490 lines
16 KiB
PHP
490 lines
16 KiB
PHP
<?php
|
|
/*
|
|
FusionPBX
|
|
Version: MPL 1.1
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
the License. You may obtain a copy of the License at
|
|
http://www.mozilla.org/MPL/
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
for the specific language governing rights and limitations under the
|
|
License.
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
The Initial Developer of the Original Code is
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
Copyright (C) 2008-2013 All Rights Reserved.
|
|
|
|
Contributor(s):
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
*/
|
|
include "root.php";
|
|
require_once "resources/require.php";
|
|
include "resources/classes/template.php";
|
|
|
|
//set default variables
|
|
$dir_count = 0;
|
|
$file_count = 0;
|
|
$row_count = 0;
|
|
$tmp_array = '';
|
|
$device_template = '';
|
|
|
|
//get the domain_uuid
|
|
//get the domain
|
|
$domain_array = explode(":", $_SERVER["HTTP_HOST"]);
|
|
//get the domain_uuid
|
|
$sql = "select * from v_domains ";
|
|
$sql .= "where domain_name = '".$_SESSION['domain_name']."' ";
|
|
$prep_statement = $db->prepare($sql);
|
|
$prep_statement->execute();
|
|
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
|
foreach($result as $row) {
|
|
$_SESSION["domain_uuid"] = $row["domain_uuid"];
|
|
}
|
|
unset($result, $prep_statement);
|
|
|
|
//build the provision array
|
|
foreach($_SESSION['provision'] as $key=>$val) {
|
|
if (strlen($val['var']) > 0) { $value = $val['var']; }
|
|
if (strlen($val['text']) > 0) { $value = $val['text']; }
|
|
$provision[$key] = $value;
|
|
}
|
|
|
|
//if password was defined in the system -> variables page then require the password.
|
|
if (strlen($provision['password']) > 0) {
|
|
//deny access if the password doesn't match
|
|
if ($provision['password'] != check_str($_REQUEST['password'])) {
|
|
//log the failed auth attempt to the system, to be available for fail2ban.
|
|
openlog('FusionPBX', LOG_NDELAY, LOG_AUTH);
|
|
syslog(LOG_WARNING, '['.$_SERVER['REMOTE_ADDR']."] provision attempt bad password for ".check_str($_REQUEST['mac']));
|
|
closelog();
|
|
|
|
usleep(rand(1000000,3500000));//1-3.5 seconds.
|
|
echo "access denied";
|
|
return;
|
|
}
|
|
}
|
|
|
|
//send a request to a remote server to validate the MAC address and secret
|
|
if (strlen($_SERVER['auth_server']) > 0) {
|
|
$result = send_http_request($_SERVER['auth_server'], 'mac='.check_str($_REQUEST['mac']).'&secret='.check_str($_REQUEST['secret']));
|
|
if ($result == "false") {
|
|
echo "access denied";
|
|
exit;
|
|
}
|
|
}
|
|
|
|
//define PHP variables from the HTTP values
|
|
$mac = check_str($_REQUEST['mac']);
|
|
$file = check_str($_REQUEST['file']);
|
|
if (strlen(check_str($_REQUEST['template'])) > 0) {
|
|
$device_template = check_str($_REQUEST['template']);
|
|
}
|
|
|
|
//check alternate MAC source
|
|
if (empty($mac)){
|
|
if($_SERVER['HTTP_USER_AGENT'][strlen($_SERVER['HTTP_USER_AGENT'])-17-1] == " ") {
|
|
$mac = substr($_SERVER['HTTP_USER_AGENT'],-17);
|
|
} //Yealink: 17 digit mac appended to the user agent, so check for a space exactly 17 digits before the end.
|
|
}//check alternates
|
|
|
|
//prepare the mac address
|
|
//normalize the mac address to lower case
|
|
$mac = strtolower($mac);
|
|
//replace all non hexadecimal values and validate the mac address
|
|
$mac = preg_replace("#[^a-fA-F0-9./]#", "", $mac);
|
|
if (strlen($mac) != 12) {
|
|
echo "invalid mac address";
|
|
exit;
|
|
}
|
|
|
|
//use the mac address to find the vendor
|
|
switch (substr($mac, 0, 6)) {
|
|
case "00085d":
|
|
$device_vendor = "aastra";
|
|
break;
|
|
case "000e08":
|
|
$device_vendor = "linksys";
|
|
break;
|
|
case "0004f2":
|
|
$device_vendor = "polycom";
|
|
break;
|
|
case "00907a":
|
|
$device_vendor = "polycom";
|
|
break;
|
|
case "0080f0":
|
|
$device_vendor = "panasonic";
|
|
break;
|
|
case "001873":
|
|
$device_vendor = "cisco";
|
|
break;
|
|
case "a44c11":
|
|
$device_vendor = "cisco";
|
|
break;
|
|
case "0021A0":
|
|
$device_vendor = "cisco";
|
|
break;
|
|
case "30e4db":
|
|
$device_vendor = "cisco";
|
|
break;
|
|
case "002155":
|
|
$device_vendor = "cisco";
|
|
break;
|
|
case "68efbd":
|
|
$device_vendor = "cisco";
|
|
break;
|
|
case "00045a":
|
|
$device_vendor = "linksys";
|
|
break;
|
|
case "000625":
|
|
$device_vendor = "linksys";
|
|
break;
|
|
case "001565":
|
|
$device_vendor = "yealink";
|
|
break;
|
|
case "000413":
|
|
$device_vendor = "snom";
|
|
break;
|
|
case "000b82":
|
|
$device_vendor = "grandstream";
|
|
break;
|
|
case "00177d":
|
|
$device_vendor = "konftel";
|
|
break;
|
|
default:
|
|
$device_vendor = "";
|
|
}
|
|
|
|
//check to see if the mac_address exists in v_devices
|
|
if (mac_exists_in_devices($db, $mac)) {
|
|
//get the device_template
|
|
if (strlen($device_template) == 0) {
|
|
$sql = "SELECT * FROM v_devices ";
|
|
//$sql .= "where domain_uuid=:domain_uuid ";
|
|
$sql .= "where device_mac_address=:mac ";
|
|
$prep_statement_2 = $db->prepare(check_sql($sql));
|
|
if ($prep_statement_2) {
|
|
//$prep_statement_2->bindParam(':domain_uuid', $_SESSION['domain_uuid']);
|
|
$prep_statement_2->bindParam(':mac', $mac);
|
|
$prep_statement_2->execute();
|
|
$row = $prep_statement_2->fetch();
|
|
$device_uuid = $row["device_uuid"];
|
|
$device_label = $row["device_label"];
|
|
if (strlen($row["device_vendor"]) > 0) {
|
|
$device_vendor = strtolower($row["device_vendor"]);
|
|
}
|
|
$device_model = $row["device_model"];
|
|
$device_firmware_version = $row["device_firmware_version"];
|
|
$device_provision_enable = $row["device_provision_enable"];
|
|
$device_template = $row["device_template"];
|
|
$device_username = $row["device_username"];
|
|
$device_password = $row["device_password"];
|
|
$device_time_zone = $row["device_time_zone"];
|
|
$device_description = $row["device_description"];
|
|
}
|
|
}
|
|
//find a template that was defined on another phone and use that as the default.
|
|
if (strlen($device_template) == 0) {
|
|
$sql = "SELECT * FROM v_devices ";
|
|
$sql .= "where domain_uuid=:domain_uuid ";
|
|
$sql .= "and device_template like '%/%' ";
|
|
$prep_statement3 = $db->prepare(check_sql($sql));
|
|
if ($prep_statement3) {
|
|
$prep_statement3->bindParam(':domain_uuid', $_SESSION['domain_uuid']);
|
|
$prep_statement3->bindParam(':mac', $mac);
|
|
$prep_statement3->execute();
|
|
$row = $prep_statement3->fetch();
|
|
$device_label = $row["device_label"];
|
|
$device_vendor = strtolower($row["device_vendor"]);
|
|
$device_model = $row["device_model"];
|
|
$device_firmware_version = $row["device_firmware_version"];
|
|
$device_provision_enable = $row["device_provision_enable"];
|
|
$device_template = $row["device_template"];
|
|
$device_username = $row["device_username"];
|
|
$device_password = $row["device_password"];
|
|
$device_time_zone = $row["device_time_zone"];
|
|
$device_description = $row["device_description"];
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
//use the user_agent to pre-assign a template for 1-hit provisioning. Enter the a unique string to match in the user agent, and the template it should match.
|
|
$template_list=array(
|
|
"Linksys/SPA-2102"=>"linksys/spa2102",
|
|
"Linksys/SPA-3102"=>"linksys/spa3102",
|
|
"Linksys/SPA-9212"=>"linksys/spa921",
|
|
"Cisco/SPA301"=>"cisco/spa301",
|
|
"Cisco/SPA301D"=>"cisco/spa302d",
|
|
"Cisco/SPA303"=>"cisco/spa303",
|
|
"Cisco/SPA501G"=>"cisco/spa501g",
|
|
"Cisco/SPA502G"=>"cisco/spa502g",
|
|
"Cisco/SPA504G"=>"cisco/spa504g",
|
|
"Cisco/SPA508G"=>"cisco/spa508g",
|
|
"Cisco/SPA509G"=>"cisco/spa509g",
|
|
"Cisco/SPA512G"=>"cisco/spa512g",
|
|
"Cisco/SPA514G"=>"cisco/spa514g",
|
|
"Cisco/SPA525G2"=>"cisco/spa525g2",
|
|
"snom300-SIP"=>"snom/300",
|
|
"snom320-SIP"=>"snom/320",
|
|
"snom360-SIP"=>"snom/360",
|
|
"snom370-SIP"=>"snom/370",
|
|
"snom820-SIP"=>"snom/820",
|
|
"snom-m3-SIP"=>"snom/m3",
|
|
"yealink SIP-T20"=>"yealink/t20",
|
|
"yealink SIP-T22"=>"yealink/t22",
|
|
"yealink SIP-T26"=>"yealink/t26",
|
|
"Yealink SIP-T32"=>"yealink/t32",
|
|
"HW GXP1450"=>"grandstream/gxp1450",
|
|
"HW GXP2124"=>"grandstream/gxp2124",
|
|
"HW GXV3140"=>"grandstream/gxv3140",
|
|
"HW GXV3175"=>"grandstream/gxv3175",
|
|
"Wget/1.11.3"=>"konftel/kt300ip"
|
|
);
|
|
|
|
foreach ($template_list as $key=>$val){
|
|
if(stripos($_SERVER['HTTP_USER_AGENT'],$key)!== false) {
|
|
$device_template=$val;
|
|
break;
|
|
}
|
|
}
|
|
unset($template_list);
|
|
|
|
//mac address does not exist in the table so add it
|
|
$device_uuid = uuid();
|
|
$sql = "insert into v_devices ";
|
|
$sql .= "(";
|
|
$sql .= "domain_uuid, ";
|
|
$sql .= "device_uuid, ";
|
|
$sql .= "device_mac_address, ";
|
|
$sql .= "device_vendor, ";
|
|
$sql .= "device_model, ";
|
|
$sql .= "device_provision_enable, ";
|
|
$sql .= "device_template, ";
|
|
$sql .= "device_username, ";
|
|
$sql .= "device_password, ";
|
|
$sql .= "device_description ";
|
|
$sql .= ")";
|
|
$sql .= "values ";
|
|
$sql .= "(";
|
|
$sql .= "'".$_SESSION['domain_uuid']."', ";
|
|
$sql .= "'$device_uuid', ";
|
|
$sql .= "'$mac', ";
|
|
$sql .= "'$device_vendor', ";
|
|
$sql .= "'', ";
|
|
$sql .= "'true', ";
|
|
$sql .= "'$device_template', ";
|
|
$sql .= "'', ";
|
|
$sql .= "'', ";
|
|
$sql .= "'auto {$_SERVER['HTTP_USER_AGENT']}' ";
|
|
$sql .= ")";
|
|
$db->exec(check_sql($sql));
|
|
unset($sql);
|
|
}
|
|
|
|
//get the device settings table in the provision category and update the provision array
|
|
$sql = "SELECT * FROM v_device_settings ";
|
|
$sql .= "WHERE device_uuid = '".$device_uuid."' ";
|
|
$sql .= "AND device_setting_category = 'provision' ";
|
|
$sql .= "AND device_setting_enabled = 'true' ";
|
|
$sql .= "AND domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
|
$prep_statement = $db->prepare(check_sql($sql));
|
|
$prep_statement->execute();
|
|
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
|
$result_count = count($result);
|
|
foreach($result as $row) {
|
|
$key = $row['device_setting_subcategory'];
|
|
$value = $row['device_setting_value'];
|
|
$provision[$key] = $value;
|
|
}
|
|
unset ($prep_statement);
|
|
|
|
//if the domain name directory exists then only use templates from it
|
|
if (is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/resources/templates/provision/'.$_SESSION['domain_name'])) {
|
|
$device_template = $_SESSION['domain_name'].'/'.$device_template;
|
|
}
|
|
|
|
//if $file is not provided then look for a default file that exists
|
|
if (strlen($file) == 0) {
|
|
if (file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/".$device_template ."/{\$mac}")) {
|
|
$file = "{\$mac}";
|
|
}
|
|
elseif (file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/".$device_template ."/{\$mac}.xml")) {
|
|
$file = "{\$mac}.xml";
|
|
}
|
|
elseif (file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/".$device_template ."/{\$mac}.cfg")) {
|
|
$file = "{\$mac}.cfg";
|
|
}
|
|
else {
|
|
echo "file not found";
|
|
exit;
|
|
}
|
|
}
|
|
else {
|
|
//make sure the file exists
|
|
if (!file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/".$device_template ."/".$file)) {
|
|
echo "file not found";
|
|
exit;
|
|
}
|
|
}
|
|
|
|
//log file for testing
|
|
//$tmp_file = "/tmp/provisioning_log.txt";
|
|
//$fh = fopen($tmp_file, 'w') or die("can't open file");
|
|
//$tmp_string = $mac."\n";
|
|
//fwrite($fh, $tmp_string);
|
|
//fclose($fh);
|
|
|
|
//set variables for testing
|
|
//$line1_displayname= "1001";
|
|
//$line1_shortname= "1001";
|
|
//$line1_user_id= "1001";
|
|
//$line1_user_password= "1234.";
|
|
//$line1_server_address= "10.2.0.2";
|
|
//$line2_server_address= "";
|
|
//$line2_displayname= "";
|
|
//$line2_shortname= "";
|
|
//$line2_user_uuid= "";
|
|
//$line2_user_password= "";
|
|
//$line2_server_address= "";
|
|
//$server1_address= "10.2.0.2";
|
|
//$server2_address= "";
|
|
//$server3_address= "";
|
|
//$proxy1_address= "10.2.0.2";
|
|
//$proxy2_address= "";
|
|
//$proxy3_address= "";
|
|
|
|
//initialize a template object
|
|
$view = new template();
|
|
if (strlen($_SESSION['provision']['template_engine']['text']) > 0) {
|
|
$view->engine = $_SESSION['provision']['template_engine']['text']; //raintpl, smarty, twig
|
|
}
|
|
else {
|
|
$view->engine = "smarty";
|
|
}
|
|
$view->template_dir = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/".$device_template."/";
|
|
$view->cache_dir = $_SESSION['server']['temp']['dir'];
|
|
$view->init();
|
|
|
|
//replace the variables in the template in the future loop through all the line numbers to do a replace for each possible line number
|
|
|
|
//get the time zone
|
|
$time_zone_name = $_SESSION['domain']['time_zone']['name'];
|
|
if (strlen($time_zone_name) > 0) {
|
|
$time_zone_offset_raw = get_time_zone_offset($time_zone_name)/3600;
|
|
$time_zone_offset_hours = floor($time_zone_offset_raw);
|
|
$time_zone_offset_minutes = ($time_zone_offset_raw - $time_zone_offset_hours) * 60;
|
|
$time_zone_offset_minutes = number_pad($time_zone_offset_minutes, 2);
|
|
if ($time_zone_offset_raw > 0) {
|
|
$time_zone_offset_hours = number_pad($time_zone_offset_hours, 2);
|
|
$time_zone_offset_hours = "+".$time_zone_offset_hours;
|
|
}
|
|
else {
|
|
$time_zone_offset_hours = str_replace("-", "", $time_zone_offset_hours);
|
|
$time_zone_offset_hours = "-".number_pad($time_zone_offset_hours, 2);
|
|
}
|
|
$time_zone_offset = $time_zone_offset_hours.":".$time_zone_offset_minutes;
|
|
$view->assign("time_zone_offset" , $time_zone_offset);
|
|
}
|
|
|
|
//create a mac address with back slashes for backwards compatability
|
|
$mac_dash = substr($mac, 0,2).'-'.substr($mac, 2,2).'-'.substr($mac, 4,2).'-'.substr($mac, 6,2).'-'.substr($mac, 8,2).'-'.substr($mac, 10,2);
|
|
|
|
//get the provisioning information from device lines table
|
|
$sql = "SELECT * FROM v_device_lines ";
|
|
$sql .= "WHERE device_uuid = '".$device_uuid."' ";
|
|
$sql .= "AND domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
|
$prep_statement = $db->prepare(check_sql($sql));
|
|
$prep_statement->execute();
|
|
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
|
$result_count = count($result);
|
|
foreach($result as $row) {
|
|
$line_number = $row['line_number'];
|
|
$view->assign("server_address_".$line_number, $row["server_address"]);
|
|
$view->assign("outbound_proxy_".$line_number, $row["outbound_proxy"]);
|
|
$view->assign("display_name_".$line_number, $row["display_name"]);
|
|
$view->assign("auth_id_".$line_number, $row["auth_id"]);
|
|
$view->assign("user_id_".$line_number, $row["user_id"]);
|
|
$view->assign("user_password_".$line_number, $row["password"]);
|
|
}
|
|
unset ($prep_statement);
|
|
|
|
//set the mac address in the correct format
|
|
switch ($device_vendor) {
|
|
case "aastra":
|
|
$mac = strtoupper($mac);
|
|
break;
|
|
case "snom":
|
|
$mac = strtoupper($mac);
|
|
$mac = str_replace("-", "", $mac);
|
|
default:
|
|
$mac = strtolower($mac);
|
|
$mac = substr($mac, 0,2).'-'.substr($mac, 2,2).'-'.substr($mac, 4,2).'-'.substr($mac, 6,2).'-'.substr($mac, 8,2).'-'.substr($mac, 10,2);
|
|
}
|
|
|
|
//replace the variables in the template in the future loop through all the line numbers to do a replace for each possible line number
|
|
$view->assign("mac" , $mac);
|
|
$view->assign("label", $device_label);
|
|
$view->assign("firmware_version", $device_firmware_version);
|
|
$view->assign("domain_time_zone", $device_time_zone);
|
|
$view->assign("domain_name", $_SESSION['domain_name']);
|
|
$view->assign("project_path", PROJECT_PATH);
|
|
$view->assign("server1_address", $server1_address);
|
|
$view->assign("proxy1_address", $proxy1_address);
|
|
$view->assign("password",$password);
|
|
|
|
//replace the dynamic provision variables that are defined in default, domain, and device settings
|
|
foreach($provision as $key=>$val) {
|
|
$view->assign($key, $val);
|
|
}
|
|
|
|
//output template to string for header processing
|
|
$file_contents = $view->render($file);
|
|
|
|
//deliver the customized config over HTTP/HTTPS
|
|
//need to make sure content-type is correct
|
|
$cfg_ext = ".cfg";
|
|
if ($device_vendor === "aastra" && strrpos($file, $cfg_ext, 0) === strlen($file) - strlen($cfg_ext)) {
|
|
header("Content-Type: text/plain");
|
|
header("Content-Length: ".strlen($file_contents));
|
|
} else if ($device_vendor === "yealink") {
|
|
header("Content-Type: text/plain");
|
|
header("Content-Length: ".strval(strlen($file_contents)));
|
|
} else if ($device_vendor === "snom" && $device_template === "snom/m3") {
|
|
$file_contents = utf8_decode($file_contents);
|
|
header("Content-Type: text/plain; charset=iso-8859-1");
|
|
header("Content-Length: ".strlen($file_contents));
|
|
} else {
|
|
header("Content-Type: text/xml; charset=utf-8");
|
|
header("Content-Length: ".strlen($file_contents));
|
|
}
|
|
echo $file_contents;
|
|
|
|
//define the function which checks to see if the mac address exists in devices
|
|
function mac_exists_in_devices($db, $mac) {
|
|
$sql = "SELECT count(*) as count FROM v_devices ";
|
|
//$sql .= "WHERE domain_uuid=:domain_uuid ";
|
|
$sql .= "WHERE device_mac_address=:mac ";
|
|
$prep_statement = $db->prepare(check_sql($sql));
|
|
if ($prep_statement) {
|
|
//$prep_statement->bindParam(':domain_uuid', $_SESSION['domain_uuid']);
|
|
$prep_statement->bindParam(':mac', $mac);
|
|
$prep_statement->execute();
|
|
$row = $prep_statement->fetch();
|
|
$count = $row['count'];
|
|
if ($row['count'] > 0) {
|
|
return true;
|
|
}
|
|
else {
|
|
return false;
|
|
}
|
|
}
|
|
else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
?>
|