/* Authorize digest credentials */ int authorize(struct sip_msg* msg, str* realm, int hftype) { auth_result_t ret; struct hdr_field* h; auth_body_t* cred = NULL; str* uri; struct sip_uri puri; str domain; domain = *realm; /* see what is to do after a first look at the message */ ret = pre_auth(msg, &domain, hftype, &h); switch(ret) { case ERROR: return 0; case AUTHORIZED: return 1; case NO_CREDENTIALS: cred = NULL; break; case DO_AUTHORIZATION: cred = (auth_body_t*)h->parsed; break; } if (get_uri(msg, &uri) < 0) { LOG(L_ERR, M_NAME":authorize(): From/To URI not found\n"); return -1; } if (parse_uri(uri->s, uri->len, &puri) < 0) { LOG(L_ERR, M_NAME":authorize(): Error while parsing From/To URI\n"); return -1; } // user.s = (char *)pkg_malloc(puri.user.len); // un_escape(&(puri.user), &user); /* parse the ruri, if not yet */ if(msg->parsed_uri_ok==0 && parse_sip_msg_uri(msg)<0) { LOG(L_ERR,M_NAME":authorize(): ERROR while parsing the Request-URI\n"); return -1; } /* preliminary check */ if(cred) { if (puri.host.len != cred->digest.realm.len) { DBG(M_NAME":authorize(): Credentials realm and URI host do not " "match\n"); return -1; } if (strncasecmp(puri.host.s, cred->digest.realm.s, puri.host.len) != 0) { DBG(M_NAME":authorize(): Credentials realm and URI host do not " "match\n"); return -1; } } if( diameter_authorize(cred?h:NULL, &msg->first_line.u.request.method, puri, msg->parsed_uri, msg->id, rb) != 1) { send_resp(msg, 500, "Internal Server Error", NULL, 0); return -1; } if( srv_response(msg, rb, hftype) != 1 ) return -1; mark_authorized_cred(msg, h); return 1; }
/* Authorize digest credentials */ int authorize(struct sip_msg* msg, pv_elem_t* realm, int hftype) { auth_result_t ret; struct hdr_field* h; auth_body_t* cred = NULL; str* uri; struct sip_uri puri; str domain; if (realm) { if (pv_printf_s(msg, realm, &domain)!=0) { LM_ERR("pv_printf_s failed\n"); return AUTH_ERROR; } } else { domain.len = 0; domain.s = 0; } /* see what is to do after a first look at the message */ ret = diam_pre_auth(msg, &domain, hftype, &h); switch(ret) { case NO_CREDENTIALS: cred = NULL; break; case DO_AUTHORIZATION: cred = (auth_body_t*)h->parsed; break; default: return ret; } if (get_uri(msg, &uri) < 0) { LM_ERR("From/To URI not found\n"); return AUTH_ERROR; } if (parse_uri(uri->s, uri->len, &puri) < 0) { LM_ERR("failed to parse From/To URI\n"); return AUTH_ERROR; } // user.s = (char *)pkg_malloc(puri.user.len); // un_escape(&(puri.user), &user); /* parse the ruri, if not yet */ if(msg->parsed_uri_ok==0 && parse_sip_msg_uri(msg)<0) { LM_ERR("failed to parse the Request-URI\n"); return AUTH_ERROR; } /* preliminary check */ if(cred) { if (puri.host.len != cred->digest.realm.len) { LM_DBG("credentials realm and URI host do not match\n"); return AUTH_ERROR; } if (strncasecmp(puri.host.s, cred->digest.realm.s, puri.host.len) != 0) { LM_DBG("credentials realm and URI host do not match\n"); return AUTH_ERROR; } } if( diameter_authorize(cred?h:NULL, &msg->first_line.u.request.method, puri, msg->parsed_uri, msg->id, rb) != 1) { send_resp(msg, 500, &dia_500_err, NULL, 0); return AUTH_ERROR; } if( srv_response(msg, rb, hftype) != 1 ) return AUTH_ERROR; mark_authorized_cred(msg, h); return AUTHORIZED; }