This patch adds authentication support to ARI.

Two authentication methods are supported. The first is HTTP Basic
authentication, as specified in RFC 2617[1]. The second is by simply
passing the username and password as an ?api_key query parameter
(which allows swagger-ui[2] to authenticate more easily).

ARI usernames and passwords are configured in the ari.conf file
(formerly known as stasis_http.conf). The user may be set to
`read_only`, which will prohibit the user from issuing POST, DELETE,
etc. Also, the user's password may be specified in either plaintext,
or encrypted using the crypt() function.

Several other notes about the patch.

 * A few command line commands for seeing ARI config and status were
   also added.
 * The configuration parsing grew big enough that I extracted it to
   its own file.

 [1]: http://www.ietf.org/rfc/rfc2617.txt [2]:
 https://github.com/wordnik/swagger-ui

(closes issue ASTERISK-21277)
Review: https://reviewboard.asterisk.org/r/2649/



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393530 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch started with the simple idea of changing the /events data
model to be more sane. The original model would send out events like:

    { "stasis_start": { "args": [], "channel": { ... } } }

The event discriminator was the field name instead of being a value in
the object, due to limitations in how Swagger 1.1 could model objects.
While technically sufficient in communicating event information, it was
really difficult to deal with in terms of client side JSON handling.

This patch takes advantage of a proposed extension[1] to Swagger which
allows type variance through the use of a discriminator field. This had
a domino effect that made this a surprisingly large patch.

 [1]: https://groups.google.com/d/msg/wordnik-api/EC3rGajE0os/ey_5dBI_jWcJ

In changing the models, I also had to change the swagger_model.py
processor so it can handle the type discriminator and subtyping. I took
that a big step forward, and using that information to generate an
ari_model module, which can validate a JSON object against the Swagger
model.

The REST and WebSocket generators were changed to take advantage of the
validators. If compiled with AST_DEVMODE enabled, JSON objects that
don't match their corresponding models will not be sent out. For REST
API calls, a 500 Internal Server response is sent. For WebSockets, the
invalid JSON message is replaced with an error message.

Since this took over about half of the job of the existing JSON
generators, and the .to_json virtual function on messages took over the
other half, I reluctantly removed the generators.

The validators turned up all sorts of errors and inconsistencies in our
data models, and the code. These were cleaned up, with checks in the
code generator avoid some of the consistency problems in the future.

 * The model for a channel snapshot was trimmed down to match the
   information sent via AMI. Many of the field being sent were not
   useful in the general case.
 * The model for a bridge snapshot was updated to be more consistent
   with the other ARI models.

Another impact of introducing subtyping was that the swagger-codegen
documentation generator was insufficient (at least until it catches up
with Swagger 1.2). I wanted it to be easier to generate docs for the API
anyways, so I ported the wiki pages to use the Asterisk Swagger
generator. In the process, I was able to clean up many of the model
links, which would occasionally give inconsistent results on the wiki. I
also added error responses to the wiki docs, making the wiki
documentation more complete.

Finally, since Stasis-HTTP will now be named Asterisk REST Interface
(ARI), any new functions and files I created carry the ari_ prefix. I
changed a few stasis_http references to ari where it was non-intrusive
and made sense.

(closes issue ASTERISK-21885)
Review: https://reviewboard.asterisk.org/r/2639/



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393529 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch moves the RESTful URL's around to more appropriate
locations for release.

The /stasis URL's are moved to /ari, since Asterisk REST Interface was
a more appropriate name than Stasis-HTTP. (Most of the code still has
stasis_http references, but they will be cleaned up after there are no
more outstanding branches that would have merge conflicts with such a
change).

A larger change was moving the ARI events WebSocket off of the shared
/ws URL to its permanent home on /ari/events. The Swagger code
generator was extended to handle "upgrade: websocket" and
"websocketProtocol:" attributes on an operation.

The WebSocket module was modified to better handle WebSocket servers
that have a single registered protocol handler. If a client
connections does not specify the Sec-WebSocket-Protocol header, and
the server has a single protocol handler registered, the WebSocket
server will go ahead and accept the client for that subprotocol.

(closes issue ASTERISK-21857)
Review: https://reviewboard.asterisk.org/r/2621/



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393528 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This only gets sent out if configured in asterisk.conf

(closes issue ASTERISK-21494)


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393508 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393500 65c4cc65-6c06-0410-ace0-fbb531ad65f3

* Removed some unnecessary code in start_mixmonitor_callback().


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393496 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393494 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393493 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393490 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393489 65c4cc65-6c06-0410-ace0-fbb531ad65f3

The option had not been converted to use the replacement for
ast_bridged_channel().  One touch mixmonitor now records files again.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393487 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393485 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393484 65c4cc65-6c06-0410-ace0-fbb531ad65f3

I ended up using a bridge blob, so this structure was
unused. Keeping it in the header would just cause confusion.



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393463 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Refactored the AMI events in AOC onto Stasis-Core.  The ast_aoc_manager_event
function now publishes a channel snapshot, along with a JSON blob describing
the advice of charge.  A "to_ami" handler has also been added that converts
the channel snapshot and AOC event data back into the appropriate data structure
for use with AMI.

(closes issue ASTERISK-21472)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2643/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393449 65c4cc65-6c06-0410-ace0-fbb531ad65f3

If no matching endpoint is found for the incoming request Asterisk will respond
with a 401 Unauthorized (rejecting the request), but will first challenge if
no authorization creditials are given.

Changes also included moving ACL options into a new global 'security'
configuration section in res_sip.conf.

(closes issue ASTERISK-21433)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2554/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393442 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393429 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This adds several unit tests for CEL functionality and provides the
requisite framework for creating additional unit tests.

This also cleans up some reference leaks that were occurring in
Stasis-Core message callback code.

Review: https://reviewboard.asterisk.org/r/2646/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393410 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Fix issue with inability to cancell call transfer made by on-sceen menus.

Reported by: Igor Olhovskiy
........

Merged revisions 393395 from http://svn.asterisk.org/svn/asterisk/branches/11


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393396 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Don't regenrate cat.cfg, ca.crt and ca.key if they were already created
on a previous run.

(closes issue ASTERISK-21932)


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393383 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Added the ability to send unsolicited NOTIFY requests to a particular endpoint
with a configured payload.  Added both CLI and AMI support.  For a given
endpoint, this module will iterate over all its contacts sending the appropriate
NOTIFY request to each.

(closes issue ASTERISK-21436)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2623/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393364 65c4cc65-6c06-0410-ace0-fbb531ad65f3

The originate APIs allow callers to provide a pointer to a channel that will
point to the originated channel if the function call succeeds. This is used by AMI
to provide channel information when the originate is performed synchronously.
Unfortunately, if the originate fails in certain ways, the outbound channel is
already disposed of during the dialing itself. This results in the channel being
improperly dereferenced by the internal originate function in pbx.c.

This patch ref bumps the channel to prevent this from occurring. Callers must now
unlock and unref the channel (which is more in line with general channel management
guidelines anyway).

This only affects manager, as it is the only consumer of this API function that
actually passes in a channel pointer.

Review: https://reviewboard.asterisk.org/r/2617/

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393361 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This puts the channel on hold (rather than queueing a frame from the channel).

(closes issue ASTERISK-21619)

Review: https://reviewboard.asterisk.org/r/2647/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393332 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This creates a new outbound channel, and bridges it to a channel already in
the Stasis application.

(closes issue ASTERISK-21620)

Review: https://reviewboard.asterisk.org/r/2634/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393326 65c4cc65-6c06-0410-ace0-fbb531ad65f3

In addition to porting those features, they now enjoy greater feature parity
with one another. Specifically, AutoMixMon now has a start and stop
message that can be specified with TOUCH_MIXMONITOR_MESSAGE_START and
TOUCH_MIXMONITOR_MESSAGE_STOP.

(closes issue ASTERISK-21553)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2620/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393309 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This change removes JitterBufStats, ChannelReload, and ChannelUpdate
and refactors the following events to travel over Stasis-Core:
* LocalBridge
* DAHDIChannel
* AlarmClear
* SpanAlarmClear
* Alarm
* SpanAlarm
* DNDState
* MCID
* SIPQualifyPeerDone
* SessionTimeout

Review: https://reviewboard.asterisk.org/r/2627/
(closes issue ASTERISK-21476)


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393284 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393264 65c4cc65-6c06-0410-ace0-fbb531ad65f3

(closes issue ASTERISK-21452)

Review: https://reviewboard.asterisk.org/r/2630/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393262 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393241 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393240 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393239 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393219 65c4cc65-6c06-0410-ace0-fbb531ad65f3

(closes issue ASTERISK-21644)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2615/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393197 65c4cc65-6c06-0410-ace0-fbb531ad65f3

(issue ASTERISK-21544)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2588/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393190 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Things may no longer behave in an unexpected fashion.  Local channel
optimization to holding bridges will work again.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393184 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This creates stasis messages that are sent during a blind or
attended transfer. The stasis messages also are converted to
AMI events.

Review: https://reviewboard.asterisk.org/r/2619

(closes issue ASTERISK-21337)
Reported by Matt Jordan



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393182 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Originated channels are a bit odd - they are technically a dialed channel (thus
the party B or peer) but, since there is no caller, they are treated as the
party A. When entering into a bridge that already contains participants, the CDR
engine - if the CDR record is in the Dial state - attempts to match the person
entering the bridge with an existing participant. The idea is that if you dialed
someone and the person you dialed is already in the bridge, you don't need a new
CDR record, the existing CDR record describes the relationship.

Unfortunately, for an originated channel, there is no Party B. If no one was in
the bridge this didn't cause any issues; however, if participants were in the
bridge the CDR engine would attempt to match a non-existant Party B on the
channel's CDR record and explode.

This patch fixes that, and a unit test has been added to cover this case.



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393164 65c4cc65-6c06-0410-ace0-fbb531ad65f3

The old way didn't make much sense, so some of the fields were repurposed.

(closes issue ASTERISK-21658)

Review: https://reviewboard.asterisk.org/r/2626/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393144 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Parking typically occurs when a channel is transferred to a parking extension.
When this occurs, the channel never actually hits the dialplan if the extension
it was transferred to was a "parking extension", that is, the extension in
the first priority calls the Park application. Instead, the channel is
immediately sent into the holding bridge acting as the parking bridge.

This is problematic.

Because we never go out to the dialplan, the CDRs won't transition properly
and the application field will not be set to "Park". CDRs typically swallow
holding bridges, so the CDR itself won't even be generated.

This patch handles this by pulling out the holding bridge handling into its
own CDR state. CDRs now have an explicit parking state that accounts for this
specific subclass of the holding bridge. In addition, we handle the parking
stasis message to set application specific data on the CDR such that the
last known application for the CDR properly reflects "Park".

This is a bit sad since we're working around the odd internal implementation
of parking that exists in Asterisk (and that we had to maintain in order to
continue to meet some odd use cases of parking), but at least the code to
handle that is where it belongs: in CDRs as opposed to sprinkled liberally
throughout the codebase.

This patch also properly clears the OUTBOUND channel flag from a channel when
it leaves a bridge, and tweaks up dialing handling to properly compare the
correct CDR with the channel calling/being dialed.




git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393130 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393128 65c4cc65-6c06-0410-ace0-fbb531ad65f3