Wed Jul 8 10:39:37 CDT 2009 Pekka Pessi <first.last@nokia.com>

* auth_client.c: auc_credentials() now accepts realm with quotes or semicolons Ignore-this: 945190725010fa3e5ebc833d38f7c578 Initial patch by Jerry Richards. git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@14188 d0543943-73ff-0310-b7d9-9358b9ac24b2
2009-07-10 00:49:35 +00:00 · 2009-07-10 00:49:35 +00:00 · 823e2eb338
parent bb0cb5eba9
commit 823e2eb338
3 changed files with 67 additions and 5 deletions
--- a/libs/sofia-sip/.update
+++ b/libs/sofia-sip/.update
@ -1 +1 @@
-Thu Jul  9 19:47:01 CDT 2009
+Thu Jul  9 19:47:51 CDT 2009
--- a/libs/sofia-sip/libsofia-sip-ua/iptsec/auth_client.c
+++ b/libs/sofia-sip/libsofia-sip-ua/iptsec/auth_client.c
@ -46,6 +46,7 @@
 #include <sofia-sip/auth_digest.h>

 #include <sofia-sip/base64.h>
+#include <sofia-sip/bnf.h>
 #include <sofia-sip/su_uniqueid.h>
 #include <sofia-sip/su_string.h>

@ -311,11 +312,24 @@ int auc_credentials(auth_client_t **auc_list, su_home_t *home,
  s0 = s = su_strdup(NULL, data);

  /* Parse authentication data */
-  /* Data is string like "Basic:\"agni\":user1:secret" */
+  /* Data is string like "Basic:\"agni\":user1:secret"
+     or "Basic:\"[fe80::204:23ff:fea7:d60a]\":user1:secret" (IPv6)
+     or "Basic:\"Use \\\"interesting\\\" username and password here:\":user1:secret"
+  */
  if (s && (s = strchr(scheme = s, ':')))
    *s++ = 0;
-  if (s && (s = strchr(realm = s, ':')))
-    *s++ = 0;
+  if (s) {
+    if (*s == '"') {
+      realm = s;
+      s += span_quoted(s);
+      if (*s == ':')
+	*s++ = 0;
+      else
+	realm = NULL, s = NULL;
+    }
+    else
+      s = NULL;
+  }
  if (s && (s = strchr(user = s, ':')))
    *s++ = 0;
  if (s && (s = strchr(pass = s, ':')))
--- a/libs/sofia-sip/libsofia-sip-ua/iptsec/test_auth_digest.c
+++ b/libs/sofia-sip/libsofia-sip-ua/iptsec/test_auth_digest.c
@ -1168,6 +1168,54 @@ int test_digest_client(void)
  END();
 }

+int
+test_auth_client(void)
+{
+  BEGIN();
+
+  {
+    char challenge[] =
+      PROTOCOL " 401 Unauthorized\r\n"
+      "Call-ID:0e3dc2b2-dcc6-1226-26ac-258b5ce429ab\r\n"
+      "CSeq:32439043 REGISTER\r\n"
+      "From:surf3.ims3.so.noklab.net <sip:surf3@ims3.so.noklab.net>;tag=I8hFdg0H3OK\r\n"
+      "To:<sip:surf3@ims3.so.noklab.net>\r\n"
+      "Via:SIP/2.0/UDP 10.21.36.70:23800;branch=z9hG4bKJjKGu9vIHqf;received=10.21.36.70;rport\r\n"
+      "WWW-Authenticate:DIGEST algorithm=MD5,nonce=\"h7wIpP+atU+/+Zau5UwLMA==\",realm=\"[::1]\"\r\n"
+      "Proxy-Authenticate:DIGEST algorithm=MD5,nonce=\"h7wIpP+atU+/+Zau5UwLMA==\",realm=\"\\\"realm\\\"\"\r\n"
+      "Content-Length:0\r\n"
+      "Security-Server:digest\r\n"
+      "r\n";
+
+    su_home_t *home;
+    msg_t *msg;
+    sip_t *sip;
+    auth_client_t *aucs = NULL;
+
+    TEST_1(home = su_home_new(sizeof(*home)));
+
+    TEST_1(msg = read_message(MSG_DO_EXTRACT_COPY, challenge));
+    TEST_1(sip = sip_object(msg));
+
+    TEST_1(aucs == NULL);
+    TEST(auc_challenge(&aucs, home, sip->sip_www_authenticate,
+		       sip_authorization_class), 1);
+    TEST_1(aucs != NULL);
+
+    TEST(auc_credentials(&aucs, home, "Digest:\"[::1]\":user:pass"), 1);
+
+    TEST(auc_challenge(&aucs, home, sip->sip_proxy_authenticate,
+		       sip_proxy_authorization_class), 1);
+
+    TEST(auc_credentials(&aucs, home, "Digest:\"\\\"realm\\\"\":user:pass"), 1);
+
+    msg_destroy(msg);
+    su_home_unref(home);
+  }
+
+  END();
+}
+
 #if HAVE_FLOCK
 #include <sys/file.h>
 #endif
@ -1353,7 +1401,7 @@ int main(int argc, char *argv[])

  retval |= test_digest();
  retval |= test_digest_client();
-
+  retval |= test_auth_client();
  retval |= test_module_io();

  su_deinit();