[sr-dev] git:master:5937adf0: auth_ephemeral: use dedicated enum type for auth return codes

Daniel-Constantin Mierla miconda at gmail.com
Tue Jul 18 23:25:28 CEST 2017


Module: kamailio
Branch: master
Commit: 5937adf01f7c3e2382a1f2dc149a677fe6cd26f1
URL: https://github.com/kamailio/kamailio/commit/5937adf01f7c3e2382a1f2dc149a677fe6cd26f1

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2017-07-18T23:24:07+02:00

auth_ephemeral: use dedicated enum type for auth return codes

- reorder safety checks not to access msg structure if null

---

Modified: src/modules/auth_ephemeral/authorize.c

---

Diff:  https://github.com/kamailio/kamailio/commit/5937adf01f7c3e2382a1f2dc149a677fe6cd26f1.diff
Patch: https://github.com/kamailio/kamailio/commit/5937adf01f7c3e2382a1f2dc149a677fe6cd26f1.patch

---

diff --git a/src/modules/auth_ephemeral/authorize.c b/src/modules/auth_ephemeral/authorize.c
index a5b3f48e92..a8815a3b43 100644
--- a/src/modules/auth_ephemeral/authorize.c
+++ b/src/modules/auth_ephemeral/authorize.c
@@ -129,7 +129,7 @@ static inline int get_ha1(struct username *_username, str *_domain,
 static inline int do_auth(struct sip_msg *_m, struct hdr_field *_h, str *_realm,
 			str *_method, str *_secret)
 {
-	int ret;
+	auth_result_t ret;
 	char ha1[512];
 	auth_body_t *cred = (auth_body_t*) _h->parsed;
 
@@ -146,21 +146,15 @@ static inline int do_auth(struct sip_msg *_m, struct hdr_field *_h, str *_realm,
 	ret = eph_auth_api.check_response(&cred->digest, _method, ha1);
 	if (ret == AUTHENTICATED)
 	{
-		if (eph_auth_api.post_auth(_m, _h, ha1) != AUTHENTICATED)
-		{
+		if (eph_auth_api.post_auth(_m, _h, ha1) != AUTHENTICATED) {
 			return AUTH_ERROR;
 		}
-	}
-	else if (ret == NOT_AUTHENTICATED)
-	{
+		return AUTH_OK;
+	} else if (ret == NOT_AUTHENTICATED) {
 		return AUTH_INVALID_PASSWORD;
+	} else {
+		return AUTH_ERROR;
 	}
-	else
-	{
-		ret = AUTH_ERROR;
-	}
-
-	return AUTH_OK;
 }
 
 int autheph_verify_timestamp(str *_username)
@@ -219,15 +213,16 @@ static inline int digest_authenticate(struct sip_msg *_m, str *_realm,
 				hdr_types_t _hftype, str *_method)
 {
 	struct hdr_field* h;
-	int ret;
+	auth_cfg_result_t ret;
+	auth_result_t rauth;
 	struct secret *secret_struct;
 	str username;
 
 	LM_DBG("realm: %.*s\n", _realm->len, _realm->s);
 	LM_DBG("method: %.*s\n", _method->len, _method->s);
 
-	ret = eph_auth_api.pre_auth(_m, _realm, _hftype, &h, NULL);
-	switch(ret)
+	rauth = eph_auth_api.pre_auth(_m, _realm, _hftype, &h, NULL);
+	switch(rauth)
 	{
 	case NONCE_REUSED:
 		LM_DBG("nonce reused\n");
@@ -294,17 +289,17 @@ int autheph_check(struct sip_msg *_m, char *_realm)
 		return AUTH_ERROR;
 	}
 
-	if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
-	{
-		return AUTH_OK;
-	}
-
 	if(_m == NULL || _realm == NULL)
 	{
 		LM_ERR("invalid parameters\n");
 		return AUTH_ERROR;
 	}
 
+	if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
+	{
+		return AUTH_OK;
+	}
+
 	if (get_str_fparam(&srealm, _m, (fparam_t*)_realm) < 0)
 	{
 		LM_ERR("failed to get realm value\n");
@@ -340,17 +335,17 @@ int autheph_www(struct sip_msg *_m, char *_realm)
 		return AUTH_ERROR;
 	}
 
-	if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
-	{
-		return AUTH_OK;
-	}
-
 	if(_m == NULL || _realm == NULL)
 	{
 		LM_ERR("invalid parameters\n");
 		return AUTH_ERROR;
 	}
 
+	if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
+	{
+		return AUTH_OK;
+	}
+
 	if (get_str_fparam(&srealm, _m, (fparam_t*)_realm) < 0)
 	{
 		LM_ERR("failed to get realm value\n");
@@ -428,17 +423,17 @@ int autheph_proxy(struct sip_msg *_m, char *_realm)
 		return AUTH_ERROR;
 	}
 
-	if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
-	{
-		return AUTH_OK;
-	}
-
 	if(_m == NULL || _realm == NULL)
 	{
 		LM_ERR("invalid parameters\n");
 		return AUTH_ERROR;
 	}
 
+	if (_m->REQ_METHOD == METHOD_ACK || _m->REQ_METHOD == METHOD_CANCEL)
+	{
+		return AUTH_OK;
+	}
+
 	if (get_str_fparam(&srealm, _m, (fparam_t*)_realm) < 0)
 	{
 		LM_ERR("failed to get realm value\n");




More information about the sr-dev mailing list