[sr-dev] git:master:cd3b7766: secsipid: iterate through all Identity headers

Module: kamailio Branch: master Commit: cd3b776649e652b5d27b2718c22f08736b1e9e84 URL: https://github.com/kamailio/kamailio/commit/cd3b776649e652b5d27b2718c22f087… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2022-11-03T10:20:10+01:00 secsipid: iterate through all Identity headers --- Modified: src/modules/secsipid/secsipid_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/cd3b776649e652b5d27b2718c22f087… Patch: https://github.com/kamailio/kamailio/commit/cd3b776649e652b5d27b2718c22f087… --- diff --git a/src/modules/secsipid/secsipid_mod.c b/src/modules/secsipid/secsipid_mod.c index 43c1ab4cb42..96f01487a3a 100644 --- a/src/modules/secsipid/secsipid_mod.c +++ b/src/modules/secsipid/secsipid_mod.c @@ -221,24 +221,10 @@ static void mod_destroy(void) */ static int ki_secsipid_check_identity(sip_msg_t *msg, str *keypath) { - int ret = 1; + int ret = -1; str ibody = STR_NULL; hdr_field_t *hf; - for (hf=msg->headers; hf; hf=hf->next) { - if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN - && strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY, - SECSIPID_HDR_IDENTITY_LEN)==0) - break; - } - - if(hf == NULL) { - LM_DBG("no identity header\n"); - return -1; - } - - ibody = hf->body; - if(secsipid_cache_dir.len > 0) { _secsipid_papi.SecSIPIDSetFileCacheOptions(secsipid_cache_dir.s, secsipid_cache_expire); @@ -250,12 +236,19 @@ static int ki_secsipid_check_identity(sip_msg_t *msg, str *keypath) } secsipid_libopt_list_used = 1; } - ret = _secsipid_papi.SecSIPIDCheckFull(ibody.s, ibody.len, secsipid_expire, - keypath->s, secsipid_timeout); - if(ret==0) { - LM_DBG("identity check: ok\n"); - return 1; + for (hf=msg->headers; hf; hf=hf->next) { + if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN + && strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY, + SECSIPID_HDR_IDENTITY_LEN)==0) { + ibody = hf->body; + ret = _secsipid_papi.SecSIPIDCheckFull(ibody.s, ibody.len, secsipid_expire, + keypath->s, secsipid_timeout); + if(ret==0) { + LM_DBG("identity check: ok\n"); + return 1; + } + } } LM_DBG("identity check: failed\n"); @@ -282,22 +275,10 @@ static int w_secsipid_check_identity(sip_msg_t *msg, char *pkeypath, char *str2) */ static int ki_secsipid_check_identity_pubkey(sip_msg_t *msg, str *keyval) { - int ret = 1; + int ret = -1; str ibody = STR_NULL; hdr_field_t *hf; - for (hf=msg->headers; hf; hf=hf->next) { - if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN - && strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY, - SECSIPID_HDR_IDENTITY_LEN)==0) - break; - } - - if(hf == NULL) { - LM_DBG("no identity header\n"); - return -1; - } - if(secsipid_libopt_list_used==0) { str_list_t *sit; for(sit=secsipid_libopt_list; sit!=NULL; sit=sit->next) { @@ -306,14 +287,18 @@ static int ki_secsipid_check_identity_pubkey(sip_msg_t *msg, str *keyval) secsipid_libopt_list_used = 1; } - ibody = hf->body; - - ret = _secsipid_papi.SecSIPIDCheckFullPubKey(ibody.s, ibody.len, - secsipid_expire, keyval->s, keyval->len); - - if(ret==0) { - LM_DBG("identity check: ok\n"); - return 1; + for (hf=msg->headers; hf; hf=hf->next) { + if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN + && strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY, + SECSIPID_HDR_IDENTITY_LEN)==0) { + ibody = hf->body; + ret = _secsipid_papi.SecSIPIDCheckFullPubKey(ibody.s, ibody.len, + secsipid_expire, keyval->s, keyval->len); + if(ret==0) { + LM_DBG("identity check: ok\n"); + return 1; + } + } } LM_DBG("identity check: failed\n");