Module: sip-router Branch: master Commit: cb74d38f52d77f6ee11d7083ab0adabe5e6f34a9 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=cb74d38… Author: Peter Dunkley &lt;peter.dunkley(a)crocodile-rcs.com&gt; Committer: Peter Dunkley &lt;peter.dunkley(a)crocodile-rcs.com&gt; Date: Fri Oct 19 14:34:54 2012 +0100 modules/websocket: Updated example configuration file - Use qop="auth" for MSRP authentication - Support Expires: header in MSRP AUTH requests - Add Expires: header to 200 OK responses to MSRP AUTH requests - Authenticate MSRP AUTH requests off subscriber DB --- modules/websocket/example/kamailio.cfg | 40 ++++++++++++++++++++++++------- 1 files changed, 31 insertions(+), 9 deletions(-) diff --git a/modules/websocket/example/kamailio.cfg b/modules/websocket/example/kamailio.cfg index 03827ad..09fd968 100644 --- a/modules/websocket/example/kamailio.cfg +++ b/modules/websocket/example/kamailio.cfg @@ -12,6 +12,8 @@ #!substdef "!MY_WS_ADDR!tcp:MY_IP_ADDR:MY_WS_PORT!g" #!substdef "!MY_WSS_ADDR!tls:MY_IP_ADDR:MY_WSS_PORT!g" #!substdef "!MY_MSRP_ADDR!tls:MY_IP_ADDR:MY_MSRP_PORT!g" +#!substdef "!MSRP_MIN_EXPIRES!1800!g" +#!substdef "!MSRP_MAX_EXPIRES!3600!g" ##!define LOCAL_TEST_RUN #!define WITH_TLS @@ -110,6 +112,10 @@ modparam("registrar", "gruu_enabled", 0) modparam("usrloc", "db_url", "DBURL") modparam("usrloc", "db_mode", 0) +# ----- auth params ----- +modparam("auth", "nonce_count", 1) +modparam("auth", "qop", "auth") + # ----- auth_db params ----- modparam("auth_db", "db_url", "DBURL") modparam("auth_db", "calculate_ha1", yes) @@ -137,7 +143,7 @@ modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") #!ifdef WITH_MSRP # ----- htable params ----- -modparam("htable", "htable", "msrp=>size=8;autoexpire=3600;") +modparam("htable", "htable", "msrp=>size=8;autoexpire=MSRP_MAX_EXPIRES;") #!endif @@ -416,12 +422,10 @@ event_route[msrp:frame-in] { msrp_relay(); exit; } - # frame for local server - send Use-Path - # -- passwd can be loaded from DB based on $au - $var(passwd) = "xyz123"; - if(!pv_www_authenticate("myrealm", "$var(passwd)", "0")) + + if(!www_authenticate("MY_DOMAIN", "subscriber")) { - if(auth_get_www_authenticate("myrealm", "0", + if(auth_get_www_authenticate("myrealm", "1", "$var(wauth)")) { msrp_reply("401", "Authorization Required", @@ -431,14 +435,32 @@ event_route[msrp:frame-in] { } exit; } + + if ($hdr(Expires) != $null) { + $var(expires) = (int) $hdr(Expires); + + if ($var(expires) < MSRP_MIN_EXPIRES) { + msrp_reply("423", "Interval Out-of-Bounds", + "Min-Expires: MSRP_MIN_EXPIRES\r\n"); + exit; + } else if ($var(expires) > MSRP_MAX_EXPIRES) { + msrp_reply("423", "Interval Out-of-Bounds", + "Max-Expires: MSRP_MAX_EXPIRES\r\n"); + exit; + } + } else + $var(expires) = MSRP_MAX_EXPIRES; + $var(cnt) = $var(cnt) + 1; pv_printf("$var(sessid)", "s.$(pp).$(var(cnt)).$(RANDOM)"); $sht(msrp=>$var(sessid)::srcaddr) = $msrp(srcaddr); $sht(msrp=>$var(sessid)::srcsock) = $msrp(srcsock); + $shtex(msrp=>$var(sessid)) = MSRP_MAX_EXPIRES + 5; # - Use-Path: the MSRP address for server + session id - $var(UsePath) = "Use-Path: msrp://MY_IP_ADDR:MY_MSRP_PORT/" - + $var(sessid) + ";tcp\r\n"; - msrp_reply("200", "OK", "$var(UsePath)"); + $var(headers) = "Use-Path: msrp://MY_IP_ADDR:MY_MSRP_PORT/" + + $var(sessid) + ";tcp\r\n" + + "Expires: " + $var(expires) + "\r\n"; + msrp_reply("200", "OK", "$var(expires)"); exit; }