git:master: modules/auth_ephemeral: new module for ephemeral credential based authentication
26 May
2013
26 May
'13
7:25 p.m.
Module: sip-router
Branch: master
Commit: 0bea7f63afa0fd544ad93465db94ddef4ed67a00
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0bea7f6…
Author: Peter Dunkley <peter.dunkley(a)crocodile-rcs.com>
Committer: Peter Dunkley <peter.dunkley(a)crocodile-rcs.com>
Date: Mon May 27 00:25:03 2013 +0100
modules/auth_ephemeral: new module for ephemeral credential based authentication
---
modules/auth_ephemeral/Makefile | 41 +++
modules/auth_ephemeral/README | 250 ++++++++++++++
modules/auth_ephemeral/autheph_mod.c | 168 ++++++++++
modules/auth_ephemeral/autheph_mod.h | 31 ++
modules/auth_ephemeral/authorize.c | 346 ++++++++++++++++++++
modules/auth_ephemeral/authorize.h | 42 +++
modules/auth_ephemeral/doc/Makefile | 4 +
modules/auth_ephemeral/doc/auth_ephemeral.xml | 30 ++
.../auth_ephemeral/doc/auth_ephemeral_admin.xml | 306 +++++++++++++++++
9 files changed, 1218 insertions(+), 0 deletions(-)
Diff:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=0be…
28 May
28 May
6:38 a.m.
Hi Peter!
I just wonder how you do the authorization (e.g. verify that an
authenticated user is allowed to use a certain identity in the From
header)? Do you strip the timestamp from the username and use the
base-username and compare it to the From user?
regards
Klaus
On 27.05.2013 01:25, Peter Dunkley wrote:
Module: sip-router
Branch: master
Commit: 0bea7f63afa0fd544ad93465db94ddef4ed67a00
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0bea7f6…
Author: Peter Dunkley <peter.dunkley(a)crocodile-rcs.com>
Committer: Peter Dunkley <peter.dunkley(a)crocodile-rcs.com>
Date: Mon May 27 00:25:03 2013 +0100
modules/auth_ephemeral: new module for ephemeral credential based authentication
---
modules/auth_ephemeral/Makefile | 41 +++
modules/auth_ephemeral/README | 250 ++++++++++++++
modules/auth_ephemeral/autheph_mod.c | 168 ++++++++++
modules/auth_ephemeral/autheph_mod.h | 31 ++
modules/auth_ephemeral/authorize.c | 346 ++++++++++++++++++++
modules/auth_ephemeral/authorize.h | 42 +++
modules/auth_ephemeral/doc/Makefile | 4 +
modules/auth_ephemeral/doc/auth_ephemeral.xml | 30 ++
.../auth_ephemeral/doc/auth_ephemeral_admin.xml | 306 +++++++++++++++++
9 files changed, 1218 insertions(+), 0 deletions(-)
Diff:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=0be…
_______________________________________________
sr-dev mailing list
sr-dev(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
6:47 a.m.
You don't necessarily do this at all.
This is purely about digest authentication. However, even without the
ability to verify that the From: header is correct in SIP, this module
is useful for authenticating anonymous (click-to-call) style web-apps
and MSRP relay authentication.
Whether you can do caller identification validation or not depends
entirely on your network architecture and implementation and this module
does nothing at all to help with this.
Peter
On 28/05/13 11:38, Klaus Darilion wrote:
Hi Peter!
I just wonder how you do the authorization (e.g. verify that an
authenticated user is allowed to use a certain identity in the From
header)? Do you strip the timestamp from the username and use the
base-username and compare it to the From user?
regards
Klaus
On 27.05.2013 01:25, Peter Dunkley wrote:
> Module: sip-router
> Branch: master
> Commit: 0bea7f63afa0fd544ad93465db94ddef4ed67a00
> URL:
>
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0bea7f6…
>
> Author: Peter Dunkley <peter.dunkley(a)crocodile-rcs.com>
> Committer: Peter Dunkley <peter.dunkley(a)crocodile-rcs.com>
> Date: Mon May 27 00:25:03 2013 +0100
>
> modules/auth_ephemeral: new module for ephemeral credential based
> authentication
>
> ---
>
> modules/auth_ephemeral/Makefile | 41 +++
> modules/auth_ephemeral/README | 250
> ++++++++++++++
> modules/auth_ephemeral/autheph_mod.c | 168 ++++++++++
> modules/auth_ephemeral/autheph_mod.h | 31 ++
> modules/auth_ephemeral/authorize.c | 346
> ++++++++++++++++++++
> modules/auth_ephemeral/authorize.h | 42 +++
> modules/auth_ephemeral/doc/Makefile | 4 +
> modules/auth_ephemeral/doc/auth_ephemeral.xml | 30 ++
> .../auth_ephemeral/doc/auth_ephemeral_admin.xml | 306
> +++++++++++++++++
> 9 files changed, 1218 insertions(+), 0 deletions(-)
>
> Diff:
>
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=0be…
>
> _______________________________________________
> sr-dev mailing list
> sr-dev(a)lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>
4238
days inactive
4240
days old
2 comments
2 participants
participants (2)
-
Klaus Darilion -
Peter Dunkley