git:master:cd3b7766: secsipid: iterate through all Identity headers - sr-dev

3 Nov 2022

Module: kamailio
Branch: master
Commit: cd3b776649e652b5d27b2718c22f08736b1e9e84
URL: https://github.com/kamailio/kamailio/commit/cd3b776649e652b5d27b2718c22f0873...
Author: Daniel-Constantin Mierla miconda@gmail.com
Committer: Daniel-Constantin Mierla miconda@gmail.com
Date: 2022-11-03T10:20:10+01:00
secsipid: iterate through all Identity headers
---
Modified: src/modules/secsipid/secsipid_mod.c
---
Diff:  https://github.com/kamailio/kamailio/commit/cd3b776649e652b5d27b2718c22f0873...
Patch: https://github.com/kamailio/kamailio/commit/cd3b776649e652b5d27b2718c22f0873...
---

diff --git a/src/modules/secsipid/secsipid_mod.c b/src/modules/secsipid/secsipid_mod.c
index 43c1ab4cb42..96f01487a3a 100644
--- a/src/modules/secsipid/secsipid_mod.c
+++ b/src/modules/secsipid/secsipid_mod.c
@@ -221,24 +221,10 @@ static void mod_destroy(void)
  */
 static int ki_secsipid_check_identity(sip_msg_t *msg, str *keypath)
 {
-	int ret = 1;
+	int ret = -1;
    str ibody = STR_NULL;
    hdr_field_t *hf;
-	for (hf=msg->headers; hf; hf=hf->next) {
-		if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN
-				&& strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY,
-					SECSIPID_HDR_IDENTITY_LEN)==0)
-			break;
-	}
-
-	if(hf == NULL) {
-		LM_DBG("no identity header\n");
-		return -1;
-	}
-
-	ibody = hf->body;
-
    if(secsipid_cache_dir.len > 0) {
    	_secsipid_papi.SecSIPIDSetFileCacheOptions(secsipid_cache_dir.s,
    			secsipid_cache_expire);
@@ -250,12 +236,19 @@ static int ki_secsipid_check_identity(sip_msg_t *msg, str *keypath)
    	}
    	secsipid_libopt_list_used = 1;
    }
-	ret = _secsipid_papi.SecSIPIDCheckFull(ibody.s, ibody.len, secsipid_expire,
-			keypath->s, secsipid_timeout);
-	if(ret==0) {
-		LM_DBG("identity check: ok\n");
-		return 1;
+	for (hf=msg->headers; hf; hf=hf->next) {
+		if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN
+				&& strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY,
+					SECSIPID_HDR_IDENTITY_LEN)==0) {
+			ibody = hf->body;
+			ret = _secsipid_papi.SecSIPIDCheckFull(ibody.s, ibody.len, secsipid_expire,
+					keypath->s, secsipid_timeout);
+			if(ret==0) {
+				LM_DBG("identity check: ok\n");
+				return 1;
+			}
+		}
    }
LM_DBG("identity check: failed\n");
@@ -282,22 +275,10 @@ static int w_secsipid_check_identity(sip_msg_t *msg, char *pkeypath, char *str2)
  */
 static int ki_secsipid_check_identity_pubkey(sip_msg_t *msg, str *keyval)
 {
-	int ret = 1;
+	int ret = -1;
    str ibody = STR_NULL;
    hdr_field_t *hf;
-	for (hf=msg->headers; hf; hf=hf->next) {
-		if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN
-				&& strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY,
-					SECSIPID_HDR_IDENTITY_LEN)==0)
-			break;
-	}
-
-	if(hf == NULL) {
-		LM_DBG("no identity header\n");
-		return -1;
-	}
-
    if(secsipid_libopt_list_used==0) {
    	str_list_t *sit;
    	for(sit=secsipid_libopt_list; sit!=NULL; sit=sit->next) {
@@ -306,14 +287,18 @@ static int ki_secsipid_check_identity_pubkey(sip_msg_t *msg, str *keyval)
    	secsipid_libopt_list_used = 1;
    }
-	ibody = hf->body;
-
-	ret = _secsipid_papi.SecSIPIDCheckFullPubKey(ibody.s, ibody.len,
-			secsipid_expire, keyval->s, keyval->len);
-
-	if(ret==0) {
-		LM_DBG("identity check: ok\n");
-		return 1;
+	for (hf=msg->headers; hf; hf=hf->next) {
+		if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN
+				&& strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY,
+					SECSIPID_HDR_IDENTITY_LEN)==0) {
+			ibody = hf->body;
+			ret = _secsipid_papi.SecSIPIDCheckFullPubKey(ibody.s, ibody.len,
+					secsipid_expire, keyval->s, keyval->len);
+			if(ret==0) {
+				LM_DBG("identity check: ok\n");
+				return 1;
+			}
+		}
    }
LM_DBG("identity check: failed\n");

    