kenmirrors/freeswitch
1
0
Fork 0
mirror of https://github.com/signalwire/freeswitch.git synced 2025-02-07 22:03:50 +00:00
Code Issues Projects Releases Wiki Activity

Two ways for forcing SIP username to be the same as the auth username - i.e. locking a user to an extension (MODENDP-68)

Browse Source 
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@7188 d0543943-73ff-0310-b7d9-9358b9ac24b2
This commit is contained in:
Michael Jerris 2008-01-12 19:15:05 +00:00
parent 26d213213b
commit daea564f9b
3 changed files with 32 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/mod/endpoints/mod_sofia/mod_sofia.h
View File

@ -123,7 +123,8 @@ typedef enum {
PFLAG_GREEDY = (1 << 10), PFLAG_GREEDY = (1 << 10),
PFLAG_MULTIREG = (1 << 11), PFLAG_MULTIREG = (1 << 11),
PFLAG_SUPRESS_CNG = (1 << 12), PFLAG_SUPRESS_CNG = (1 << 12),
PFLAG_TLS = (1 << 13) PFLAG_TLS = (1 << 13),
PFLAG_CHECKUSER = (1 << 14)
} PFLAGS; } PFLAGS;
typedef enum { typedef enum {
@ -454,8 +455,8 @@ void sofia_presence_mwi_event_handler(switch_event_t *event);
void sofia_presence_cancel(void); void sofia_presence_cancel(void);
switch_status_t config_sofia(int reload, char *profile_name); switch_status_t config_sofia(int reload, char *profile_name);
void sofia_reg_auth_challange(nua_t *nua, sofia_profile_t *profile, nua_handle_t *nh, sofia_regtype_t regtype, const char *realm, int stale); void sofia_reg_auth_challange(nua_t *nua, sofia_profile_t *profile, nua_handle_t *nh, sofia_regtype_t regtype, const char *realm, int stale);
auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile, sip_authorization_t const *authorization, auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile, sip_authorization_t const *authorization, const char *regstr, char *np, size_t nplen,
const char *regstr, char *np, size_t nplen, char *ip, switch_event_t **v_event, long exptime); char *ip, switch_event_t **v_event, long exptime, sofia_regtype_t regtype, const char *to_user);
void sofia_reg_handle_sip_r_challenge(int status, void sofia_reg_handle_sip_r_challenge(int status,
char const *phrase, char const *phrase,
nua_t *nua, sofia_profile_t *profile, nua_t *nua, sofia_profile_t *profile,

6
src/mod/endpoints/mod_sofia/sofia.c
View File

@ -194,7 +194,7 @@ void sofia_event_callback(nua_event_t event,
char network_ip[80]; char network_ip[80];
get_addr(network_ip, sizeof(network_ip), &((struct sockaddr_in *) msg_addrinfo(nua_current_request(nua))->ai_addr)->sin_addr); get_addr(network_ip, sizeof(network_ip), &((struct sockaddr_in *) msg_addrinfo(nua_current_request(nua))->ai_addr)->sin_addr);
auth_res = sofia_reg_parse_auth(profile, authorization, auth_res = sofia_reg_parse_auth(profile, authorization,
(char *) sip->sip_request->rq_method_name, tech_pvt->key, strlen(tech_pvt->key), network_ip, NULL, 0); (char *) sip->sip_request->rq_method_name, tech_pvt->key, strlen(tech_pvt->key), network_ip, NULL, 0, REG_INVITE, NULL);
} }
if (auth_res != AUTH_OK) { if (auth_res != AUTH_OK) {
@ -1057,6 +1057,10 @@ switch_status_t config_sofia(int reload, char *profile_name)
if (switch_true(val)) { if (switch_true(val)) {
profile->pflags |= PFLAG_FULL_ID; profile->pflags |= PFLAG_FULL_ID;
} }
} else if (!strcasecmp(var, "inbound-reg-force-matching-username")) {
if (switch_true(val)) {
profile->pflags |= PFLAG_CHECKUSER;
}
} else if (!strcasecmp(var, "bitpacking")) { } else if (!strcasecmp(var, "bitpacking")) {
if (!strcasecmp(val, "aal2")) { if (!strcasecmp(val, "aal2")) {
profile->codec_flags = SWITCH_CODEC_FLAG_AAL2; profile->codec_flags = SWITCH_CODEC_FLAG_AAL2;

26
src/mod/endpoints/mod_sofia/sofia_reg.c
View File

@ -28,6 +28,7 @@
* Paul D. Tinsley <pdt at jackhammer.org> * Paul D. Tinsley <pdt at jackhammer.org>
* Bret McDanel <trixter AT 0xdecafbad.com> * Bret McDanel <trixter AT 0xdecafbad.com>
* Marcel Barbulescu <marcelbarbulescu@gmail.com> * Marcel Barbulescu <marcelbarbulescu@gmail.com>
* David Knell <>
* *
* *
* sofia_ref.c -- SOFIA SIP Endpoint (registration code) * sofia_ref.c -- SOFIA SIP Endpoint (registration code)
@ -344,6 +345,7 @@ uint8_t sofia_reg_handle_register(nua_t * nua, sofia_profile_t *profile, nua_han
int network_port; int network_port;
int cd = 0; int cd = 0;
const char *call_id = NULL; const char *call_id = NULL;
char *force_user;
/* all callers must confirm that sip, sip->sip_request and sip->sip_contact are not NULL */ /* all callers must confirm that sip, sip->sip_request and sip->sip_contact are not NULL */
switch_assert(sip != NULL && sip->sip_contact != NULL && sip->sip_request != NULL); switch_assert(sip != NULL && sip->sip_contact != NULL && sip->sip_request != NULL);
@ -410,7 +412,7 @@ uint8_t sofia_reg_handle_register(nua_t * nua, sofia_profile_t *profile, nua_han
if (authorization) { if (authorization) {
char *v_contact_str; char *v_contact_str;
if ((auth_res = sofia_reg_parse_auth(profile, authorization, sip->sip_request->rq_method_name, key, keylen, network_ip, v_event, exptime)) if ((auth_res = sofia_reg_parse_auth(profile, authorization, sip->sip_request->rq_method_name, key, keylen, network_ip, v_event, exptime, regtype, to_user))
== AUTH_STALE) { == AUTH_STALE) {
stale = 1; stale = 1;
} }
@ -419,6 +421,14 @@ uint8_t sofia_reg_handle_register(nua_t * nua, sofia_profile_t *profile, nua_han
char *exp_var; char *exp_var;
register_gateway = switch_event_get_header(*v_event, "sip-register-gateway"); register_gateway = switch_event_get_header(*v_event, "sip-register-gateway");
/* Allow us to force the SIP user to be something specific - needed if
* we - for example - want to be able to ensure that the username a UA can
* be contacted at is the same one that they used for authentication.
*/
if ((force_user = switch_event_get_header(*v_event, "sip-force-user"))) {
to_user = force_user;
}
if ((v_contact_str = switch_event_get_header(*v_event, "sip-force-contact"))) { if ((v_contact_str = switch_event_get_header(*v_event, "sip-force-contact"))) {
if (!strcasecmp(v_contact_str, "nat-connectile-dysfunction") || !strcasecmp(v_contact_str, "NDLB-connectile-dysfunction")) { if (!strcasecmp(v_contact_str, "nat-connectile-dysfunction") || !strcasecmp(v_contact_str, "NDLB-connectile-dysfunction")) {
@ -742,8 +752,8 @@ void sofia_reg_handle_sip_r_challenge(int status,
} }
auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile, sip_authorization_t const *authorization, auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile, sip_authorization_t const *authorization, const char *regstr,
const char *regstr, char *np, size_t nplen, char *ip, switch_event_t **v_event, long exptime) char *np, size_t nplen, char *ip, switch_event_t **v_event, long exptime, sofia_regtype_t regtype, const char *to_user)
{ {
int indexnum; int indexnum;
const char *cur; const char *cur;
@ -815,6 +825,15 @@ auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile, sip_authorization_t co
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Invalid Authorization header!\n"); switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Invalid Authorization header!\n");
goto end; goto end;
} }
/* Optional check that auth name == SIP username */
if ((regtype == REG_REGISTER) && (profile->pflags & PFLAG_CHECKUSER)) {
if (switch_strlen_zero(username) || switch_strlen_zero(to_user) || strcasecmp(to_user, username)) {
/* Names don't match, so fail */
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "SIP username %s does not match auth username\n", switch_str_nil(to_user));
goto end;
}
}
if (switch_strlen_zero(np)) { if (switch_strlen_zero(np)) {
first = 1; first = 1;
@ -1093,3 +1112,4 @@ switch_status_t sofia_reg_add_gateway(char *key, sofia_gateway_t *gateway)