auth_mod.c File Reference
Digest Authentication Module
- Module: AUTH :: The Kamailio auth Module.
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include "../../sr_module.h"
#include "../../dprint.h"
#include "../../mem/mem.h"
#include "../../error.h"
#include "../../pvar.h"
#include "../../ut.h"
#include "../../mod_fix.h"
#include "../../lock_alloc.h"
#include "../sl/sl_api.h"
#include "auth_mod.h"
#include "challenge.h"
#include "rpid.h"
#include "api.h"
Go to the source code of this file.
Defines | |
| #define | DEF_RPID_AVP "$avp(s:rpid)" |
| #define | DEF_RPID_PREFIX "" |
| #define | DEF_RPID_SUFFIX ";party=calling;id-type=subscriber;screen=yes" |
| #define | DEF_STRIP_REALM "" |
| #define | RAND_SECRET_LEN 32 |
Functions | |
| static int | auth_get_ha1 (struct sip_msg *msg, struct username *_username, str *_domain, char *_ha1) |
| Generate a HA1 response from username and domain. | |
| static void | destroy (void) |
| static int | generate_random_secret (void) |
| Generate a random secret. | |
| static int | mod_init (void) |
| static int | pv_authorize (struct sip_msg *msg, gparam_p realm, hdr_types_t hftype) |
| Check authorization from a pseudo-variable. | |
| int | pv_proxy_authorize (struct sip_msg *msg, char *realm, char *str2) |
| Small wrapper around pv_authorize, use proxy challenge. | |
| int | pv_www_authorize (struct sip_msg *msg, char *realm, char *str2) |
| Small wrapper around pv_authorize, use www challenge. | |
Variables | |
| int | auth_calc_ha1 = 0 |
| static cmd_export_t | cmds [] |
| struct module_exports | exports |
| int * | next_index = NULL |
| char * | nonce_buf = NULL |
| unsigned int | nonce_expire = 30 |
| gen_lock_t * | nonce_lock = NULL |
| int | nonce_reuse = 0 |
| static param_export_t | params [] |
| static pv_spec_t | passwd_spec |
| char * | passwd_spec_param = 0 |
| str | realm_prefix = {DEF_STRIP_REALM, sizeof(DEF_STRIP_REALM) - 1} |
| char * | rpid_avp_param = DEF_RPID_AVP |
| str | rpid_prefix = {DEF_RPID_PREFIX, sizeof(DEF_RPID_PREFIX) - 1} |
| str | rpid_suffix = {DEF_RPID_SUFFIX, sizeof(DEF_RPID_SUFFIX) - 1} |
| int * | sec_monit = NULL |
| char * | sec_param = 0 |
| char * | sec_rand = 0 |
| int * | second = NULL |
| str | secret |
| struct sl_binds | slb |
| static pv_spec_t | user_spec |
| char * | user_spec_param = 0 |
Detailed Description
Digest Authentication Module
- Module: AUTH :: The Kamailio auth Module.
Definition in file auth_mod.c.
Define Documentation
| #define DEF_RPID_AVP "$avp(s:rpid)" |
Definition at line 71 of file auth_mod.c.
| #define DEF_RPID_PREFIX "" |
Definition at line 68 of file auth_mod.c.
| #define DEF_RPID_SUFFIX ";party=calling;id-type=subscriber;screen=yes" |
Definition at line 69 of file auth_mod.c.
| #define DEF_STRIP_REALM "" |
Definition at line 70 of file auth_mod.c.
| #define RAND_SECRET_LEN 32 |
length of the random secret
Definition at line 66 of file auth_mod.c.
Referenced by generate_random_secret().
Function Documentation
| static int auth_get_ha1 | ( | struct sip_msg * | msg, | |
| struct username * | _username, | |||
| str * | _domain, | |||
| char * | _ha1 | |||
| ) | [inline, static] |
Generate a HA1 response from username and domain.
- Parameters:
-
msg SIP message _username user name _domain domain _ha1 generated HA1
- Returns:
- 0 on success, 1 on error and when the user could not found
Definition at line 375 of file auth_mod.c.
References auth_calc_ha1, calc_HA1(), _pv_value::flags, HA_MD5, _str::len, LM_DBG, pv_get_spec_value(), PV_VAL_EMPTY, PV_VAL_NONE, PV_VAL_NULL, PV_VAL_STR, pv_value_destroy(), _pv_value::rs, _str::s, username::user, and username::whole.
Referenced by pv_authorize().
| static void destroy | ( | void | ) | [static] |
Module destroy function prototype
Definition at line 343 of file auth_mod.c.
| static int generate_random_secret | ( | void | ) | [inline, static] |
Generate a random secret.
Generate a random secret. A secret parameter was not used so we generate a random value here.
- Returns:
- 0 on success, -1 on failure
Definition at line 202 of file auth_mod.c.
References _str::len, LM_ERR, pkg_malloc, RAND_SECRET_LEN, _str::s, and sec_rand.
Referenced by mod_init().
| static int mod_init | ( | void | ) | [static] |
Module initialization function prototype
Definition at line 227 of file auth_mod.c.
References generate_random_secret(), init_rpid_avp(), _str::len, LM_ERR, load_sl_api(), NBUF_LEN, nonce_expire, NULL, pv_parse_spec(), PVT_COLOR, PVT_EMPTY, PVT_MARKER, PVT_NONE, PVT_NULL, _str::s, sec_param, shm_malloc(), slb, and _pv_spec::type.
| static int pv_authorize | ( | struct sip_msg * | msg, | |
| gparam_p | realm, | |||
| hdr_types_t | hftype | |||
| ) | [inline, static] |
Check authorization from a pseudo-variable.
- Parameters:
-
msg SIP message realm authentification realm hftype type of the header field
- Returns:
- 1 when authorized, null on errors, negative on authentification failure
Definition at line 435 of file auth_mod.c.
References AUTH_ERROR, auth_get_ha1(), check_response(), auth_body::digest, DO_AUTHORIZATION, domain, sip_msg::first_line, fixup_get_svalue(), _str::len, LM_ERR, hdr_field::parsed, post_auth(), pre_auth(), msg_start::request, _str::s, msg_start::u, USER_UNKNOWN, and dig_cred::username.
Referenced by pv_proxy_authorize(), and pv_www_authorize().
| int pv_proxy_authorize | ( | struct sip_msg * | msg, | |
| char * | realm, | |||
| char * | str2 | |||
| ) |
Small wrapper around pv_authorize, use proxy challenge.
- Parameters:
-
msg SIP message realm authenfication realm str2 unused
- Returns:
- 1 on sucess, 0 on errors, negative on authentification failures
Definition at line 481 of file auth_mod.c.
References HDR_PROXYAUTH_T, and pv_authorize().
| int pv_www_authorize | ( | struct sip_msg * | msg, | |
| char * | realm, | |||
| char * | str2 | |||
| ) |
Small wrapper around pv_authorize, use www challenge.
- Parameters:
-
msg SIP message realm authenfication realm str2 unused
- Returns:
- 1 on sucess, 0 on errors, negative on authentification failures
Definition at line 494 of file auth_mod.c.
References HDR_AUTHORIZATION_T, and pv_authorize().
Variable Documentation
| int auth_calc_ha1 = 0 |
cmd_export_t cmds[] [static] |
Definition at line 134 of file auth_mod.c.
| struct module_exports exports |
Definition at line 179 of file auth_mod.c.
| int* next_index = NULL |
Definition at line 126 of file auth_mod.c.
Referenced by is_nonce_index_valid(), load_gws_from_grp(), and reserve_nonce_index().
| char* nonce_buf = NULL |
Definition at line 123 of file auth_mod.c.
| unsigned int nonce_expire = 30 |
Nonce lifetime - default 30 seconds
Definition at line 95 of file auth_mod.c.
Referenced by build_auth_hf(), mod_init(), and reserve_nonce_index().
| gen_lock_t* nonce_lock = NULL |
nonce index
Definition at line 122 of file auth_mod.c.
Referenced by is_nonce_index_valid(), and reserve_nonce_index().
| int nonce_reuse = 0 |
control nonce usage checking
Definition at line 129 of file auth_mod.c.
Referenced by build_auth_hf(), calc_nonce(), check_nonce(), and post_auth().
param_export_t params[] [static] |
Definition at line 161 of file auth_mod.c.
pv_spec_t passwd_spec [static] |
Definition at line 119 of file auth_mod.c.
| char* passwd_spec_param = 0 |
definition of AVP containing password value
Definition at line 118 of file auth_mod.c.
| str realm_prefix = {DEF_STRIP_REALM, sizeof(DEF_STRIP_REALM) - 1} |
Prefix to strip from realm
Definition at line 107 of file auth_mod.c.
Referenced by extract_aor(), and strip_realm().
| char* rpid_avp_param = DEF_RPID_AVP |
definition of AVP containing rpid value
Definition at line 110 of file auth_mod.c.
Referenced by mod_init().
| str rpid_prefix = {DEF_RPID_PREFIX, sizeof(DEF_RPID_PREFIX) - 1} |
Default Remote-Party-ID prefix
Definition at line 103 of file auth_mod.c.
Referenced by append_rpid_hf().
| str rpid_suffix = {DEF_RPID_SUFFIX, sizeof(DEF_RPID_SUFFIX) - 1} |
Default Remote-Party-IDD suffix
Definition at line 105 of file auth_mod.c.
Referenced by append_rpid_hf().
| int* sec_monit = NULL |
Definition at line 124 of file auth_mod.c.
Referenced by is_nonce_index_valid(), and reserve_nonce_index().
| char* sec_param = 0 |
If the parameter is not used, the secret phrase will be auto-generated
Definition at line 94 of file auth_mod.c.
Referenced by mod_init().
| char* sec_rand = 0 |
| int* second = NULL |
Definition at line 125 of file auth_mod.c.
Referenced by is_nonce_index_valid(), parse_first_line(), parse_naptr_regexp(), parse_phostport(), and reserve_nonce_index().
secret phrase used to generate nonce
Definition at line 97 of file auth_mod.c.
Referenced by build_auth_hf(), pre_auth(), and random_secret().
SL binds
Definition at line 88 of file auth_mod.c.
Referenced by authorize(), extract_sdialog_info(), mod_init(), perl_exec2(), publ_send200ok(), reply_200(), reply_421(), reply_489(), rl_drop(), rls_handle_notify(), rls_handle_subscribe(), send_2XX_reply(), send_error_reply(), send_reply(), send_resp(), send_response(), update_presentity(), and xml_publ_handl().
Definition at line 114 of file auth_mod.c.
| char* user_spec_param = 0 |
definition of AVP containing username value
Definition at line 113 of file auth_mod.c.
