sr-dev October 2012

sr-dev@lists.kamailio.org

31 participants
242 discussions

git:master: auth_db(k): moved the authorization checks flags to auth api
by Daniel-Constantin Mierla 03 Oct '12

03 Oct '12

Module: sip-router Branch: master Commit: 490df85a12a49f440ac6eb8b35be5f4c954b7b1b URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=490df85… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Wed Oct 3 20:25:15 2012 +0200 auth_db(k): moved the authorization checks flags to auth api --- modules_k/auth_db/authorize.c | 2 -- 1 files changed, 0 insertions(+), 2 deletions(-) diff --git a/modules_k/auth_db/authorize.c b/modules_k/auth_db/authorize.c index 1252687..f79c70c 100644 --- a/modules_k/auth_db/authorize.c +++ b/modules_k/auth_db/authorize.c @@ -311,8 +311,6 @@ int www_authenticate(struct sip_msg* _m, char* _realm, char* _table) /* * Authenticate using WWW/Proxy-Authorize header field */ -#define AUTH_CHECK_ID_F 1<<0 - int auth_check(struct sip_msg* _m, char* _realm, char* _table, char *_flags) { str srealm;

1 0

git:master: auth: new function has_credentials(realm)
by Daniel-Constantin Mierla 03 Oct '12

03 Oct '12

Module: sip-router Branch: master Commit: 1a0d7653139c04d2ab32fa68c86513faf82d5c17 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=1a0d765… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Wed Oct 3 14:58:44 2012 +0200 auth: new function has_credentials(realm) - returns true if an authorization header matching the realm is found --- modules/auth/README | 52 +++++++++++++++++++++++++-------------- modules/auth/auth_mod.c | 35 +++++++++++++++++++++++++++ modules/auth/doc/functions.xml | 20 ++++++++++++++- 3 files changed, 87 insertions(+), 20 deletions(-) diff --git a/modules/auth/README b/modules/auth/README index 04dbf8a..48febf3 100644 --- a/modules/auth/README +++ b/modules/auth/README @@ -42,12 +42,13 @@ Daniel-Constantin Mierla 1.4. Functions 1.4.1. consume_credentials() - 1.4.2. www_challenge(realm, flags) - 1.4.3. proxy_challenge(realm, flags) - 1.4.4. auth_challenge(realm, flags) - 1.4.5. pv_www_authenticate(realm, passwd, flags) - 1.4.6. pv_proxy_authenticate(realm, passwd, flags) - 1.4.7. auth_get_www_authenticate(realm, flags, pvdst) + 1.4.2. has_credentials(realm) + 1.4.3. www_challenge(realm, flags) + 1.4.4. proxy_challenge(realm, flags) + 1.4.5. auth_challenge(realm, flags) + 1.4.6. pv_www_authenticate(realm, passwd, flags) + 1.4.7. pv_proxy_authenticate(realm, passwd, flags) + 1.4.8. auth_get_www_authenticate(realm, flags, pvdst) 1.1. Overview @@ -526,12 +527,25 @@ modparam("auth", "realm_prefix", "sip.") Example 15. consume_credentials example ... -if (www_authenticate("realm", "subscriber)) { +if (www_authenticate("realm", "subscriber")) { consume_credentials(); }; ... -1.4.2. www_challenge(realm, flags) +1.4.2. has_credentials(realm) + + This function returns true of the request has Autorization or + Proxy-Authorization header with provided realm. The parameter can be + string with pseudo-variables. + + Example 16. consume_credentials example +... +if (has_credentials("myrealm")) { + ... +} +... + +1.4.3. www_challenge(realm, flags) The function challenges a user agent. It will generate a WWW-Authorize header field containing a digest challenge, it will put the header @@ -560,14 +574,14 @@ if (www_authenticate("realm", "subscriber)) { This function can be used from REQUEST_ROUTE. - Example 16. www_challenge usage + Example 17. www_challenge usage ... if (!www_authenticate("$td", "subscriber")) { www_challenge("$td", "1"); } ... -1.4.3. proxy_challenge(realm, flags) +1.4.4. proxy_challenge(realm, flags) The function challenges a user agent. It will generate a Proxy-Authorize header field containing a digest challenge, it will put @@ -582,14 +596,14 @@ if (!www_authenticate("$td", "subscriber")) { This function can be used from REQUEST_ROUTE. - Example 17. proxy_challenge usage + Example 18. proxy_challenge usage ... if (!proxy_authenticate("$fd", "subscriber")) { proxy_challenge("$fd", "1"); }; ... -1.4.4. auth_challenge(realm, flags) +1.4.5. auth_challenge(realm, flags) The function challenges a user agent for authentication. It combines the functions www_challenge() and proxy_challenge(), by calling @@ -601,14 +615,14 @@ if (!proxy_authenticate("$fd", "subscriber")) { This function can be used from REQUEST_ROUTE. - Example 18. proxy_challenge usage + Example 19. proxy_challenge usage ... if (!auth_check("$fd", "subscriber", "1")) { auth_challenge("$fd", "1"); }; ... -1.4.5. pv_www_authenticate(realm, passwd, flags) +1.4.6. pv_www_authenticate(realm, passwd, flags) The function verifies credentials according to RFC2617. If the credentials are verified successfully then the function will succeed @@ -652,14 +666,14 @@ if (!auth_check("$fd", "subscriber", "1")) { This function can be used from REQUEST_ROUTE. - Example 19. pv_www_authenticate usage + Example 20. pv_www_authenticate usage ... if (!pv_www_authenticate("$td", "123abc", "0")) { www_challenge("$td", "1"); }; ... -1.4.6. pv_proxy_authenticate(realm, passwd, flags) +1.4.7. pv_proxy_authenticate(realm, passwd, flags) The function verifies credentials according to RFC2617. If the credentials are verified successfully then the function will succeed @@ -674,7 +688,7 @@ if (!pv_www_authenticate("$td", "123abc", "0")) { This function can be used from REQUEST_ROUTE. - Example 20. pv_proxy_authenticate usage + Example 21. pv_proxy_authenticate usage ... $avp(password)="xyz"; if (!pv_proxy_authenticate("$fd", "$avp(password)", "0")) { @@ -682,7 +696,7 @@ if (!pv_proxy_authenticate("$fd", "$avp(password)", "0")) { }; ... -1.4.7. auth_get_www_authenticate(realm, flags, pvdst) +1.4.8. auth_get_www_authenticate(realm, flags, pvdst) Build WWW-Authentication header and set the resulting value in 'pvdest' parameter. @@ -692,7 +706,7 @@ if (!pv_proxy_authenticate("$fd", "$avp(password)", "0")) { This function can be used from ANY_ROUTE. - Example 21. auth_get_www_authenticate + Example 22. auth_get_www_authenticate ... if (auth_get_www_authenticate("$fd", "0", "$var(wauth)")) { xlog("www authenticate header is [$var(wauth)]\n"); diff --git a/modules/auth/auth_mod.c b/modules/auth/auth_mod.c index 4a03af4..95b59ec 100644 --- a/modules/auth/auth_mod.c +++ b/modules/auth/auth_mod.c @@ -81,6 +81,10 @@ static int mod_init(void); * Remove used credentials from a SIP message header */ int w_consume_credentials(struct sip_msg* msg, char* s1, char* s2); +/* + * Check for credentials with given realm + */ +int w_has_credentials(struct sip_msg* msg, char* s1, char* s2); static int pv_proxy_authenticate(struct sip_msg* msg, char* realm, char *passwd, char *flags); @@ -160,6 +164,8 @@ static cmd_export_t cmds[] = { fixup_pv_auth, REQUEST_ROUTE}, {"auth_get_www_authenticate", (cmd_function)w_auth_get_www_authenticate, 3, fixup_auth_get_www_authenticate, REQUEST_ROUTE}, + {"has_credentials", w_has_credentials, 1, + fixup_spve_null, REQUEST_ROUTE}, {"bind_auth_s", (cmd_function)bind_auth_s, 0, 0, 0 }, {0, 0, 0, 0, 0} }; @@ -409,6 +415,35 @@ int w_consume_credentials(struct sip_msg* msg, char* s1, char* s2) } /** + * + */ +int w_has_credentials(sip_msg_t *msg, char* realm, char* s2) +{ + str srealm = {0, 0}; + hdr_field_t *hdr = NULL; + int ret; + + if (fixup_get_svalue(msg, (gparam_t*)realm, &srealm) < 0) { + LM_ERR("failed to get realm value\n"); + return -1; + } + + ret = find_credentials(msg, &srealm, HDR_PROXYAUTH_T, &hdr); + if(ret==0) { + LM_DBG("found www credentials with realm [%.*s]\n", srealm.len, srealm.s); + return 1; + } + ret = find_credentials(msg, &srealm, HDR_AUTHORIZATION_T, &hdr); + if(ret==0) { + LM_DBG("found proxy credentials with realm [%.*s]\n", srealm.len, srealm.s); + return 1; + } + + LM_DBG("no credentials with realm [%.*s]\n", srealm.len, srealm.s); + return -1; +} + +/** * @brief do WWW-Digest authentication with password taken from cfg var */ int pv_authenticate(struct sip_msg *msg, str *realm, str *passwd, diff --git a/modules/auth/doc/functions.xml b/modules/auth/doc/functions.xml index 59c7422..fa6de4e 100644 --- a/modules/auth/doc/functions.xml +++ b/modules/auth/doc/functions.xml @@ -24,13 +24,31 @@ <title>consume_credentials example</title> <programlisting> ... -if (www_authenticate("realm", "subscriber)) { +if (www_authenticate("realm", "subscriber")) { consume_credentials(); }; ... </programlisting> </example> </section> + <section id="has_credentials"> + <title><function>has_credentials(realm)</function></title> + <para> + This function returns true of the request has Autorization or + Proxy-Authorization header with provided realm. The parameter + can be string with pseudo-variables. + </para> + <example> + <title>consume_credentials example</title> + <programlisting> +... +if (has_credentials("myrealm")) { + ... +} +... + </programlisting> + </example> + </section> <section id="www_challenge"> <title> <function moreinfo="none">www_challenge(realm, flags)</function>

1 0

git:master: kamailio.cfg: show how to include a local file if exists
by Daniel-Constantin Mierla 03 Oct '12

03 Oct '12

Module: sip-router Branch: master Commit: 7982d66c29e40548cb8282a1de6b7fdddece5ddb URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=7982d66… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Wed Oct 3 14:26:12 2012 +0200 kamailio.cfg: show how to include a local file if exists - kamailio-local.cfg is attempted to be loaded if exists in the same folder, allowing to set defines/paramters inside it without changing main kamailio.cfg --- etc/kamailio.cfg | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index 008808f..759262e 100644 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -99,6 +99,9 @@ ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; #!endif +####### Include Local Config If Exists ######### +import_file "kamailio-local.cfg" + ####### Defined Values ######### # *** Value defines - IDs used later in config

1 0

git:master: kamailio.cfg: test if DBURL is already defined before defining it
by Daniel-Constantin Mierla 03 Oct '12

03 Oct '12

Module: sip-router Branch: master Commit: 727203559c98d648e7da4f0d54d65a05317b14f5 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=7272035… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Wed Oct 3 14:21:11 2012 +0200 kamailio.cfg: test if DBURL is already defined before defining it - allow to set it via command line with -A DBURL='...' --- etc/kamailio.cfg | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg index efcce99..008808f 100644 --- a/etc/kamailio.cfg +++ b/etc/kamailio.cfg @@ -105,8 +105,10 @@ #!ifdef WITH_MYSQL # - database URL - used to connect to database server by modules such # as: auth_db, acc, usrloc, a.s.o. +#!ifndef DBURL #!define DBURL "mysql://openser:openserrw@localhost/openser" #!endif +#!endif #!ifdef WITH_MULTIDOMAIN # - the value for 'use_domain' parameters #!define MULTIDOMAIN 1

1 0

git:master: mem: fixed MDBG() parameters
by Daniel-Constantin Mierla 03 Oct '12

03 Oct '12

Module: sip-router Branch: master Commit: 0193d296e39a9fc095e90682f5335a2907403474 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0193d29… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Wed Oct 3 14:20:27 2012 +0200 mem: fixed MDBG() parameters - log level is not necessary for this macro --- mem/f_malloc.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/mem/f_malloc.c b/mem/f_malloc.c index 0349585..008874b 100644 --- a/mem/f_malloc.c +++ b/mem/f_malloc.c @@ -509,7 +509,7 @@ void fm_free(struct fm_block* qm, void* p) MDBG("fm_free(%p, %p), called from %s: %s(%d)\n", qm, p, file, func, line); #endif if (p==0) { - MDBG(L_WARN, "WARNING:fm_free: free(0) called\n"); + MDBG("WARNING:fm_free: free(0) called\n"); return; } #ifdef DBG_F_MALLOC

1 0

git:master: mem/f_malloc.c: downgraded print free(0) warning from LOG to MDBG.
by admin＠sip-router.org 03 Oct '12

03 Oct '12

Module: sip-router Branch: master Commit: 7b6234a3e8d0427c767942327aff57ade676eb5e URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=7b6234a… Author: Juha Heinanen <jh(a)tutpro.com> Committer: Juha Heinanen <jh(a)tutpro.com> Date: Wed Oct 3 09:27:38 2012 +0300 mem/f_malloc.c: downgraded print free(0) warning from LOG to MDBG. --- mem/f_malloc.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/mem/f_malloc.c b/mem/f_malloc.c index e9cbc0b..0349585 100644 --- a/mem/f_malloc.c +++ b/mem/f_malloc.c @@ -509,7 +509,7 @@ void fm_free(struct fm_block* qm, void* p) MDBG("fm_free(%p, %p), called from %s: %s(%d)\n", qm, p, file, func, line); #endif if (p==0) { - LOG(L_WARN, "WARNING:fm_free: free(0) called\n"); + MDBG(L_WARN, "WARNING:fm_free: free(0) called\n"); return; } #ifdef DBG_F_MALLOC

1 0

git:master: Merge branch 'master' of ssh://git.sip-router.org/sip-router
by admin＠sip-router.org 03 Oct '12

03 Oct '12

Module: sip-router Branch: master Commit: 4b656a8f6ee3056986687ca923436639e2fc1653 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=4b656a8… Author: Juha Heinanen <jh(a)tutpro.com> Committer: Juha Heinanen <jh(a)tutpro.com> Date: Wed Oct 3 09:29:32 2012 +0300 Merge branch 'master' of ssh://git.sip-router.org/sip-router ---

1 0

git:master: uac(k): documented the new parameter restore_dlg
by Daniel-Constantin Mierla 02 Oct '12

02 Oct '12

Module: sip-router Branch: master Commit: 43e1a79272b451588d9f9b97fdf1d661e18a45a0 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=43e1a79… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Tue Oct 2 21:53:22 2012 +0200 uac(k): documented the new parameter restore_dlg --- modules_k/uac/README | 227 +++++++++++++++++++++------------------ modules_k/uac/doc/uac_admin.xml | 21 ++++ 2 files changed, 143 insertions(+), 105 deletions(-) Diff: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=43e…

1 0

git:master: uac(k): new paramter restore_dlg
by Daniel-Constantin Mierla 02 Oct '12

02 Oct '12

Module: sip-router Branch: master Commit: 0d299fea8a642887305797203536e1340cdf74f9 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0d299fe… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Tue Oct 2 21:50:59 2012 +0200 uac(k): new paramter restore_dlg - if set to 1, then the module uses dialog variables to store the initial and new values for From/To headers - default set to 0 - otherwise all calls that have changes to From/To headers must be tracked by dialog - result of checking a report from Alex Balashov --- modules_k/uac/uac.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/modules_k/uac/uac.c b/modules_k/uac/uac.c index 63282a1..2ca13e1 100644 --- a/modules_k/uac/uac.c +++ b/modules_k/uac/uac.c @@ -74,6 +74,7 @@ unsigned short restore_from_avp_type; int_str restore_from_avp_name; unsigned short restore_to_avp_type; int_str restore_to_avp_name; +static int uac_restore_dlg = 0; /* global param variables */ str rr_from_param = str_init("vsf"); @@ -146,6 +147,7 @@ static param_export_t params[] = { {"rr_from_store_param", STR_PARAM, &rr_from_param.s }, {"rr_to_store_param", STR_PARAM, &rr_to_param.s }, {"restore_mode", STR_PARAM, &restore_mode_str }, + {"restore_dlg", INT_PARAM, &uac_restore_dlg }, {"restore_passwd", STR_PARAM, &uac_passwd.s }, {"restore_from_avp", STR_PARAM, &restore_from_avp.s }, {"restore_to_avp", STR_PARAM, &restore_to_avp.s }, @@ -290,13 +292,14 @@ static int mod_init(void) /* we need the append_fromtag on in RR */ memset(&dlg_api, 0, sizeof(struct dlg_binds)); - if (load_dlg_api(&dlg_api)!=0) { + if (uac_restore_dlg==0 || load_dlg_api(&dlg_api)!=0) { if (!uac_rrb.append_fromtag) { LM_ERR("'append_fromtag' RR param is not enabled!" " - required by AUTO restore mode\n"); goto error; } - LM_DBG("failed to find dialog API - is dialog module loaded?\n"); + if (uac_restore_dlg!=0) + LM_DBG("failed to find dialog API - is dialog module loaded?\n"); } /* get all requests doing loose route */

1 0

git:master: mem: enhanced the warning message for free(0) of QM in debug mode
by Daniel-Constantin Mierla 02 Oct '12

02 Oct '12

Module: sip-router Branch: master Commit: 41fa8653157a989ed1a77f72b25a20fd984b999d URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=41fa865… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Tue Oct 2 21:24:09 2012 +0200 mem: enhanced the warning message for free(0) of QM in debug mode --- mem/q_malloc.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/mem/q_malloc.c b/mem/q_malloc.c index 4649474..497c3f9 100644 --- a/mem/q_malloc.c +++ b/mem/q_malloc.c @@ -438,7 +438,11 @@ void qm_free(struct qm_block* qm, void* p) #endif if (p==0) { +#ifdef DBG_QM_MALLOC + LOG(L_WARN, "WARNING:qm_free: free(0) called from %s: %s(%d)\n", file, func, line); +#else LOG(L_WARN, "WARNING:qm_free: free(0) called\n"); +#endif return; }

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev October 2012