📄 jauth.c
字号:
case 2: /* AKA v2 */ resp_hex[RESHEXLEN+IKLEN*2+CKLEN*2-1] = 0; for(i=0;i<IKLEN;i++){ resp_hex[RESLEN*2+2*i]=hexa[(ik[i]&0xF0)>>4]; resp_hex[RESLEN*2+2*i+1]=hexa[ik[i]&0x0F]; } for(i=0;i<CKLEN;i++){ resp_hex[RESLEN*2+IKLEN*2+2*i]=hexa[(ck[i]&0xF0)>>4]; resp_hex[RESLEN*2+IKLEN*2+2*i+1]=hexa[ck[i]&0x0F]; } break; }}int__eXosip_create_authorization_header (osip_www_authenticate_t *wa, const char *rquri, const char *username, const char *passwd, const char *ha1, osip_authorization_t ** auth, const char *method, const char *pCNonce, int iNonceCount){ osip_authorization_t *aut; char *qop=NULL; char *Alg="MD5"; int version = 0; /* make some test */ if (passwd == NULL) return -1; if (wa == NULL || wa->auth_type == NULL || (wa->realm == NULL) || (wa->nonce == NULL)) { OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "www_authenticate header is not acceptable.\n")); return -1; } if (0 != osip_strcasecmp ("Digest", wa->auth_type)) { OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "Authentication method not supported. (Digest only).\n")); return -1; } /* "MD5" is invalid, but some servers use it. */ if (wa->algorithm != NULL) { if (0 == osip_strcasecmp ("MD5", wa->algorithm) || 0 == osip_strcasecmp ("\"MD5\"", wa->algorithm)) { } else if (0 == osip_strcasecmp ("AKAv1-MD5", wa->algorithm) || 0 == osip_strcasecmp ("\"AKAv1-MD5\"", wa->algorithm)) { Alg = "AKAv1-MD5"; } else if (0 == osip_strcasecmp ("AKAv2-MD5", wa->algorithm) || 0 == osip_strcasecmp ("\"AKAv2-MD5\"", wa->algorithm)) { Alg = "AKAv2-MD5"; } else { OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "Authentication method not supported. (MD5, AKAv1-MD5, AKAv2-MD5)\n")); return -1; } } if (0 != osip_authorization_init (&aut)) { OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "allocation with authorization_init failed.\n")); return -1; } /* just copy some feilds from response to new request */ osip_authorization_set_auth_type (aut, osip_strdup ("Digest")); osip_authorization_set_realm (aut, osip_strdup (osip_www_authenticate_get_realm (wa))); osip_authorization_set_nonce (aut, osip_strdup (osip_www_authenticate_get_nonce (wa))); if (osip_www_authenticate_get_opaque (wa) != NULL) osip_authorization_set_opaque (aut, osip_strdup (osip_www_authenticate_get_opaque (wa))); /* copy the username field in new request */ aut->username = osip_malloc (strlen (username) + 3); sprintf (aut->username, "\"%s\"", username); { char *tmp = osip_malloc (strlen (rquri) + 3); sprintf (tmp, "\"%s\"", rquri); osip_authorization_set_uri (aut, tmp); } osip_authorization_set_algorithm (aut, osip_strdup (Alg)); qop = osip_www_authenticate_get_qop_options (wa); if (qop==NULL || qop[0]=='\0' || strlen(qop)<4) qop=NULL; { char *pszNonce = osip_strdup_without_quote (osip_www_authenticate_get_nonce (wa)); char *pszCNonce = NULL; const char *pszUser = username; char *pszRealm = osip_strdup_without_quote (osip_authorization_get_realm (aut)); const char *pszPass = NULL; char *pszAlg = osip_strdup (Alg); char *szNonceCount = NULL; const char *pszMethod = method; /* previous_answer->cseq->method; */ char *pszQop = NULL; const char *pszURI = rquri; HASHHEX HA1; HASHHEX HA2 = ""; HASHHEX Response; RESHEXAKA2 Response2; const char *pha1 = NULL; if (qop!=NULL) { /* only accept qop="auth" */ pszQop = osip_strdup("auth"); szNonceCount = osip_malloc(10); snprintf(szNonceCount, 9, "%.8i", iNonceCount); pszCNonce = osip_strdup (pCNonce); osip_authorization_set_message_qop (aut, osip_strdup ("auth")); osip_authorization_set_nonce_count (aut, osip_strdup (szNonceCount)); { char *tmp = osip_malloc (strlen (pszCNonce) + 3); sprintf (tmp, "\"%s\"", pszCNonce); osip_authorization_set_cnonce (aut, tmp); } } pszPass = passwd; /* Depending on which algorithm the response will be calculated, MD5 or AKAv1-MD5 */ if(0 == strcmp(Alg,"MD5")) { if (ha1 && ha1[0]) { /* Depending on algorithm=md5 */ pha1 = ha1; } else { DigestCalcHA1 ("MD5", pszUser, pszRealm, pszPass, pszNonce, pszCNonce, HA1); pha1 = HA1; } version = 0; DigestCalcResponse ((char *) pha1, pszNonce, szNonceCount, pszCNonce, pszQop, version, pszMethod, pszURI, HA2, Response); } else { if(0==strcmp(Alg,"AKAv1-MD5")) version = 1; else version = 2; DigestCalcResponseAka(pszPass, pszNonce,pszCNonce, pszQop,pszMethod,pszURI,version,Response2); if (ha1 && ha1[0]) { /* Depending on algorithm=md5 */ pha1 = ha1; } else { DigestCalcHA1 ("MD5", pszUser, pszRealm, Response2, pszNonce, pszCNonce, HA1); pha1 = HA1; } DigestCalcResponse ((char *) pha1, pszNonce, szNonceCount, pszCNonce, pszQop, version, pszMethod, pszURI, HA2, Response); } OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_INFO4, NULL, "Response in authorization |%s|\n", Response)); { char *resp = osip_malloc (35); sprintf (resp, "\"%s\"", Response); osip_authorization_set_response (aut, resp); } osip_free (pszAlg); /* xkd, 2004-5-13 */ osip_free (pszNonce); osip_free (pszCNonce); osip_free (pszRealm); osip_free (pszQop); osip_free (szNonceCount); } *auth = aut; return 0;}int__eXosip_create_proxy_authorization_header (osip_proxy_authenticate_t *wa, const char *rquri, const char *username, const char *passwd, const char *ha1, osip_proxy_authorization_t ** auth, const char *method, const char *pCNonce, int iNonceCount){ osip_proxy_authorization_t *aut; char *qop=NULL; char *Alg="MD5"; int version = 0; /* make some test */ if (passwd == NULL) return -1; if (wa == NULL || wa->auth_type == NULL || (wa->realm == NULL) || (wa->nonce == NULL)) { OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "www_authenticate header is not acceptable.\n")); return -1; } if (0 != osip_strcasecmp ("Digest", wa->auth_type)) { OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "Authentication method not supported. (Digest only).\n")); return -1; } /* "MD5" is invalid, but some servers use it. */ if (wa->algorithm != NULL) { if (0 == osip_strcasecmp ("MD5", wa->algorithm) || 0 == osip_strcasecmp ("\"MD5\"", wa->algorithm)) { } else if (0 == osip_strcasecmp ("AKAv1-MD5", wa->algorithm) || 0 == osip_strcasecmp ("\"AKAv1-MD5\"", wa->algorithm)) { Alg = "AKAv1-MD5"; } else if (0 == osip_strcasecmp ("AKAv2-MD5", wa->algorithm) || 0 == osip_strcasecmp ("\"AKAv2-MD5\"", wa->algorithm)) { Alg = "AKAv2-MD5"; } else { OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "Authentication method not supported. (MD5, AKAv1-MD5, AKAv2-MD5)\n")); return -1; } } if (0 != osip_proxy_authorization_init (&aut)) { OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "allocation with authorization_init failed.\n")); return -1; } /* just copy some feilds from response to new request */ osip_proxy_authorization_set_auth_type (aut, osip_strdup ("Digest")); osip_proxy_authorization_set_realm (aut, osip_strdup (osip_proxy_authenticate_get_realm (wa))); osip_proxy_authorization_set_nonce (aut, osip_strdup (osip_proxy_authenticate_get_nonce (wa))); if (osip_proxy_authenticate_get_opaque (wa) != NULL) osip_proxy_authorization_set_opaque (aut, osip_strdup (osip_proxy_authenticate_get_opaque (wa))); /* copy the username field in new request */ aut->username = osip_malloc (strlen (username) + 3); sprintf (aut->username, "\"%s\"", username); { char *tmp = osip_malloc (strlen (rquri) + 3); sprintf (tmp, "\"%s\"", rquri); osip_proxy_authorization_set_uri (aut, tmp); } osip_proxy_authorization_set_algorithm (aut, osip_strdup (Alg)); qop = osip_www_authenticate_get_qop_options (wa); if (qop==NULL || qop[0]=='\0' || strlen(qop)<4) qop=NULL; { char *pszNonce = NULL; char *pszCNonce = NULL; const char *pszUser = username; char *pszRealm = osip_strdup_without_quote (osip_proxy_authorization_get_realm (aut)); const char *pszPass = NULL; char *pszAlg = osip_strdup (Alg); char *szNonceCount = NULL; char *pszMethod = (char *) method; /* previous_answer->cseq->method; */ char *pszQop = NULL; const char *pszURI = rquri; HASHHEX HA1; HASHHEX HA2 = ""; HASHHEX Response; RESHEXAKA2 Response2; const char *pha1 = NULL; pszPass = passwd; if (osip_www_authenticate_get_nonce (wa) == NULL) return -1; pszNonce = osip_strdup_without_quote (osip_www_authenticate_get_nonce (wa)); if (qop!=NULL) { /* only accept qop="auth" */ pszQop = osip_strdup("auth"); szNonceCount = osip_malloc(10); snprintf(szNonceCount, 9, "%.8i", iNonceCount); pszCNonce = osip_strdup (pCNonce); osip_proxy_authorization_set_message_qop (aut, osip_strdup ("auth")); osip_proxy_authorization_set_nonce_count (aut, osip_strdup (szNonceCount)); { char *tmp = osip_malloc (strlen (pszCNonce) + 3); sprintf (tmp, "\"%s\"", pszCNonce); osip_proxy_authorization_set_cnonce (aut, tmp); } } if(0 == strcmp(Alg,"MD5")) { if (ha1 && ha1[0]) { /* Depending on algorithm=md5 */ pha1 = ha1; } else { DigestCalcHA1 ("MD5", pszUser, pszRealm, pszPass, pszNonce, pszCNonce, HA1); pha1 = HA1; } version = 0; DigestCalcResponse ((char *) pha1, pszNonce, szNonceCount, pszCNonce, pszQop, version, pszMethod, pszURI, HA2, Response); } else { if(0==strcmp(Alg,"AKAv1-MD5")) version = 1; else version = 2; DigestCalcResponseAka(pszPass, pszNonce,pszCNonce,pszQop,pszMethod,pszURI,version,Response2); if (ha1 && ha1[0]) { /* Depending on algorithm=md5 */ pha1 = ha1; } else { DigestCalcHA1 ("MD5", pszUser, pszRealm, Response2, pszNonce, pszCNonce, HA1); pha1 = HA1; } DigestCalcResponse ((char *) pha1, pszNonce, szNonceCount, pszCNonce, pszQop, version, pszMethod, pszURI, HA2, Response); } OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_INFO4, NULL, "Response in proxy_authorization |%s|\n", Response)); { char *resp = osip_malloc (35); sprintf (resp, "\"%s\"", Response); osip_proxy_authorization_set_response (aut, resp); } osip_free (pszAlg); /* xkd, 2004-5-13 */ osip_free (pszNonce); osip_free (pszCNonce); osip_free (pszRealm); osip_free (pszQop); osip_free (szNonceCount); } *auth = aut; return 0;}int _eXosip_store_nonce(const char *call_id, osip_proxy_authenticate_t *wa, int answer_code){ struct eXosip_http_auth *http_auth; int pos; /* update entries with same call_id */ for (pos=0;pos<MAX_EXOSIP_HTTP_AUTH;pos++) { http_auth = &eXosip.http_auths[pos]; if (http_auth->pszCallId[0]=='\0') continue; if (osip_strcasecmp(http_auth->pszCallId, call_id)==0 && osip_strcasecmp(http_auth->wa->realm, wa->realm)==0) { osip_proxy_authenticate_free(http_auth->wa); http_auth->wa=NULL; osip_proxy_authenticate_clone(wa, &(http_auth->wa)); http_auth->iNonceCount = 1; if (http_auth->wa==NULL) memset(http_auth, 0, sizeof(struct eXosip_http_auth)); return 0; } } /* not found */ for (pos=0;pos<MAX_EXOSIP_HTTP_AUTH;pos++) { http_auth = &eXosip.http_auths[pos]; if (http_auth->pszCallId[0]=='\0') { snprintf(http_auth->pszCallId, sizeof(http_auth->pszCallId), call_id); snprintf(http_auth->pszCNonce, sizeof(http_auth->pszCNonce), "0a4f113b"); http_auth->iNonceCount = 1; osip_proxy_authenticate_clone(wa, &(http_auth->wa)); http_auth->answer_code = answer_code; if (http_auth->wa==NULL) memset(http_auth, 0, sizeof(struct eXosip_http_auth)); return 0; } } OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "Compile with higher MAX_EXOSIP_HTTP_AUTH value (current=%i)\n", MAX_EXOSIP_HTTP_AUTH)); return -1;}int _eXosip_delete_nonce(const char *call_id){ struct eXosip_http_auth *http_auth; int pos; /* update entries with same call_id */ for (pos=0;pos<MAX_EXOSIP_HTTP_AUTH;pos++) { http_auth = &eXosip.http_auths[pos]; if (http_auth->pszCallId[0]=='\0') continue; if (osip_strcasecmp(http_auth->pszCallId, call_id)==0) { osip_proxy_authenticate_free(http_auth->wa); memset(http_auth, 0, sizeof(struct eXosip_http_auth)); return 0; } } return -1;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -