[sr-dev] git:master: modules_k/auth_radius: added optional uri_user param to radius_www_authorize()

Juha Heinanen jh at tutpro.com
Tue Aug 9 07:48:39 CEST 2011 

Module: sip-router
Branch: master
Commit: 414af8a49bae2a41069b003aa9da83823c729bd0
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=414af8a49bae2a41069b003aa9da83823c729bd0

Author: Juha Heinanen <jh at tutpro.com>
Committer: Juha Heinanen <jh at tutpro.com>
Date:   Tue Aug  9 08:36:39 2011 +0300

modules_k/auth_radius: added optional uri_user param to radius_www_authorize()
- Useful for http authorization.

---

 modules_k/auth_radius/README                    |   13 +++++++++----
 modules_k/auth_radius/authorize.c               |   14 ++++++++++++--
 modules_k/auth_radius/authorize.h               |   15 ++++++++++-----
 modules_k/auth_radius/authrad_mod.c             |    4 +++-
 modules_k/auth_radius/doc/auth_radius_admin.xml |   13 ++++++++++++-
 5 files changed, 46 insertions(+), 13 deletions(-)

diff --git a/modules_k/auth_radius/README b/modules_k/auth_radius/README
index 3222d50..e40fa57 100644
--- a/modules_k/auth_radius/README
+++ b/modules_k/auth_radius/README
@@ -49,7 +49,7 @@ Jan Janak
 
         5. Exported Functions
 
-              5.1. radius_www_authorize(realm)
+              5.1. radius_www_authorize(realm [, uri_user])
               5.2. radius_proxy_authorize(realm [, uri_user])
 
    List of Examples
@@ -82,7 +82,7 @@ Chapter 1. Admin Guide
 
    5. Exported Functions
 
-        5.1. radius_www_authorize(realm)
+        5.1. radius_www_authorize(realm [, uri_user])
         5.2. radius_proxy_authorize(realm [, uri_user])
 
 1. Overview
@@ -206,10 +206,10 @@ modparam("auth_radius", "use_ruri_flag", 22)
 
 5. Exported Functions
 
-   5.1. radius_www_authorize(realm)
+   5.1. radius_www_authorize(realm [, uri_user])
    5.2. radius_proxy_authorize(realm [, uri_user])
 
-5.1. radius_www_authorize(realm)
+5.1. radius_www_authorize(realm [, uri_user])
 
    The function verifies credentials according to RFC2617. If the
    credentials are verified successfully then the function will succeed
@@ -240,6 +240,11 @@ modparam("auth_radius", "use_ruri_flag", 22)
        to the user so he can decide what username and password to use. In
        case of REGISTER requests it is usually hostpart of To URI.
        The string may contain pseudo variables.
+     * uri_user - Uri_user is an optional pseudo variable parameter whose
+       value, if present, will be given to Radius server as value of
+       SIP-URI-User check item. If uri_user pseudo variable parameter is
+       not present, the server will generate SIP-URI-User check item value
+       from user part of To/From URI.
 
    This function can be used from REQUEST_ROUTE.
 
diff --git a/modules_k/auth_radius/authorize.c b/modules_k/auth_radius/authorize.c
index c84deec..9dfc9b3 100644
--- a/modules_k/auth_radius/authorize.c
+++ b/modules_k/auth_radius/authorize.c
@@ -236,10 +236,20 @@ int radius_proxy_authorize_2(struct sip_msg* _msg, char* _realm,
 
 
 /*
- * Authorize using WWW-Authorize header field
+ * Authorize using WWW-Authorize header field (no URI user parameter given)
  */
-int radius_www_authorize(struct sip_msg* _msg, char* _realm, char* _s2)
+int radius_www_authorize_1(struct sip_msg* _msg, char* _realm, char* _s2)
 {
 	return authorize(_msg, (pv_elem_t*)_realm, (pv_spec_t *)0,
 			 HDR_AUTHORIZATION_T);
 }
+
+
+/*
+ * Authorize using WWW-Authorize header field (URI user parameter given)
+ */
+int radius_www_authorize_2(struct sip_msg* _msg, char* _realm, char* _uri_user)
+{
+	return authorize(_msg, (pv_elem_t*)_realm, (pv_spec_t *)_uri_user,
+			 HDR_AUTHORIZATION_T);
+}
diff --git a/modules_k/auth_radius/authorize.h b/modules_k/auth_radius/authorize.h
index 33cfb5f..014ed9d 100644
--- a/modules_k/auth_radius/authorize.h
+++ b/modules_k/auth_radius/authorize.h
@@ -33,21 +33,26 @@
 
 
 /*
- * Authorize using Proxy-Authorize header field (no from parameter given)
+ * Authorize using Proxy-Authorize header field (no URI user parameter given)
  */
 int radius_proxy_authorize_1(struct sip_msg* _msg, char* _realm, char* _s2);
 
 
 /*
- * Authorize using Proxy-Authorize header field (from parameter given)
+ * Authorize using Proxy-Authorize header field (URI user parameter given)
  */
-int radius_proxy_authorize_2(struct sip_msg* _msg, char* _realm, char* _from);
+int radius_proxy_authorize_2(struct sip_msg* _msg, char* _realm, char* _uri_user);
 
 
 /*
- * Authorize using WWW-Authorization header field
+ * Authorize using WWW-Authorization header field (no URI user parameter given)
  */
-int radius_www_authorize(struct sip_msg* _msg, char* _realm, char* _s2);
+int radius_www_authorize_1(struct sip_msg* _msg, char* _realm, char* _s2);
+
+/*
+ * Authorize using WWW-Authorization header field (URI user parameter given)
+ */
+int radius_www_authorize_2(struct sip_msg* _msg, char* _realm, char* _uri_user);
 
 
 #endif /* AUTHORIZE_H */
diff --git a/modules_k/auth_radius/authrad_mod.c b/modules_k/auth_radius/authrad_mod.c
index 59e27c5..f0ef531 100644
--- a/modules_k/auth_radius/authrad_mod.c
+++ b/modules_k/auth_radius/authrad_mod.c
@@ -73,7 +73,9 @@ struct extra_attr *auth_extra = 0;
  * Exported functions
  */
 static cmd_export_t cmds[] = {
-	{"radius_www_authorize", (cmd_function)radius_www_authorize,   1, auth_fixup,
+	{"radius_www_authorize", (cmd_function)radius_www_authorize_1,   1, auth_fixup,
+			0, REQUEST_ROUTE},
+	{"radius_www_authorize", (cmd_function)radius_www_authorize_2,   2, auth_fixup,
 			0, REQUEST_ROUTE},
 	{"radius_proxy_authorize", (cmd_function)radius_proxy_authorize_1, 1, auth_fixup,
 			0, REQUEST_ROUTE},
diff --git a/modules_k/auth_radius/doc/auth_radius_admin.xml b/modules_k/auth_radius/doc/auth_radius_admin.xml
index eb99ca8..699d454 100644
--- a/modules_k/auth_radius/doc/auth_radius_admin.xml
+++ b/modules_k/auth_radius/doc/auth_radius_admin.xml
@@ -193,7 +193,7 @@ modparam("auth_radius", "use_ruri_flag", 22)
 	<section>
 	<title>Exported Functions</title>
 	<section>
-		<title><function moreinfo="none">radius_www_authorize(realm)</function></title>
+		<title><function moreinfo="none">radius_www_authorize(realm [, uri_user])</function></title>
 		<para>
 		The function verifies credentials according to 
 		<ulink url="http://www.ietf.org/rfc/rfc2617.txt">RFC2617</ulink>. If 
@@ -253,6 +253,17 @@ modparam("auth_radius", "use_ruri_flag", 22)
 			The string may contain pseudo variables.
 			</para>
 		</listitem>
+		<listitem>
+			<para><emphasis>uri_user</emphasis> - Uri_user is an
+			optional pseudo variable parameter whose value, if
+			present, will be given to Radius server as value of
+			SIP-URI-User check item.
+			If uri_user pseudo variable parameter is not
+			present, the server will generate 
+                        SIP-URI-User check item value from user part of
+			To/From URI.
+			</para>
+		</listitem>
 		</itemizedlist>
 		<para>
 		This function can be used from REQUEST_ROUTE.

More information about the sr-dev mailing list