diff options
author | markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> | 2003-10-15 17:32:19 +0000 |
---|---|---|
committer | markster <markster@f38db490-d61c-443f-a65b-d21fe96a405b> | 2003-10-15 17:32:19 +0000 |
commit | a446b68cdba434083ad8e68c5a23b1a91a2afff9 (patch) | |
tree | dab5d6dde5bc20e1421972367ac06186b5437b4b | |
parent | 3b8c0a0f95b318ee814b40d9f9d62751a2ce9e56 (diff) |
Actually add md5secret option to CVS (bug #288)
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@1632 f38db490-d61c-443f-a65b-d21fe96a405b
-rwxr-xr-x | channels/chan_sip.c | 34 |
1 files changed, 27 insertions, 7 deletions
diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 488d3044d..efc584d34 100755 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -225,6 +225,7 @@ static struct sip_pvt { char peername[256]; char uri[256]; /* Original requested URI */ char peersecret[256]; + char peermd5secret[256]; char callerid[256]; /* Caller*ID */ int restrictcid; /* hide presentation from remote user */ char via[256]; @@ -272,6 +273,7 @@ struct sip_user { /* Users who can access various contexts */ char name[80]; char secret[80]; + char md5secret[80]; char context[80]; char callerid[80]; char methods[80]; @@ -296,6 +298,7 @@ struct sip_user { struct sip_peer { char name[80]; char secret[80]; + char md5secret[80]; char context[80]; /* JK02: peers need context too to allow parking etc */ char methods[80]; char username[80]; @@ -357,7 +360,8 @@ struct sip_registry { char username[80]; /* Who we are registering as */ char authuser[80]; /* Who we *authenticate* as */ char hostname[80]; - char secret[80]; /* Password or key name in []'s */ + char secret[80]; /* Password or key name in []'s */ + char md5secret[80]; char contact[80]; /* Contact extension */ char random[80]; int expire; /* Sched ID of expiration */ @@ -663,6 +667,7 @@ static int create_addr(struct sip_pvt *r, char *peer) } strncpy(r->peername, p->username, sizeof(r->peername)-1); strncpy(r->peersecret, p->secret, sizeof(r->peersecret)-1); + strncpy(r->peermd5secret, p->md5secret, sizeof(r->peermd5secret)-1); strncpy(r->username, p->username, sizeof(r->username)-1); strncpy(r->tohost, p->tohost, sizeof(r->tohost)-1); if (!strlen(r->tohost)) { @@ -2940,6 +2945,7 @@ static int transmit_register(struct sip_registry *r, char *cmd, char *auth, char r->call=p; p->registry=r; strncpy(p->peersecret, r->secret, sizeof(p->peersecret)-1); + strncpy(p->peermd5secret, r->md5secret, sizeof(p->peermd5secret)-1); if (strlen(r->authuser)) strncpy(p->peername, r->authuser, sizeof(p->peername)-1); else @@ -3349,11 +3355,11 @@ static void md5_hash(char *output, char *input) ptr += sprintf(ptr, "%2.2x", digest[x]); } -static int check_auth(struct sip_pvt *p, struct sip_request *req, char *randdata, int randlen, char *username, char *secret, char *method, char *uri, int reliable) +static int check_auth(struct sip_pvt *p, struct sip_request *req, char *randdata, int randlen, char *username, char *secret, char *md5secret, char *method, char *uri, int reliable) { int res = -1; /* Always OK if no secret */ - if (!strlen(secret)) + if (!strlen(secret) && !strlen(md5secret)) return 0; if (!strlen(randdata) || !strlen(get_header(req, "Proxy-Authorization"))) { snprintf(randdata, randlen, "%08x", rand()); @@ -3419,7 +3425,10 @@ static int check_auth(struct sip_pvt *p, struct sip_request *req, char *randdata snprintf(a2, sizeof(a2), "%s:%s", method, resp_uri); else snprintf(a2, sizeof(a2), "%s:%s", method, uri); - md5_hash(a1_hash, a1); + if (strlen(md5secret)) + snprintf(a1_hash, sizeof(a1_hash), "%s", md5secret); + else + md5_hash(a1_hash, a1); md5_hash(a2_hash, a2); snprintf(resp, sizeof(resp), "%s:%s:%s", a1_hash, randdata, a2_hash); md5_hash(resp_hash, resp); @@ -3490,7 +3499,7 @@ static int register_verify(struct sip_pvt *p, struct sockaddr_in *sin, struct si if (!strcasecmp(peer->name, name) && peer->dynamic) { p->nat = peer->nat; transmit_response(p, "100 Trying", req); - if (!(res = check_auth(p, req, p->randdata, sizeof(p->randdata), peer->name, peer->secret, "REGISTER", uri, 0))) { + if (!(res = check_auth(p, req, p->randdata, sizeof(p->randdata), peer->name, peer->secret, peer->md5secret, "REGISTER", uri, 0))) { sip_cancel_destroy(p); if (parse_contact(p, peer, req)) { ast_log(LOG_WARNING, "Failed to parse contact info\n"); @@ -3861,7 +3870,7 @@ static int check_user(struct sip_pvt *p, struct sip_request *req, char *cmd, cha ast_log(LOG_DEBUG, "Setting NAT on VRTP to %d\n", p->nat); ast_rtp_setnat(p->vrtp, p->nat); } - if (!(res = check_auth(p, req, p->randdata, sizeof(p->randdata), user->name, user->secret, cmd, uri, reliable))) { + if (!(res = check_auth(p, req, p->randdata, sizeof(p->randdata), user->name, user->secret, user->md5secret, cmd, uri, reliable))) { sip_cancel_destroy(p); if (strlen(user->context)) strncpy(p->context, user->context, sizeof(p->context) - 1); @@ -3869,6 +3878,7 @@ static int check_user(struct sip_pvt *p, struct sip_request *req, char *cmd, cha strncpy(p->callerid, user->callerid, sizeof(p->callerid) - 1); strncpy(p->username, user->name, sizeof(p->username) - 1); strncpy(p->peersecret, user->secret, sizeof(p->peersecret) - 1); + strncpy(p->peermd5secret, user->md5secret, sizeof(p->peermd5secret) - 1); strncpy(p->accountcode, user->accountcode, sizeof(p->accountcode) -1); p->canreinvite = user->canreinvite; p->amaflags = user->amaflags; @@ -3912,6 +3922,7 @@ static int check_user(struct sip_pvt *p, struct sip_request *req, char *cmd, cha if (strlen(peer->context)) strncpy(p->context, peer->context, sizeof(p->context) - 1); strncpy(p->peersecret, peer->secret, sizeof(p->peersecret) - 1); + strncpy(p->peermd5secret, peer->md5secret, sizeof(p->peermd5secret) - 1); p->callgroup = peer->callgroup; p->pickupgroup = peer->pickupgroup; if (peer->dtmfmode) { @@ -4357,7 +4368,10 @@ static int build_reply_digest(struct sip_pvt *p, char* orig_header, char* digest snprintf(a1,sizeof(a1),"%s:%s:%s",p->peername,p->realm,p->peersecret); snprintf(a2,sizeof(a2),"%s:%s",orig_header,uri); - md5_hash(a1_hash,a1); + if (strlen(p->peermd5secret)) + strncpy(a1_hash, p->peermd5secret, sizeof(a1_hash) - 1); + else + md5_hash(a1_hash,a1); md5_hash(a2_hash,a2); snprintf(resp,sizeof(resp),"%s:%s:%s",a1_hash,p->nonce,a2_hash); md5_hash(resp_hash,resp); @@ -5604,6 +5618,8 @@ static struct sip_user *build_user(char *name, struct ast_variable *v) strncpy(user->methods, v->value, sizeof(user->methods)-1); } else if (!strcasecmp(v->name, "secret")) { strncpy(user->secret, v->value, sizeof(user->secret)-1); + } else if (!strcasecmp(v->name, "md5secret")) { + strncpy(user->md5secret, v->value, sizeof(user->secret)-1); } else if (!strcasecmp(v->name, "dtmfmode")) { if (!strcasecmp(v->value, "inband")) user->dtmfmode=SIP_DTMF_INBAND; @@ -5658,6 +5674,8 @@ static struct sip_user *build_user(char *name, struct ast_variable *v) if (!strlen(user->methods)) { if (strlen(user->secret)) strncpy(user->methods, "md5,plaintext", sizeof(user->methods) - 1); + else if (strlen(user->md5secret)) + strncpy(user->methods, "md5", sizeof(user->methods) - 1); } return user; } @@ -5710,6 +5728,8 @@ static struct sip_peer *build_peer(char *name, struct ast_variable *v) while(v) { if (!strcasecmp(v->name, "secret")) strncpy(peer->secret, v->value, sizeof(peer->secret)-1); + else if (!strcasecmp(v->name, "md5secret")) + strncpy(peer->md5secret, v->value, sizeof(peer->md5secret)-1); else if (!strcasecmp(v->name, "auth")) strncpy(peer->methods, v->value, sizeof(peer->methods)-1); else if (!strcasecmp(v->name, "canreinvite")) { |