18 Jul
2017
18 Jul
'17
9:25 p.m.
Module: kamailio
Branch: master
Commit: 5937adf01f7c3e2382a1f2dc149a677fe6cd26f1
URL: https://github.com/kamailio/kamailio/commit/5937adf01f7c3e2382a1f2dc149a677…
Author: Daniel-Constantin Mierla <miconda(a)gmail.com>
Committer: Daniel-Constantin Mierla <miconda(a)gmail.com>
Date: 2017-07-18T23:24:07+02:00
auth_ephemeral: use dedicated enum type for auth return codes
- reorder safety checks not to access msg structure if null
---
Modified: src/modules/auth_ephemeral/authorize.c
---
Diff:
https://github.com/kamailio/kamailio/commit/5937adf01f7c3e2382a1f2dc149a677…
Patch:
https://github.com/kamailio/kamailio/commit/5937adf01f7c3e2382a1f2dc149a677…
---
diff --git a/src/modules/auth_ephemeral/authorize.c
b/src/modules/auth_ephemeral/authorize.c
index a5b3f48e92..a8815a3b43 100644
--- a/src/modules/auth_ephemeral/authorize.c
+++ b/src/modules/auth_ephemeral/authorize.c
@@ -129,7 +129,7 @@ static inline int get_ha1(struct username *_username, str *_domain,
static inline int do_auth(struct sip_msg *_m, struct hdr_field *_h, str *_realm,
str *_method, str *_secret)
{
- int ret;
+ auth_result_t ret;
char ha1[512];
auth_body_t *cred = (auth_body_t*) _h->parsed;
@@ -146,21 +146,15 @@ static inline int do_auth(struct sip_msg *_m, struct hdr_field *_h,
str *_realm,
ret = eph_auth_api.check_response(&cred->digest, _method, ha1);
if (ret == AUTHENTICATED)
{
- if (eph_auth_api.post_auth(_m, _h, ha1) != AUTHENTICATED)
- {
+ if (eph_auth_api.post_auth(_m, _h, ha1) != AUTHENTICATED) {
return AUTH_ERROR;
}
- }
- else if (ret == NOT_AUTHENTICATED)
- {
+ return AUTH_OK;
+ } else if (ret == NOT_AUTHENTICATED) {
return AUTH_INVALID_PASSWORD;
+ } else {
+ return AUTH_ERROR;
}
- else
- {
- ret = AUTH_ERROR;
- }
-
- return AUTH_OK;
}
int autheph_verify_timestamp(str *_username)
@@ -219,15 +213,16 @@ static inline int digest_authenticate(struct sip_msg *_m, str
*_realm,
hdr_types_t _hftype, str *_method)
{
struct hdr_field* h;
- int ret;
+ auth_cfg_result_t ret;
+ auth_result_t rauth;
struct secret *secret_struct;
str username;
LM_DBG("realm: %.*s\n", _realm->len, _realm->s);
LM_DBG("method: %.*s\n", _method->len, _method->s);
- ret = eph_auth_api.pre_auth(_m, _realm, _hftype, &h, NULL);
- switch(ret)
+ rauth = eph_auth_api.pre_auth(_m, _realm, _hftype, &h, NULL);
+ switch(rauth)
{
case NONCE_REUSED:
LM_DBG("nonce reused\n");
@@ -294,17 +289,17 @@ int autheph_check(struct sip_msg *_m, char *_realm)
return AUTH_ERROR;
}
- if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
- {
- return AUTH_OK;
- }
-
if(_m == NULL || _realm == NULL)
{
LM_ERR("invalid parameters\n");
return AUTH_ERROR;
}
+ if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
+ {
+ return AUTH_OK;
+ }
+
if (get_str_fparam(&srealm, _m, (fparam_t*)_realm) < 0)
{
LM_ERR("failed to get realm value\n");
@@ -340,17 +335,17 @@ int autheph_www(struct sip_msg *_m, char *_realm)
return AUTH_ERROR;
}
- if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
- {
- return AUTH_OK;
- }
-
if(_m == NULL || _realm == NULL)
{
LM_ERR("invalid parameters\n");
return AUTH_ERROR;
}
+ if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
+ {
+ return AUTH_OK;
+ }
+
if (get_str_fparam(&srealm, _m, (fparam_t*)_realm) < 0)
{
LM_ERR("failed to get realm value\n");
@@ -428,17 +423,17 @@ int autheph_proxy(struct sip_msg *_m, char *_realm)
return AUTH_ERROR;
}
- if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
- {
- return AUTH_OK;
- }
-
if(_m == NULL || _realm == NULL)
{
LM_ERR("invalid parameters\n");
return AUTH_ERROR;
}
+ if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
+ {
+ return AUTH_OK;
+ }
+
if (get_str_fparam(&srealm, _m, (fparam_t*)_realm) < 0)
{
LM_ERR("failed to get realm value\n");