static int mod_init(void)
{
str stmp;
LM_INFO("initializing...\n");
/* load SIGNALING API */
if(load_sig_api(&sigb)< 0) {
LM_ERR("can't load signaling functions\n");
return -1;
}
/* If the parameter was not used */
if (sec_param == 0) {
/* Generate secret using random generator */
if (generate_random_secret() < 0) {
LM_ERR("failed to generate random secret\n");
return -3;
}
} else {
/* Otherwise use the parameter's value */
secret.s = sec_param;
secret.len = strlen(secret.s);
}
if ( init_rpid_avp(rpid_avp_param)<0 ) {
LM_ERR("failed to process rpid AVPs\n");
return -4;
}
rpid_prefix.len = strlen(rpid_prefix.s);
rpid_suffix.len = strlen(rpid_suffix.s);
realm_prefix.len = strlen(realm_prefix.s);
if(user_spec_param!=0)
{
stmp.s = user_spec_param;
stmp.len = strlen(stmp.s);
if(pv_parse_spec(&stmp, &user_spec)==NULL)
{
LM_ERR("failed to parse username spec\n");
return -5;
}
switch(user_spec.type) {
case PVT_NONE:
case PVT_EMPTY:
case PVT_NULL:
case PVT_MARKER:
case PVT_COLOR:
LM_ERR("invalid username spec\n");
return -6;
default:
;
}
}
if(passwd_spec_param!=0)
{
stmp.s = passwd_spec_param;
stmp.len = strlen(stmp.s);
if(pv_parse_spec(&stmp, &passwd_spec)==NULL)
{
LM_ERR("failed to parse password spec\n");
return -7;
}
switch(passwd_spec.type) {
case PVT_NONE:
case PVT_EMPTY:
case PVT_NULL:
case PVT_MARKER:
case PVT_COLOR:
LM_ERR("invalid password spec\n");
return -8;
default:
;
}
}
if(!disable_nonce_check)
{
nonce_lock = (gen_lock_t*)lock_alloc();
if(nonce_lock== NULL)
{
LM_ERR("no more shared memory\n");
return -1;
}
/* initialize lock_nonce */
if(lock_init(nonce_lock)== 0)
{
LM_ERR("failed to init lock\n");
return -9;
}
nonce_buf= (char*)shm_malloc(NBUF_LEN);
if(nonce_buf== NULL)
{
LM_ERR("no more share memory\n");
return -10;
}
memset(nonce_buf, 255, NBUF_LEN);
sec_monit= (int*)shm_malloc((nonce_expire +1)* sizeof(int));
if(sec_monit== NULL)
{
LM_ERR("no more share memory\n");
return -10;
}
memset(sec_monit, -1, (nonce_expire +1)* sizeof(int));
second= (int*)shm_malloc(sizeof(int));
next_index= (int*)shm_malloc(sizeof(int));
if(second== NULL || next_index== NULL)
{
LM_ERR("no more share memory\n");
return -10;
}
*next_index= -1;
}
return 0;
}
static int mod_init(void)
{
str attr;
DBG("auth module - initializing\n");
/* If the parameter was not used */
if (sec_param == 0) {
/* Generate secret using random generator */
if (generate_random_secret() < 0) {
LOG(L_ERR, "auth:mod_init: Error while generating random secret\n");
return -3;
}
} else {
/* Otherwise use the parameter's value */
secret1.s = sec_param;
secret1.len = strlen(secret1.s);
if (auth_checks_reg || auth_checks_ind || auth_checks_ood) {
/* divide the secret in half: one half for secret1 and one half for
* secret2 */
secret2.len = secret1.len/2;
secret1.len -= secret2.len;
secret2.s = secret1.s + secret1.len;
if (secret2.len < 16) {
WARN("auth: consider a longer secret when extra auth checks are"
" enabled (the config secret is divided in 2!)\n");
}
}
}
if ((!challenge_attr.s || challenge_attr.len == 0) ||
challenge_attr.s[0] != '$') {
ERR("auth: Invalid value of challenge_attr module parameter\n");
return -1;
}
attr.s = challenge_attr.s + 1;
attr.len = challenge_attr.len - 1;
if (parse_avp_ident(&attr, &challenge_avpid) < 0) {
ERR("auth: Error while parsing value of challenge_attr module parameter\n");
return -1;
}
parse_qop(&qop);
switch(qop.qop_parsed){
case QOP_OTHER:
ERR("auth: Unsupported qop parameter value\n");
return -1;
case QOP_AUTH:
case QOP_AUTHINT:
if (nc_enabled){
#ifndef USE_NC
WARN("auth: nounce count support enabled from config, but"
" disabled at compile time (recompile with -DUSE_NC)\n");
nc_enabled=0;
#else
if (nid_crt==0)
init_nonce_id();
if (init_nonce_count()!=0)
return -1;
#endif
}
#ifdef USE_NC
else{
INFO("auth: qop set, but nonce-count (nc_enabled) support"
" disabled\n");
}
#endif
break;
default:
if (nc_enabled){
WARN("auth: nonce-count support enabled, but qop not set\n");
nc_enabled=0;
}
break;
}
if (otn_enabled){
#ifdef USE_OT_NONCE
if (nid_crt==0) init_nonce_id();
if (init_ot_nonce()!=0)
return -1;
#else
WARN("auth: one-time-nonce support enabled from config, but "
"disabled at compile time (recompile with -DUSE_OT_NONCE)\n");
otn_enabled=0;
#endif /* USE_OT_NONCE */
}
return 0;
}
static int mod_init(void)
{
str attr;
DBG("auth module - initializing\n");
auth_realm_prefix.len = strlen(auth_realm_prefix.s);
/* bind the SL API */
if (sl_load_api(&slb)!=0) {
LM_ERR("cannot bind to SL API\n");
return -1;
}
/* If the parameter was not used */
if (sec_param == 0) {
/* Generate secret using random generator */
if (generate_random_secret() < 0) {
LM_ERR("Error while generating random secret\n");
return -3;
}
} else {
/* Otherwise use the parameter's value */
secret1.s = sec_param;
secret1.len = strlen(secret1.s);
if (auth_checks_reg || auth_checks_ind || auth_checks_ood) {
/* divide the secret in half: one half for secret1 and one half for
* secret2 */
secret2.len = secret1.len/2;
secret1.len -= secret2.len;
secret2.s = secret1.s + secret1.len;
if (secret2.len < 16) {
LM_WARN("consider a longer secret when extra auth checks are"
" enabled (the config secret is divided in 2!)\n");
}
}
}
if ((!challenge_attr.s || challenge_attr.len == 0) ||
challenge_attr.s[0] != '$') {
LM_ERR("Invalid value of challenge_attr module parameter\n");
return -1;
}
attr.s = challenge_attr.s + 1;
attr.len = challenge_attr.len - 1;
if (parse_avp_ident(&attr, &challenge_avpid) < 0) {
LM_ERR("Error while parsing value of challenge_attr module"
" parameter\n");
return -1;
}
parse_qop(&auth_qop);
switch(auth_qop.qop_parsed){
case QOP_OTHER:
LM_ERR("Unsupported qop parameter value\n");
return -1;
case QOP_AUTH:
case QOP_AUTHINT:
if (nc_enabled){
#ifndef USE_NC
LM_WARN("nounce count support enabled from config, but"
" disabled at compile time (recompile with -DUSE_NC)\n");
nc_enabled=0;
#else
if (nid_crt==0)
init_nonce_id();
if (init_nonce_count()!=0)
return -1;
#endif
}
#ifdef USE_NC
else{
LM_INFO("qop set, but nonce-count (nc_enabled) support"
" disabled\n");
}
#endif
break;
default:
if (nc_enabled){
LM_WARN("nonce-count support enabled, but qop not set\n");
nc_enabled=0;
}
break;
}
if (otn_enabled){
#ifdef USE_OT_NONCE
if (nid_crt==0) init_nonce_id();
if (init_ot_nonce()!=0)
return -1;
#else
LM_WARN("one-time-nonce support enabled from config, but "
"disabled at compile time (recompile with -DUSE_OT_NONCE)\n");
otn_enabled=0;
#endif /* USE_OT_NONCE */
}
if (auth_algorithm.len == 0 || strcmp(auth_algorithm.s, "MD5") == 0) {
hash_hex_len = HASHHEXLEN;
calc_HA1 = calc_HA1_md5;
calc_response = calc_response_md5;
}
else if (strcmp(auth_algorithm.s, "SHA-256") == 0) {
hash_hex_len = HASHHEXLEN_SHA256;
calc_HA1 = calc_HA1_sha256;
calc_response = calc_response_sha256;
}
else {
LM_ERR("Invalid algorithm provided."
" Possible values are \"\", \"MD5\" or \"SHA-256\"\n");
return -1;
}
return 0;
}
