diff --git a/CHANGES b/CHANGES index dbc2e0091..c373183ce 100644 --- a/CHANGES +++ b/CHANGES @@ -463,6 +463,8 @@ Miscellaneous New Modules to retrieve, create, update, and delete realtime information from a remote web server. Note that this module requires func_curl.so to be loaded for backend functionality. + * Added a new module, res_config_ldap, which permits the use of an LDAP + server for realtime data access. Miscellaneous ------------- diff --git a/build_tools/menuselect-deps.in b/build_tools/menuselect-deps.in index f29ab8920..80eaf7d4b 100644 --- a/build_tools/menuselect-deps.in +++ b/build_tools/menuselect-deps.in @@ -13,6 +13,7 @@ IMAP_TK=@PBX_IMAP_TK@ ISDNNET=@PBX_ISDNNET@ IXJUSER=@PBX_IXJUSER@ JACK=@PBX_JACK@ +LDAP=@PBX_LDAP@ LTDL=@PBX_LTDL@ LUA=@PBX_LUA@ MISDN=@PBX_MISDN@ diff --git a/configs/res_ldap.conf.sample b/configs/res_ldap.conf.sample new file mode 100644 index 000000000..8477ec590 --- /dev/null +++ b/configs/res_ldap.conf.sample @@ -0,0 +1,141 @@ +; +; Configuration file for res_config_ldap +; + +; Sample Asterisk config file for res_config_ldap +; in extconfig.conf you can use it like this: +; sipusers = ldap,"dc=myDomain,dc=myDomainExt",sip +; sippeers = ldap,"dc=myDomain,dc=myDomainExt",sip +; extensions = ldap,"dc=myDomain,dc=myDomainExt",extensions +; sip.conf = ldap,"dc=myDomain,dc=myDomainExt",config + + +[_general] +;host=192.168.1.1,ldap.mydomain.com ; LDAP host(s) +;protocol=3 ; Version of the LDAP protocol to use default is 3. +;basedn=MyRootDN ; Base DN +;pass=MyPassword ; Bind password +;user=MyDN ; Bind DN + +; Configuration Table +[config] +; addtional filter - This specifies an additional set of criteria to be used +; when querying the LDAP server. +additionalFilter=(objectClass=PBXConfig) +; Attributes mapping (asterisk variable name = ldap attribute name) +; When Asterisk requests the variable by the name of the value on the left, +; this module will look up the attribute listed on the right. +filename = PBXConfigFilename +category = PBXConfigCategory +variable_name = PBXConfigVariableName +variable_value = PBXConfigVariableValue +cat_metric = PBXConfigCategoryMetric +commented = PBXConfigCommented + +; Extensions Table +[extensions] +context = PBXExtensionContext +exten = PBXExtensionExten +priority = PBXExtensionPriority +app = PBXExtensionApplication +appdata = PBXExtensionApplicationData +additionalFilter=(objectClass=PBXExtension) + +; Sip Users Table +[sip] +name = uid +amaflags = PBXAccountAMAFlags +callgroup = PBXAccountCallGroup +callerid = PBXAccountCallerID +canreinvite = PBXAccountCanReinvite +context = PBXAccountContext +dtmfmode = PBXAccountDTMFMode +fromuser = PBXAccountFromUser +fromdomain = PBXAccountFromDomain +fullcontact = PBXAccountFullContact +fullcontact = gecos +host = PBXAccountHost +insecure = PBXAccountInsecure +mailbox = PBXAccountMailbox +md5secret = realmedPassword +nat = PBXAccountNAT +deny = PBXAccountDeny +permit = PBXAccountPermit +pickupgroup = PBXAccountPickupGroup +port = PBXAccountPort +qualify = PBXAccountQualify +restrictcid = PBXAccountRestrictCID +rtptimeout = PBXAccountRTPTimeout +rtpholdtimeout = PBXAccountRTPHoldTimeout +type = PBXAccountType +disallow = PBXAccountDisallowedCodec +allow = PBXAccountAllowedCodec +MusicOnHold = PBXAccountMusicOnHold +regseconds = PBXAccountExpirationTimestamp +regcontext = PBXAccountRegistrationContext +regexten = PBXAccountRegistrationExten +CanCallForward = PBXAccountCanCallForward +additionalFilter=(objectClass=PBXAccountSIP) + +; IAX Users Table +[iax] +amaflags = PBXAccountAMAFlags +callerid = PBXAccountCallerID +context = PBXAccountContext +fullcontact = PBXAccountFullContact +fullcontact = gecos +host = PBXAccountHost +mailbox = PBXAccountMailbox +md5secret = realmedPassword +deny = PBXAccountDeny +permit = PBXAccountPermit +port = PBXAccountPort +qualify = PBXAccountQualify +type = PBXAccountType +disallow = PBXAccountDisallowedCodec +allow = PBXAccountAllowedCodec +regseconds = PBXAccountExpirationTimestamp +regcontext = PBXAccountRegistrationContext +regexten = PBXAccountRegistrationExten +notransfer = PBXAccountNoTransfer +additionalFilter=(objectClass=PBXAccountIAX) + +; A Test Family +[testfamily] +MyUSERID = uid +additionalFilter=(objectClass=*) + +[accounts] +amaflags = PBXAccountAMAFlags +callgroup = PBXAccountCallGroup +callerid = PBXAccountCallerID +canreinvite = PBXAccountCanReinvite +context = PBXAccountContext +dtmfmode = PBXAccountDTMFMode +fromuser = PBXAccountFromUser +fromdomain = PBXAccountFromDomain +fullcontact = PBXAccountFullContact +fullcontact = gecos +host = PBXAccountHost +insecure = PBXAccountInsecure +mailbox = PBXAccountMailbox +md5secret = realmedPassword +nat = PBXAccountNAT +deny = PBXAccountDeny +permit = PBXAccountPermit +pickupgroup = PBXAccountPickupGroup +port = PBXAccountPort +qualify = PBXAccountQualify +restrictcid = PBXAccountRestrictCID +rtptimeout = PBXAccountRTPTimeout +rtpholdtimeout = PBXAccountRTPHoldTimeout +type = PBXAccountType +disallow = PBXAccountDisallowedCodec +allow = PBXAccountAllowedCodec +MusicOnHold = PBXAccountMusicOnHold +regseconds = PBXAccountExpirationTimestamp +regcontext = PBXAccountRegistrationContext +regexten = PBXAccountRegistrationExten +CanCallForward = PBXAccountCanCallForward +additionalFilter=(objectClass=PBXAccount) + diff --git a/configure b/configure index e8ae1606d..26d0b7d9d 100755 --- a/configure +++ b/configure @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.ac Revision: 98971 . +# From configure.ac Revision: 98985 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.61 for asterisk 1.4. # @@ -777,6 +777,10 @@ JACK_LIB JACK_INCLUDE JACK_DIR PBX_JACK +LDAP_LIB +LDAP_INCLUDE +LDAP_DIR +PBX_LDAP LTDL_LIB LTDL_INCLUDE LTDL_DIR @@ -1587,6 +1591,7 @@ Optional Packages: --with-imap=PATH use UW IMAP Toolkit files in PATH --with-isdnnet=PATH use ISDN4Linux Library files in PATH --with-jack=PATH use Jack Audio Connection Kit files in PATH + --with-ldap=PATH use OpenLDAP files in PATH --with-ltdl=PATH use libtool files in PATH --with-lua=PATH use Lua files in PATH --with-misdn=PATH use mISDN User Library files in PATH @@ -8329,6 +8334,34 @@ fi + LDAP_DESCRIP="OpenLDAP" + LDAP_OPTION="ldap" + +# Check whether --with-ldap was given. +if test "${with_ldap+set}" = set; then + withval=$with_ldap; + case ${withval} in + n|no) + USE_LDAP=no + ;; + y|ye|yes) + ac_mandatory_list="${ac_mandatory_list} LDAP" + ;; + *) + LDAP_DIR="${withval}" + ac_mandatory_list="${ac_mandatory_list} LDAP" + ;; + esac + +fi + + PBX_LDAP=0 + + + + + + LTDL_DESCRIP="libtool" LTDL_OPTION="ltdl" @@ -33193,6 +33226,268 @@ fi +if test "x${PBX_LDAP}" != "x1" -a "${USE_LDAP}" != "no"; then + pbxlibdir="" + # if --with-LDAP=DIR has been specified, use it. + if test "x${LDAP_DIR}" != "x"; then + if test -d ${LDAP_DIR}/lib; then + pbxlibdir="-L${LDAP_DIR}/lib" + else + pbxlibdir="-L${LDAP_DIR}" + fi + fi + pbxfuncname="ldap_first_attribute" + if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers + AST_LDAP_FOUND=yes + else + as_ac_Lib=`echo "ac_cv_lib_ldap_${pbxfuncname}" | $as_tr_sh` +{ echo "$as_me:$LINENO: checking for ${pbxfuncname} in -lldap" >&5 +echo $ECHO_N "checking for ${pbxfuncname} in -lldap... $ECHO_C" >&6; } +if { as_var=$as_ac_Lib; eval "test \"\${$as_var+set}\" = set"; }; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lldap ${pbxlibdir} $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char ${pbxfuncname} (); +int +main () +{ +return ${pbxfuncname} (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + eval "$as_ac_Lib=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + eval "$as_ac_Lib=no" +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +ac_res=`eval echo '${'$as_ac_Lib'}'` + { echo "$as_me:$LINENO: result: $ac_res" >&5 +echo "${ECHO_T}$ac_res" >&6; } +if test `eval echo '${'$as_ac_Lib'}'` = yes; then + AST_LDAP_FOUND=yes +else + AST_LDAP_FOUND=no +fi + + fi + + # now check for the header. + if test "${AST_LDAP_FOUND}" = "yes"; then + LDAP_LIB="${pbxlibdir} -lldap " + # if --with-LDAP=DIR has been specified, use it. + if test "x${LDAP_DIR}" != "x"; then + LDAP_INCLUDE="-I${LDAP_DIR}/include" + fi + LDAP_INCLUDE="${LDAP_INCLUDE} " + if test "xldap.h" = "x" ; then # no header, assume found + LDAP_HEADER_FOUND="1" + else # check for the header + saved_cppflags="${CPPFLAGS}" + CPPFLAGS="${CPPFLAGS} ${LDAP_INCLUDE} " + if test "${ac_cv_header_ldap_h+set}" = set; then + { echo "$as_me:$LINENO: checking for ldap.h" >&5 +echo $ECHO_N "checking for ldap.h... $ECHO_C" >&6; } +if test "${ac_cv_header_ldap_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +{ echo "$as_me:$LINENO: result: $ac_cv_header_ldap_h" >&5 +echo "${ECHO_T}$ac_cv_header_ldap_h" >&6; } +else + # Is the header compilable? +{ echo "$as_me:$LINENO: checking ldap.h usability" >&5 +echo $ECHO_N "checking ldap.h usability... $ECHO_C" >&6; } +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include +_ACEOF +rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_compiler=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6; } + +# Is the header present? +{ echo "$as_me:$LINENO: checking ldap.h presence" >&5 +echo $ECHO_N "checking ldap.h presence... $ECHO_C" >&6; } +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +_ACEOF +if { (ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi + +rm -f conftest.err conftest.$ac_ext +{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6; } + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: ldap.h: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: ldap.h: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: ldap.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: ldap.h: present but cannot be compiled" >&5 +echo "$as_me: WARNING: ldap.h: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: ldap.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: ldap.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: ldap.h: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap.h: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: ldap.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: ldap.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: ldap.h: in the future, the compiler will take precedence" >&2;} + ( cat <<\_ASBOX +## ------------------------------- ## +## Report this to www.asterisk.org ## +## ------------------------------- ## +_ASBOX + ) | sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +{ echo "$as_me:$LINENO: checking for ldap.h" >&5 +echo $ECHO_N "checking for ldap.h... $ECHO_C" >&6; } +if test "${ac_cv_header_ldap_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_header_ldap_h=$ac_header_preproc +fi +{ echo "$as_me:$LINENO: result: $ac_cv_header_ldap_h" >&5 +echo "${ECHO_T}$ac_cv_header_ldap_h" >&6; } + +fi +if test $ac_cv_header_ldap_h = yes; then + LDAP_HEADER_FOUND=1 +else + LDAP_HEADER_FOUND=0 +fi + + + CPPFLAGS="${saved_cppflags}" + fi + if test "x${LDAP_HEADER_FOUND}" = "x0" ; then + LDAP_LIB="" + LDAP_INCLUDE="" + else + if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library + LDAP_LIB="" + fi + PBX_LDAP=1 + # XXX don't know how to evaluate the description (third argument) in AC_DEFINE_UNQUOTED + +cat >>confdefs.h <<_ACEOF +#define HAVE_LDAP 1 +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define HAVE_LDAP_VERSION +_ACEOF + + fi + fi +fi + + + if test "x${PBX_MISDN}" != "x1" -a "${USE_MISDN}" != "no"; then pbxlibdir="" # if --with-MISDN=DIR has been specified, use it. @@ -49415,6 +49710,10 @@ JACK_LIB!$JACK_LIB$ac_delim JACK_INCLUDE!$JACK_INCLUDE$ac_delim JACK_DIR!$JACK_DIR$ac_delim PBX_JACK!$PBX_JACK$ac_delim +LDAP_LIB!$LDAP_LIB$ac_delim +LDAP_INCLUDE!$LDAP_INCLUDE$ac_delim +LDAP_DIR!$LDAP_DIR$ac_delim +PBX_LDAP!$PBX_LDAP$ac_delim LTDL_LIB!$LTDL_LIB$ac_delim LTDL_INCLUDE!$LTDL_INCLUDE$ac_delim LTDL_DIR!$LTDL_DIR$ac_delim @@ -49448,10 +49747,6 @@ UNIXODBC_INCLUDE!$UNIXODBC_INCLUDE$ac_delim UNIXODBC_DIR!$UNIXODBC_DIR$ac_delim PBX_UNIXODBC!$PBX_UNIXODBC$ac_delim OGG_LIB!$OGG_LIB$ac_delim -OGG_INCLUDE!$OGG_INCLUDE$ac_delim -OGG_DIR!$OGG_DIR$ac_delim -PBX_OGG!$PBX_OGG$ac_delim -OSPTK_LIB!$OSPTK_LIB$ac_delim _ACEOF if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then @@ -49493,6 +49788,10 @@ _ACEOF ac_delim='%!_!# ' for ac_last_try in false false false false false :; do cat >conf$$subs.sed <<_ACEOF +OGG_INCLUDE!$OGG_INCLUDE$ac_delim +OGG_DIR!$OGG_DIR$ac_delim +PBX_OGG!$PBX_OGG$ac_delim +OSPTK_LIB!$OSPTK_LIB$ac_delim OSPTK_INCLUDE!$OSPTK_INCLUDE$ac_delim OSPTK_DIR!$OSPTK_DIR$ac_delim PBX_OSPTK!$PBX_OSPTK$ac_delim @@ -49586,10 +49885,6 @@ VPB_DIR!$VPB_DIR$ac_delim PBX_VPB!$PBX_VPB$ac_delim X11_LIB!$X11_LIB$ac_delim X11_INCLUDE!$X11_INCLUDE$ac_delim -X11_DIR!$X11_DIR$ac_delim -PBX_X11!$PBX_X11$ac_delim -ZLIB_LIB!$ZLIB_LIB$ac_delim -ZLIB_INCLUDE!$ZLIB_INCLUDE$ac_delim _ACEOF if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then @@ -49631,6 +49926,10 @@ _ACEOF ac_delim='%!_!# ' for ac_last_try in false false false false false :; do cat >conf$$subs.sed <<_ACEOF +X11_DIR!$X11_DIR$ac_delim +PBX_X11!$PBX_X11$ac_delim +ZLIB_LIB!$ZLIB_LIB$ac_delim +ZLIB_INCLUDE!$ZLIB_INCLUDE$ac_delim ZLIB_DIR!$ZLIB_DIR$ac_delim PBX_ZLIB!$PBX_ZLIB$ac_delim ZAPTEL_LIB!$ZAPTEL_LIB$ac_delim @@ -49699,7 +49998,7 @@ CURL_CONFIG!$CURL_CONFIG$ac_delim LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 66; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 70; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 diff --git a/configure.ac b/configure.ac index 944dd0758..6be37a614 100644 --- a/configure.ac +++ b/configure.ac @@ -216,6 +216,7 @@ AST_EXT_LIB_SETUP([IKSEMEL], [Iksemel Jabber Library], [iksemel]) AST_EXT_LIB_SETUP([IMAP_TK], [UW IMAP Toolkit], [imap]) AST_EXT_LIB_SETUP([ISDNNET], [ISDN4Linux Library], [isdnnet]) AST_EXT_LIB_SETUP([JACK], [Jack Audio Connection Kit], [jack]) +AST_EXT_LIB_SETUP([LDAP], [OpenLDAP], [ldap]) AST_EXT_LIB_SETUP([LTDL], [libtool], [ltdl]) AST_EXT_LIB_SETUP([LUA], [Lua], [lua]) AST_EXT_LIB_SETUP([MISDN], [mISDN User Library], [misdn]) @@ -814,6 +815,8 @@ AST_EXT_LIB_CHECK([JACK], [jack], [jack_activate], [jack/jack.h]) # Needed by unixodbc AST_EXT_LIB_CHECK([LTDL], [ltdl], [lt_dlinit], [ltdl.h], []) +AST_EXT_LIB_CHECK([LDAP], [ldap], [ldap_first_attribute], [ldap.h]) + AST_EXT_LIB_CHECK([MISDN], [mISDN], [mISDN_open], [mISDNuser/mISDNlib.h]) if test "${PBX_MISDN}" = 1; then diff --git a/contrib/scripts/asterisk.ldap-schema b/contrib/scripts/asterisk.ldap-schema new file mode 100644 index 000000000..c69d51a70 --- /dev/null +++ b/contrib/scripts/asterisk.ldap-schema @@ -0,0 +1,562 @@ +# +# Copyright (c) 2007 Suretec Systems Ltd. - +# +# Asterisk LDAP Schema +# +# Digium root OID (http://www.iana.org/assignments/enterprise-numbers) +# +# 1.3.6.1.4.1.22736 +# 1.3.6.1.4.1.22736.5 LDAP elements +# 1.3.6.1.4.1.22736.5.4 Attribute Types +# 1.3.6.1.4.1.22736.5.5 Object Classes +# +objectIdentifier AsteriskRoot 1.3.6.1.4.1.22736 +objectIdentifier AsteriskLDAP AsteriskRoot:5 + +############################################################################# +# Attribute group OIDs. e.g.: objectIdentifier AstAttrType AsteriskLDAP:4 +############################################################################# +objectIdentifier AstAttrType AsteriskLDAP:4 + + +############################################################################# +# Attribute OIDs e.g.: objectIdentifier AstContext AstAttrType:1 +############################################################################# +objectIdentifier AstContext AstAttrType:1 +objectIdentifier AstExtension AstAttrType:2 +objectIdentifier AstPriority AstAttrType:3 +objectIdentifier AstApplication AstAttrType:4 +objectIdentifier AstApplicationData AstAttrType:5 +objectIdentifier AstAccountAMAFlags AstAttrType:6 +objectIdentifier AstAccountCallerID AstAttrType:7 +objectIdentifier AstAccountContext AstAttrType:8 +objectIdentifier AstAccountMailbox AstAttrType:9 +objectIdentifier AstMD5secret AstAttrType:10 +objectIdentifier AstAccountDeny AstAttrType:11 +objectIdentifier AstAccountPermit AstAttrType:12 +objectIdentifier AstAccountQualify AstAttrType:13 +objectIdentifier AstAccountType AstAttrType:14 +objectIdentifier AstAccountDisallowedCodec AstAttrType:15 +objectIdentifier AstAccountExpirationTimestamp AstAttrType:16 +objectIdentifier AstAccountRegistrationContext AstAttrType:17 +objectIdentifier AstAccountRegistrationExten AstAttrType:18 +objectIdentifier AstAccountNoTransfer AstAttrType:19 +objectIdentifier AstAccountCallGroup AstAttrType:20 +objectIdentifier AstAccountCanReinvite AstAttrType:21 +objectIdentifier AstAccountDTMFMode AstAttrType:22 +objectIdentifier AstAccountFromUser AstAttrType:23 +objectIdentifier AstAccountFromDomain AstAttrType:24 +objectIdentifier AstAccountFullContact AstAttrType:25 +objectIdentifier AstAccountHost AstAttrType:26 +objectIdentifier AstAccountInsecure AstAttrType:27 +objectIdentifier AstAccountNAT AstAttrType:28 +objectIdentifier AstAccountPickupGroup AstAttrType:29 +objectIdentifier AstAccountPort AstAttrType:30 +objectIdentifier AstAccountRestrictCID AstAttrType:31 +objectIdentifier AstAccountRTPTimeout AstAttrType:32 +objectIdentifier AstAccountRTPHoldTimeout AstAttrType:33 +objectIdentifier AstAccountRealmedPassword AstAttrType:34 +objectIdentifier AstAccountAllowedCodec AstAttrType:35 +objectIdentifier AstAccountMusicOnHold AstAttrType:36 +objectIdentifier AstAccountCanCallForward AstAttrType:37 +objectIdentifier AstAccountSecret AstAttrType:38 +objectIdentifier AstAccountName AstAttrType:39 +objectIdentifier AstConfigFilename AstAttrType:40 +objectIdentifier AstConfigCategory AstAttrType:41 +objectIdentifier AstConfigCategoryMetric AstAttrType:42 +objectIdentifier AstConfigVariableName AstAttrType:43 +objectIdentifier AstConfigVariableValue AstAttrType:44 +objectIdentifier AstConfigCommented AstAttrType:45 + + +############################################################################# +# Object Class OIDs +############################################################################# +objectIdentifier AstObjectClass AsteriskLDAP:2 +objectIdentifier AsteriskExtension AstObjectClass:1 +objectIdentifier AsteriskIAXUser AstObjectClass:2 +objectIdentifier AsteriskSIPUser AstObjectClass:3 +objectIdentifier AsteriskConfig AstObjectClass:4 + + +############################################################################# +# attribute definitions +# +# OID (the first arg) comes from the objectIdentifier defined above +# +# NAME should be the same as objectIdentifier +# +# DESC should be the description of the attribute +# +# EQUALITY is the rule to use when doing a search/compare for an +# attribute value. +# +# SUBSTR is the rule to use when doing a substring search (*foo*) +# +# SYNTAX is the syntax (i.e., type) of the attribute. We should +# probably stick to syntaxes: +# +# 1.3.6.1.4.1.1466.115.121.1.15 -> directoryString (UTF-8 string) +# 1.3.6.1.4.1.1466.115.121.1.26 -> IA5String (ASCII String) +# 1.3.6.1.4.1.1466.115.121.1.27 -> integer (Integer value) +# +# SINGLE-VALUE should be present if only one instance of this +# attribute is allowed within an entry. +# +# {32} is the allowed length +# +# e.g.: +# +# attributetype ( AstExample +# NAME ( 'AstExample' ) +# DESC 'Asterisk Example Attribute' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32} +# SINGLE-VALUE ) +# +############################################################################# + +attributetype ( AstContext + NAME 'AstContext' + DESC 'Asterisk Context' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstExtension + NAME 'AstExtension' + DESC 'Asterisk Extension' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstPriority + NAME 'AstPriority' + DESC 'Asterisk Priority' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstApplication + NAME 'AstApplication' + DESC 'Asterisk Application' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstApplicationData + NAME 'AstApplicationData' + DESC 'Asterisk Application Data' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountAMAFlags + NAME 'AstAccountAMAFlags' + DESC 'Asterisk Account AMA Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountCallerID + NAME 'AstAccountCallerID' + DESC 'Asterisk Account CallerID' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountContext + NAME 'AstAccountContext' + DESC 'Asterisk Account Context' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountMailbox + NAME 'AstAccountMailbox' + DESC 'Asterisk Account Mailbox' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstMD5secret + NAME 'AstMD5secret' + DESC 'Asterisk Account MD5 Secret' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountDeny + NAME 'AstAccountDeny' + DESC 'Asterisk Account Deny' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountPermit + NAME 'AstAccountPermit' + DESC 'Asterisk Account Permit' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountQualify + NAME 'AstAccountQualify' + DESC 'Asterisk Account Qualify' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountType + NAME 'AstAccountType' + DESC 'Asterisk Account Type' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountDisallowedCodec + NAME 'AstAccountDisallowedCodec' + DESC 'Asterisk Account Disallowed Codec' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountExpirationTimestamp + NAME 'AstAccountExpirationTimestamp' + DESC 'Asterisk Account Allowed Codec' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountRegistrationContext + NAME 'AstAccountRegistrationContext' + DESC 'Asterisk Account AMA Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountRegistrationExten + NAME 'AstAccountRegistrationExten' + DESC 'Asterisk Account AMA Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountNoTransfer + NAME 'AstAccountNoTransfer' + DESC 'Asterisk Account AMA Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountCallGroup + NAME 'AstAccountCallGroup' + DESC 'Asterisk Account Call Group' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountCanReinvite + NAME 'AstAccountCanReinvite' + DESC 'Asterisk Account Can Reinvite' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountDTMFMode + NAME 'AstAccountDTMFMode' + DESC 'Asterisk Account DTMF Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountFromUser + NAME 'AstAccountFromUser' + DESC 'Asterisk Account From User' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountFromDomain + NAME 'AstAccountFromDomain' + DESC 'Asterisk Account From Domain' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountFullContact + NAME 'AstAccountFullContact' + DESC 'Asterisk Account Full Contact' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountHost + NAME 'AstAccountHost' + DESC 'Asterisk Account Host' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountInsecure + NAME 'AstAccountInsecure' + DESC 'Asterisk Account Insecure' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountNAT + NAME 'AstAccountNAT' + DESC 'Asterisk Account NAT' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountPickupGroup + NAME 'AstAccountPickupGroup' + DESC 'Asterisk Account PickupGroup' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountPort + NAME 'AstAccountPort' + DESC 'Asterisk Account Port' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountRestrictCID + NAME 'AstAccountRestrictCID' + DESC 'Asterisk Restrict CallerID' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountRTPTimeout + NAME 'AstAccountRTPTimeout' + DESC 'Asterisk RTP Timeout' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountRTPHoldTimeout + NAME 'AstAccountRTPHoldTimeout' + DESC 'Asterisk RTP Hold Timeout' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountRealmedPassword + NAME 'AstAccountRealmedPassword' + DESC 'Asterisk RTP Hold Timeout' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountAllowedCodec + NAME 'AstAccountAllowedCodec' + DESC 'Asterisk Account Allowed Codec' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountMusicOnHold + NAME 'AstAccountMusicOnHold' + DESC 'Asterisk Account Allowed Codec' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountCanCallForward + NAME 'AstAccountCanCallForward' + DESC 'Asterisk Can CAll Forward' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountSecret + NAME 'AstAccountSecret' + DESC 'Asterisk Can CAll Forward' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstAccountName + NAME 'AstAccountName' + DESC 'Asterisk Account Username' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstConfigFilename + NAME 'AstConfigFilename' + DESC 'Asterisk LDAP Configuration Filename' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstConfigCategory + NAME 'AstConfigCategory' + DESC 'Asterisk LDAP Configuration Category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstConfigCategoryMetric + NAME 'AstConfigCategoryMetric' + DESC 'Asterisk LDAP Configuration Category Metric' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstConfigVariableName + NAME 'AstConfigVariableName' + DESC 'Asterisk LDAP Configuration Variable Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstConfigVariableValue + NAME 'AstConfigVariableValue' + DESC 'Asterisk LDAP Configuration Variable Value' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +attributetype ( AstConfigCommented + NAME 'AstConfigCommented' + DESC 'Asterisk LDAP Configuration Commented' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) + +############################################################################# +# Object Class definitions +# +# This is where to define the object classes. Object classes are used +# to define which attribute MAY (optional) or MUST (required) belong +# to an entry. +# +# Classes can be AUXILIARY or STRUCTURAL. An entry in the directory +# must have one and only one structural class, but can have many +# AUXILIARY classes. +# +############################################################################# + +objectclass ( AsteriskExtension + NAME 'AsteriskExtension' + DESC 'PBX Extension Information for Asterisk' + SUP top AUXILIARY + MUST cn + MAY ( + AstContext $ + AstExtension $ + AstPriority $ + AstApplication $ + AstApplicationData + ) + ) + +############################################################################# +# +# AsteriskIAXUser and AsteriskSIPUser extend AsteriskExtension. These +# represent real accounts in Asterisk. +# +# NOTE: They are defined as AUXILIARY in case they need to be mixed with an +# existing directory deployment. +# +############################################################################# + +objectclass ( AsteriskIAXUser + NAME 'AsteriskIAXUser' + DESC 'IAX2 User information for Asterisk' + SUP AsteriskExtension AUXILIARY + MUST cn + MAY ( + AstAccountAMAFlags $ + AstAccountCallerID $ + AstAccountContext $ + AstAccountFullContact $ + AstAccountHost $ + AstAccountMailbox $ + AstMD5secret $ + AstAccountDeny $ + AstAccountPermit $ + AstAccountPort $ + AstAccountQualify $ + AstAccountType $ + AstAccountDisallowedCodec $ + AstAccountExpirationTimestamp $ + AstAccountRegistrationContext$ + AstAccountRegistrationExten $ + AstAccountNoTransfer $ + AstAccountName + ) + ) + +objectclass ( AsteriskSIPUser + NAME 'AsteriskSIPUser' + DESC 'SIP User information for Asterisk' + SUP AsteriskExtension AUXILIARY + MUST cn + MAY ( + AstAccountAMAFlags $ + AstAccountCallGroup $ + AstAccountCallerID $ + AstAccountCanReinvite $ + AstAccountContext $ + AstAccountDTMFMode $ + AstAccountFromUser $ + AstAccountFromDomain $ + AstAccountFullContact $ + AstAccountHost $ + AstAccountInsecure $ + AstAccountMailbox $ + AstAccountRealmedPassword $ + AstAccountNAT $ + AstAccountDeny $ + AstAccountPermit $ + AstAccountPickupGroup $ + AstAccountPort $ + AstAccountQualify $ + AstAccountRestrictCID $ + AstAccountRTPTimeout $ + AstAccountRTPHoldTimeout $ + AstAccountType $ + AstAccountDisallowedCodec $ + AstAccountAllowedCodec $ + AstAccountMusicOnHold $ + AstAccountExpirationTimestamp $ + AstAccountRegistrationContext $ + AstAccountRegistrationExten $ + AstAccountCanCallForward $ + AstAccountSecret $ + AstAccountName + ) + ) + +############################################################################# +# +# AsteriskIAXUser and AsteriskSIPUser extend AsteriskExtension. These +# represent real accounts in Asterisk. +# +# NOTE: They are defined as AUXILIARY in case they need to be mixed with an +# existing directory deployment. +# +############################################################################# + +objectclass ( AsteriskConfig + NAME 'AsteriskConfig' + DESC 'Asterisk configuration Information' + SUP top AUXILIARY + MUST cn + MAY ( + AstConfigFilename $ + AstConfigCategory $ + AstConfigCategoryMetric $ + AstConfigVariableName $ + AstConfigVariableValue $ + AstConfigCommented + ) + ) + diff --git a/contrib/scripts/asterisk.ldif b/contrib/scripts/asterisk.ldif new file mode 100644 index 000000000..0bb6a4b9f --- /dev/null +++ b/contrib/scripts/asterisk.ldif @@ -0,0 +1,567 @@ +# +# Copyright (c) 2007 Suretec Systems Ltd. - +# +# Asterisk LDAP Schema ldif +# +# Digium root OID (http://www.iana.org/assignments/enterprise-numbers) +# +# 1.3.6.1.4.1.22736 +# 1.3.6.1.4.1.22736.5 LDAP elements +# 1.3.6.1.4.1.22736.5.4 Attribute Types +# 1.3.6.1.4.1.22736.5.5 Object Classes +# +dn: cn=asterisk,cn=schema,cn=config +objectClass: olcSchemaConfig +cn: asterisk +# +olcObjectIdentifier: AsteriskRoot 1.3.6.1.4.1.22736 +olcObjectIdentifier: AsteriskLDAP AsteriskRoot:5 +# +############################################################################# +# Attribute group OIDs. e.g.: olcObjectIdentifier: AstAttrType AsteriskLDAP:4 +############################################################################# +olcObjectIdentifier: AstAttrType AsteriskLDAP:4 +# +# +############################################################################# +# Attribute OIDs e.g.: olcObjectIdentifier: AstContext AstAttrType:1 +############################################################################# +olcObjectIdentifier: AstContext AstAttrType:1 +olcObjectIdentifier: AstExtension AstAttrType:2 +olcObjectIdentifier: AstPriority AstAttrType:3 +olcObjectIdentifier: AstApplication AstAttrType:4 +olcObjectIdentifier: AstApplicationData AstAttrType:5 +olcObjectIdentifier: AstAccountAMAFlags AstAttrType:6 +olcObjectIdentifier: AstAccountCallerID AstAttrType:7 +olcObjectIdentifier: AstAccountContext AstAttrType:8 +olcObjectIdentifier: AstAccountMailbox AstAttrType:9 +olcObjectIdentifier: AstMD5secret AstAttrType:10 +olcObjectIdentifier: AstAccountDeny AstAttrType:11 +olcObjectIdentifier: AstAccountPermit AstAttrType:12 +olcObjectIdentifier: AstAccountQualify AstAttrType:13 +olcObjectIdentifier: AstAccountType AstAttrType:14 +olcObjectIdentifier: AstAccountDisallowedCodec AstAttrType:15 +olcObjectIdentifier: AstAccountExpirationTimestamp AstAttrType:16 +olcObjectIdentifier: AstAccountRegistrationContext AstAttrType:17 +olcObjectIdentifier: AstAccountRegistrationExten AstAttrType:18 +olcObjectIdentifier: AstAccountNoTransfer AstAttrType:19 +olcObjectIdentifier: AstAccountCallGroup AstAttrType:20 +olcObjectIdentifier: AstAccountCanReinvite AstAttrType:21 +olcObjectIdentifier: AstAccountDTMFMode AstAttrType:22 +olcObjectIdentifier: AstAccountFromUser AstAttrType:23 +olcObjectIdentifier: AstAccountFromDomain AstAttrType:24 +olcObjectIdentifier: AstAccountFullContact AstAttrType:25 +olcObjectIdentifier: AstAccountHost AstAttrType:26 +olcObjectIdentifier: AstAccountInsecure AstAttrType:27 +olcObjectIdentifier: AstAccountNAT AstAttrType:28 +olcObjectIdentifier: AstAccountPickupGroup AstAttrType:29 +olcObjectIdentifier: AstAccountPort AstAttrType:30 +olcObjectIdentifier: AstAccountRestrictCID AstAttrType:31 +olcObjectIdentifier: AstAccountRTPTimeout AstAttrType:32 +olcObjectIdentifier: AstAccountRTPHoldTimeout AstAttrType:33 +olcObjectIdentifier: AstAccountRealmedPassword AstAttrType:34 +olcObjectIdentifier: AstAccountAllowedCodec AstAttrType:35 +olcObjectIdentifier: AstAccountMusicOnHold AstAttrType:36 +olcObjectIdentifier: AstAccountCanCallForward AstAttrType:37 +olcObjectIdentifier: AstAccountSecret AstAttrType:38 +olcObjectIdentifier: AstAccountName AstAttrType:39 +olcObjectIdentifier: AstConfigFilename AstAttrType:40 +olcObjectIdentifier: AstConfigCategory AstAttrType:41 +olcObjectIdentifier: AstConfigCategoryMetric AstAttrType:42 +olcObjectIdentifier: AstConfigVariableName AstAttrType:43 +olcObjectIdentifier: AstConfigVariableValue AstAttrType:44 +olcObjectIdentifier: AstConfigCommented AstAttrType:45 +# +# +############################################################################# +# Object Class OIDs +############################################################################# +olcObjectIdentifier: AstObjectClass AsteriskLDAP:2 +olcObjectIdentifier: AsteriskExtension AstObjectClass:1 +olcObjectIdentifier: AsteriskIAXUser AstObjectClass:2 +olcObjectIdentifier: AsteriskSIPUser AstObjectClass:3 +olcObjectIdentifier: AsteriskConfig AstObjectClass:4 +# +# +############################################################################# +# attribute definitions +# +# OID (the first arg) comes from the olcObjectIdentifier: defined above +# +# NAME should be the same as olcObjectIdentifier: +# +# DESC should be the description of the attribute +# +# EQUALITY is the rule to use when doing a search/compare for an +# attribute value. +# +# SUBSTR is the rule to use when doing a substring search (*foo*) +# +# SYNTAX is the syntax (i.e., type) of the attribute. We should +# probably stick to syntaxes: +# +# 1.3.6.1.4.1.1466.115.121.1.15 -> directoryString (UTF-8 string) +# 1.3.6.1.4.1.1466.115.121.1.26 -> IA5String (ASCII String) +# 1.3.6.1.4.1.1466.115.121.1.27 -> integer (Integer value) +# +# SINGLE-VALUE should be present if only one instance of this +# attribute is allowed within an entry. +# +# {32} is the allowed length +# +# e.g.: +# +# olcAttributeTypes: ( AstExample +# NAME ( 'AstExample' ) +# DESC 'Asterisk Example Attribute' +# EQUALITY caseIgnoreMatch +# SUBSTR caseIgnoreSubstringsMatch +# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32} +# SINGLE-VALUE ) +# +############################################################################# +# +olcAttributeTypes: ( AstContext + NAME 'AstContext' + DESC 'Asterisk Context' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstExtension + NAME 'AstExtension' + DESC 'Asterisk Extension' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstPriority + NAME 'AstPriority' + DESC 'Asterisk Priority' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstApplication + NAME 'AstApplication' + DESC 'Asterisk Application' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstApplicationData + NAME 'AstApplicationData' + DESC 'Asterisk Application Data' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountAMAFlags + NAME 'AstAccountAMAFlags' + DESC 'Asterisk Account AMA Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountCallerID + NAME 'AstAccountCallerID' + DESC 'Asterisk Account CallerID' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountContext + NAME 'AstAccountContext' + DESC 'Asterisk Account Context' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountMailbox + NAME 'AstAccountMailbox' + DESC 'Asterisk Account Mailbox' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstMD5secret + NAME 'AstMD5secret' + DESC 'Asterisk Account MD5 Secret' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountDeny + NAME 'AstAccountDeny' + DESC 'Asterisk Account Deny' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountPermit + NAME 'AstAccountPermit' + DESC 'Asterisk Account Permit' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountQualify + NAME 'AstAccountQualify' + DESC 'Asterisk Account Qualify' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountType + NAME 'AstAccountType' + DESC 'Asterisk Account Type' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountDisallowedCodec + NAME 'AstAccountDisallowedCodec' + DESC 'Asterisk Account Disallowed Codec' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountExpirationTimestamp + NAME 'AstAccountExpirationTimestamp' + DESC 'Asterisk Account Allowed Codec' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountRegistrationContext + NAME 'AstAccountRegistrationContext' + DESC 'Asterisk Account AMA Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountRegistrationExten + NAME 'AstAccountRegistrationExten' + DESC 'Asterisk Account AMA Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountNoTransfer + NAME 'AstAccountNoTransfer' + DESC 'Asterisk Account AMA Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountCallGroup + NAME 'AstAccountCallGroup' + DESC 'Asterisk Account Call Group' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountCanReinvite + NAME 'AstAccountCanReinvite' + DESC 'Asterisk Account Can Reinvite' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountDTMFMode + NAME 'AstAccountDTMFMode' + DESC 'Asterisk Account DTMF Flags' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountFromUser + NAME 'AstAccountFromUser' + DESC 'Asterisk Account From User' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountFromDomain + NAME 'AstAccountFromDomain' + DESC 'Asterisk Account From Domain' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountFullContact + NAME 'AstAccountFullContact' + DESC 'Asterisk Account Full Contact' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountHost + NAME 'AstAccountHost' + DESC 'Asterisk Account Host' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountInsecure + NAME 'AstAccountInsecure' + DESC 'Asterisk Account Insecure' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountNAT + NAME 'AstAccountNAT' + DESC 'Asterisk Account NAT' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountPickupGroup + NAME 'AstAccountPickupGroup' + DESC 'Asterisk Account PickupGroup' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountPort + NAME 'AstAccountPort' + DESC 'Asterisk Account Port' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountRestrictCID + NAME 'AstAccountRestrictCID' + DESC 'Asterisk Restrict CallerID' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountRTPTimeout + NAME 'AstAccountRTPTimeout' + DESC 'Asterisk RTP Timeout' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountRTPHoldTimeout + NAME 'AstAccountRTPHoldTimeout' + DESC 'Asterisk RTP Hold Timeout' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountRealmedPassword + NAME 'AstAccountRealmedPassword' + DESC 'Asterisk RTP Hold Timeout' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountAllowedCodec + NAME 'AstAccountAllowedCodec' + DESC 'Asterisk Account Allowed Codec' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountMusicOnHold + NAME 'AstAccountMusicOnHold' + DESC 'Asterisk Account Allowed Codec' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountCanCallForward + NAME 'AstAccountCanCallForward' + DESC 'Asterisk Can CAll Forward' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountSecret + NAME 'AstAccountSecret' + DESC 'Asterisk Can CAll Forward' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstAccountName + NAME 'AstAccountName' + DESC 'Asterisk Account Username' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstConfigFilename + NAME 'AstConfigFilename' + DESC 'Asterisk LDAP Configuration Filename' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstConfigCategory + NAME 'AstConfigCategory' + DESC 'Asterisk LDAP Configuration Category' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstConfigCategoryMetric + NAME 'AstConfigCategoryMetric' + DESC 'Asterisk LDAP Configuration Category Metric' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstConfigVariableName + NAME 'AstConfigVariableName' + DESC 'Asterisk LDAP Configuration Variable Name' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstConfigVariableValue + NAME 'AstConfigVariableValue' + DESC 'Asterisk LDAP Configuration Variable Value' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +olcAttributeTypes: ( AstConfigCommented + NAME 'AstConfigCommented' + DESC 'Asterisk LDAP Configuration Commented' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15) +# +############################################################################# +# Object Class definitions +# +# This is where to define the object classes. Object classes are used +# to define which attribute MAY (optional) or MUST (required) belong +# to an entry. +# +# Classes can be AUXILIARY or STRUCTURAL. An entry in the directory +# must have one and only one structural class, but can have many +# AUXILIARY classes. +# +############################################################################# +# +olcObjectClasses: ( AsteriskExtension + NAME 'AsteriskExtension' + DESC 'PBX Extension Information for Asterisk' + SUP top AUXILIARY + MUST cn + MAY ( + AstContext $ + AstExtension $ + AstPriority $ + AstApplication $ + AstApplicationData + ) + ) +# +############################################################################# +# +# AsteriskIAXUser and AsteriskSIPUser extend AsteriskExtension. These +# represent real accounts in Asterisk. +# +# NOTE: They are defined as AUXILIARY in case they need to be mixed with an +# existing directory deployment. +# +############################################################################# +# +olcObjectClasses: ( AsteriskIAXUser + NAME 'AsteriskIAXUser' + DESC 'IAX2 User information for Asterisk' + SUP AsteriskExtension AUXILIARY + MUST cn + MAY ( + AstAccountAMAFlags $ + AstAccountCallerID $ + AstAccountContext $ + AstAccountFullContact $ + AstAccountHost $ + AstAccountMailbox $ + AstMD5secret $ + AstAccountDeny $ + AstAccountPermit $ + AstAccountPort $ + AstAccountQualify $ + AstAccountType $ + AstAccountDisallowedCodec $ + AstAccountExpirationTimestamp $ + AstAccountRegistrationContext$ + AstAccountRegistrationExten $ + AstAccountNoTransfer $ + AstAccountName + ) + ) +# +olcObjectClasses: ( AsteriskSIPUser + NAME 'AsteriskSIPUser' + DESC 'SIP User information for Asterisk' + SUP AsteriskExtension AUXILIARY + MUST cn + MAY ( + AstAccountAMAFlags $ + AstAccountCallGroup $ + AstAccountCallerID $ + AstAccountCanReinvite $ + AstAccountContext $ + AstAccountDTMFMode $ + AstAccountFromUser $ + AstAccountFromDomain $ + AstAccountFullContact $ + AstAccountHost $ + AstAccountInsecure $ + AstAccountMailbox $ + AstAccountRealmedPassword $ + AstAccountNAT $ + AstAccountDeny $ + AstAccountPermit $ + AstAccountPickupGroup $ + AstAccountPort $ + AstAccountQualify $ + AstAccountRestrictCID $ + AstAccountRTPTimeout $ + AstAccountRTPHoldTimeout $ + AstAccountType $ + AstAccountDisallowedCodec $ + AstAccountAllowedCodec $ + AstAccountMusicOnHold $ + AstAccountExpirationTimestamp $ + AstAccountRegistrationContext $ + AstAccountRegistrationExten $ + AstAccountCanCallForward $ + AstAccountSecret $ + AstAccountName + ) + ) +# +############################################################################# +# +# AsteriskIAXUser and AsteriskSIPUser extend AsteriskExtension. These +# represent real accounts in Asterisk. +# +# NOTE: They are defined as AUXILIARY in case they need to be mixed with an +# existing directory deployment. +# +############################################################################# +# +olcObjectClasses: ( AsteriskConfig + NAME 'AsteriskConfig' + DESC 'Asterisk configuration Information' + SUP top AUXILIARY + MUST cn + MAY ( + AstConfigFilename $ + AstConfigCategory $ + AstConfigCategoryMetric $ + AstConfigVariableName $ + AstConfigVariableValue $ + AstConfigCommented + ) + ) +# + diff --git a/doc/ldap.txt b/doc/ldap.txt new file mode 100644 index 000000000..c4d658d66 --- /dev/null +++ b/doc/ldap.txt @@ -0,0 +1,65 @@ +Asterisk Realtime LDAP Driver +--------------------------- + +With this driver Asterisk can retrieve information from a LDAP drectory, including +sip/iax users, extensions and configuration. + +See configs/res_ldap.conf.sample for a configuration file sample + + +Here is a LDAP dif sample: + +# Base SIP Phones Entry +dn: uid=phone-base,dc=myDomain,dc=myDomainExt +objectClass: top +objectClass: AstAccount +objectClass: AstAccountSIP +uid: phone-base +AstAccountAccountingCode: baseacccode +AstAccountHost: dynamic +preferredLanguage: FR +AstAccountAMAFlags: billing +AstAccountContext: ldaptest + + +# A Phone. realmedPassword md5 hash should be the result of +# echo -n "UID:SIPRealm:Password" | md5sum +dn: uid=phone-test,dc=myDomain,dc=myDomainExt +objectClass: top +objectClass: AstAccount +objectClass: AstAccountSIP +uid: phone-test +AstAccountAccountingCode: acc-phone-base +AstAccountFullContact: Noone <1234> +AstAccountCallerID: 1234 +AstAccountBaseDN: uid=phone-base,dc=myDomain,dc=myDomainExt +realmedPassword: {MD5}f67965da780bf9c70d6e337f938cee6f + + +# extensions, +dn: ou=extensions,dc=myDomain,dc=myDomainExt +ou: extensions +objectClass: top +objectClass: organizationalUnit + +# Extension 100 Priority 1 in context ldaptest +dn: cn=100-1,ou=extensions,dc=myDomain,dc=myDomainExt +AstExtensionApplication: NoOp +AstExtensionApplicationData: TEST LDAP +objectClass: top +objectClass: AstExtension +AstExtensionExten: 100 +AstExtensionContext: ldaptest +cn: 100-1 +AstExtensionPriority: 1 + +# Extension 100 Priority 1 in context ldaptest +dn: cn=100-2,ou=extensions,dc=myDomain,dc=myDomainExt +objectClass: top +objectClass: AstExtension +AstExtensionExten: 100 +AstExtensionContext: ldaptest +cn: 100-2 +AstExtensionPriority: 2 +AstExtensionApplication: hangup + diff --git a/include/asterisk/autoconfig.h.in b/include/asterisk/autoconfig.h.in index 3e9217689..10029ec92 100644 --- a/include/asterisk/autoconfig.h.in +++ b/include/asterisk/autoconfig.h.in @@ -373,6 +373,12 @@ /* Define to indicate the ${JACK_DESCRIP} library version */ #undef HAVE_JACK_VERSION +/* Define this to indicate the ${LDAP_DESCRIP} library */ +#undef HAVE_LDAP + +/* Define to indicate the ${LDAP_DESCRIP} library version */ +#undef HAVE_LDAP_VERSION + /* Define to 1 if you have the header file. */ #undef HAVE_LIBINTL_H diff --git a/makeopts.in b/makeopts.in index aac5cf8b1..1b150a94b 100644 --- a/makeopts.in +++ b/makeopts.in @@ -102,6 +102,9 @@ IMAP_TK_LIB=@IMAP_TK_LIB@ JACK_INCLUDE=@JACK_INCLUDE@ JACK_LIB=@JACK_LIB@ +LDAP_INCLUDE=@LDAP_INCLUDE@ +LDAP_LIB=@LDAP_LIB@ + LUA_INCLUDE=@LUA_INCLUDE@ LUA_LIB=@LUA_LIB@ diff --git a/res/res_config_ldap.c b/res/res_config_ldap.c new file mode 100644 index 000000000..062effe1a --- /dev/null +++ b/res/res_config_ldap.c @@ -0,0 +1,1550 @@ +/* + * Asterisk -- A telephony toolkit for Linux. + * + * Copyright (C) 2005, Oxymium sarl + * Manuel Guesdon - LDAP RealTime Driver Author/Adaptor + * + * Copyright (C) 2007, Digium, Inc. + * Russell Bryant + * + * See http://www.asterisk.org for more information about + * the Asterisk project. Please do not directly contact + * any of the maintainers of this project for assistance; + * the project provides a web site, mailing lists and IRC + * channels for your use. + * + * This program is free software, distributed under the terms of + * the GNU General Public License Version 2. See the LICENSE file + * at the top of the source tree. + * + */ + +/*! \file + * + * \brief ldap plugin for portable configuration engine (ARA) + * + * \author Mark Spencer + * \author Manuel Guesdon + * \author Carl-Einar Thorner + * \author Russell Bryant + * + * \arg http://www.openldap.org + */ + +/*** MODULEINFO + ldap + ***/ + +#include "asterisk.h" + +#include +#include +#include +#include +#include + +ASTERISK_FILE_VERSION(__FILE__, "$Revision$") + +#include "asterisk/channel.h" +#include "asterisk/logger.h" +#include "asterisk/config.h" +#include "asterisk/module.h" +#include "asterisk/lock.h" +#include "asterisk/options.h" +#include "asterisk/cli.h" +#include "asterisk/utils.h" +#include "asterisk/strings.h" +#include "asterisk/pbx.h" +#include "asterisk/linkedlists.h" + +#define RES_CONFIG_LDAP_CONF "res_ldap.conf" + +AST_MUTEX_DEFINE_STATIC(ldap_lock); + +static LDAP *ldapConn; +static char host[512]; +static char user[512]; +static char pass[50]; +static char basedn[512]; +static int port = 389; +static time_t connect_time; + +static int parse_config(void); +static int ldap_reconnect(void); +static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a); + +struct category_and_metric { + const char *name; + int metric; + const char *variable_name; + const char *variable_value; + int var_metric; /*!< For organizing variables (particularly includes and switch statments) within a context */ +}; + +/*! \brief Table configuration */ +struct ldap_table_config { + char *table_name; /*!< table name */ + char *additional_filter; /*!< additional filter */ + struct ast_variable *attributes; /*!< attribute names conversion */ + struct ast_variable *delimiters; /*!< the current delimiter is semicolon, so we are not using this variable */ + AST_LIST_ENTRY(ldap_table_config) entry; +}; + +/*! \brief Should be locked before using it */ +static AST_LIST_HEAD_NOLOCK_STATIC(table_configs, ldap_table_config); +static struct ldap_table_config *base_table_config; +static struct ldap_table_config *static_table_config; + +static struct ast_cli_entry ldap_cli[] = { + AST_CLI_DEFINE(realtime_ldap_status, "Shows connection information for the LDAP RealTime driver"), +}; + +/*! \brief Create a new table_config */ +static struct ldap_table_config *table_config_new(const char *table_name) +{ + struct ldap_table_config *p; + + if (!(p = ast_calloc(1, sizeof(*p)))) + return NULL; + + if (table_name) { + if (!(p->table_name = ast_strdup(table_name))) { + free(p); + return NULL; + } + } + + return p; +} + +/*! \brief Find a table_config - Should be locked before using it + * \note This function assumes ldap_lock to be locked. */ +static struct ldap_table_config *table_config_for_table_name(const char *table_name) +{ + struct ldap_table_config *c = NULL; + + AST_LIST_TRAVERSE(&table_configs, c, entry) { + if (!strcmp(c->table_name, table_name)) + break; + } + + return c; +} + +/*! \brief Find variable by name */ +static struct ast_variable *variable_named(struct ast_variable *var, const char *name) +{ + for (; var; var = var->next) { + if (!strcasecmp(name, var->name)) + break; + } + + return var; +} + +/*! \brief for the semicolon delimiter + \param somestr - pointer to a string + + \return number of occurances of the delimiter(semicolon) + */ +static int semicolon_count_str(const char *somestr) +{ + int count = 0; + + for (; *somestr; somestr++) { + if (*somestr == ';') + count++; + } + + return count; +} + +/* takes a linked list of \a ast_variable variables, finds the one with the name variable_value + * and returns the number of semicolons in the value for that \a ast_variable + */ +static int semicolon_count_var(struct ast_variable *var) +{ + struct ast_variable *var_value = variable_named(var, "variable_value"); + + if (!var_value) + return 0; + + ast_debug(1, "LINE(%d) semicolon_count_var: %s\n", __LINE__, var_value->value); + + return semicolon_count_str(var_value->value); +} + +/*! \brief add attribute to table config - Should be locked before using it */ +static void ldap_table_config_add_attribute(struct ldap_table_config *table_config, + const char *attribute_name, const char *attribute_value) +{ + struct ast_variable *var; + + if (ast_strlen_zero(attribute_name) || ast_strlen_zero(attribute_value)) + return; + + if (!(var = ast_variable_new(attribute_name, attribute_value, table_config->table_name))) + return; + + if (table_config->attributes) + var->next = table_config->attributes; + table_config->attributes = var; +} + +/*! \brief Free table_config + * \note assumes ldap_lock to be locked */ +static void table_configs_free(void) +{ + struct ldap_table_config *c; + + while ((c = AST_LIST_REMOVE_HEAD(&table_configs, entry))) { + if (c->table_name) + free(c->table_name); + if (c->additional_filter) + free(c->additional_filter); + if (c->attributes) + ast_variables_destroy(c->attributes); + free(c); + } + + base_table_config = NULL; + static_table_config = NULL; +} + +/*! \brief Convert variable name to ldap attribute name - Should be locked before using it */ +static const char *convert_attribute_name_to_ldap(struct ldap_table_config *table_config, + const char *attribute_name) +{ + int i = 0; + struct ldap_table_config *configs[] = { table_config, base_table_config }; + + for (i = 0; i < ARRAY_LEN(configs); i++) { + struct ast_variable *attribute; + + if (!configs[i]) + continue; + + attribute = configs[i]->attributes; + for (; attribute; attribute = attribute->next) { + if (!strcasecmp(attribute_name, attribute->name)) + return attribute->value; + } + } + + return attribute_name; +} + +/*! \brief Convert ldap attribute name to variable name - Should be locked before using it */ +static const char *convert_attribute_name_from_ldap(struct ldap_table_config *table_config, + const char *attribute_name) +{ + int i = 0; + struct ldap_table_config *configs[] = { table_config, base_table_config }; + + for (i = 0; i < ARRAY_LEN(configs); i++) { + struct ast_variable *attribute; + + if (!configs[i]) + continue; + + attribute = configs[i]->attributes; + for (; attribute; attribute = attribute->next) { + if (strcasecmp(attribute_name, attribute->value) == 0) + return attribute->name; + } + } + + return attribute_name; +} + +/*! \brief Get variables from ldap entry attributes - Should be locked before using it + * \return a linked list of ast_variable variables. + **/ +static struct ast_variable *realtime_ldap_entry_to_var(struct ldap_table_config *table_config, + LDAPMessage *ldap_entry) +{ + BerElement *ber = NULL; + struct ast_variable *var = NULL; + struct ast_variable *prev = NULL; + int is_delimited = 0; + int i = 0; + char *ldap_attribute_name; + struct berval *value; + int pos = 0; + + ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber); + + while (ldap_attribute_name) { + struct berval **values = NULL; + const char *attribute_name = convert_attribute_name_from_ldap(table_config,ldap_attribute_name); + int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0; + + values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name);/*these are freed at the end*/ + if (values) { + struct berval **v = values; + + while (*v) { + value = *v; + ast_debug(2, "LINE(%d) attribute_name: %s LDAP value: %s\n", __LINE__, attribute_name, value->bv_val); + if (is_realmed_password_attribute) { + if (!strncasecmp(value->bv_val, "{md5}", 5)) + value->bv_val += 5; + else + value->bv_val = NULL; + ast_debug(2, "md5: %s\n", value->bv_val); + } + if (value->bv_val) { + /* ok, so looping through all delimited values except the last one (not, last character is not delimited...) */ + if (is_delimited) { + i = 0; + pos = 0; + while (!ast_strlen_zero(value->bv_val + i)) { + if (value->bv_val[i] == ';'){ + value->bv_val[i] = '\0'; + if (prev) { + prev->next = ast_variable_new(attribute_name, &value->bv_val[pos], table_config->table_name); + if (prev->next) { + prev = prev->next; + } + } else { + prev = var = ast_variable_new(attribute_name, &value->bv_val[pos], table_config->table_name); + } + pos = i + 1; + } + i++; + } + } + /* for the last delimited value or if the value is not delimited: */ + if (prev) { + prev->next = ast_variable_new(attribute_name, &value->bv_val[pos], table_config->table_name); + if (prev->next) { + prev = prev->next; + } + } else { + prev = var = ast_variable_new(attribute_name, &value->bv_val[pos], table_config->table_name); + } + } + v++; + } + ber_bvecfree(values); + } + ldap_attribute_name = ldap_next_attribute(ldapConn, ldap_entry, ber); + } + ber_free(ber, 0); + + return var; +} + +/*! \brief Get variables from ldap entry attributes - Should be locked before using it + * + * The results are freed outside this function so is the \a vars array. + * + * \return \a vars - an array of ast_variable variables terminated with a null. + **/ +static struct ast_variable **realtime_ldap_result_to_vars(struct ldap_table_config *table_config, + LDAPMessage * ldap_result, unsigned int *entries_count_ptr) +{ + struct ast_variable ** vars; + int i=0; + int tot_count=0; + int entry_index=0; + LDAPMessage *ldap_entry = NULL; + BerElement *ber = NULL; + struct ast_variable *var = NULL; + struct ast_variable *prev = NULL; + int is_delimited=0; + char * delim_value = NULL; + int delim_tot_count = 0; + int delim_count = 0; + + /* First find the total count */ + ldap_entry = ldap_first_entry(ldapConn, ldap_result); + + for (tot_count = 0; ldap_entry; tot_count++){ + tot_count += semicolon_count_var( realtime_ldap_entry_to_var(table_config,ldap_entry) ); + ldap_entry = ldap_next_entry(ldapConn, ldap_entry); + } + + if (entries_count_ptr) + *entries_count_ptr = tot_count; + /* Now that we have the total count we allocate space and create the variables + * Remember that each element in vars is a linked list that points to realtime variable. + * If the we are dealing with a static realtime variable we create a new element in the \a vars array for each delimited + * value in \a variable_value; otherwise, we keep \a vars static and increase the length of the linked list of variables in the array element. + * This memory must be freed outside of this function. */ + vars = ast_calloc(1, sizeof(struct ast_variable *) *(tot_count + 1)); + + ldap_entry = ldap_first_entry(ldapConn, ldap_result); + + i=0; + + + /*For each static realtime variable we may create several entries in the \a vars array if it's delimited*/ + for (entry_index = 0; ldap_entry; ){ + int pos = 0; + delim_value = NULL; + delim_tot_count = 0; + delim_count = 0; + + do {/* while delim_count */ + + /*Starting new static var*/ + char *ldap_attribute_name = ldap_first_attribute(ldapConn, ldap_entry, &ber); + //char *value; + struct berval *value; + while (ldap_attribute_name) { + + const char *attribute_name = + convert_attribute_name_from_ldap(table_config,ldap_attribute_name); + int is_realmed_password_attribute = strcasecmp(attribute_name, "md5secret") == 0; + struct berval **values = NULL; + + values = ldap_get_values_len(ldapConn, ldap_entry, ldap_attribute_name); + if (values) { + struct berval **v = values; + + while (*v) { + value = *v; + if (is_realmed_password_attribute) { + if (strncasecmp(value->bv_val, "{md5}", 5) == 0) + value->bv_val += 5; + else + value->bv_val = NULL; + ast_debug(2, "md5: %s\n", value->bv_val); + } + if (value->bv_val) { + + if( delim_value == NULL + && !is_realmed_password_attribute + && (static_table_config != table_config || strcmp(attribute_name,"variable_value") == 0) ){ + + delim_value = ast_calloc(1,sizeof(char)*(strlen(value->bv_val)+1)); + ast_copy_string(delim_value,value->bv_val,strlen(value->bv_val)+1); + + if( (delim_tot_count = semicolon_count_str(delim_value)) > 0){ + ast_debug(4, "LINE(%d) is delimited %d times: %s\n", __LINE__, delim_tot_count, delim_value); + is_delimited = 1; + } + } + + if( is_delimited != 0 + && !is_realmed_password_attribute + && (static_table_config != table_config || strcmp(attribute_name,"variable_value") == 0)){ + /* for non-Static RealTime, first */ + + + i=pos; + while ( !ast_strlen_zero(value->bv_val + i) ){ + ast_debug(4, "LINE(%d) DELIM pos: %d i: %d\n", __LINE__, pos, i); + if (delim_value[i] == ';'){ + delim_value[i] = '\0'; + + ast_debug(2, "LINE(%d) DELIM - attribute_name: %s value: %s pos: %d\n", __LINE__, attribute_name, &delim_value[pos], pos); + + if (prev) { + prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name); + if (prev->next) { + prev = prev->next; + } + } else { + prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name); + } + pos = i + 1; + + if(static_table_config == table_config){ + break; + } + } + i++; + } + if (ast_strlen_zero(value->bv_val + i)) { + ast_debug(4, "LINE(%d) DELIM pos: %d i: %d delim_count: %d\n", __LINE__, pos, i,delim_count); + /* Last delimited value */ + ast_debug(4, "LINE(%d) DELIM - attribute_name: %s value: %s pos: %d\n", __LINE__, attribute_name, &delim_value[pos], pos); + if (prev) { + prev->next = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name); + if (prev->next) { + prev = prev->next; + } + } else { + prev = var = ast_variable_new(attribute_name, &delim_value[pos], table_config->table_name); + } + /* Remembering to free memory */ + is_delimited = 0; + pos=0; + free(delim_value); + delim_value = NULL; + } + + ast_debug(4, "LINE(%d) DELIM pos: %d i: %d\n", __LINE__, pos, i); + } else { + /* not delimited */ + if (delim_value) { + free(delim_value); + delim_value = NULL; + } + ast_debug(2, "LINE(%d) attribute_name: %s value: %s\n", __LINE__, attribute_name, value->bv_val); + + if (prev) { + prev->next = ast_variable_new(attribute_name, value->bv_val, table_config->table_name); + if (prev->next) { + prev = prev->next; + } + } else { + prev = var = ast_variable_new(attribute_name, value->bv_val, table_config->table_name); + } + } + } + v++; + }/*! 2) { + const struct ast_variable *tmpdebug = variable_named(var, "variable_name"); + const struct ast_variable *tmpdebug2 = variable_named(var, "variable_value"); + if (tmpdebug && tmpdebug2) { + ast_debug(3, "LINE(%d) Added to vars - %s = %s\n", __LINE__, tmpdebug->value, tmpdebug2->value); + } + } + vars[entry_index++] = var; + prev = NULL; + } + + delim_count++; + } while(delim_count <= delim_tot_count && static_table_config == table_config ); + if(static_table_config != table_config){ + ast_debug(3, "LINE(%d) Added to vars - non static\n", __LINE__ ); + + vars[entry_index++] = var; + prev = NULL; + } + ldap_entry = ldap_next_entry(ldapConn, ldap_entry); + } /*!< end for loop over ldap_entry */ + + return vars; +} + + +static int is_ldap_connect_error(int err) +{ + return (err == LDAP_SERVER_DOWN + || err == LDAP_TIMEOUT || err == LDAP_CONNECT_ERROR); +} + +/*! \brief Get LDAP entry by dn and return attributes as variables - Should be locked before using it + This is used for setting the default values of an object(i.e., with accountBaseDN) +*/ +static struct ast_variable *ldap_loadentry(struct ldap_table_config *table_config, + const char *dn) +{ + if (!table_config) { + ast_log(LOG_ERROR, "No table config\n"); + return NULL; + } else { + struct ast_variable **vars = NULL; + struct ast_variable *var = NULL; + int result = -1; + LDAPMessage *ldap_result = NULL; + int tries = 0; + + ast_debug(2, "ldap_loadentry dn=%s\n", dn); + + do { + result = ldap_search_ext_s(ldapConn, dn, LDAP_SCOPE_BASE, + "(objectclass=*)", NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, &ldap_result); + if (result < 0 && is_ldap_connect_error(result)) { + ast_log(LOG_WARNING, + "Failed to query database. Try %d/3\n", + tries + 1); + tries++; + if (tries < 3) { + usleep(500000L * tries); + if (ldapConn) { + ldap_unbind_ext_s(ldapConn,NULL,NULL); + ldapConn = NULL; + } + if (!ldap_reconnect()) + break; + } + } + } while (result < 0 && tries < 3 && is_ldap_connect_error(result)); + + if (result < 0) { + ast_log(LOG_WARNING, + "Failed to query database. Check debug for more info.\n"); + ast_debug(2, "dn=%s\n", dn); + ast_debug(2, "Query Failed because: %s\n", + ldap_err2string(result)); + ast_mutex_unlock(&ldap_lock); + return NULL; + } else { + int num_entry = 0; + unsigned int *entries_count_ptr=NULL; /*!< not using this*/ + if ((num_entry = ldap_count_entries(ldapConn, ldap_result)) > 0) { + ast_debug(3, "num_entry: %d\n", num_entry); + + vars = realtime_ldap_result_to_vars(table_config,ldap_result,entries_count_ptr); + if (num_entry > 1) + ast_log(LOG_WARNING, "More than one entry for dn=%s. Take only 1st one\n", dn); + } else { + ast_log(LOG_WARNING, "Could not find any entry dn=%s.\n", dn); + } + } + ldap_msgfree(ldap_result); + + /* Chopping \a vars down to one variable */ + if(vars != NULL){ + struct ast_variable **p = vars; + p++; + var = *p; + while(var){ + ast_variables_destroy(var); + p++; + } + vars = realloc(vars, sizeof(struct ast_variable *)); + } + + var = *vars; + + return var; + } +} + +/*! \brief caller should free returned pointer */ +static char *substituted(struct ast_channel *channel, const char *string) +{ +#define MAXRESULT 2048 + char *ret_string = NULL; + + if (!ast_strlen_zero(string)) { + ret_string = ast_calloc(1, MAXRESULT); + pbx_substitute_variables_helper(channel, string, ret_string, MAXRESULT - 1); + } + ast_debug(2, "substituted: string: '%s' => '%s' \n", + string, ret_string); + return ret_string; +} + +/*! \brief caller should free returned pointer */ +static char *cleaned_basedn(struct ast_channel *channel, const char *basedn) +{ + char *cbasedn = NULL; + if (basedn) { + char *p = NULL; + cbasedn = substituted(channel, basedn); + if (*cbasedn == '"') { + cbasedn++; + if (!ast_strlen_zero(cbasedn)) { + int len = strlen(cbasedn); + if (cbasedn[len - 1] == '"') + cbasedn[len - 1] = '\0'; + + } + } + p = cbasedn; + while (*p) { + if (*p == '|') + *p = ','; + p++; + } + } + ast_debug(2, "basedn: '%s' => '%s' \n", basedn, cbasedn); + return cbasedn; +} + +/*! \brief Replace search by by in string. No check is done on string allocated size ! */ +static int replace_string_in_string(char *string, const char *search,const char *by) +{ + int search_len = strlen(search); + int by_len = strlen(by); + int replaced = 0; + char *p = strstr(string, search); + if (p) { + replaced = 1; + while (p) { + if (by_len == search_len) + memcpy(p, by, by_len); + else { + memmove(p + by_len, p + search_len, + strlen(p + search_len) + 1); + memcpy(p, by, by_len); + } + p = strstr(p + by_len, search); + } + } + return replaced; +} + +/*! \brief Append a name=value filter string. The filter string can grow. */ +/*! \brief convert name and value if "LIKE' is used (see http://bugs.digium.com/view.php?id=5765) */ +static void append_var_and_value_to_filter(struct ast_str **filter, + struct ldap_table_config *table_config, + const char *name, const char *value) +{ + char *new_name = NULL; + char *new_value = NULL; + char *like_pos = strstr(name, " LIKE"); + + ast_debug(2, "name='%s' value='%s'\n", name, value); + + if (like_pos) { + name = new_name = ast_strdupa(like_pos + strlen(" LIKE")); + value = new_value = ast_strdupa(value); + replace_string_in_string(new_value, "\\_", "_"); + replace_string_in_string(new_value, "%", "*"); + } + + name = convert_attribute_name_to_ldap(table_config, name); + + ast_str_append(filter, 0, "(%s=%s)", name, value); +} + +/*! \brief LDAP base function + return a null terminated array of ast_variable (one per entry) or NULL if no entry is found or if an error occured + caller should free the returned array and ast_variables + entries_count_ptr is a pointer to found entries count (can be NULL) + basedn is the base DN + table_name is the table_name (used dor attribute convertion and additional filter) + ap contains null terminated list of pairs name/value +*/ +static struct ast_variable **realtime_ldap_base(unsigned int *entries_count_ptr, + const char *basedn, const char *table_name, va_list ap) +{ + struct ast_variable **vars = NULL; + const char *newparam = NULL; + const char *newval = NULL; + struct ldap_table_config *table_config = NULL; + char *clean_basedn = cleaned_basedn(NULL, basedn); + struct ast_str *filter = NULL; + int tries = 0; + int result = 0; + LDAPMessage *ldap_result = NULL; + + if (!table_name) { + ast_log(LOG_WARNING, "No table_name specified.\n"); + return NULL; + } + + if (!(filter = ast_str_create(80))) + return NULL; + + /* Get the first parameter and first value in our list of passed paramater/value pairs */ + newparam = va_arg(ap, const char *); + newval = va_arg(ap, const char *); + + if (!newparam || !newval) { + ast_log(LOG_WARNING, "Realtime retrieval requires at least 1 parameter" + " and 1 value to search on.\n"); + return NULL; + } + + ast_mutex_lock(&ldap_lock); + + /* We now have our complete statement; Lets connect to the server and execute it. */ + if (!ldap_reconnect()) { + ast_mutex_unlock(&ldap_lock); + return NULL; + } + + table_config = table_config_for_table_name(table_name); + if (!table_config) { + ast_log(LOG_WARNING, "No table named '%s'.\n", table_name); + ast_mutex_unlock(&ldap_lock); + return NULL; + } + + ast_str_append(&filter, 0, "(&"); + + if (table_config && table_config->additional_filter) + ast_str_append(&filter, 0, table_config->additional_filter); + if (table_config != base_table_config && base_table_config && + base_table_config->additional_filter) { + ast_str_append(&filter, 0, base_table_config->additional_filter); + } + + /* Create the first part of the query using the first parameter/value pairs we just extracted */ + /* If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat */ + + append_var_and_value_to_filter(&filter, table_config, newparam, newval); + while ((newparam = va_arg(ap, const char *))) { + newval = va_arg(ap, const char *); + append_var_and_value_to_filter(&filter, table_config, newparam, newval); + } + ast_str_append(&filter, 0, ")"); + + do { + /* freeing ldap_result further down */ + result = ldap_search_ext_s(ldapConn, clean_basedn, + LDAP_SCOPE_SUBTREE, filter->str, NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, + &ldap_result); + if (result < 0 && is_ldap_connect_error(result)) { + ast_log(LOG_WARNING, "Failed to query database. Try %d/3\n", + tries + 1); + tries++; + if (tries < 3) { + usleep(500000L * tries); + if (ldapConn) { + ldap_unbind_ext_s(ldapConn,NULL,NULL); + ldapConn = NULL; + } + if (!ldap_reconnect()) + break; + } + } + } while (result < 0 && tries < 3 && is_ldap_connect_error(result)); + + if (result < 0) { + ast_log(LOG_WARNING, "Failed to query database. Check debug for more info.\n"); + ast_log(LOG_WARNING, "Query: %s\n", filter->str); + ast_log(LOG_WARNING, "Query Failed because: %s\n", ldap_err2string(result)); + } else { + /* this is where we create the variables from the search result + * freeing this \a vars outside this function */ + if (ldap_count_entries(ldapConn, ldap_result) > 0) { + //is this a static var or some other? they are handled different for delimited values + vars = realtime_ldap_result_to_vars(table_config,ldap_result,entries_count_ptr); + } else { + ast_log(LOG_WARNING, "Could not find any entry matching %s in base dn %s.\n", + filter->str, clean_basedn); + } + + ldap_msgfree(ldap_result); + + /* TODO: get the default variables from the accountBaseDN, not implemented with delimited values */ + if (vars) { + struct ast_variable **p = vars; + while (*p) { + struct ast_variable *append_var = NULL; + struct ast_variable *tmp = *p; + while (tmp) { + if (strcasecmp(tmp->name, "accountBaseDN") == 0) { + /* Get the variable to compare with for the defaults */ + struct ast_variable *base_var = ldap_loadentry(table_config, tmp->value); + + while (base_var) { + struct ast_variable *next = base_var->next; + struct ast_variable *test_var = *p; + int base_var_found = 0; + + /* run throught the default values and fill it inn if it is missing */ + while (test_var) { + if (strcasecmp(test_var->name, base_var->name) == 0) { + base_var_found = 1; + break; + } else + test_var = test_var->next; + } + if (base_var_found) { + base_var->next = NULL; + ast_variables_destroy (base_var); + base_var = next; + } else { + if (append_var) + base_var->next = append_var; + else + base_var->next = NULL; + append_var = base_var; + base_var = next; + } + } + } + if (!tmp->next && append_var) { + tmp->next = append_var; + tmp = NULL; + } else + tmp = tmp->next; + } + p++; + } + } + } + + if (filter) + free(filter); + + if (clean_basedn) + free(clean_basedn); + + ast_mutex_unlock(&ldap_lock); + + return vars; +} + +/*! \brief same as realtime_ldap_base_ but take variable arguments count list */ +static struct ast_variable **realtime_ldap_base_(unsigned int *entries_count_ptr, + const char *basedn, const char *table_name, ...) +{ + struct ast_variable **vars = NULL; + va_list ap; + + va_start(ap, table_name); + vars = realtime_ldap_base(entries_count_ptr, basedn, table_name, ap); + va_end(ap); + + return vars; +} + +/*! \brief See Asterisk doc +* +* For Realtime Dynamic(i.e., switch, queues, and directory) -- I think +*/ +static struct ast_variable *realtime_ldap(const char *basedn, + const char *table_name, va_list ap) +{ + struct ast_variable **vars = realtime_ldap_base(NULL, basedn, table_name, ap); + struct ast_variable *var = NULL; + + if (vars) { + struct ast_variable *last_var = NULL; + struct ast_variable **p = vars; + while (*p) { + if (last_var) { + while (last_var->next) + last_var = last_var->next; + last_var->next = *p; + } else { + var = *p; + last_var = var; + } + p++; + } + free(vars); + } + return var; +} + +/*! \brief See Asterisk doc +* +* this function will be called for the switch statment if no match is found with the realtime_ldap function(i.e. it is a failover); +* however, the ast_load_realtime wil match on wildcharacters also depending on what the mode is set to +* this is an area of asterisk that could do with a lot of modification +* I think this function returns Realtime dynamic objects +*/ +static struct ast_config *realtime_multi_ldap(const char *basedn, + const char *table_name, va_list ap) +{ + struct ast_variable **vars = + realtime_ldap_base(NULL, basedn, table_name, ap); + struct ast_config *cfg = NULL; + + if (vars) { + cfg = ast_config_new(); + if (!cfg) { + ast_log(LOG_WARNING, "Out of memory!\n"); + } else { + struct ast_variable **p = vars; + + while (*p) { + struct ast_category *cat = NULL; + cat = ast_category_new("", table_name, -1); + if (!cat) { + ast_log(LOG_WARNING, "Out of memory!\n"); + break; + } else { + struct ast_variable *var = *p; + while (var) { + struct ast_variable *next = var->next; + var->next = NULL; + ast_variable_append(cat, var); + var = next; + } + } + ast_category_append(cfg, cat); + p++; + } + } + free(vars); + } + return cfg; + +} + +/*! + * \brief Sorting alogrithm for qsort to find the order of the variables \a a and \a b + * \param \a a pointer to category_and_metric struct + * \param \a b pointer to category_and_metric struct + * + * \return the -1,0,1 (zero for equal, -1 for if b is greater, and 1 if a is greater) + */ +static int compare_categories(const void *a, const void *b) +{ + struct category_and_metric *as = (struct category_and_metric *) a; + struct category_and_metric *bs = (struct category_and_metric *) b; + + if (as->metric < bs->metric) + return -1; + else if (as->metric > bs->metric) + return 1; + else if (as->metric == bs->metric && strcmp(as->name, bs->name) < 0) + return strcmp(as->name, bs->name); + else if (as->metric == bs->metric && strcmp(as->name, bs->name) > 0) + return strcmp(as->name, bs->name); + + /* if the metric and the category name is the same, we check the variable metric */ + if (as->var_metric < bs->var_metric) + return -1; + else if(as->var_metric > bs->var_metric) + return 1; + + return 0; +} + +/*! \brief See Asterisk doc + * +* This is for Static Realtime (again: I think...) +* +* load the configuration stuff for the .conf files +* called on a reload +*/ +static struct ast_config *config_ldap(const char *basedn, const char *table_name, + const char *file, struct ast_config *cfg, struct ast_flags config_flags, const char *sugg_incl) +{ + unsigned int vars_count = 0; + struct ast_variable **vars; + int i = 0; + struct ast_variable *new_v = NULL; + struct ast_category *cur_cat = NULL; + const char *last_category = NULL; + int last_category_metric = 0; + struct category_and_metric *categories; + struct ast_variable **p; + + if (!file || !strcasecmp(file, RES_CONFIG_LDAP_CONF)) { + ast_log(LOG_WARNING, "Cannot configure myself.\n"); + return NULL; + } + + vars = realtime_ldap_base_(&vars_count, basedn, table_name, "filename", + file, "commented", "FALSE", NULL); + + if (!vars) { + ast_log(LOG_WARNING, "Could not find config '%s' in database.\n", file); + return NULL; + } + + if (!(categories = ast_calloc(1, sizeof(*categories) * vars_count))) + return NULL; + + for (vars_count = 0, p = vars; *p; p++) { + struct ast_variable *category = variable_named(*p, "category"); + struct ast_variable *cat_metric = variable_named(*p, "cat_metric"); + struct ast_variable *var_name = variable_named(*p, "variable_name"); + struct ast_variable *var_val = variable_named(*p, "variable_value"); + struct ast_variable *var_metric = variable_named(*p, "var_metric"); + struct ast_variable *dn = variable_named(*p, "dn"); + + ast_debug(1, "category: %s\n", category->value); + ast_debug(1, "var_name: %s\n", var_name->value); + ast_debug(1, "var_val: %s\n", var_val->value); + ast_debug(1, "cat_metric: %s\n", cat_metric->value); + + if (!category) { + ast_log(LOG_ERROR, + "No category name in entry '%s' for file '%s'.\n", + (dn ? dn->value : "?"), file); + } else if (!cat_metric) { + ast_log(LOG_ERROR, + "No category metric in entry '%s'(category: %s) for file '%s'.\n", + (dn ? dn->value : "?"), category->value, file); + } else if (!var_metric) { + ast_log(LOG_ERROR, + "No variable metric in entry '%s'(category: %s) for file '%s'.\n", + (dn ? dn->value : "?"), category->value, file); + } else if (!var_name) { + ast_log(LOG_ERROR, + "No variable name in entry '%s' (category: %s metric: %s) for file '%s'.\n", + (dn ? dn->value : "?"), category->value, + cat_metric->value, file); + } else if (!var_val) { + ast_log(LOG_ERROR, + "No variable value in entry '%s' (category: %s metric: %s variable: %s) for file '%s'.\n", + (dn ? dn->value : "?"), category->value, + cat_metric->value, var_name->value, file); + } else { + categories[vars_count].name = category->value; + categories[vars_count].metric = atoi(cat_metric->value); + categories[vars_count].variable_name = var_name->value; + categories[vars_count].variable_value = var_val->value; + categories[vars_count].var_metric = atoi(var_metric->value); + vars_count++; + } + } + + qsort(categories, vars_count, sizeof(*categories), compare_categories); + + for (i = 0; i < vars_count; i++) { + if (!strcmp(categories[i].variable_name, "#include")) { + struct ast_flags config_flags = { 0 }; + if (!ast_config_internal_load(categories[i].variable_value, cfg, config_flags, "")) + break; + continue; + } + + if (!last_category || strcmp(last_category, categories[i].name) || + last_category_metric != categories[i].metric) { + cur_cat = ast_category_new(categories[i].name, table_name, -1); + if (!cur_cat) + break; + last_category = categories[i].name; + last_category_metric = categories[i].metric; + ast_category_append(cfg, cur_cat); + } + + if (!(new_v = ast_variable_new(categories[i].variable_name, categories[i].variable_value, table_name))) + break; + + ast_variable_append(cur_cat, new_v); + } + + free(vars); + free(categories); + + return cfg; +} + +/* \brief Function to update a set of values in ldap +static +*/ +static int update_ldap(const char *basedn, const char *table_name, const char *attribute, + const char *lookup, va_list ap) +{ + int error=0; + LDAPMessage *ldap_entry = NULL; + LDAPMod **ldap_mods; + const char *newparam = NULL; + const char *newval = NULL; + char *dn; + int num_entries = 0; + int i = 0; + int mods_size = 0; + int mod_exists = 0; + struct ldap_table_config *table_config = NULL; + char *clean_basedn = NULL; + struct ast_str *filter = NULL; + int tries = 0; + int result = 0; + LDAPMessage *ldap_result = NULL; + + if (!table_name) { + ast_log(LOG_WARNING, "No table_name specified.\n"); + return -1; + } + + if (!(filter = ast_str_create(80))) + return -1; + + if (!attribute || !lookup) { + ast_log(LOG_WARNING, + "LINE(%d): search parameters are empty.\n", __LINE__); + return -1; + } + ast_mutex_lock(&ldap_lock); + + /* We now have our complete statement; Lets connect to the server and execute it. */ + if (!ldap_reconnect()) { + ast_mutex_unlock(&ldap_lock); + return -1; + } + + table_config = table_config_for_table_name(table_name); + if (!table_config) { + ast_log(LOG_WARNING, "No table named '%s'.\n", table_name); + ast_mutex_unlock(&ldap_lock); + return -1; + } + + clean_basedn = cleaned_basedn(NULL, basedn); + + /* Create the filter with the table additional filter and the parameter/value pairs we were given */ + ast_str_append(&filter, 0, "(&"); + if (table_config && table_config->additional_filter) { + ast_str_append(&filter, 0, table_config->additional_filter); + } + if (table_config != base_table_config && base_table_config + && base_table_config->additional_filter) { + ast_str_append(&filter, 0, base_table_config->additional_filter); + } + append_var_and_value_to_filter(&filter, table_config, attribute, lookup); + ast_str_append(&filter, 0, ")"); + + /* Create the modification array with the parameter/value pairs we were given, + * if there are several parameters with the same name, we collect them into + * one parameter/value pair and delimit them with a semicolon */ + newparam = va_arg(ap, const char *); + newparam = convert_attribute_name_to_ldap(table_config, newparam); + newval = va_arg(ap, const char *); + if (!newparam || !newval) { + ast_log(LOG_WARNING, + "LINE(%d): need at least one paramter to modify.\n",__LINE__); + return -1; + } + + mods_size = 2; /* one for the first param/value pair and one for the the terminating NULL */ + ldap_mods = ast_calloc(1,sizeof(LDAPMod *)*mods_size); + ldap_mods[0] = ast_calloc(1,sizeof(LDAPMod)); + + ldap_mods[0]->mod_op = LDAP_MOD_REPLACE; + ldap_mods[0]->mod_type = ast_calloc(1,sizeof(char)*(strlen(newparam)+1)); + strcpy(ldap_mods[0]->mod_type, newparam); + + ldap_mods[0]->mod_values = ast_calloc(1,sizeof(char *)*2); + ldap_mods[0]->mod_values[0] = ast_calloc(1,sizeof(char)*(strlen(newval)+1)); + strcpy(ldap_mods[0]->mod_values[0],newval); + + while ((newparam = va_arg(ap, const char *))) { + newparam = convert_attribute_name_to_ldap(table_config, newparam); + + newval = va_arg(ap, const char *); + mod_exists = 0; + + for (i = 0; i < mods_size - 1; i++){ + if (ldap_mods[i]&& !strcmp(ldap_mods[i]->mod_type, newparam)) { + /* We have the parameter allready, adding the value as a semicolon delimited value */ + ldap_mods[i]->mod_values[0] = realloc(ldap_mods[i]->mod_values[0], sizeof(char)*( strlen(ldap_mods[i]->mod_values[0]) + strlen(newval) + 2 )); + strcat(ldap_mods[i]->mod_values[0],";"); + strcat(ldap_mods[i]->mod_values[0],newval); + mod_exists = 1; + break; + } + } + + /* create new mod */ + if (!mod_exists){ + mods_size++; + ldap_mods = realloc(ldap_mods, sizeof(LDAPMod *)*mods_size); + ldap_mods[mods_size - 1] = NULL; + ldap_mods[mods_size - 2] = ast_calloc(1,sizeof(LDAPMod)); + + ldap_mods[mods_size - 2]->mod_op = LDAP_MOD_REPLACE; + + ldap_mods[mods_size - 2]->mod_type = ast_calloc(1,sizeof(char)*(strlen(newparam)+1)); + strcpy(ldap_mods[mods_size - 2]->mod_type,newparam); + + ldap_mods[mods_size - 2]->mod_values = ast_calloc(1,sizeof(char *)*2); + ldap_mods[mods_size - 2]->mod_values[0] = ast_calloc(1,sizeof(char)*(strlen(newval)+1)); + strcpy(ldap_mods[mods_size - 2]->mod_values[0],newval); + } + } + /* freeing ldap_mods further down */ + + do { + /* freeing ldap_result further down */ + result = ldap_search_ext_s(ldapConn, clean_basedn, + LDAP_SCOPE_SUBTREE, filter->str, NULL, 0, NULL, NULL, NULL, LDAP_NO_LIMIT, + &ldap_result); + if (result < 0 && is_ldap_connect_error(result)) { + ast_log(LOG_WARNING, "Failed to query database. Try %d/3\n", + tries + 1); + tries++; + if (tries < 3) { + usleep(500000L * tries); + if (ldapConn) { + ldap_unbind_ext_s(ldapConn,NULL,NULL); + ldapConn = NULL; + } + if (!ldap_reconnect()) + break; + } + } + } while (result < 0 && tries < 3 && is_ldap_connect_error(result)); + + if (result < 0) { + ast_log(LOG_WARNING, "Failed to query directory. Check debug for more info.\n"); + ast_log(LOG_WARNING, "Query: %s\n", filter->str); + ast_log(LOG_WARNING, "Query Failed because: %s\n", + ldap_err2string(result)); + + ast_mutex_unlock(&ldap_lock); + if (filter) + free(filter); + if (clean_basedn) + free(clean_basedn); + ldap_msgfree(ldap_result); + ldap_mods_free(ldap_mods,0); + return -1; + } + /* Ready to update */ + if ((num_entries = ldap_count_entries(ldapConn, ldap_result)) > 0) { + ast_debug(3, "LINE(%d) Modifying %s=%s hits: %d\n", __LINE__,attribute,lookup,num_entries); + for (i = 0; option_debug > 2 && i < mods_size - 1; i++) + ast_debug(3, "LINE(%d) %s=%s \n", __LINE__,ldap_mods[i]->mod_type,ldap_mods[i]->mod_values[0]); + + ldap_entry = ldap_first_entry(ldapConn, ldap_result); + + for (i = 0; ldap_entry; i++){ + dn = ldap_get_dn(ldapConn,ldap_entry); + if (!(error = ldap_modify_ext_s(ldapConn,dn,ldap_mods,NULL,NULL))) + ast_log(LOG_ERROR,"Couldn't modify dn:%s because %s",dn,ldap_err2string(error) ); + + ldap_entry = ldap_next_entry(ldapConn, ldap_entry); + } + } + + ast_mutex_unlock(&ldap_lock); + if (filter) + free(filter); + if (clean_basedn) + free(clean_basedn); + ldap_msgfree(ldap_result); + ldap_mods_free(ldap_mods,0); + return num_entries; +} + +static struct ast_config_engine ldap_engine = { + .name = "ldap", + .load_func = config_ldap, + .realtime_func = realtime_ldap, + .realtime_multi_func = realtime_multi_ldap, + .update_func = update_ldap +}; + +static int load_module(void) { + + if (parse_config() < 0) { + ast_log(LOG_NOTICE, "Cannot load LDAP RealTime driver.\n"); + return 0; + } + + ast_mutex_lock(&ldap_lock); + + if (!ldap_reconnect()) + ast_log(LOG_WARNING, "Couldn't establish connection. Check debug.\n"); + + ast_config_engine_register(&ldap_engine); + ast_verb(1, "LDAP RealTime driver loaded.\n"); + ast_cli_register_multiple(ldap_cli, sizeof(ldap_cli) / sizeof(struct ast_cli_entry)); + + ast_mutex_unlock(&ldap_lock); + + return 0; +} + +static int unload_module(void) +{ + /* Aquire control before doing anything to the module itself. */ + ast_mutex_lock(&ldap_lock); + + table_configs_free(); + + if (ldapConn) { + ldap_unbind_ext_s(ldapConn,NULL,NULL); + ldapConn = NULL; + } + ast_cli_unregister_multiple(ldap_cli, sizeof(ldap_cli) / sizeof(struct ast_cli_entry)); + ast_config_engine_deregister(&ldap_engine); + ast_verb(1, "LDAP RealTime unloaded.\n"); + + /* Unlock so something else can destroy the lock. */ + ast_mutex_unlock(&ldap_lock); + + return 0; +} + +static int reload(void) +{ + /* Aquire control before doing anything to the module itself. */ + ast_mutex_lock(&ldap_lock); + + if (ldapConn) { + ldap_unbind_ext_s(ldapConn,NULL,NULL); + ldapConn = NULL; + } + + if (parse_config() < 0) { + ast_log(LOG_NOTICE, "Cannot reload LDAP RealTime driver.\n"); + return 0; + } + + if (!ldap_reconnect()) + ast_log(LOG_WARNING, "Couldn't establish connection. Check debug.\n"); + + ast_verb(2, "LDAP RealTime reloaded.\n"); + + /* Done reloading. Release lock so others can now use driver. */ + ast_mutex_unlock(&ldap_lock); + + return 0; +} + +int parse_config(void) +{ + struct ast_config *config; + struct ast_flags config_flags = {0}; + const char *s; + char *category_name = NULL; + + config = ast_config_load(RES_CONFIG_LDAP_CONF, config_flags); + + if (!config) { + ast_log(LOG_WARNING, "Cannot load configuration %s\n", RES_CONFIG_LDAP_CONF); + return -1; + } + + if (!(s = ast_variable_retrieve(config, "_general", "user"))) { + ast_log(LOG_WARNING, "No directory user found, anonymous binding as default.\n"); + user[0] = '\0'; + } else + ast_copy_string(user, s, sizeof(user)); + + if (!(s = ast_variable_retrieve(config, "_general", "pass"))) { + ast_log(LOG_WARNING, "No directory password found, using 'asterisk' as default.\n"); + ast_copy_string(pass, "asterisk", sizeof(pass) - 1); + } else + ast_copy_string(pass, s, sizeof(pass)); + + if (!(s = ast_variable_retrieve(config, "_general", "host"))) { + ast_log(LOG_ERROR, "No directory host found.\n"); + host[0] = '\0'; + } else { + ast_copy_string(host, "ldap://", 8 ); + ast_copy_string(host + 7, s, sizeof(host)); + } + + if (!(s = ast_variable_retrieve(config, "_general", "basedn"))) { + ast_log(LOG_ERROR, "No LDAP base dn found, using 'asterisk' as default.\n"); + basedn[0] = '\0'; + } else + ast_copy_string(basedn, s, sizeof(basedn)); + + if (!(s = ast_variable_retrieve(config, "_general", "port"))) { + ast_log(LOG_WARNING, "No directory port found, using 389 as default.\n"); + port = 389; + ast_copy_string(host + strlen(host), ":389", sizeof(host)); + } else { + ast_copy_string(host + 1, ":", sizeof(s)); + ast_copy_string(host + strlen(host), s, sizeof(s)); + port = atoi(s); + } + + table_configs_free(); + + while ((category_name = ast_category_browse(config, category_name))) { + int is_general = (strcasecmp(category_name, "_general") == 0); + int is_config = (strcasecmp(category_name, "config") == 0); /*!< using the [config] context for Static RealTime */ + struct ast_variable *var = ast_variable_browse(config, category_name); + + if (var) { + struct ldap_table_config *table_config = + table_config_for_table_name(category_name); + if (!table_config) { + table_config = table_config_new(category_name); + AST_LIST_INSERT_HEAD(&table_configs, table_config, entry); + if (is_general) + base_table_config = table_config; + if (is_config) + static_table_config = table_config; + } + for (; var; var = var->next) { + if (!strcasecmp(var->name, "additionalFilter")) + table_config->additional_filter = strdup(var->value); + else + ldap_table_config_add_attribute(table_config, var->name, var->value); + } + } + } + + ast_config_destroy(config); + + return 1; +} + +/*! \note ldap_lock should have been locked before calling this function. */ +static int ldap_reconnect(void) +{ + int bind_result = 0; + struct berval cred; + + if (ldapConn) { + ast_debug(2, "Everything seems fine.\n"); + return 1; + } + + if (ast_strlen_zero(host)) { + ast_log(LOG_ERROR, "Not enough parameters to connect to ldap database\n"); + return 0; + } + + if (LDAP_SUCCESS != ldap_initialize(&ldapConn, host)) { + ast_log(LOG_ERROR, "Failed to init ldap connection to %s. Check debug for more info.\n", host); + return 0; + } + + if (!ast_strlen_zero(user)) { + ast_debug(2, "bind to %s as %s\n", host, user); + cred.bv_val = (char *) pass; + cred.bv_len = strlen(pass); + bind_result = ldap_sasl_bind_s(ldapConn, user, LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL); + } else { + ast_debug(2, "bind anonymously %s anonymously\n", host); + bind_result = ldap_sasl_bind_s(ldapConn, NULL, LDAP_SASL_SIMPLE, NULL, NULL, NULL, NULL); + } + if (bind_result == LDAP_SUCCESS) { + ast_debug(2, "Successfully connected to database.\n"); + connect_time = time(NULL); + return 1; + } else { + ast_log(LOG_WARNING, "bind failed: %s\n", ldap_err2string(bind_result)); + ldap_unbind_ext_s(ldapConn, NULL, NULL); + ldapConn = NULL; + return 0; + } +} + +static char *realtime_ldap_status(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) +{ + char status[256], status2[100] = ""; + int ctime = time(NULL) - connect_time; + + switch (cmd) { + case CLI_INIT: + e->command = "realtime ldap status"; + e->usage = + "Usage: realtime ldap status\n" + " Shows connection information for the LDAP RealTime driver\n"; + return NULL; + case CLI_GENERATE: + return NULL; + } + + if (!ldapConn) + return CLI_FAILURE; + + if (!ast_strlen_zero(host)) + snprintf(status, sizeof(status), "Connected to %s, port %d baseDN %s", host, port, basedn); + + if (!ast_strlen_zero(user)) + snprintf(status2, sizeof(status2), " with username %s", user); + + if (ctime > 31536000) { + ast_cli(a->fd, "%s%s for %d years, %d days, %d hours, %d minutes, %d seconds.\n", + status, status2, ctime / 31536000, + (ctime % 31536000) / 86400, (ctime % 86400) / 3600, + (ctime % 3600) / 60, ctime % 60); + } else if (ctime > 86400) { + ast_cli(a->fd, "%s%s for %d days, %d hours, %d minutes, %d seconds.\n", + status, status2, ctime / 86400, (ctime % 86400) / 3600, + (ctime % 3600) / 60, ctime % 60); + } else if (ctime > 3600) { + ast_cli(a->fd, "%s%s for %d hours, %d minutes, %d seconds.\n", + status, status2, ctime / 3600, (ctime % 3600) / 60, + ctime % 60); + } else if (ctime > 60) { + ast_cli(a->fd, "%s%s for %d minutes, %d seconds.\n", status, status2, + ctime / 60, ctime % 60); + } else { + ast_cli(a->fd, "%s%s for %d seconds.\n", status, status2, ctime); + } + + return CLI_SUCCESS; +} + +AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS, "LDAP realtime interface", + .load = load_module, + .unload = unload_module, + .reload = reload, +);