include_once 'db.php'; include_once 'lib/BigInteger.php'; include_once 'lib/phpseclib1.0.1/Crypt/RSA.php'; dump("HOBA: Starting New Login"); foreach (getallheaders() as $name => $value) { //dump("Header:" . $name . " " . $value); if ($name == "Authorization" && stripos($value, "hoba") > -1) { list($junk, $authStr) = explode("result=", $value); $kidB64 = strtok($authStr, "."); $chalB64 = strtok("."); $nonceB64 = strtok("."); $sig = base64url_decode(strtok(".")); } } //dump("kidB64:" . $kidB64 . " chalB64:" . $chalB64 . " nonceB64:" . $nonceB64 ." sig:" . $sig); if (checkChal($chalB64, getPeer())) { dump("HOBA: Challenge accepted"); } else { dump("HOBA: Challenge failed"); setFailCookie(); exit(1); } $kid = base64url_decode($kidB64); $tbsOrigin = "https://" . $_SERVER['SERVER_NAME'] . ":" . $_SERVER['SERVER_PORT']; $sigText = genTbsBlob($nonceB64, $GLOBALS['alg'], $tbsOrigin, $kidB64, $chalB64); dbLogin(); $device = dbGetDeviceByKid($kid); if (!$device) { dump("HOBA: kid not found"); setFailCookie(); dbLogout();
function sendChallenge() { $chal = getChal(getPeer()); header('WWW-Authenticate: HOBA: challenge=' . $chal . ",expires=" . $GLOBALS['chalTimeout']); header('HTTP/1.0 401 Unauthorized'); }
<?php /* The file is part of the HOBA server. HOBA server is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. HOBA server is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. Copyright (C) 2016, Andrew McConachie, <*****@*****.**> */ include_once 'globals.php'; include_once 'crypto.php'; $chal = getChal(getPeer()); header('WWW-Authenticate: HOBA: challenge=' . $chal . ",expires=" . $GLOBALS['chalTimeout']);
function buildAsteriskInfo() { global $astman; global $astver; $arr = array("Uptime" => "show uptime", "Active SIP Channel(s)" => "sip show channels", "Active IAX2 Channel(s)" => "iax2 show channels", "Sip Registry" => "sip show registry", "IAX2 Registry" => "iax2 show registry", "Sip Peers" => "sip show peers", "IAX2 Peers" => "iax2 show peers"); if (ASTERISK_VERSION == '1_4' || ASTERISK_VERSION == '1_6') { $arr['Uptime'] = 'core show uptime'; } $htmlOutput = '<div style="color:#000000;font-size:12px;margin:10px;">'; $htmlOutput .= '<table border="1" cellpadding="10">'; foreach ($arr as $key => $value) { $response = $astman->send_request('Command', array('Command' => $value)); $astout = explode("\n", $response['data']); switch ($key) { case 'Uptime': $uptime = $astout; $htmlOutput .= '<tr><td colspan="2">' . $uptime[1] . "<br />" . $uptime[2] . "<br /></td>"; $htmlOutput .= '</tr>'; break; case 'Active SIP Channel(s)': $activeSipChannel = $astout; $activeSipChannel_count = getActiveChannel($activeSipChannel, $channelType = 'SIP'); $htmlOutput .= '<tr>'; $htmlOutput .= "<td>Active Sip Channels: " . $activeSipChannel_count . "</td>"; break; case 'Active IAX2 Channel(s)': $activeIAX2Channel = $astout; $activeIAX2Channel_count = getActiveChannel($activeIAX2Channel, $channelType = 'IAX2'); $htmlOutput .= "<td>Active IAX2 Channels: " . $activeIAX2Channel_count . "</td>"; $htmlOutput .= '</tr>'; break; break; case 'Sip Registry': $sipRegistration = $astout; $sipRegistration_count = getRegistration($sipRegistration, $channelType = 'SIP'); $htmlOutput .= '<tr>'; $htmlOutput .= "<td>SIP Registrations: " . $sipRegistration_count . "</td>"; break; case 'IAX2 Registry': $iax2Registration = $astout; $iax2Registration_count = getRegistration($iax2Registration, $channelType = 'IAX2'); $htmlOutput .= "<td>IAX2 Registrations: " . $iax2Registration_count . "</td>"; $htmlOutput .= '</tr>'; break; case 'Sip Peers': $sipPeer = $astout; $sipPeer_arr = getPeer($sipPeer, $channelType = 'SIP'); if ($sipPeer_arr['offline'] != 0) { $sipPeerColor = 'red'; } else { $sipPeerColor = '#000000'; } $htmlOutput .= '<tr>'; $htmlOutput .= "<td>SIP Peers<br /> Online: " . $sipPeer_arr['online'] . "<br /> Offline: <span style=\"color:" . $sipPeerColor . ";font-weight:bold;\">" . $sipPeer_arr['offline'] . "</span></td>"; break; case 'IAX2 Peers': $iax2Peer = $astout; $iax2Peer_arr = getPeer($iax2Peer, $channelType = 'IAX2'); if ($iax2Peer_arr['offline'] != 0) { $iax2PeerColor = 'red'; } else { $iax2PeerColor = '#000000'; } $htmlOutput .= "<td>IAX2 Peers<br /> Online: " . $iax2Peer_arr['online'] . "<br /> Offline: <span style=\"color:" . $iax2PeerColor . ";font-weight:bold;\">" . $iax2Peer_arr['offline'] . "</span><br /> Unmonitored: " . $iax2Peer_arr['unmonitored'] . "</td>"; $htmlOutput .= '</tr>'; break; default: } } $htmlOutput .= '</table>'; return $htmlOutput . "</div>"; }
function buildAsteriskInfo() { global $astman; global $astver; $uptime = _("Uptime: "); $activesipchannels = _("Active SIP Channel(s): "); $activeiax2channels = _("Active IAX2 Channel(s): "); $sipregistry = _("Sip Registry: "); $iax2registry = _("IAX2 Registry: "); $sippeers = _("Sip Peers: "); $iax2peers = _("IAX2 Peers: "); $arr = array($uptime => "show uptime", $activesipchannels => "sip show channels", $activeiax2channels => "iax2 show channels", $sipregistry => "sip show registry", $iax2registry => "iax2 show registry", $sippeers => "sip show peers", $iax2peers => "iax2 show peers"); if (version_compare($astver, '1.4', 'ge')) { $arr[$uptime] = 'core show uptime'; } $htmlOutput = '<div style="color:#000000;font-size:12px;margin:10px;">'; $htmlOutput .= '<table border="1" cellpadding="10">'; foreach ($arr as $key => $value) { $response = $astman->send_request('Command', array('Command' => $value)); $astout = explode("\n", $response['data']); switch ($key) { case $uptime: $uptime = $astout; $htmlOutput .= '<tr><td colspan="2">' . $uptime[1] . "<br />" . $uptime[2] . "<br /></td>"; $htmlOutput .= '</tr>'; break; case $activesipchannels: $activeSipChannel = $astout; $activeSipChannel_count = getActiveChannel($activeSipChannel, $channelType = 'SIP'); $htmlOutput .= '<tr>'; $htmlOutput .= "<td>" . $key . $activeSipChannel_count . "</td>"; break; case $activeiax2channels: $activeIAX2Channel = $astout; $activeIAX2Channel_count = getActiveChannel($activeIAX2Channel, $channelType = 'IAX2'); $htmlOutput .= "<td>" . $key . $activeIAX2Channel_count . "</td>"; $htmlOutput .= '</tr>'; break; break; case $sipregistry: $sipRegistration = $astout; $sipRegistration_count = getRegistration($sipRegistration, $channelType = 'SIP'); $htmlOutput .= '<tr>'; $htmlOutput .= "<td>" . $key . $sipRegistration_count . "</td>"; break; case $iax2registry: $iax2Registration = $astout; $iax2Registration_count = getRegistration($iax2Registration, $channelType = 'IAX2'); $htmlOutput .= "<td>" . $key . $iax2Registration_count . "</td>"; $htmlOutput .= '</tr>'; break; case $sippeers: $sipPeer = $astout; $sipPeer_arr = getPeer($sipPeer, $channelType = 'SIP'); if ($sipPeer_arr['offline'] != 0) { $sipPeerColor = 'red'; } else { $sipPeerColor = '#000000'; } $htmlOutput .= '<tr>'; if (version_compare($astver, '1.4', 'ge')) { $htmlOutput .= "<td>" . $key . "<br /> " . _("Online: ") . $sipPeer_arr['online'] . "<br /> " . _("Online-Unmonitored: ") . $sipPeer_arr['online-unmonitored']; $htmlOutput .= "<br /> " . _("Offline: ") . "<span style=\"color:" . $sipPeerColor . ";font-weight:bold;\">" . $sipPeer_arr['offline'] . "</span><br /> " . _("Offline-Unmonitored: ") . "<span style=\"color:" . $sipPeerColor . ";font-weight:bold;\">" . $sipPeer_arr['offline-unmonitored'] . "</span></td>"; } else { $htmlOutput .= "<td>" . $key . "<br /> " . _("Online: ") . $sipPeer_arr['online'] . "<br /> " . _("Offline: ") . "<span style=\"color:" . $sipPeerColor . ";font-weight:bold;\">" . $sipPeer_arr['offline'] . "</span></td>"; } break; case $iax2peers: $iax2Peer = $astout; $iax2Peer_arr = getPeer($iax2Peer, $channelType = 'IAX2'); if ($iax2Peer_arr['offline'] != 0) { $iax2PeerColor = 'red'; } else { $iax2PeerColor = '#000000'; } $htmlOutput .= "<td>" . $key . "<br /> " . _("Online: ") . $iax2Peer_arr['online'] . "<br /> " . _("Offline: ") . "<span style=\"color:" . $iax2PeerColor . ";font-weight:bold;\">" . $iax2Peer_arr['offline'] . "</span><br /> " . _("Unmonitored: ") . $iax2Peer_arr['unmonitored'] . "</td>"; $htmlOutput .= '</tr>'; break; default: } } $htmlOutput .= '</table>'; return $htmlOutput . "</div>"; }