[sr-dev] git:master:269455ef: jwt: renamed parameter to indicate is a path to file

Daniel-Constantin Mierla miconda at gmail.com
Wed Nov 23 10:39:46 CET 2022 

Module: kamailio
Branch: master
Commit: 269455efb3827c9700f85715113b1757508b9767
URL: https://github.com/kamailio/kamailio/commit/269455efb3827c9700f85715113b1757508b9767

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2022-11-23T10:32:40+01:00

jwt: renamed parameter to indicate is a path to file

---

Modified: src/modules/jwt/jwt_mod.c

---

Diff:  https://github.com/kamailio/kamailio/commit/269455efb3827c9700f85715113b1757508b9767.diff
Patch: https://github.com/kamailio/kamailio/commit/269455efb3827c9700f85715113b1757508b9767.patch

---

diff --git a/src/modules/jwt/jwt_mod.c b/src/modules/jwt/jwt_mod.c
index d533b88a15..0afedd237c 100644
--- a/src/modules/jwt/jwt_mod.c
+++ b/src/modules/jwt/jwt_mod.c
@@ -44,7 +44,7 @@ static void mod_destroy(void);
 
 static int w_jwt_generate_4(sip_msg_t* msg, char* pkey, char* palg, char* pclaims, char* pheaders);
 static int w_jwt_generate_3(sip_msg_t* msg, char* pkey, char* palg, char* pclaims);
-static int w_jwt_verify(sip_msg_t* msg, char* pkey, char* palg, char* pclaims,
+static int w_jwt_verify(sip_msg_t* msg, char* pkeypath, char* palg, char* pclaims,
 		char *pjwtval);
 
 static int _jwt_key_mode = 0;
@@ -418,16 +418,13 @@ static int w_jwt_generate_4(sip_msg_t* msg, char* pkey, char* palg, char* pclaim
 /**
  *
  */
-static int ki_jwt_verify(sip_msg_t* msg, str *key, str *alg, str *claims,
+static int ki_jwt_verify_key(sip_msg_t* msg, str *key, str *alg, str *claims,
 		str *jwtval)
 {
 	str dupclaims = STR_NULL;
 	jwt_alg_t valg = JWT_ALG_NONE;
 	str kdata = STR_NULL;
 	time_t iat;
-	FILE *fpk = NULL;
-	unsigned char keybuf[10240];
-	size_t keybuf_len = 0;
 	param_t* params_list = NULL;
 	param_hooks_t phooks;
 	param_t *pit = NULL;
@@ -446,6 +443,8 @@ static int ki_jwt_verify(sip_msg_t* msg, str *key, str *alg, str *claims,
 
 	_jwt_verify_status = 0;
 
+	kdata = *key;
+	trim(&kdata);
 	valg = jwt_str_alg(alg->s);
 	if (valg == JWT_ALG_INVAL) {
 		LM_ERR("not supported algorithm: %s\n", alg->s);
@@ -455,25 +454,6 @@ static int ki_jwt_verify(sip_msg_t* msg, str *key, str *alg, str *claims,
 		LM_ERR("failed to duplicate claims\n");
 		return -1;
 	}
-	jwt_fcache_get(key, &kdata);
-	if(kdata.s==NULL) {
-		fpk= fopen(key->s, "r");
-		if(fpk==NULL) {
-			LM_ERR("failed to read key file: %s\n", key->s);
-			goto error;
-		}
-		keybuf_len = fread(keybuf, 1, sizeof(keybuf), fpk);
-		fclose(fpk);
-		if(keybuf_len==0) {
-			LM_ERR("unable to read key file content: %s\n", key->s);
-			goto error;
-		}
-		kdata.s = (char*)keybuf;
-		kdata.len = (int)keybuf_len;
-		trim(&kdata);
-		kdata.s[keybuf_len] = '\0';
-		jwt_fcache_add(key, &kdata);
-	}
 	sparams = dupclaims;
 	if(sparams.s[sparams.len-1]==';') {
 		sparams.len--;
@@ -548,15 +528,55 @@ static int ki_jwt_verify(sip_msg_t* msg, str *key, str *alg, str *claims,
 /**
  *
  */
-static int w_jwt_verify(sip_msg_t* msg, char* pkey, char* palg, char* pclaims,
+static int ki_jwt_verify(sip_msg_t* msg, str *keypath, str *alg, str *claims,
+		str *jwtval)
+{
+	str kdata = STR_NULL;
+	FILE *fpk = NULL;
+	unsigned char keybuf[10240];
+	size_t keybuf_len = 0;
+
+	if(keypath==NULL || keypath->s==NULL || alg==NULL || alg->s==NULL
+			|| claims==NULL || claims->s==NULL || claims->len<=0
+			|| jwtval==NULL || jwtval->s==NULL || jwtval->len<=0) {
+		LM_ERR("invalid parameters\n");
+		return -1;
+	}
+
+	jwt_fcache_get(keypath, &kdata);
+	if(kdata.s==NULL) {
+		fpk= fopen(keypath->s, "r");
+		if(fpk==NULL) {
+			LM_ERR("failed to read key file: %s\n", keypath->s);
+			return -1;
+		}
+		keybuf_len = fread(keybuf, 1, sizeof(keybuf), fpk);
+		fclose(fpk);
+		if(keybuf_len==0) {
+			LM_ERR("unable to read key file content: %s\n", keypath->s);
+			return -1;
+		}
+		kdata.s = (char*)keybuf;
+		kdata.len = (int)keybuf_len;
+		trim(&kdata);
+		kdata.s[keybuf_len] = '\0';
+		jwt_fcache_add(keypath, &kdata);
+	}
+	return ki_jwt_verify_key(msg, &kdata, alg, claims, jwtval);
+}
+
+/**
+ *
+ */
+static int w_jwt_verify(sip_msg_t* msg, char* pkeypath, char* palg, char* pclaims,
 		char *pjwtval)
 {
-	str skey = STR_NULL;
+	str skeypath = STR_NULL;
 	str salg = STR_NULL;
 	str sclaims = STR_NULL;
 	str sjwtval = STR_NULL;
 
-	if (fixup_get_svalue(msg, (gparam_t*)pkey, &skey) != 0) {
+	if (fixup_get_svalue(msg, (gparam_t*)pkeypath, &skeypath) != 0) {
 		LM_ERR("cannot get path to the key file\n");
 		return -1;
 	}
@@ -573,7 +593,7 @@ static int w_jwt_verify(sip_msg_t* msg, char* pkey, char* palg, char* pclaims,
 		return -1;
 	}
 
-	return ki_jwt_verify(msg, &skey, &salg, &sclaims, &sjwtval);
+	return ki_jwt_verify(msg, &skeypath, &salg, &sclaims, &sjwtval);
 }
 
 /**

More information about the sr-dev mailing list