[Devel] Re: uac_auth - set credentials with avpops
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Fri Jan 20 13:23:35 CET 2006
Hi Thomas,
there are two possible ways fo passing dynamic values for credentials
into uac_auth():
1) is what you suggested, the simplest but not so efficient version:
internally the parameter have to be build from the three variables and
later the functions needs to parse to identify each of them.
2) set as module parameters three AVP IDs - usr_auth() will use the
configured AVPs as sources for additional user, domain and passwd. This
will be much faster in my opinion,
regards,
bogdan
Thomas Gelf wrote:
> Sorry for posting my last message twice - here some additional
> thoughts:
>
> I must confess that I never wrote anything with C - but nonetheless
> I tried to understand what's going on in the uac module and got some
> idea of how things work.
>
> What do you think about extending uac_auth() to allow it to accept
> one (optional) parameter - like uac_auth("user:pass:realm")? Parsing
> avpops has already been added to uac_replace_from() and I believe that
> it would be a trivial job (for someone experienced with C and knowing
> OpenSER's internals) to do so also for uac_auth().
>
> Adding such an (optional - of course) parameter would be 100% backward-
> compatible and allow you to rewrite credentials however you would like
> to do so.
>
> If there is no good reason why this shouldn't be done this way I would
> be really happy if someone could give me a hint on how to create such
> a patch. I promise you that I'll do extensive testing :-)
>
> Below I tried to "code" what I would uac_auth() like to do for me. As
> told before I have absolutely no C knowledge so the way how I passed
> variables to functions or compared values (like cdr == 0) could be a
> great nonsense - please forgive me.
>
> Be patient with me, don't take my coding too serious - just think about
> what I'm trying to do and maybe give me some little help ;-)
>
> Cheers & thanks a lot for your help,
> Thomas Gelf
>
> uac.c
> =====
>
> static cmd_export_t cmds[]={
> ..
> - {"uac_auth", w_uac_auth, 0, 0,
> - FAILURE_ROUTE },
> + {"uac_auth", w_uac_auth, 1, fixup_uac_auth1,
> + FAILURE_ROUTE },
> ..
>
> /***************** fixup functions ******************************/
>
> + static int fixup_uac_auth1(void** param, int param_no)
> + {
> + xl_elem_t *model;
> +
> + model=NULL;
> + if(xl_parse_format((char*)(*param),&model,XL_DISABLE_COLORS)<0)
> + {
> + LOG(L_ERR, "ERROR:uac:fixup_uac_auth1: wrong format[%s]!\n",
> + (char*)(*param));
> + return E_UNSPEC;
> + }
> + if (model==NULL)
> + {
> + LOG(L_ERR, "ERROR:uac:fixup_replace_from1: empty parameter!\n");
> + return E_UNSPEC;
> + }
> + *param = (void*)model;
> +
> + return 0;
> + }
>
> /**************** wrapper functions ******************************/
>
> static int w_uac_auth(struct sip_msg* msg, char* str, char* str2)
> {
> - return (uac_auth(msg)==0)?1:-1;
> + return (uac_auth(msg, &str)==0)?1:-1;
> }
>
>
> auth.c
> ======
>
> - int uac_auth( struct sip_msg *msg)
> + int uac_auth( struct sip_msg *msg, struct uac_credential *crd)
> {
> static struct authenticate_body auth;
> - struct uac_credential *crd;
>
> ...
> /* can we authenticate this realm? */
> - crd = lookup_realm( &auth.realm );
> + if (crd == 0)
> + {
> + crd = lookup_realm( &auth.realm );
> + }
>
>
> _______________________________________________
> Devel mailing list
> Devel at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/devel
>
More information about the Devel
mailing list