def ksr_route_natdetect(self, msg): KSR.force_rport(); if KSR.nathelper.nat_uac_test(19)>0 : if KSR.is_REGISTER() : KSR.nathelper.fix_nated_register(); elif KSR.siputils.is_first_hop()>0 : KSR.nathelper.set_contact_alias(); KSR.setflag(FLT_NATS); return 1;
def ksr_route_natdetect(self, msg): KSR.force_rport() if KSR.nathelper.nat_uac_test(19) > 0: if KSR.is_REGISTER(): KSR.nathelper.fix_nated_register() elif KSR.siputils.is_first_hop() > 0: KSR.nathelper.set_contact_alias() KSR.setflag(FLT_NATS) return 1
def ksr_route_registrar(self, msg): if not KSR.is_REGISTER(): return 1 if KSR.isflagset(FLT_NATS): KSR.setbflag(FLB_NATB) # do SIP NAT pinging KSR.setbflag(FLB_NATSIPPING) if KSR.registrar.save("location", 0) < 0: KSR.sl.sl_reply_error() return -255
def ksr_route_registrar(self, msg): if not KSR.is_REGISTER() : return 1; if KSR.isflagset(FLT_NATS) : KSR.setbflag(FLB_NATB); # do SIP NAT pinging KSR.setbflag(FLB_NATSIPPING); if KSR.registrar.save("location", 0)<0 : KSR.sl.sl_reply_error(); return -255;
def ksr_route_natdetect(self): KSR.force_rport() if KSR.nathelper.nat_uac_test(19) > 0: KSR.xlog.xdbg("Client behind NAT.") if KSR.is_REGISTER(): KSR.nathelper.fix_nated_register() elif KSR.siputils.is_first_hop() > 0: KSR.nathelper.set_contact_alias() KSR.setflag(self.FLAGS['FLT_NATS']) else: KSR.xlog.xdbg("NAT not detected.") return 1
def ksr_route_auth(self, msg): if not KSR.is_REGISTER(): if KSR.permissions.allow_source_address(1) > 0: # source IP allowed return 1 if KSR.is_REGISTER() or KSR.is_myself_furi(): # authenticate requests if KSR.auth_db.auth_check(KSR.pv.get("$fd"), "subscriber", 1) < 0: KSR.auth.auth_challenge(KSR.pv.get("$fd"), 0) return -255 # user authenticated - remove auth header if not KSR.is_method_in("RP"): KSR.auth.consume_credentials() # if caller is not local subscriber, then check if it calls # a local destination, otherwise deny, not an open relay here if (not KSR.is_myself_furi()) and (not KSR.is_myself_ruri()): KSR.sl.sl_send_reply(403, "Not relaying") return -255 return 1
def ksr_route_auth(self, msg): if not KSR.is_REGISTER() : if KSR.permissions.allow_source_address(1)>0 : # source IP allowed return 1; if KSR.is_REGISTER() or KSR.is_myself_furi() : # authenticate requests if KSR.auth_db.auth_check(KSR.pv.get("$fd"), "subscriber", 1)<0 : KSR.auth.auth_challenge(KSR.pv.get("$fd"), 0); return -255; # user authenticated - remove auth header if not KSR.is_method_in("RP") : KSR.auth.consume_credentials(); # if caller is not local subscriber, then check if it calls # a local destination, otherwise deny, not an open relay here if (not KSR.is_myself_furi()) and (not KSR.is_myself_ruri()) : KSR.sl.sl_send_reply(403,"Not relaying"); return -255; return 1;
def ksr_route_async_auth(self, msg): furi = KSR.pv.getw("$fu") ruri = KSR.pv.getw("$ru") if KSR.is_INVITE(): KSR.xlog.xnotice("Do auth procedure for {} from {}:{}".format( ruri, furi, KSR.pv.getw("$si"))) if KSR.auth_db.is_subscriber(furi, "subscriber", 2) > 0 and not KSR.isflagset( self.FLAGS['FLT_SKIP_AUTH']): if not KSR.is_REGISTER(): KSR.xlog.xinfo("Request from local subscriber") KSR.setflag(self.FLAGS['FLT_FROM_SUBSCRIBER']) if KSR.auth_db.is_subscriber(ruri, "subscriber", 2) > 0: if not KSR.is_REGISTER(): KSR.xlog.xinfo("Request to local subscriber") KSR.setflag(self.FLAGS['FLT_TO_SUBSCRIBER']) if KSR.isflagset(self.FLAGS['FLT_FROM_SUBSCRIBER']): if not KSR.isflagset(self.FLAGS['FLT_SKIP_AUTH']): res = KSR.auth_db.auth_check(KSR.pv.getw("$fd"), "subscriber", 1) if res < 0: if res == -2: # -2 Wrong passworg KSR.xlog.xnotice("Wrong password. From:$fU Auth user:$au") KSR.sl.sl_send_reply(403, "You're not welcome here") if KSR.is_REGISTER(): self.send_registration_info_to_redis( 'False', time.time()) else: KSR.auth.auth_challenge(KSR.pv.getw("$fd"), 0) return -255 else: if KSR.is_REGISTER(): self.send_registration_info_to_redis('True', time.time()) # user authenticated - remove auth header # if not KSR.is_method("REGISTER,PUBLISH") : KSR.auth.consume_credentials() elif not KSR.isflagset(self.FLAGS['FLT_SKIP_AUTH']): # Отпинываем нелокальных абонентов KSR.sl.send_reply(406, "Not acceptable") return -255 if not KSR.isflagset(self.FLAGS['FLT_SKIP_AUTH']): # if caller is not local subscriber, then check if it calls # a local destination, otherwise deny, not an open relay here if (not KSR.is_myself(furi) and (not KSR.is_myself(ruri))): KSR.sl.sl_send_reply(403, "Not relaying") return -255 # authentication not enabled - do not relay at all to foreign networks if not KSR.is_myself(ruri): KSR.sl.sl_send_reply(403, "Not relaying") return -255 # Jump from async route, based on processing SIP method if self.GLOBALS['WITH_ASYNC_FRAMEWORK']: KSR.asynk.task_route('ksr_route_async_' + KSR.pv.getw("$rm")) else: # lambda will generate 500 error if something went wrong getattr(self, 'ksr_route_async_' + KSR.pv.getw("$rm"), lambda: -255)(msg) return -255