auth/api.c File Reference
Digest Authentication Module, API exports
- Module: AUTH :: The Kamailio auth Module.
#include <string.h>
#include "../../dprint.h"
#include "../../parser/digest/digest.h"
#include "../../sr_module.h"
#include "../../str.h"
#include "../../ut.h"
#include "auth_mod.h"
#include "nonce.h"
#include "common.h"
#include "api.h"
#include "rpid.h"
#include "index.h"
Go to the source code of this file.
Functions | |
| int | bind_auth (auth_api_t *api) |
| Bind function for the auth API. | |
| int | check_response (dig_cred_t *_cred, str *_method, char *_ha1) |
| Calculate the response and compare with given response. | |
| static int | find_credentials (struct sip_msg *_m, str *_realm, hdr_types_t _hftype, struct hdr_field **_h) |
| Find credentials with given realm in a SIP message header. | |
| auth_result_t | post_auth (struct sip_msg *_m, struct hdr_field *_h) |
| Do post authentification steps. | |
| auth_result_t | pre_auth (struct sip_msg *_m, str *_realm, hdr_types_t _hftype, struct hdr_field **_h) |
| Find credentials with given realm, check if we need to authenticate. | |
| void | strip_realm (str *_realm) |
| Strip the beginning of a realm string. | |
Variables | |
| static str | auth_400_err = str_init(MESSAGE_400) |
| static str | auth_500_err = str_init(MESSAGE_500) |
Detailed Description
Digest Authentication Module, API exports
- Module: AUTH :: The Kamailio auth Module.
Definition in file auth/api.c.
Function Documentation
| int bind_auth | ( | auth_api_t * | api | ) |
Bind function for the auth API.
- Parameters:
-
api binded API
- Returns:
- 0 on success, -1 on failure
Definition at line 347 of file auth/api.c.
References calc_HA1(), auth_api::calc_HA1, check_response(), auth_api::check_response, get_rpid_avp(), LM_ERR, post_auth(), auth_api::post_auth, pre_auth(), auth_api::pre_auth, auth_api::rpid_avp, and auth_api::rpid_avp_type.
Referenced by mod_init(), and ospInitMod().
| int check_response | ( | dig_cred_t * | _cred, | |
| str * | _method, | |||
| char * | _ha1 | |||
| ) |
Calculate the response and compare with given response.
Calculate the response and compare with the given response string. Authorization is successful if this two strings are same.
- Parameters:
-
_cred digest credentials _method method from the request _ha1 HA1 value
- Returns:
- 0 if comparison was ok, 1 when length not match, 2 when comparison not ok
Definition at line 304 of file auth/api.c.
References calc_response(), dig_cred::cnonce, _str::len, LM_DBG, dig_cred::nc, dig_cred::nonce, dig_cred::qop, QOP_AUTHINT, qp::qop_parsed, qp::qop_str, dig_cred::response, _str::s, and dig_cred::uri.
Referenced by bind_auth(), and pv_authorize().
| static int find_credentials | ( | struct sip_msg * | _m, | |
| str * | _realm, | |||
| hdr_types_t | _hftype, | |||
| struct hdr_field ** | _h | |||
| ) | [inline, static] |
Find credentials with given realm in a SIP message header.
- Parameters:
-
_m SIP message _realm authentification realm _hftype header field type _h header field
Definition at line 78 of file auth/api.c.
References sip_msg::authorization, HDR_AUTHORIZATION_F, HDR_AUTHORIZATION_T, HDR_PROXYAUTH_F, HDR_PROXYAUTH_T, HDR_T2F, sip_msg::last_header, _str::len, LM_ERR, parse_credentials(), parse_headers(), hdr_field::parsed, sip_msg::proxy_auth, _str::s, and hdr_field::type.
Referenced by diam_pre_auth(), and pre_auth().
| auth_result_t post_auth | ( | struct sip_msg * | _m, | |
| struct hdr_field * | _h | |||
| ) |
Do post authentification steps.
The purpose of this function is to do post authentication steps like marking authorized credentials and so on.
- Parameters:
-
_m SIP message _h header field
- Returns:
- authentification result
Definition at line 256 of file auth/api.c.
References AUTHORIZED, auth_body::digest, ERROR, get_nonce_index(), is_nonce_index_valid(), is_nonce_stale(), LM_DBG, LM_ERR, METHOD_ACK, METHOD_CANCEL, dig_cred::nonce, nonce_reuse, NONCE_REUSED, auth_body::stale, and STALE_NONCE.
Referenced by bind_auth(), and pv_authorize().
| auth_result_t pre_auth | ( | struct sip_msg * | _m, | |
| str * | _realm, | |||
| hdr_types_t | _hftype, | |||
| struct hdr_field ** | _h | |||
| ) |
Find credentials with given realm, check if we need to authenticate.
The purpose of this function is to find credentials with given realm, do sanity check, validate credential correctness and determine if we should really authenticate (there must be no authentication for ACK and CANCEL.
- Parameters:
-
_m SIP message _realm authentification realm _hftype header field type _h header field
- Returns:
- authentification result
Definition at line 171 of file auth/api.c.
References AUTHORIZED, check_dig_cred(), check_nonce(), auth_body::digest, DO_AUTHORIZATION, E_DIG_OK, ERROR, find_credentials(), get_realm(), sip_uri::host, _str::len, LM_DBG, LM_ERR, mark_authorized_cred(), METHOD_ACK, METHOD_CANCEL, NO_CREDENTIALS, dig_cred::nonce, secret, send_resp(), auth_body::stale, STALE_NONCE, and strip_realm().
Referenced by bind_auth(), and pv_authorize().
| void strip_realm | ( | str * | _realm | ) |
Strip the beginning of a realm string.
Strip the beginning of a realm string, depending on the length of the realm_prefix.
- Parameters:
-
_realm realm string
Definition at line 54 of file auth/api.c.
References _str::len, realm_prefix, and _str::s.
Referenced by challenge(), and pre_auth().
Variable Documentation
str auth_400_err = str_init(MESSAGE_400) [static] |
Definition at line 43 of file auth/api.c.
str auth_500_err = str_init(MESSAGE_500) [static] |
Definition at line 44 of file auth/api.c.
