[sr-dev] git:master:4489b19f: Merge pull request #1910 from kamailio/auth_username_expired

Module: kamailio Branch: master Commit: 4489b19fe3c3d82442c98323a348cca69ef520cc URL: https://github.com/kamailio/kamailio/commit/4489b19fe3c3d82442c98323a348cca… Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Committer: GitHub &lt;noreply(a)github.com&gt; Date: 2019-03-28T17:14:43+01:00 Merge pull request #1910 from kamailio/auth_username_expired AUTH_USERNAME_EXPIRED auth api return code --- Modified: src/modules/auth/api.h Modified: src/modules/auth_ephemeral/authorize.c --- Diff: https://github.com/kamailio/kamailio/commit/4489b19fe3c3d82442c98323a348cca… Patch: https://github.com/kamailio/kamailio/commit/4489b19fe3c3d82442c98323a348cca… --- diff --git a/src/modules/auth/api.h b/src/modules/auth/api.h index 9730b409ed..33d131840a 100644 --- a/src/modules/auth/api.h +++ b/src/modules/auth/api.h @@ -39,6 +39,7 @@ */ typedef enum auth_cfg_result { AUTH_USER_MISMATCH = -8, /*!< Auth user != From/To user */ + AUTH_USERNAME_EXPIRED = -7, /*!< Ephemeral auth username expired */ AUTH_NONCE_REUSED = -6, /*!< Returned if nonce is used more than once */ AUTH_NO_CREDENTIALS = -5, /*!< Credentials missing */ AUTH_STALE_NONCE = -4, /*!< Stale nonce */ diff --git a/src/modules/auth_ephemeral/authorize.c b/src/modules/auth_ephemeral/authorize.c index 745f12d7ab..216332b321 100644 --- a/src/modules/auth_ephemeral/authorize.c +++ b/src/modules/auth_ephemeral/authorize.c @@ -203,7 +203,7 @@ int autheph_verify_timestamp(str *_username) if (cur_time > expires) { LM_WARN("username has expired\n"); - return -1; + return AUTH_USERNAME_EXPIRED; } return 0; @@ -255,10 +255,16 @@ static inline int digest_authenticate(struct sip_msg *_m, str *_realm, username = ((auth_body_t *) h->parsed)->digest.username.whole; LM_DBG("username: %.*s\n", username.len, username.s); - if (autheph_verify_timestamp(&username) < 0) + int res = autheph_verify_timestamp(&username); + if (res < 0) { - LM_ERR("invalid timestamp in username\n"); - return AUTH_ERROR; + if (res == -1) + { + LM_ERR("invalid timestamp in username\n"); + return AUTH_ERROR; + } else { + return AUTH_USERNAME_EXPIRED; + } } SECRET_LOCK; @@ -489,10 +495,16 @@ int ki_autheph_authenticate(sip_msg_t *_m, str *susername, str *spassword) return AUTH_ERROR; } - if (autheph_verify_timestamp(susername) < 0) + int res = autheph_verify_timestamp(susername); + if (res < 0) { - LM_ERR("invalid timestamp in username\n"); - return AUTH_ERROR; + if (res == -1) + { + LM_ERR("invalid timestamp in username\n"); + return AUTH_ERROR; + } else { + return AUTH_USERNAME_EXPIRED; + } } LM_DBG("username: %.*s\n", susername->len, susername->s);