[sr-dev] git:master:95c18631: - added AUTH_USERNAME_EXPIRED auth api return code and used it in auth
Juha Heinanen
jh at tutpro.com
Thu Mar 28 17:14:49 CET 2019
Module: kamailio
Branch: master
Commit: 95c18631032c5510d4dc1e6b7aa815256ff3e688
URL: https://github.com/kamailio/kamailio/commit/95c18631032c5510d4dc1e6b7aa815256ff3e688
Author: Juha Heinanen <jh at tutpro.com>
Committer: Juha Heinanen <jh at tutpro.com>
Date: 2019-03-27T11:10:16+02:00
- added AUTH_USERNAME_EXPIRED auth api return code and used it in auth
ephemeral authentication, when username is expired
---
Modified: src/modules/auth/api.h
Modified: src/modules/auth_ephemeral/authorize.c
---
Diff: https://github.com/kamailio/kamailio/commit/95c18631032c5510d4dc1e6b7aa815256ff3e688.diff
Patch: https://github.com/kamailio/kamailio/commit/95c18631032c5510d4dc1e6b7aa815256ff3e688.patch
---
diff --git a/src/modules/auth/api.h b/src/modules/auth/api.h
index 9730b409ed..33d131840a 100644
--- a/src/modules/auth/api.h
+++ b/src/modules/auth/api.h
@@ -39,6 +39,7 @@
*/
typedef enum auth_cfg_result {
AUTH_USER_MISMATCH = -8, /*!< Auth user != From/To user */
+ AUTH_USERNAME_EXPIRED = -7, /*!< Ephemeral auth username expired */
AUTH_NONCE_REUSED = -6, /*!< Returned if nonce is used more than once */
AUTH_NO_CREDENTIALS = -5, /*!< Credentials missing */
AUTH_STALE_NONCE = -4, /*!< Stale nonce */
diff --git a/src/modules/auth_ephemeral/authorize.c b/src/modules/auth_ephemeral/authorize.c
index 745f12d7ab..216332b321 100644
--- a/src/modules/auth_ephemeral/authorize.c
+++ b/src/modules/auth_ephemeral/authorize.c
@@ -203,7 +203,7 @@ int autheph_verify_timestamp(str *_username)
if (cur_time > expires)
{
LM_WARN("username has expired\n");
- return -1;
+ return AUTH_USERNAME_EXPIRED;
}
return 0;
@@ -255,10 +255,16 @@ static inline int digest_authenticate(struct sip_msg *_m, str *_realm,
username = ((auth_body_t *) h->parsed)->digest.username.whole;
LM_DBG("username: %.*s\n", username.len, username.s);
- if (autheph_verify_timestamp(&username) < 0)
+ int res = autheph_verify_timestamp(&username);
+ if (res < 0)
{
- LM_ERR("invalid timestamp in username\n");
- return AUTH_ERROR;
+ if (res == -1)
+ {
+ LM_ERR("invalid timestamp in username\n");
+ return AUTH_ERROR;
+ } else {
+ return AUTH_USERNAME_EXPIRED;
+ }
}
SECRET_LOCK;
@@ -489,10 +495,16 @@ int ki_autheph_authenticate(sip_msg_t *_m, str *susername, str *spassword)
return AUTH_ERROR;
}
- if (autheph_verify_timestamp(susername) < 0)
+ int res = autheph_verify_timestamp(susername);
+ if (res < 0)
{
- LM_ERR("invalid timestamp in username\n");
- return AUTH_ERROR;
+ if (res == -1)
+ {
+ LM_ERR("invalid timestamp in username\n");
+ return AUTH_ERROR;
+ } else {
+ return AUTH_USERNAME_EXPIRED;
+ }
}
LM_DBG("username: %.*s\n", susername->len, susername->s);
More information about the sr-dev
mailing list