>
 | 
					
						
							|  |  |  | #include <stdio.h>
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2005-04-21 06:02:45 +00:00
										 |  |  | #include "asterisk/lock.h"
 | 
					
						
							|  |  |  | #include "asterisk/file.h"
 | 
					
						
							|  |  |  | #include "asterisk/logger.h"
 | 
					
						
							|  |  |  | #include "asterisk/channel.h"
 | 
					
						
							|  |  |  | #include "asterisk/pbx.h"
 | 
					
						
							|  |  |  | #include "asterisk/module.h"
 | 
					
						
							|  |  |  | #include "asterisk/app.h"
 | 
					
						
							|  |  |  | #include "asterisk/astdb.h"
 | 
					
						
							|  |  |  | #include "asterisk/utils.h"
 | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | #include "asterisk/options.h"
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | enum { | 
					
						
							|  |  |  | 	OPT_ACCOUNT = (1 << 0), | 
					
						
							|  |  |  | 	OPT_DATABASE = (1 << 1), | 
					
						
							|  |  |  | 	OPT_MULTIPLE = (1 << 3), | 
					
						
							|  |  |  | 	OPT_REMOVE = (1 << 4), | 
					
						
							|  |  |  | } auth_option_flags; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | AST_APP_OPTIONS(auth_app_options, { | 
					
						
							|  |  |  | 	AST_APP_OPTION('a', OPT_ACCOUNT), | 
					
						
							|  |  |  | 	AST_APP_OPTION('d', OPT_DATABASE), | 
					
						
							|  |  |  | 	AST_APP_OPTION('m', OPT_MULTIPLE), | 
					
						
							|  |  |  | 	AST_APP_OPTION('r', OPT_REMOVE), | 
					
						
							|  |  |  | }); | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | static char *app = "Authenticate"; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | static char *synopsis = "Authenticate a user"; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | static char *descrip = | 
					
						
							| 
									
										
										
										
											2007-07-31 01:10:47 +00:00
										 |  |  | "  Authenticate(password[,options[,maxdigits]]): This application asks the caller\n" | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | "to enter a given password in order to continue dialplan execution. If the password\n" | 
					
						
							|  |  |  | "begins with the '/' character, it is interpreted as a file which contains a list of\n" | 
					
						
							| 
									
										
										
										
											2005-11-10 20:56:45 +00:00
										 |  |  | "valid passwords, listed 1 password per line in the file.\n" | 
					
						
							|  |  |  | "  When using a database key, the value associated with the key can be anything.\n" | 
					
						
							| 
									
										
										
										
											2007-06-12 15:58:28 +00:00
										 |  |  | "Users have three attempts to authenticate before the channel is hung up.\n" | 
					
						
							| 
									
										
										
										
											2005-11-10 20:56:45 +00:00
										 |  |  | "  Options:\n" | 
					
						
							|  |  |  | "     a - Set the channels' account code to the password that is entered\n" | 
					
						
							|  |  |  | "     d - Interpret the given path as database key, not a literal file\n" | 
					
						
							|  |  |  | "     m - Interpret the given path as a file which contains a list of account\n" | 
					
						
							|  |  |  | "         codes and password hashes delimited with ':', listed one per line in\n" | 
					
						
							|  |  |  | "         the file. When one of the passwords is matched, the channel will have\n" | 
					
						
							|  |  |  | "         its account code set to the corresponding account code in the file.\n" | 
					
						
							|  |  |  | "     r - Remove the database key upon successful entry (valid with 'd' only)\n" | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | "     maxdigits  - maximum acceptable number of digits. Stops reading after\n" | 
					
						
							|  |  |  | "         maxdigits have been entered (without requiring the user to\n" | 
					
						
							|  |  |  | "         press the '#' key).\n" | 
					
						
							|  |  |  | "         Defaults to 0 - no limit - wait for the user press the '#' key.\n" | 
					
						
							| 
									
										
										
										
											2005-11-10 20:56:45 +00:00
										 |  |  | ; | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | static int auth_exec(struct ast_channel *chan, void *data) | 
					
						
							|  |  |  | { | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 	int res = 0, retries, maxdigits; | 
					
						
							|  |  |  | 	char passwd[256], *prompt = "agent-pass", *argcopy = NULL; | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 	struct ast_flags flags = {0}; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	AST_DECLARE_APP_ARGS(arglist, | 
					
						
							|  |  |  | 		AST_APP_ARG(password); | 
					
						
							|  |  |  | 		AST_APP_ARG(options); | 
					
						
							|  |  |  | 		AST_APP_ARG(maxdigits); | 
					
						
							|  |  |  | 	); | 
					
						
							| 
									
										
										
										
											2005-10-19 18:19:02 +00:00
										 |  |  | 	 | 
					
						
							| 
									
										
										
										
											2005-10-26 19:48:14 +00:00
										 |  |  | 	if (ast_strlen_zero(data)) { | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 		ast_log(LOG_WARNING, "Authenticate requires an argument(password)\n"); | 
					
						
							|  |  |  | 		return -1; | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2005-10-19 18:19:02 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 	if (chan->_state != AST_STATE_UP) { | 
					
						
							| 
									
										
										
										
											2007-07-16 14:39:29 +00:00
										 |  |  | 		if ((res = ast_answer(chan))) | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 			return -1; | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2005-10-19 18:19:02 +00:00
										 |  |  | 	 | 
					
						
							| 
									
										
										
										
											2006-05-10 13:22:15 +00:00
										 |  |  | 	argcopy = ast_strdupa(data); | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 	AST_STANDARD_APP_ARGS(arglist, argcopy); | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 	 | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 	if (!ast_strlen_zero(arglist.options)) | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 		ast_app_parse_options(auth_app_options, &flags, NULL, arglist.options); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	if (!ast_strlen_zero(arglist.maxdigits)) { | 
					
						
							|  |  |  | 		maxdigits = atoi(arglist.maxdigits); | 
					
						
							|  |  |  | 		if ((maxdigits<1) || (maxdigits>sizeof(passwd)-2)) | 
					
						
							|  |  |  | 			maxdigits = sizeof(passwd) - 2; | 
					
						
							|  |  |  | 	} else { | 
					
						
							|  |  |  | 		maxdigits = sizeof(passwd) - 2; | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 	/* Start asking for password */ | 
					
						
							|  |  |  | 	for (retries = 0; retries < 3; retries++) { | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 		if ((res = ast_app_getdata(chan, prompt, passwd, maxdigits, 0)) < 0) | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 			break; | 
					
						
							|  |  |  | 		res = 0; | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 		if (arglist.password[0] == '/') { | 
					
						
							|  |  |  | 			if (ast_test_flag(&flags,OPT_DATABASE)) { | 
					
						
							| 
									
										
										
										
											2004-01-29 20:54:37 +00:00
										 |  |  | 				char tmp[256]; | 
					
						
							|  |  |  | 				/* Compare against a database key */ | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 				if (!ast_db_get(arglist.password + 1, passwd, tmp, sizeof(tmp))) { | 
					
						
							| 
									
										
										
										
											2004-01-29 20:54:37 +00:00
										 |  |  | 					/* It's a good password */ | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 					if (ast_test_flag(&flags,OPT_REMOVE)) | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 						ast_db_del(arglist.password + 1, passwd); | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 					break; | 
					
						
							| 
									
										
										
										
											2004-01-29 20:54:37 +00:00
										 |  |  | 				} | 
					
						
							|  |  |  | 			} else { | 
					
						
							|  |  |  | 				/* Compare against a file */ | 
					
						
							|  |  |  | 				FILE *f; | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 				char buf[256] = "", md5passwd[33] = "", *md5secret = NULL; | 
					
						
							|  |  |  | 				 | 
					
						
							|  |  |  | 				if (!(f = fopen(arglist.password, "r"))) { | 
					
						
							|  |  |  | 					ast_log(LOG_WARNING, "Unable to open file '%s' for authentication: %s\n", arglist.password, strerror(errno)); | 
					
						
							|  |  |  | 					continue; | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 				while (!feof(f)) { | 
					
						
							|  |  |  | 					fgets(buf, sizeof(buf), f); | 
					
						
							|  |  |  | 					if (!feof(f) && !ast_strlen_zero(buf)) { | 
					
						
							|  |  |  | 						buf[strlen(buf) - 1] = '\0'; | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 						if (ast_test_flag(&flags,OPT_MULTIPLE)) { | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 							md5secret = strchr(buf, ':'); | 
					
						
							|  |  |  | 							if (md5secret == NULL) | 
					
						
							|  |  |  | 								continue; | 
					
						
							|  |  |  | 							*md5secret = '\0'; | 
					
						
							|  |  |  | 							md5secret++; | 
					
						
							|  |  |  | 							ast_md5_hash(md5passwd, passwd); | 
					
						
							|  |  |  | 							if (!strcmp(md5passwd, md5secret)) { | 
					
						
							|  |  |  | 								if (ast_test_flag(&flags,OPT_ACCOUNT)) | 
					
						
							|  |  |  | 									ast_cdr_setaccount(chan, buf); | 
					
						
							| 
									
										
										
										
											2005-07-25 18:59:11 +00:00
										 |  |  | 								break; | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 							} | 
					
						
							| 
									
										
										
										
											2005-07-25 18:59:11 +00:00
										 |  |  | 						} else { | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 							if (!strcmp(passwd, buf)) { | 
					
						
							|  |  |  | 								if (ast_test_flag(&flags,OPT_ACCOUNT)) | 
					
						
							|  |  |  | 									ast_cdr_setaccount(chan, buf); | 
					
						
							| 
									
										
										
										
											2005-07-25 18:59:11 +00:00
										 |  |  | 								break; | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 							} | 
					
						
							| 
									
										
										
										
											2005-07-25 18:59:11 +00:00
										 |  |  | 						} | 
					
						
							|  |  |  | 					} | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 				} | 
					
						
							|  |  |  | 				fclose(f); | 
					
						
							|  |  |  | 				if (!ast_strlen_zero(buf)) { | 
					
						
							|  |  |  | 					if (ast_test_flag(&flags,OPT_MULTIPLE)) { | 
					
						
							|  |  |  | 						if (md5secret && !strcmp(md5passwd, md5secret)) | 
					
						
							|  |  |  | 							break; | 
					
						
							|  |  |  | 					} else { | 
					
						
							|  |  |  | 						if (!strcmp(passwd, buf)) | 
					
						
							|  |  |  | 							break; | 
					
						
							|  |  |  | 					} | 
					
						
							|  |  |  | 				} | 
					
						
							| 
									
										
										
										
											2004-01-29 20:54:37 +00:00
										 |  |  | 			} | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 		} else { | 
					
						
							|  |  |  | 			/* Compare against a fixed password */ | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 			if (!strcmp(passwd, arglist.password))  | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 				break; | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 		prompt = "auth-incorrect"; | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	if ((retries < 3) && !res) { | 
					
						
							| 
									
										
										
										
											2006-01-05 21:47:44 +00:00
										 |  |  | 		if (ast_test_flag(&flags,OPT_ACCOUNT) && !ast_test_flag(&flags,OPT_MULTIPLE))  | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 			ast_cdr_setaccount(chan, passwd); | 
					
						
							| 
									
										
										
										
											2007-09-19 17:20:43 +00:00
										 |  |  | 		if (!(res = ast_streamfile(chan, "auth-thankyou", chan->language))) | 
					
						
							| 
									
										
										
										
											2003-02-18 18:15:30 +00:00
										 |  |  | 			res = ast_waitstream(chan, ""); | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 	} else { | 
					
						
							| 
									
										
										
										
											2007-06-12 15:58:28 +00:00
										 |  |  | 		if (!ast_streamfile(chan, "vm-goodbye", chan->language)) | 
					
						
							|  |  |  | 			res = ast_waitstream(chan, ""); | 
					
						
							|  |  |  | 		res = -1; | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2007-07-16 14:39:29 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | 	return res; | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2006-08-21 02:11:39 +00:00
										 |  |  | static int unload_module(void) | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | { | 
					
						
							| 
									
										
										
										
											2007-07-16 13:35:20 +00:00
										 |  |  | 	return ast_unregister_application(app); | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2006-08-21 02:11:39 +00:00
										 |  |  | static int load_module(void) | 
					
						
							| 
									
										
										
										
											2003-02-16 06:00:12 +00:00
										 |  |  | { | 
					
						
							|  |  |  | 	return ast_register_application(app, auth_exec, synopsis, descrip); | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2006-08-21 02:11:39 +00:00
										 |  |  | AST_MODULE_INFO_STANDARD(ASTERISK_GPL_KEY, "Authentication Application"); |