OpenPKG Specs / file revision

opensips/opensips.patch.uac@fd611cde817f

opensips/opensips.patch.uac

Sat, 24 Mar 2012 21:40:49 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Sat, 24 Mar 2012 21:40:49 +0100
changeset 414
fd611cde817f
parent 382
b972dc20871f
permissions
-rw-r--r--

Introduce many changes to the buildconf and source code including:
(01) clean up, update, and partially update default config files,
(02) seems that Melware is unable to perform release engineering so
update chan_capi to new daily snapshot to solve echo problems,
(03) correct Asterisk inadequate hard coded gmime version check,
(04) force postgresql pthreads linkage to solve build problem,
(05) remove buggy hard coded LibXML configure definitions,
(06) remove local architecture specification to allow GCC
internal logic to determine proper CPU type instead,
(07) remove vendor sound install target causing uncontrolled
downloads and non RPM managed file installation,
(08) solve long outstanding bug in tcptls causing Asterisk
to ignore any intermediate CA certificate signatures,
(09) back out Digium engineering team's bright idea of replacing the
very portable and pervasive POSIX rand(1) with ast_random(), and
then not even implementing it causing all references to fail in
platforms not providing the very new POSIX.1-2008 mkdtemp(3)
function only distributed by BSD and some Linux,
(10) withdraw advanced linker symbol manipulations from SVR5 builds
until either Binutils supports hybrid versioned and anonymous
linker scripts or GCC stops hard coding versioned linker scripts,
(11) correct missing library linkage, some tailored to a specific OS,
(12) remove outdated logic for the no longer distributed gmime-config(1),
(13) remove local gmime buildconf hacks now that Asterisk has corrected
their own build configuration to almost portably support gmime,
(14) solve build problems relating to undetected LibXML paths,
(15) correct erroneous out of tree include definitions,
(16) improve some variable and comment naming,
(17) simplify sound language path hierarchy creation,
and correct australian english installation logic.

     1 Index: modules/uac/auth.c

     2 diff -Nau modules/uac/auth.c.orig modules/uac/auth.c

     3 --- modules/uac/auth.c.orig	2008-08-03 15:53:40.000000000 +0200

     4 +++ modules/uac/auth.c	2009-03-24 21:48:53.478867420 +0100

     5 @@ -143,14 +143,172 @@

     6  	HASHHEX response;

     7  	str *new_hdr;

     8  

     9 +	/* pretransact */

    10 +	int nret = 0;

    11 +	pv_value_t pv_val;

    12 +	str *newuri = 0;

    13 +	struct uac_credential *tst = 0;

    14 +	struct hdr_field *tmp_hdr = 0;

    15 +	struct hdr_field *del_hdr = 0;

    16 +

    17 +

    18 +	/* Goes something like this...                          */

    19 +	/* HA1 = echo -n 'username:realm:password' | md5sum     */

    20 +	/*       echo -n 'itsme:mydom.com:stupidpass' | md5sum  */

    21 +	/* HA2 = echo -n 'message:uri' | md5sum                 */

    22 +	/*       echo -n 'INVITE:sip:danc@ing.fool.es' | md5sum */

    23 +	/* Response = echo -n 'HA1:nonce:HA2' | md5sum          */

    24  	/* get transaction */

    25  	t = uac_tmb.t_gett();

    26 -	if (t==T_UNDEFINED || t==T_NULL_CELL)

    27 -	{

    28 -		LM_CRIT("no current transaction found\n");

    29 -		goto error;

    30 -	}

    31 +	if (t==T_UNDEFINED || t==T_NULL_CELL) {

    32 +		/* begin without any transaction */

    33 +		/* set relevant structure variables */

    34 +		crd = 0;

    35 +		crd = pkg_malloc(sizeof(struct uac_credential));

    36 +		if (!crd) {

    37 +			LM_ERR("no more pkg memory\n");

    38 +			goto error;

    39 +		}

    40 +

    41 +		/* set the realm from existing UAC message */

    42 +		tmp_hdr = msg->proxy_auth;

    43 +		del_hdr = 0;

    44 +		while (tmp_hdr) {

    45 +			crd->realm.s = strchr(strstr(tmp_hdr->body.s, "realm="), '"') + 1;

    46 +			crd->realm.len = strchr(crd->realm.s, '"') - crd->realm.s;

    47 +			if(pv_get_spec_value(msg, &auth_realm_spec, &pv_val)==0 \

    48 +				&& pv_val.rs.len>0) /* ensure realm is the desired one */

    49 +				if (strncmp(crd->realm.s, pv_val.rs.s, crd->realm.len)==0)

    50 +					del_hdr = tmp_hdr;

    51 +			tmp_hdr = tmp_hdr->sibling;

    52 +		}

    53 +		if (del_hdr)

    54 +			crd->realm = pv_val.rs;	/* success */

    55 +		else

    56 +			nret++;					/* failure */

    57 +

    58 +		/* set username from new AVP proxy values */

    59 +		if(pv_get_spec_value(msg, &auth_username_spec, &pv_val)!=0 \

    60 +			|| pv_val.flags&PV_VAL_NULL || pv_val.rs.len<=0)

    61 +			nret++; /* signal failure with nonzero value */

    62 +		else

    63 +			crd->user = pv_val.rs;

    64 +

    65 +		/* set password from new AVP proxy values */

    66 +		if(pv_get_spec_value(msg, &auth_password_spec, &pv_val)!=0 \

    67 +			|| pv_val.flags&PV_VAL_NULL || pv_val.rs.len<=0)

    68 +			nret++; /* signal failure with nonzero value */

    69 +		else

    70 +			crd->passwd = pv_val.rs;

    71 +

    72 +		if (nret) { /* if not found, look into predefined credentials */

    73 +			tst = uac_auth_api._lookup_realm(&crd->realm);

    74 +

    75 +			if (tst==0) { /* found? */

    76 +				LM_DBG("no credential for realm \"%.*s\"\n", \

    77 +					crd->realm.len, crd->realm.s);

    78 +				pkg_free(crd);

    79 +				goto error;

    80 +			}

    81 +

    82 +			crd = tst; /* use predefined credentials */

    83 +			/* set the realm from existing UAC message */

    84 +			tmp_hdr = msg->proxy_auth;

    85 +			del_hdr = 0;

    86 +			while (tmp_hdr) {

    87 +				if(pv_get_spec_value(msg, &auth_realm_spec, &pv_val)==0 \

    88 +					&& pv_val.rs.len>0) /* ensure realm is the desired one */

    89 +					if (strncmp(crd->realm.s, pv_val.rs.s, crd->realm.len)==0)

    90 +						del_hdr = tmp_hdr;

    91 +				tmp_hdr = tmp_hdr->sibling;

    92 +			}

    93 +			if (del_hdr == 0) { /* proxy-auth header matching realm not found */

    94 +				LM_DBG("no credential for realm \"%.*s\"\n", \

    95 +					crd->realm.len, crd->realm.s);

    96 +				pkg_free(crd);

    97 +				goto error;

    98 +			}

    99 +		}

   100 +

   101 +		/* set the uri from existing UAC message */

   102 +		newuri = pkg_malloc(sizeof(str));

   103 +		if (!newuri) {

   104 +			LM_ERR("no more pkg memory\n");

   105 +			goto error;

   106 +		}

   107 +		newuri->s = pkg_malloc(msg->new_uri.len);

   108 +		if (!newuri->s) {

   109 +			LM_ERR("no more pkg memory\n");

   110 +			pkg_free(newuri);

   111 +			goto error;

   112 +		}

   113 +		newuri->len = msg->new_uri.len;

   114 +		strncpy(newuri->s, msg->new_uri.s, msg->new_uri.len);

   115 +		if (!newuri->s) {

   116 +			LM_DBG("failed to retrieve URI from UAC message\n");

   117 +			pkg_free(newuri->s);

   118 +			pkg_free(newuri);

   119 +			goto error;

   120 +		}

   121 +

   122 +		/* set the nonce from existing UAC message */

   123 +		tmp_hdr = msg->proxy_auth;

   124 +		auth->nonce.len = 0;

   125 +		auth->nonce.s = 0;

   126 +		while (tmp_hdr) {

   127 +			if(pv_get_spec_value(msg, &auth_realm_spec, &pv_val)==0 \

   128 +				&& pv_val.rs.len>0) /* ensure realm is the desired one */

   129 +				if (strncmp(crd->realm.s, pv_val.rs.s, crd->realm.len)==0) {

   130 +					auth->nonce.s = strchr(strstr(tmp_hdr->body.s, "nonce="), '"') + 1;

   131 +					auth->nonce.len = strchr(auth->nonce.s, '"') - auth->nonce.s;

   132 +				}

   133 +			tmp_hdr = tmp_hdr->sibling;

   134 +		}

   135 +		if (auth->nonce.s == 0) {

   136 +			LM_DBG("failed to retrieve nonce from UAC message\n");

   137 +			pkg_free(crd);

   138 +			goto error;

   139 +		}

   140 +

   141 +		/* do authentication */

   142 +		uac_auth_api._do_uac_auth(msg, newuri, crd, auth, &auth_nc_cnonce, response);

   143 +		if (response==0) {

   144 +			LM_ERR("failed to calculate challenge response\n");

   145 +			pkg_free(crd);

   146 +			goto error;

   147 +		}

   148 +

   149 +		/* build the authorization header */

   150 +		new_hdr = uac_auth_api._build_authorization_hdr(407, newuri, crd, auth, &auth_nc_cnonce, response);

   151 +		if (new_hdr==0) {

   152 +			LM_ERR("failed to build authorization hdr\n");

   153 +			pkg_free(crd);

   154 +			goto error;

   155 +		}

   156 +

   157 +		/* remove the old proxy-auth header and relink message index    */

   158 +		/* before updating the authorization credentials of the message */

   159 +		if (del_hdr) { /* updated a record and must remove the old one  */

   160 +			if (del_lump(msg, del_hdr->name.s - msg->buf, del_hdr->len, 0)==0) {

   161 +				LM_ERR("can't remove credentials\n");

   162 +				pkg_free(crd);

   163 +				goto error;

   164 +			}

   165 +		}

   166 +

   167 +		/* so far, so good -> add the header and set the proper RURI */

   168 +		if (apply_urihdr_changes(msg, newuri, new_hdr)<0)

   169 +		{

   170 +			LM_ERR("failed to apply changes\n");

   171 +			pkg_free(crd);

   172 +			goto error;

   173 +		}

   174 +

   175 +		pkg_free(crd); /* finished calculating new response string, success */

   176 +		return 0;

   177 +	} /* if (t==T_UNDEFINED || t==T_NULL_CELL) */

   178  

   179 +	/* begin with transaction reply */

   180  	/* get the selected branch */

   181  	branch = uac_tmb.t_get_picked();

   182  	if (branch<0) {

   183 Index: modules/uac/uac.c

   184 diff -Nau modules/uac/uac.c.orig modules/uac/uac.c

   185 --- modules/uac/uac.c.orig	2008-08-03 15:53:40.000000000 +0200

   186 +++ modules/uac/uac.c	2009-03-24 21:49:48.922890737 +0100

   187 @@ -117,7 +117,7 @@

   188  			REQUEST_ROUTE|BRANCH_ROUTE|FAILURE_ROUTE },

   189  	{"uac_auth",          (cmd_function)w_uac_auth,       0,

   190  			0, 0,

   191 -			FAILURE_ROUTE },

   192 +			REQUEST_ROUTE|FAILURE_ROUTE },

   193  	{0,0,0,0,0,0}

   194  };

   195

Mercurial Repository: OpenPKG Specs

Europalab SCM Repository Server

mercurial