[sr-dev] git:master:84fb4a20: secsipid: added secsipid_check_identity_pubkey(pubkeyVal)

Tue Nov 17 10:17:25 CET 2020

Module: kamailio
Branch: master
Commit: 84fb4a20a81e065d5bb1bc96b10697bf066ddf33
URL: https://github.com/kamailio/kamailio/commit/84fb4a20a81e065d5bb1bc96b10697bf066ddf33

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2020-11-17T10:11:29+01:00

secsipid: added secsipid_check_identity_pubkey(pubkeyVal)

- functions that checks the identity header validity with a public key
provided in the parameter

---

Modified: src/modules/secsipid/secsipid_mod.c

---

Diff:  https://github.com/kamailio/kamailio/commit/84fb4a20a81e065d5bb1bc96b10697bf066ddf33.diff
Patch: https://github.com/kamailio/kamailio/commit/84fb4a20a81e065d5bb1bc96b10697bf066ddf33.patch

---

diff --git a/src/modules/secsipid/secsipid_mod.c b/src/modules/secsipid/secsipid_mod.c
index bd757b173d..b6f4bd53aa 100644
--- a/src/modules/secsipid/secsipid_mod.c
+++ b/src/modules/secsipid/secsipid_mod.c
@@ -46,6 +46,7 @@ static int child_init(int);
 static void mod_destroy(void);
 
 static int w_secsipid_check_identity(sip_msg_t *msg, char *pkeypath, char *str2);
+static int w_secsipid_check_identity_pubkey(sip_msg_t *msg, char *pkeyval, char *str2);
 static int w_secsipid_add_identity(sip_msg_t *msg, char *porigtn, char *pdesttn,
 			char *pattest, char *porigid, char *px5u, char *pkeypath);
 
@@ -54,6 +55,8 @@ static int w_secsipid_add_identity(sip_msg_t *msg, char *porigtn, char *pdesttn,
 static cmd_export_t cmds[]={
 	{"secsipid_check_identity", (cmd_function)w_secsipid_check_identity, 1,
 		fixup_spve_null, fixup_free_spve_null, ANY_ROUTE},
+	{"secsipid_check_identity_pubkey", (cmd_function)w_secsipid_check_identity_pubkey, 1,
+		fixup_spve_null, fixup_free_spve_null, ANY_ROUTE},
 	{"secsipid_add_identity", (cmd_function)w_secsipid_add_identity, 6,
 		fixup_spve_all, fixup_free_spve_all, ANY_ROUTE},
 	{0, 0, 0, 0, 0, 0}
@@ -162,6 +165,57 @@ static int w_secsipid_check_identity(sip_msg_t *msg, char *pkeypath, char *str2)
 	return ki_secsipid_check_identity(msg, &keypath);
 }
 
+/**
+ *
+ */
+static int ki_secsipid_check_identity_pubkey(sip_msg_t *msg, str *keyval)
+{
+	int ret = 1;
+	str ibody = STR_NULL;
+	hdr_field_t *hf;
+
+	for (hf=msg->headers; hf; hf=hf->next) {
+		if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN
+				&& strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY,
+					SECSIPID_HDR_IDENTITY_LEN)==0)
+			break;
+	}
+
+	if(hf == NULL) {
+		LM_DBG("no identity header\n");
+		return -1;
+	}
+
+	ibody = hf->body;
+
+	ret = SecSIPIDCheckFullPubKey(ibody.s, ibody.len, secsipid_expire, keyval->s,
+			keyval->len);
+
+	if(ret==0) {
+		LM_DBG("identity check: ok\n");
+		return 1;
+	}
+
+	LM_DBG("identity check: failed\n");
+	return -1;
+}
+
+/**
+ *
+ */
+static int w_secsipid_check_identity_pubkey(sip_msg_t *msg, char *pkeyval, char *str2)
+{
+	str keyval = STR_NULL;
+
+	if(fixup_get_svalue(msg, (gparam_t*)pkeyval, &keyval)<0) {
+		LM_ERR("failed to get keyval parameter\n");
+		return -1;
+	}
+
+	return ki_secsipid_check_identity_pubkey(msg, &keyval);
+}
+
+
 /**
  *
  */
@@ -277,6 +331,11 @@ static sr_kemi_t sr_kemi_secsipid_exports[] = {
 		{ SR_KEMIP_STR, SR_KEMIP_STR, SR_KEMIP_STR,
 			SR_KEMIP_STR, SR_KEMIP_STR, SR_KEMIP_STR }
 	},
+	{ str_init("secsipid"), str_init("secsipid_check_identity_pubkey"),
+		SR_KEMIP_INT, ki_secsipid_check_identity_pubkey,
+		{ SR_KEMIP_STR, SR_KEMIP_NONE, SR_KEMIP_NONE,
+			SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE }
+	},
 
 	{ {0, 0}, {0, 0}, 0, NULL, { 0, 0, 0, 0, 0, 0 } }
 };


