opensips/opensips.patch.uac@9dacbd1d1aa2
opensips/opensips.patch.uac
Fri, 07 Sep 2012 19:08:07 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Fri, 07 Sep 2012 19:08:07 +0200
- changeset 667
- 9dacbd1d1aa2
- parent 382
- b972dc20871f
- permissions
- -rw-r--r--
Correct build configuration in Solaris subdir, correct english grammar,
remove irrelevant strip notice, introduce custom CFLAG logic, facilitate
use of Solaris Studio compiler with needed build configuration
adjustments, conditionally build 64 bit position independent code,
and accommodate tun(7) in newer Solaris releases by renaming driver
and module from conflicting 'tun' to 'vtun'. These changes include
some nonstandard 'I give up' logic causing out of tree builds by
manipulating the PATH, for example.
1 Index: modules/uac/auth.c
2 diff -Nau modules/uac/auth.c.orig modules/uac/auth.c
3 --- modules/uac/auth.c.orig 2008-08-03 15:53:40.000000000 +0200
4 +++ modules/uac/auth.c 2009-03-24 21:48:53.478867420 +0100
5 @@ -143,14 +143,172 @@
6 HASHHEX response;
7 str *new_hdr;
9 + /* pretransact */
10 + int nret = 0;
11 + pv_value_t pv_val;
12 + str *newuri = 0;
13 + struct uac_credential *tst = 0;
14 + struct hdr_field *tmp_hdr = 0;
15 + struct hdr_field *del_hdr = 0;
16 +
17 +
18 + /* Goes something like this... */
19 + /* HA1 = echo -n 'username:realm:password' | md5sum */
20 + /* echo -n 'itsme:mydom.com:stupidpass' | md5sum */
21 + /* HA2 = echo -n 'message:uri' | md5sum */
22 + /* echo -n 'INVITE:sip:danc@ing.fool.es' | md5sum */
23 + /* Response = echo -n 'HA1:nonce:HA2' | md5sum */
24 /* get transaction */
25 t = uac_tmb.t_gett();
26 - if (t==T_UNDEFINED || t==T_NULL_CELL)
27 - {
28 - LM_CRIT("no current transaction found\n");
29 - goto error;
30 - }
31 + if (t==T_UNDEFINED || t==T_NULL_CELL) {
32 + /* begin without any transaction */
33 + /* set relevant structure variables */
34 + crd = 0;
35 + crd = pkg_malloc(sizeof(struct uac_credential));
36 + if (!crd) {
37 + LM_ERR("no more pkg memory\n");
38 + goto error;
39 + }
40 +
41 + /* set the realm from existing UAC message */
42 + tmp_hdr = msg->proxy_auth;
43 + del_hdr = 0;
44 + while (tmp_hdr) {
45 + crd->realm.s = strchr(strstr(tmp_hdr->body.s, "realm="), '"') + 1;
46 + crd->realm.len = strchr(crd->realm.s, '"') - crd->realm.s;
47 + if(pv_get_spec_value(msg, &auth_realm_spec, &pv_val)==0 \
48 + && pv_val.rs.len>0) /* ensure realm is the desired one */
49 + if (strncmp(crd->realm.s, pv_val.rs.s, crd->realm.len)==0)
50 + del_hdr = tmp_hdr;
51 + tmp_hdr = tmp_hdr->sibling;
52 + }
53 + if (del_hdr)
54 + crd->realm = pv_val.rs; /* success */
55 + else
56 + nret++; /* failure */
57 +
58 + /* set username from new AVP proxy values */
59 + if(pv_get_spec_value(msg, &auth_username_spec, &pv_val)!=0 \
60 + || pv_val.flags&PV_VAL_NULL || pv_val.rs.len<=0)
61 + nret++; /* signal failure with nonzero value */
62 + else
63 + crd->user = pv_val.rs;
64 +
65 + /* set password from new AVP proxy values */
66 + if(pv_get_spec_value(msg, &auth_password_spec, &pv_val)!=0 \
67 + || pv_val.flags&PV_VAL_NULL || pv_val.rs.len<=0)
68 + nret++; /* signal failure with nonzero value */
69 + else
70 + crd->passwd = pv_val.rs;
71 +
72 + if (nret) { /* if not found, look into predefined credentials */
73 + tst = uac_auth_api._lookup_realm(&crd->realm);
74 +
75 + if (tst==0) { /* found? */
76 + LM_DBG("no credential for realm \"%.*s\"\n", \
77 + crd->realm.len, crd->realm.s);
78 + pkg_free(crd);
79 + goto error;
80 + }
81 +
82 + crd = tst; /* use predefined credentials */
83 + /* set the realm from existing UAC message */
84 + tmp_hdr = msg->proxy_auth;
85 + del_hdr = 0;
86 + while (tmp_hdr) {
87 + if(pv_get_spec_value(msg, &auth_realm_spec, &pv_val)==0 \
88 + && pv_val.rs.len>0) /* ensure realm is the desired one */
89 + if (strncmp(crd->realm.s, pv_val.rs.s, crd->realm.len)==0)
90 + del_hdr = tmp_hdr;
91 + tmp_hdr = tmp_hdr->sibling;
92 + }
93 + if (del_hdr == 0) { /* proxy-auth header matching realm not found */
94 + LM_DBG("no credential for realm \"%.*s\"\n", \
95 + crd->realm.len, crd->realm.s);
96 + pkg_free(crd);
97 + goto error;
98 + }
99 + }
100 +
101 + /* set the uri from existing UAC message */
102 + newuri = pkg_malloc(sizeof(str));
103 + if (!newuri) {
104 + LM_ERR("no more pkg memory\n");
105 + goto error;
106 + }
107 + newuri->s = pkg_malloc(msg->new_uri.len);
108 + if (!newuri->s) {
109 + LM_ERR("no more pkg memory\n");
110 + pkg_free(newuri);
111 + goto error;
112 + }
113 + newuri->len = msg->new_uri.len;
114 + strncpy(newuri->s, msg->new_uri.s, msg->new_uri.len);
115 + if (!newuri->s) {
116 + LM_DBG("failed to retrieve URI from UAC message\n");
117 + pkg_free(newuri->s);
118 + pkg_free(newuri);
119 + goto error;
120 + }
121 +
122 + /* set the nonce from existing UAC message */
123 + tmp_hdr = msg->proxy_auth;
124 + auth->nonce.len = 0;
125 + auth->nonce.s = 0;
126 + while (tmp_hdr) {
127 + if(pv_get_spec_value(msg, &auth_realm_spec, &pv_val)==0 \
128 + && pv_val.rs.len>0) /* ensure realm is the desired one */
129 + if (strncmp(crd->realm.s, pv_val.rs.s, crd->realm.len)==0) {
130 + auth->nonce.s = strchr(strstr(tmp_hdr->body.s, "nonce="), '"') + 1;
131 + auth->nonce.len = strchr(auth->nonce.s, '"') - auth->nonce.s;
132 + }
133 + tmp_hdr = tmp_hdr->sibling;
134 + }
135 + if (auth->nonce.s == 0) {
136 + LM_DBG("failed to retrieve nonce from UAC message\n");
137 + pkg_free(crd);
138 + goto error;
139 + }
140 +
141 + /* do authentication */
142 + uac_auth_api._do_uac_auth(msg, newuri, crd, auth, &auth_nc_cnonce, response);
143 + if (response==0) {
144 + LM_ERR("failed to calculate challenge response\n");
145 + pkg_free(crd);
146 + goto error;
147 + }
148 +
149 + /* build the authorization header */
150 + new_hdr = uac_auth_api._build_authorization_hdr(407, newuri, crd, auth, &auth_nc_cnonce, response);
151 + if (new_hdr==0) {
152 + LM_ERR("failed to build authorization hdr\n");
153 + pkg_free(crd);
154 + goto error;
155 + }
156 +
157 + /* remove the old proxy-auth header and relink message index */
158 + /* before updating the authorization credentials of the message */
159 + if (del_hdr) { /* updated a record and must remove the old one */
160 + if (del_lump(msg, del_hdr->name.s - msg->buf, del_hdr->len, 0)==0) {
161 + LM_ERR("can't remove credentials\n");
162 + pkg_free(crd);
163 + goto error;
164 + }
165 + }
166 +
167 + /* so far, so good -> add the header and set the proper RURI */
168 + if (apply_urihdr_changes(msg, newuri, new_hdr)<0)
169 + {
170 + LM_ERR("failed to apply changes\n");
171 + pkg_free(crd);
172 + goto error;
173 + }
174 +
175 + pkg_free(crd); /* finished calculating new response string, success */
176 + return 0;
177 + } /* if (t==T_UNDEFINED || t==T_NULL_CELL) */
179 + /* begin with transaction reply */
180 /* get the selected branch */
181 branch = uac_tmb.t_get_picked();
182 if (branch<0) {
183 Index: modules/uac/uac.c
184 diff -Nau modules/uac/uac.c.orig modules/uac/uac.c
185 --- modules/uac/uac.c.orig 2008-08-03 15:53:40.000000000 +0200
186 +++ modules/uac/uac.c 2009-03-24 21:49:48.922890737 +0100
187 @@ -117,7 +117,7 @@
188 REQUEST_ROUTE|BRANCH_ROUTE|FAILURE_ROUTE },
189 {"uac_auth", (cmd_function)w_uac_auth, 0,
190 0, 0,
191 - FAILURE_ROUTE },
192 + REQUEST_ROUTE|FAILURE_ROUTE },
193 {0,0,0,0,0,0}
194 };
