login | register
Fri 22 of Aug, 2008 [00:25 UTC]

voip-info.org

Discuss [12] History

Asterisk authenticate using voicemail passwords

Created by: Andre_C10002,Last modification on Sat 10 of Jun, 2006 [07:44 UTC] by ghenry
I got full of having to tell users that we couldn't use their voicemail password in other
application, so I wrote this simple AGI script that parses voicemail.conf contents and
checks for a match against provided extension and password. It returns 0 on
success or 1 on failure.

Hope it help others to integrate application passwords.


chk_vm_pwd.agi


#!/usr/bin/perl

# AGI script that searchs for a match on an extension and password in 
# a voicemail.conf file
#
# Parameters: <voicemail config file path> | <extension> | <password>
#
#
# Written by: Andre D. Correa <andre(at)pobox.com> (03/jun/2005)
#

# Added by Suretec Systems Ltd - 10/06/2006
use strict;
use warnings;

use Asterisk::AGI;
$AGI = new Asterisk::AGI;
my %input = $AGI->ReadParse();

# Set variables according to supplied arquments
# Variables sanitation is not an issue as it is being run from extentions.conf
$vmconf = $ARGV[0];
$exten = $ARGV[1];
$pwd = $ARGV[2];

# Open VoiceMail configuration file read only
open VMCONF, "<$vmconf";
       @vmconf_lines = <VMCONF>;
close VMCONF;
&error_msg("Cannot open $vmconf file read only.") if $#vmconf_lines eq -1;

foreach (@vmconf_lines){
       next if $_ !~ /^\d/;
       $_ =~ s/\s//iog;
       $_ =~ s/=>/=/iog;
       $_ =~ s/=/\,/;
       (@line_args) = split(/\,/, $_);
       if ($exten eq $line_args[0]){ # We got the right extension
               if ($pwd eq $line_args[1]){ # User provided the right pwd
                       $AGI->set_variable('result','0');
               } else { # Wrong password - bye!
                       $AGI->set_variable('result','1');
               }
       }
}

exit;


sub error_msg() {
       my($err_msg) = @_;
       $AGI->verbose($err_msg);
       $AGI->hangup();
       die $err_msg;
}


To use it I make sonething like this in my extensions.conf file:

 exten => *122,1,Answer()
 exten => *122,2,Read(ext_num,vm-extension)
 exten => *122,3,Wait(1)
 exten => *122,4,Read(ext_pwd,vm-password)
 exten => *122,5,Wait(1)
 exten => *122,6,agi,chk_vm_pwd.agi|/etc/asterisk/voicemail.conf|${ext_num}|${ext_pwd}
 exten => *122,7,GotoIf($[["${result}" = "0"]?20:30)
 exten => *122,20,Playback(agent-loginok)
 exten => *122,21,Hangup()
 exten => *122,30,PlayBack(invalid)
 exten => *122,31,Hangup()

With this you can make all of your applications authenticate with the voicemail password. For sure a more robust authentication scheme is needed to Asterisk, meanwhile this will do the job.

I hope to make the script work looking on a MySQL database. I'll update this page if and when I have it done. Have fun!

Again, in PHP format

Another version, slightly simpler use written by Corey Frang. Uses PHP.


vm-pw.agi

#!/usr/bin/php -q
<?
 ob_implicit_flush(false);
 error_reporting(0);
 set_time_limit(5);

 $stdin = fopen('php://stdin', 'r');
 $stdlog = fopen('/var/log/asterisk/agitest.log', 'a');
 $debug = 0;

function read() { 
 global $stdin; 
 $input = str_replace("\n", "", fgets($stdin, 4096)); 
 dlog("read: $input\n"); 
 return $input; 


function write($line) { 
 dlog("write: $line\n"); 
 echo $line."\n"; 


function dlog($line) {
 global $debug, $stdlog;
 if ($debug) fputs($stdlog, $line);
}

// parse agi headers into array 
while ($env=read()) { 
 $s = split(": ",$env); 
 $agi[str_replace("agi_","",$s0)] = trim($s1);
 if $env == "")  { 
   break; 
 } 


$vmbox = $_SERVER["argv"][1];
$vmbox = trim($vmbox);
$parts = split("@",$vmbox);


$pwauth = 0;

$fp = fopen("/etc/asterisk/voicemail.conf","r");
while ($s = fgets($fp))
{
 if ($s{0} == ";") continue;
 $s = trim($s);
if (preg_match("/^\[(.*)\]/i", $s, $match))
 {
  if (strtolower($match[1]) == strtolower($parts[1]))
  {
    $right = 1; dlog($s."\n");
  } else {
    $right = 0;
  }
 }
if ($right && preg_match("/^(".$parts[0].")\s*\=\>\s*(\d*)/",$s,$match))
 {
   if (strtolower($match[1]) == strtolower($parts[0]))
   {
     $pwauth = $match[2]; dlog($pwauth."\n");
     fclose($fp);
   }
 }
}

if ($pwauth) {
  write("EXEC Authenticate $pwauth");
  $result = read();
  $resultcode = split("=", $result);
  if ($resultcode[1] == -1)
  {
    write("Hangup");
    read();
  }
} else {
  write("Hangup");
  read();
}

// clean up file handlers etc. 
fclose($in); 
fclose($stdlog); 
exit;  
 
?>


extensions.conf - example

exten => 120,1,Answer()
exten => 120,2,AGI(vm-pw.agi,2205@pstn)
exten => 120,3,Playback(lots-o-monkeys)

The only argument to this AGI is the extension and voicemail context to use. It uses "Authenticate" to get the password.

Comments

Comments Filter
222

333VMAuthenticate is a better command

by dayssincethedoor, Tuesday 03 of October, 2006 [21:21:18 UTC]
Rather than using these agi scripts people really should use the command VMAuthenticate(). It does the same thing. I know the command is in version 1.2.7 and it was first posted on voip-info.org in Aug. of 2005.

http://www.voip-info.org/wiki/index.php?page=Asterisk%20cmd%20VMAuthenticate
222

333Help please

by Holger, Wednesday 05 of July, 2006 [21:19:42 UTC]
My agents cannot seem to login to their queue correctly. Is there a way I can restrict invalid logins to the queue so that my system doesn't go beserk when they put in *20 or 20221? any help greatly appreciated, I have searched all boards and read thru the guides and seem to be stuck. Thank you so much.. Teresa

email
teresa@expressautotransport.com
222

333Help please

by Holger, Wednesday 05 of July, 2006 [21:19:31 UTC]
My agents cannot seem to login to their queue correctly. Is there a way I can restrict invalid logins to the queue so that my system doesn't go beserk when they put in *20 or 20221? any help greatly appreciated, I have searched all boards and read thru the guides and seem to be stuck. Thank you so much.. Teresa

email
teresa@expressautotransport.com
222

333Help please

by Holger, Wednesday 05 of July, 2006 [21:18:57 UTC]
My agents cannot seem to login to their queue correctly. Is there a way I can restrict invalid logins to the queue so that my system doesn't go beserk when they put in *20 or 20221? any help greatly appreciated, I have searched all boards and read thru the guides and seem to be stuck. Thank you so much.. Teresa

email
teresa@expressautotransport.com
222

333having problems with this

by vonageref, Thursday 01 of December, 2005 [21:11:08 UTC]
Hi,
I tried using the agi but it never seems to be able to set the result. hence it always goes to invalid can you please tell me what I'm doing wrong?
see my cli output:
   — Executing AGI("Zap/1-1", "chk_vm_pwd.agi|/etc/asterisk/voicemail.conf|70103|1234") in new stack
   — Launched AGI Script /var/lib/asterisk/agi-bin/chk_vm_pwd.agi
   — AGI Script chk_vm_pwd.agi completed, returning 0
   — Executing GotoIf("Zap/1-1", "0?20:30") in new stack


Also my extension.conf is below:

exten => s,5,Read(ext_pwd,vm-password)
exten => s,6,Wait(1)
exten => s,7,agi,chk_vm_pwd.agi|/etc/asterisk/voicemail.conf|${ext_num}|${ext_pwd}
exten => s,8,GotoIf($${result} : 1?20:30)

is doesn't seem to parse result back to the extension?
Any help will be appreciated
222

333Re: Yep :-)

by hfwang, Wednesday 29 of June, 2005 [17:57:13 UTC]
even my quote about the brackets is missing in this post ;-)
222

333Yep :-)

by hfwang, Wednesday 29 of June, 2005 [17:56:28 UTC]
Thanks for your last post, I just found out together with a friend that the wiki syntax 'f******' your script due to the missing ' '

I changed the returning value to 1 being positive and 0 for being negative. Just seemed more logical to me.

As for the script functinality itself... It simply works beautifully!!
I have created a 'HotDesk' dialplan, where there are no (visible device-extensions numbers, but just user numbers. User number are mapped to the device onto wich the user logges on to.

Simply put, walk to a phone, login and that phone is your extension, including voicemail and all other goodies. No need to inform anybody where 'you are at'. Walk to anohter phone and login, you will be automagically logged out of the other device. Logoff ll together and all goes to VM until the next time you login on a device.

Thanks for you great script, it was my missing puzzle piece!
222

333Re: Typo??

by kumar_birju, Tuesday 28 of June, 2005 [08:28:43 UTC]
Hi , i also have a problem in passing the arg in agi script and accessing the passed value in the agi script for the calculation as if it be an integer. have u any way to solve the problem?



                           Thanks in advance

222

333ARGV problem fixed

by Andre_C10002, Wednesday 22 of June, 2005 [16:46:21 UTC]
I found a way to fix the ARGV[] issue. The script should be fine now. Sorry for the inconvenience. Hopefully I'll find time to review the script regarding user suggestions.

tks
222

333As I said...

by Andre_C10002, Wednesday 22 of June, 2005 [15:07:26 UTC]
As I said before this is my quick and dirty solution to a problem I faced. For sure there are lots of options and improvements like: environ variables, no args, don't parsing the whole file, etc... I didn't gave myself the time to think about then. Please contribute to the community.

The real issue here is that Tiki evaluated my ARGV as a web link which is wrong. I don't know how to fix this, it should be easy. If anybody know please fix it. Meanwhile, please get the script from the tiki source. Sorry for that.

I'll try to find time to think about the sugestions and post a revised script later.