SipRouter Class Reference
#include <SipRouter.h>
Detailed Description
SipRouter implements the main message handling responsible for the forking authorization and forwarding of SIP messages.The SipUserAgent sends a SipMessageEvent to the OsTask queue for this object; for each such message: -# Extract the SipMessage from the OsMsg passed by the SipUserAgent and call the proxyMessage method to process it
- proxyMessage does:
- Use SipMessage::normalizeProxyRoutes to get the route set into normal form, keeping a copy of any removed Route headers.
- Enforce Proxy-Require
- Check for and validate any user authentication in the message for this domain.
- Extract RouteState information (carried in Record-Route and Route headers) from the message.
- Invoke AuthPlugin::authorizeAndModify on the message for each configured AuthPlugin, stopping if any returns AuthPlugin::UNAUTHORIZED
- An AuthPlugin may modify the message and/or the RouteState
- If all AuthPlugin objects return AuthPlugin::ALLOW_REQUEST, then proxyMessage returns true; if not, it sends a response before returning false:
- '403 Forbidden' if there was valid user authentication in the message. (in this case, the reasonPhrase provided by AuthPlugin::authorizeAndModify is used if it is not null).
- '407 Proxy Authentication Required' if there was no valid user authentication in the message.
If proxyMessage returned true, handleMessage passes it back to the SipUserAgent to be sent.
Most of the actual decision making is delegated to the AuthPlugin classes; see the AuthPlugin abstract base class for the interface and rules of operation. This allows modular extensions and changes to the authproxy operation without changing the basic proxy behavior.
Public Types | |
| enum | ProxyAction { SendRequest, SendResponse, DoNothing } |
| Action to be taken by the caller of proxyAction method. More... | |
Public Member Functions | |
| SipRouter (SipUserAgent &sipUserAgent, ForwardRules &forwardingRules, OsConfigDb &configDb) | |
| Default constructor. | |
| virtual | ~SipRouter () |
| virtual UtlBoolean | handleMessage (OsMsg &rMsg) |
| ProxyAction | proxyMessage (SipMessage &request, SipMessage &response) |
| Examine a request to be proxied, and either modify it for forwarding or create a response. | |
| bool | isLocalDomain (const Url &url, bool bIncludeDomainAliases=true) const |
| void | addHostAlias (const UtlString &hostAliasToAdd) |
| Adds a new host alias to the list of aliases for proxy. This method is meant to be used by plugins that require special aliases. | |
| void | addSipOutputProcessor (SipOutputProcessor *pProcessor) |
| UtlBoolean | removeSipOutputProcessor (SipOutputProcessor *pProcessor) |
| void | sendUdpKeepAlive (SipMessage &keepAliveMsg, const char *serverAddress, int port) |
| Send a keepalive message to the specified address/port using the SipRouter's SipUserAgent. | |
| void | getDomain (UtlString &canonicalDomain) const |
| Get the canonical form of our SIP domain name. | |
| const SharedSecret * | authSecret () |
| Get the domain shared secret for signing. | |
Private Member Functions | |
| void | readConfig (OsConfigDb &configDb, const Url &defaultUri) |
| Extract configuration parameters from the configuration file. | |
| bool | isAuthenticated (const SipMessage &sipRequest, UtlString &authUser) |
| Find the authenticated identity for a request (if any). | |
| bool | addPathHeaderIfNATRegisterRequest (SipMessage &sipRequest) const |
| If sipRequest is a REGISTER that came from behind a NAT (indicated by 'received' parameter on topmost Via), add an initial signed Path URI for this proxy. | |
| bool | addNatMappingInfoToContacts (SipMessage &sipRequest) const |
| bool | areAllExtensionsSupported (const SipMessage &sipRequest, UtlString &disallowedExtensions) const |
| Verifies if the proxy supports all the extensions listed in the Proxy-Require header of an incoming request. | |
| void | authenticationChallenge (const SipMessage &sipRequest, SipMessage &challenge) |
| Create an authentication challenge. | |
| bool | isPAIdentityApplicable (const SipMessage &sipRequest) |
| P-Asserted-Identity header is only applicable for INVITE, REFER, BYE, OPTIONS, NOTIFY, and SUBSCRIBE. | |
Private Attributes | |
| SipUserAgent * | mpSipUserAgent |
| SIP stack interface. | |
| bool | mAuthenticationEnabled |
| based on SIPX_PROXY_AUTHENTICATE_ALGORITHM | |
| UtlString | mRealm |
| realm for challenges - common to replicatants | |
| SipNonceDb | mNonceDb |
| generator for nonce values | |
| long | mNonceExpiration |
| nonce lifetime in seconds | |
| UtlString | mDomainName |
| for determining authority for addresses | |
| UtlString | mDomainAliases |
| for determining authority for addresses | |
| UtlString | mRouteHostPort |
| for writing Record-Route headers | |
| SharedSecret * | mSharedSecret |
| secret value to include in authentication hashes | |
| ForwardRules * | mpForwardingRules |
| Holds to forwarding rules instructions. | |
| PluginHooks | mAuthPlugins |
| decision making modules from configuration | |
Friends | |
| class | SipRouterTest |
Member Enumeration Documentation
| enum ProxyAction |
Constructor & Destructor Documentation
| SipRouter | ( | SipUserAgent & | sipUserAgent, | |
| ForwardRules & | forwardingRules, | |||
| OsConfigDb & | configDb | |||
| ) |
Default constructor.
| ~SipRouter | ( | ) | [virtual] |
Member Function Documentation
| UtlBoolean handleMessage | ( | OsMsg & | rMsg | ) | [virtual] |
Reimplemented from OsServerTask.
| SipRouter::ProxyAction proxyMessage | ( | SipMessage & | request, | |
| SipMessage & | response | |||
| ) |
Examine a request to be proxied, and either modify it for forwarding or create a response.
the caller must pass either request or response to SipUserAgent::send as directed by the return code
- Parameters:
-
request request to be proxied iff return is SendRequest response response to be sent iff return is SendResponse
| bool isLocalDomain | ( | const Url & | url, | |
| bool | bIncludeDomainAliases = true | |||
| ) | const |
- Returns:
- true iff the domain of url is a valid form of the domain name for this proxy.
- Parameters:
-
url a url to be tested bIncludeDomainAliases also test for domain alias matches
| void addHostAlias | ( | const UtlString & | hostAliasToAdd | ) |
Adds a new host alias to the list of aliases for proxy. This method is meant to be used by plugins that require special aliases.
| void addSipOutputProcessor | ( | SipOutputProcessor * | pProcessor | ) |
| UtlBoolean removeSipOutputProcessor | ( | SipOutputProcessor * | pProcessor | ) |
| void sendUdpKeepAlive | ( | SipMessage & | keepAliveMsg, | |
| const char * | serverAddress, | |||
| int | port | |||
| ) |
Send a keepalive message to the specified address/port using the SipRouter's SipUserAgent.
| void getDomain | ( | UtlString & | canonicalDomain | ) | const |
Get the canonical form of our SIP domain name.
| const SharedSecret* authSecret | ( | ) |
Get the domain shared secret for signing.
| void readConfig | ( | OsConfigDb & | configDb, | |
| const Url & | defaultUri | |||
| ) | [private] |
Extract configuration parameters from the configuration file.
- Parameters:
-
defaultUri database to read for parameters to be used for default realm and route
| bool isAuthenticated | ( | const SipMessage & | sipRequest, | |
| UtlString & | authUser | |||
| ) | [private] |
Find the authenticated identity for a request (if any).
Check the credentials in sipRequest for valid credentials for a user in mRealm.
- Returns:
- true iff valid authentication is found (and sets authUser).
- Parameters:
-
sipRequest message to be checked for authentication authUser returned authenticated identity uri
| bool addPathHeaderIfNATRegisterRequest | ( | SipMessage & | sipRequest | ) | const [private] |
If sipRequest is a REGISTER that came from behind a NAT (indicated by 'received' parameter on topmost Via), add an initial signed Path URI for this proxy.
- Returns:
- true iff sipRequest was modified.
| bool addNatMappingInfoToContacts | ( | SipMessage & | sipRequest | ) | const [private] |
| bool areAllExtensionsSupported | ( | const SipMessage & | sipRequest, | |
| UtlString & | disallowedExtensions | |||
| ) | const [private] |
Verifies if the proxy supports all the extensions listed in the Proxy-Require header of an incoming request.
- Parameters:
-
sipRequest request to be evluated disallowedExtensions unsupported extensions
| void authenticationChallenge | ( | const SipMessage & | sipRequest, | |
| SipMessage & | challenge | |||
| ) | [private] |
Create an authentication challenge.
- Parameters:
-
sipRequest message to be challenged. challenge challenge response.
| bool isPAIdentityApplicable | ( | const SipMessage & | sipRequest | ) | [private] |
P-Asserted-Identity header is only applicable for INVITE, REFER, BYE, OPTIONS, NOTIFY, and SUBSCRIBE.
Friends And Related Function Documentation
friend class SipRouterTest [friend] |
Member Data Documentation
SipUserAgent* mpSipUserAgent [private] |
SIP stack interface.
bool mAuthenticationEnabled [private] |
based on SIPX_PROXY_AUTHENTICATE_ALGORITHM
SipNonceDb mNonceDb [private] |
generator for nonce values
long mNonceExpiration [private] |
nonce lifetime in seconds
UtlString mDomainName [private] |
for determining authority for addresses
UtlString mDomainAliases [private] |
for determining authority for addresses
UtlString mRouteHostPort [private] |
for writing Record-Route headers
SharedSecret* mSharedSecret [private] |
secret value to include in authentication hashes
ForwardRules* mpForwardingRules [private] |
Holds to forwarding rules instructions.
PluginHooks mAuthPlugins [private] |
decision making modules from configuration