[asterisk-scf-commits] asterisk-scf/release/sip.git branch "master" updated.
Commits to the Asterisk SCF project code repositories
asterisk-scf-commits at lists.digium.com
Thu Dec 1 10:26:25 CST 2011
branch "master" has been updated
via 8ec91edd2b48b4359a86eb83922c877394006dcc (commit)
via 3cd729fbb9dc4d0a75185a443f9f433552ddf47d (commit)
via a0abb129f930f8dfe4e3c625323dcd08a34923f5 (commit)
via e8f492df476df52ba8c37ad0be6647646c4f41b9 (commit)
via 6b8709327b6e2ba09b41863fa5e4de8b84666384 (commit)
via 6e2f71bbd46c8475a112b35dd37ba2527bfc7907 (commit)
via 582cd705da6d1c6837a797701844e4c55853f388 (commit)
via 67af305c398f1ad12b626b5f2da01aa336b4e451 (commit)
via 01875837a0d54f89089c83311c14c1f0b90f7b14 (commit)
via 1a9c552d54bbabefed475aa78937ccacc812ef1d (commit)
via 3c06c6776daf1595e29e7591a412cfd38c82febd (commit)
via 83551dc94f1d5a0a8967290c60c65e72b99d101f (commit)
via ff24318d201429b0f2dc4226dee7424baf5e0bce (commit)
from 585a2423a3a9ec40221c0310986e8d0064b28bbe (commit)
Summary of changes:
src/AuthManager.cpp | 213 +++++++++++++++++++++++-------
src/AuthManager.h | 86 +++++++-----
src/PJSipManager.cpp | 16 +--
src/PJSipManager.h | 16 ++-
src/PJSipModule.h | 2 +-
src/PJSipRegistrarModule.cpp | 42 ++++++-
src/PJSipRegistrarModule.h | 9 ++
src/PJSipRegistrarModuleConstruction.cpp | 6 +
src/PJSipSessionModule.cpp | 155 ++++++++++++++--------
src/PJSipSessionModule.h | 4 +-
src/SipClientRegistration.cpp | 92 +------------
src/SipClientRegistration.h | 48 +-------
src/SipEndpoint.cpp | 13 ++-
src/SipEndpoint.h | 4 +-
src/SipEndpointFactory.cpp | 19 +++-
src/SipEndpointFactory.h | 10 +-
src/SipSession.cpp | 1 +
src/SipStateReplicatorListener.cpp | 1 +
18 files changed, 429 insertions(+), 308 deletions(-)
- Log -----------------------------------------------------------------
commit 8ec91edd2b48b4359a86eb83922c877394006dcc
Merge: 3cd729f 585a242
Author: Mark Michelson <mmichelson at digium.com>
Date: Thu Dec 1 10:27:16 2011 -0600
Merge branch 'master' of git.asterisk.org:asterisk-scf/release/sip
commit 3cd729fbb9dc4d0a75185a443f9f433552ddf47d
Author: Mark Michelson <mmichelson at digium.com>
Date: Wed Nov 30 13:38:16 2011 -0600
Remove an unnecessary #include
diff --git a/src/SipEndpointFactory.h b/src/SipEndpointFactory.h
index e8102a9..115fd8e 100644
--- a/src/SipEndpointFactory.h
+++ b/src/SipEndpointFactory.h
@@ -23,7 +23,6 @@
#include <AsteriskSCF/Core/Endpoint/EndpointIf.h>
#include <AsteriskSCF/SessionCommunications/SessionCommunicationsExtensionPointsIf.h>
#include <AsteriskSCF/SIP/SIPRegistrarIf.h>
-#include <AsteriskSCF/logger.h>
#include "SipReplicationContext.h"
#include "PJSipManager.h"
commit a0abb129f930f8dfe4e3c625323dcd08a34923f5
Author: Mark Michelson <mmichelson at digium.com>
Date: Wed Nov 30 12:23:38 2011 -0600
s/moduleHookVector/ModuleHookVector/
diff --git a/src/AuthManager.cpp b/src/AuthManager.cpp
index d5e75f9..277eac3 100644
--- a/src/AuthManager.cpp
+++ b/src/AuthManager.cpp
@@ -48,7 +48,7 @@ public:
class ServerAuthInstancePriv
{
public:
- ServerAuthInstancePriv(pjsip_rx_data *rdata, const moduleHookVector &moduleHooks,
+ ServerAuthInstancePriv(pjsip_rx_data *rdata, const ModuleHookVector &moduleHooks,
RequestType type, pjsip_endpoint *endpoint, const Logger &logger)
: mEndpoint(endpoint),
mPool(pjsip_endpt_create_pool(mEndpoint, "auth%p", 500, 256)),
@@ -61,7 +61,7 @@ public:
return;
}
- for (moduleHookVector::const_iterator iter = moduleHooks.begin(); iter != moduleHooks.end(); ++iter)
+ for (ModuleHookVector::const_iterator iter = moduleHooks.begin(); iter != moduleHooks.end(); ++iter)
{
RequestTypeSeq types = (*iter)->mTypes;
AuthHookPrx hook = (*iter)->mHook;
@@ -134,7 +134,7 @@ public:
std::string callId;
};
-ServerAuthInstance::ServerAuthInstance(pjsip_rx_data *rdata, const moduleHookVector &hooks,
+ServerAuthInstance::ServerAuthInstance(pjsip_rx_data *rdata, const ModuleHookVector &hooks,
RequestType type, pjsip_endpoint *endpoint, const Logger &logger)
: mImpl(new ServerAuthInstancePriv(rdata, hooks, type, endpoint, logger)) { }
@@ -351,7 +351,7 @@ public:
std::vector<ServerAuthInstancePtr> mServerAuthInstances;
pjsip_endpoint *mEndpoint;
- moduleHookVector mRegisteredHooks;
+ ModuleHookVector mRegisteredHooks;
Logger mLogger;
int mCounter;
boost::mutex mHooksLock;
@@ -532,7 +532,7 @@ void AuthManager::addAuthHook(const AsteriskSCF::SIP::ExtensionPoint::V1::AuthHo
void AuthManager::removeAuthHook(const AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookPrx &hook)
{
boost::lock_guard<boost::mutex> lock(mImpl->mHooksLock);
- for (moduleHookVector::iterator iter = mImpl->mRegisteredHooks.begin();
+ for (ModuleHookVector::iterator iter = mImpl->mRegisteredHooks.begin();
iter != mImpl->mRegisteredHooks.end(); ++iter)
{
if ((*iter)->mHook == hook)
@@ -553,7 +553,7 @@ AuthHookSeq AuthManager::getHooks()
{
boost::lock_guard<boost::mutex> lock(mImpl->mHooksLock);
AuthHookSeq retSeq;
- for (moduleHookVector::iterator iter = mImpl->mRegisteredHooks.begin();
+ for (ModuleHookVector::iterator iter = mImpl->mRegisteredHooks.begin();
iter != mImpl->mRegisteredHooks.end(); ++ iter)
{
retSeq.push_back((*iter)->mHook);
diff --git a/src/AuthManager.h b/src/AuthManager.h
index d9bdb23..c5a0431 100644
--- a/src/AuthManager.h
+++ b/src/AuthManager.h
@@ -32,7 +32,7 @@ namespace SipSessionManager
class AuthHookWrapper;
-typedef std::vector<boost::shared_ptr<AuthHookWrapper> > moduleHookVector;
+typedef std::vector<boost::shared_ptr<AuthHookWrapper> > ModuleHookVector;
void sessionAuthTimeout(pj_timer_heap_t *timer_heap, pj_timer_entry *entry);
@@ -99,7 +99,7 @@ public:
private:
ServerAuthInstance(pjsip_rx_data *rdata,
- const moduleHookVector &hooks,
+ const ModuleHookVector &hooks,
AsteriskSCF::SIP::ExtensionPoint::V1::RequestType type,
pjsip_endpoint *endpoint,
const AsteriskSCF::System::Logging::Logger &logger);
commit e8f492df476df52ba8c37ad0be6647646c4f41b9
Author: Mark Michelson <mmichelson at digium.com>
Date: Mon Nov 21 15:01:30 2011 -0600
* Change some names to be more accurate
* Remove some inaccurate comments
* Add a checkAuth() method to AuthManager to decrease duplication
* Add more conditions before calling handleNonInviteAuthentication()
diff --git a/src/AuthManager.cpp b/src/AuthManager.cpp
index 34346b1..d5e75f9 100644
--- a/src/AuthManager.cpp
+++ b/src/AuthManager.cpp
@@ -349,7 +349,7 @@ public:
return realms;
}
- std::vector<boost::shared_ptr<ServerAuthInstance> > mServerAuthInstances;
+ std::vector<ServerAuthInstancePtr> mServerAuthInstances;
pjsip_endpoint *mEndpoint;
moduleHookVector mRegisteredHooks;
Logger mLogger;
@@ -365,28 +365,77 @@ AuthManager::~AuthManager()
{
}
-boost::shared_ptr<ServerAuthInstance> AuthManager::createServerAuthInstance(pjsip_rx_data *rdata, RequestType type)
+ServerAuthInstancePtr AuthManager::createServerAuthInstance(pjsip_rx_data *rdata, RequestType type)
{
- boost::shared_ptr<ServerAuthInstance> instance;
+ ServerAuthInstancePtr instance;
{
boost::lock_guard<boost::mutex> hookLock(mImpl->mHooksLock);
- instance.reset(new ServerAuthInstance(rdata, mImpl->mRegisteredHooks,
- type, mImpl->mEndpoint, mImpl->mLogger));
+ instance = new ServerAuthInstance(rdata, mImpl->mRegisteredHooks,
+ type, mImpl->mEndpoint, mImpl->mLogger);
}
boost::lock_guard<boost::mutex> instancesLock(mImpl->mServerAuthInstancesLock);
mImpl->mServerAuthInstances.push_back(instance);
return instance;
}
+ServerAuthInstancePtr AuthManager::checkAuth(pjsip_rx_data *rdata, RequestInfoPtr& info, RequestType type, DigestChallengeSeq& digests)
+{
+ //First, let's see if this message has some auth that we know about.
+ if (authenticateRequest(rdata) == true)
+ {
+ //Oh yeah! Authentication succeeded!
+ return 0;
+ }
+
+ ServerAuthInstancePtr authInstance(createServerAuthInstance(rdata, type));
+
+ AuthHookSeq hooks = authInstance->getHooks();
+ if (hooks.empty())
+ {
+ return 0;
+ }
+
+ authInstance->fillInRequestInfo(rdata, info);
+
+ //We have our RequestInfo created. Now start calling out to any registered hooks
+ //
+ //XXX While this seems like something that could be taken care of in either the
+ //ServerAuthInstance or AuthManager class, there are some specific issues with this.
+ //For instance, in this case, we create the outgoing message using the inv_session,
+ //whereas other PJSIP modules will either access the base dialog directly
+ //or have a different layer of indirection instead of the inv_session.
+ for (AuthHookSeq::iterator iter = hooks.begin(); iter != hooks.end(); ++iter)
+ {
+ HookResult result;
+ result = (*iter)->challengeRequest(info, digests);
+ if (result.status == Failed)
+ {
+ mImpl->mLogger(Error) << "SIP Authentication hook reported a failure: " << result.info;
+ }
+ else if (result.status == Succeeded)
+ {
+ if (digests.empty())
+ {
+ //Hook says not to challenge. This ServerAuthInstance
+ //is deader than dead.
+ destroyServerAuthInstance(authInstance);
+ return 0;
+ }
+ return authInstance;
+ }
+ }
+ return 0;
+}
+
bool AuthManager::authenticateRequest(pjsip_rx_data *rdata)
{
const std::string fromTag(pj_strbuf(&rdata->msg_info.from->tag),
pj_strlen(&rdata->msg_info.from->tag));
const std::string callId(pj_strbuf(&rdata->msg_info.cid->id),
pj_strlen(&rdata->msg_info.cid->id));
- boost::shared_ptr<ServerAuthInstance> instance;
+ ServerAuthInstancePtr instance;
boost::lock_guard<boost::mutex> lock(mImpl->mServerAuthInstancesLock);
- for (std::vector<boost::shared_ptr<ServerAuthInstance> >::iterator iter = mImpl->mServerAuthInstances.begin();
+ for (std::vector<ServerAuthInstancePtr >::iterator iter = mImpl->mServerAuthInstances.begin();
iter != mImpl->mServerAuthInstances.end(); ++iter)
{
if ((*iter)->isEqual(fromTag, callId))
@@ -405,13 +454,13 @@ bool AuthManager::authenticateRequest(pjsip_rx_data *rdata)
return false;
}
-void AuthManager::destroyServerAuthInstance(const boost::shared_ptr<ServerAuthInstance> &instance)
+void AuthManager::destroyServerAuthInstance(const ServerAuthInstancePtr &instance)
{
boost::lock_guard<boost::mutex> lock(mImpl->mServerAuthInstancesLock);
- for (std::vector<boost::shared_ptr<ServerAuthInstance> >::iterator iter = mImpl->mServerAuthInstances.begin();
- iter != mImpl->mServerAuthInstances.end(); ++ iter)
+ for (std::vector<ServerAuthInstancePtr>::iterator iter = mImpl->mServerAuthInstances.begin();
+ iter != mImpl->mServerAuthInstances.end(); ++iter)
{
- if (*iter == instance)
+ if ((*iter).get() == instance.get())
{
mImpl->mServerAuthInstances.erase(iter);
break;
@@ -422,7 +471,7 @@ void AuthManager::destroyServerAuthInstance(const boost::shared_ptr<ServerAuthIn
void AuthManager::destroyServerAuthInstance(const ServerAuthInstance* instance)
{
boost::lock_guard<boost::mutex> lock(mImpl->mServerAuthInstancesLock);
- for (std::vector<boost::shared_ptr<ServerAuthInstance> >::iterator iter = mImpl->mServerAuthInstances.begin();
+ for (std::vector<ServerAuthInstancePtr>::iterator iter = mImpl->mServerAuthInstances.begin();
iter != mImpl->mServerAuthInstances.end(); ++ iter)
{
if ((*iter).get() == instance)
@@ -461,7 +510,7 @@ void AuthManager::getAuthCredentials(pjsip_rx_data *rdata, std::vector<pjsip_cre
}
}
-void AuthManager::scheduleAuthTimeout(const boost::shared_ptr<ServerAuthInstance> &instance, pj_timer_heap_callback *cb)
+void AuthManager::scheduleAuthTimeout(const ServerAuthInstancePtr &instance, pj_timer_heap_callback *cb)
{
instance->scheduleAuthTimeout(mImpl->mCounter++, cb);
}
diff --git a/src/AuthManager.h b/src/AuthManager.h
index 7dea61b..d9bdb23 100644
--- a/src/AuthManager.h
+++ b/src/AuthManager.h
@@ -43,7 +43,7 @@ class ServerAuthInstancePriv;
* as the authentication server to authenticate a
* SIP requester.
*/
-class ServerAuthInstance
+class ServerAuthInstance : public IceUtil::Shared
{
public:
@@ -107,6 +107,8 @@ private:
boost::shared_ptr<ServerAuthInstancePriv> mImpl;
};
+typedef IceUtil::Handle<ServerAuthInstance> ServerAuthInstancePtr;
+
class AuthManagerPriv;
/**
@@ -136,7 +138,11 @@ public:
* so that the AuthManager will have a reference to the ServerAuthInstance
* for later.
*/
- boost::shared_ptr<ServerAuthInstance> createServerAuthInstance(pjsip_rx_data *rdata, AsteriskSCF::SIP::ExtensionPoint::V1::RequestType type);
+ ServerAuthInstancePtr createServerAuthInstance(pjsip_rx_data *rdata, AsteriskSCF::SIP::ExtensionPoint::V1::RequestType type);
+ ServerAuthInstancePtr checkAuth(pjsip_rx_data *rdata,
+ AsteriskSCF::SIP::ExtensionPoint::V1::RequestInfoPtr& info,
+ AsteriskSCF::SIP::ExtensionPoint::V1::RequestType type,
+ AsteriskSCF::SIP::ExtensionPoint::V1::DigestChallengeSeq& digests);
/**
* Call out to registered hooks to get credentials.
*
@@ -151,7 +157,7 @@ public:
* the requester does not attempt to authenticate or never succeeds
* in authenticating, the ServerAuthInstance will eventually be destroyed.
*/
- void scheduleAuthTimeout(const boost::shared_ptr<ServerAuthInstance> &instance, pj_timer_heap_callback *cb);
+ void scheduleAuthTimeout(const ServerAuthInstancePtr &instance, pj_timer_heap_callback *cb);
/**
* Destroy an ServerAuthInstance
*
@@ -159,7 +165,7 @@ public:
* but a failure condition occurs before a challenge can be sent to the
* requesting UA.
*/
- void destroyServerAuthInstance(const boost::shared_ptr<ServerAuthInstance> &instance);
+ void destroyServerAuthInstance(const ServerAuthInstancePtr &instance);
/**
* Destroy an ServerAuthInstance
*/
diff --git a/src/PJSipRegistrarModule.cpp b/src/PJSipRegistrarModule.cpp
index 101fbdf..f25624e 100644
--- a/src/PJSipRegistrarModule.cpp
+++ b/src/PJSipRegistrarModule.cpp
@@ -705,62 +705,25 @@ private:
bool PJSipRegistrarModule::checkAuth(pjsip_rx_data *rdata, pjsip_transaction *tsx, RequestType type)
{
- //First, let's see if this message has some auth that we know about.
- if (mAuthManager->authenticateRequest(rdata) == true)
- {
- //Oh yeah! Authentication succeeded!
- return false;
- }
+ DigestChallengeSeq digests;
+ RequestInfoPtr info(new RegisterRequestInfo);
+ ServerAuthInstancePtr authInstance =
+ mAuthManager->checkAuth(rdata, info, type, digests);
- boost::shared_ptr<ServerAuthInstance> authInstance(mAuthManager->createServerAuthInstance(rdata, type));
-
- std::vector<AuthHookPrx> hooks = authInstance->getHooks();
- if (hooks.empty())
+ if (!authInstance)
{
return false;
}
- RequestInfoPtr info(new RegisterRequestInfo);
- authInstance->fillInRequestInfo(rdata, info);
-
- //We have our RequestInfo created. Now start calling out to any registered hooks
- //
- //XXX While this seems like something that could be taken care of in either the
- //ServerAuthInstance or AuthManager class, there are some specific issues with this.
- //For instance, in this case, we create the outgoing message using the inv_session,
- //whereas other PJSIP modules will either access the base dialog directly
- //or have a different layer of indirection instead of the inv_session.
- for (std::vector<AuthHookPrx>::iterator iter = hooks.begin(); iter != hooks.end(); ++iter)
- {
- DigestChallengeSeq digests;
- HookResult result;
- result = (*iter)->challengeRequest(info, digests);
- if (result.status == Failed)
- {
- lg(Error) << "SIP Authentication hook reported a failure: " << result.info;
- }
- else if (result.status == Succeeded)
- {
- if (digests.empty())
- {
- //Hook says not to challenge. This ServerAuthInstance
- //is deader than dead.
- mAuthManager->destroyServerAuthInstance(authInstance);
- return false;
- }
-
- pjsip_tx_data *tdata;
- pjsip_endpt_create_response(tsx->endpt, rdata, 401, NULL, &tdata);
-
- authInstance->addDigests(tdata, digests);
-
- pjsip_tsx_send_msg(tsx, tdata);
-
- mAuthManager->scheduleAuthTimeout(authInstance, registrarAuthTimeout);
- return true;
- }
- }
- return false;
+ pjsip_tx_data *tdata;
+ pjsip_endpt_create_response(tsx->endpt, rdata, 401, NULL, &tdata);
+
+ authInstance->addDigests(tdata, digests);
+
+ pjsip_tsx_send_msg(tsx, tdata);
+
+ mAuthManager->scheduleAuthTimeout(authInstance, registrarAuthTimeout);
+ return true;
}
void PJSipRegistrarModule::authTimeout(pj_timer_heap_t *timer_heap, pj_timer_entry *entry)
diff --git a/src/PJSipSessionModule.cpp b/src/PJSipSessionModule.cpp
index 9e960d8..5d1d207 100644
--- a/src/PJSipSessionModule.cpp
+++ b/src/PJSipSessionModule.cpp
@@ -338,61 +338,24 @@ pj_status_t PJSipSessionModule::unload()
bool PJSipSessionModule::checkAuth(pjsip_rx_data *rdata, pjsip_inv_session *inv, RequestInfoPtr& info, RequestType type)
{
- //First, let's see if this message has some auth that we know about.
- if (mAuthManager->authenticateRequest(rdata) == true)
- {
- //Oh yeah! Authentication succeeded!
- return false;
- }
+ DigestChallengeSeq digests;
+ ServerAuthInstancePtr authInstance =
+ mAuthManager->checkAuth(rdata, info, type, digests);
- boost::shared_ptr<ServerAuthInstance> authInstance(mAuthManager->createServerAuthInstance(rdata, type));
-
- AuthHookSeq hooks = authInstance->getHooks();
- if (hooks.empty())
+ if (!authInstance)
{
return false;
}
- authInstance->fillInRequestInfo(rdata, info);
-
- //We have our RequestInfo created. Now start calling out to any registered hooks
- //
- //XXX While this seems like something that could be taken care of in either the
- //ServerAuthInstance or AuthManager class, there are some specific issues with this.
- //For instance, in this case, we create the outgoing message using the inv_session,
- //whereas other PJSIP modules will either access the base dialog directly
- //or have a different layer of indirection instead of the inv_session.
- for (AuthHookSeq::iterator iter = hooks.begin(); iter != hooks.end(); ++iter)
- {
- DigestChallengeSeq digests;
- HookResult result;
- result = (*iter)->challengeRequest(info, digests);
- if (result.status == Failed)
- {
- lg(Error) << "SIP Authentication hook reported a failure: " << result.info;
- }
- else if (result.status == Succeeded)
- {
- if (digests.empty())
- {
- //Hook says not to challenge. This ServerAuthInstance
- //is deader than dead.
- mAuthManager->destroyServerAuthInstance(authInstance);
- return false;
- }
-
- pjsip_tx_data *tdata;
- pjsip_inv_end_session(inv, 401, NULL, &tdata);
+ pjsip_tx_data *tdata;
+ pjsip_inv_end_session(inv, 401, NULL, &tdata);
- authInstance->addDigests(tdata, digests);
+ authInstance->addDigests(tdata, digests);
- pjsip_inv_send_msg(inv, tdata);
+ pjsip_inv_send_msg(inv, tdata);
- mAuthManager->scheduleAuthTimeout(authInstance, sessionAuthTimeout);
- return true;
- }
- }
- return false;
+ mAuthManager->scheduleAuthTimeout(authInstance, sessionAuthTimeout);
+ return true;
}
class SessionCreationOperation : public SipQueueableOperation
@@ -1489,7 +1452,10 @@ void PJSipSessionModule::handleNonInviteAuthentication(pjsip_inv_session* inv,
void PJSipSessionModule::invOnTsxStateChanged(pjsip_inv_session *inv, pjsip_transaction *tsx, pjsip_event *e)
{
- if (tsx->role == PJSIP_ROLE_UAC && tsx->state == PJSIP_TSX_STATE_COMPLETED)
+ if (e->type == PJSIP_EVENT_RX_MSG &&
+ tsx->role == PJSIP_ROLE_UAC &&
+ tsx->state == PJSIP_TSX_STATE_COMPLETED &&
+ tsx->method.id != PJSIP_INVITE_METHOD)
{
int respCode = e->body.tsx_state.src.rdata->msg_info.msg->line.status.code;
if (respCode == 401 || respCode == 407)
commit 6b8709327b6e2ba09b41863fa5e4de8b84666384
Author: Mark Michelson <mmichelson at digium.com>
Date: Thu Nov 17 13:54:32 2011 -0600
Some further cleanup to Auth code.
diff --git a/src/AuthManager.cpp b/src/AuthManager.cpp
index ec4dd50..34346b1 100644
--- a/src/AuthManager.cpp
+++ b/src/AuthManager.cpp
@@ -28,14 +28,14 @@ namespace AsteriskSCF
namespace SipSessionManager
{
-class AuthHookData
+class AuthHookWrapper
{
public:
- AuthHookData(int priority, const AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookPrx &hook,
+ AuthHookWrapper(int priority, const AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookPrx &hook,
const AsteriskSCF::SIP::ExtensionPoint::V1::RequestTypeSeq &types)
: mPriority(priority), mHook(hook), mTypes(types) { }
- bool operator< (const AuthHookData &rhs) const
+ bool operator< (const AuthHookWrapper &rhs) const
{
return mPriority < rhs.mPriority;
}
@@ -45,10 +45,10 @@ public:
AsteriskSCF::SIP::ExtensionPoint::V1::RequestTypeSeq mTypes;
};
-class AuthInstancePriv
+class ServerAuthInstancePriv
{
public:
- AuthInstancePriv(pjsip_rx_data *rdata, const moduleHookVector &moduleHooks,
+ ServerAuthInstancePriv(pjsip_rx_data *rdata, const moduleHookVector &moduleHooks,
RequestType type, pjsip_endpoint *endpoint, const Logger &logger)
: mEndpoint(endpoint),
mPool(pjsip_endpt_create_pool(mEndpoint, "auth%p", 500, 256)),
@@ -75,7 +75,7 @@ public:
}
}
- ~AuthInstancePriv()
+ ~ServerAuthInstancePriv()
{
pjsip_endpt_release_pool(mEndpoint, mPool);
}
@@ -134,16 +134,16 @@ public:
std::string callId;
};
-AuthInstance::AuthInstance(pjsip_rx_data *rdata, const moduleHookVector &hooks,
+ServerAuthInstance::ServerAuthInstance(pjsip_rx_data *rdata, const moduleHookVector &hooks,
RequestType type, pjsip_endpoint *endpoint, const Logger &logger)
- : mImpl(new AuthInstancePriv(rdata, hooks, type, endpoint, logger)) { }
+ : mImpl(new ServerAuthInstancePriv(rdata, hooks, type, endpoint, logger)) { }
-AuthHookSeq AuthInstance::getHooks()
+AuthHookSeq ServerAuthInstance::getHooks()
{
return mImpl->hooks;
}
-bool AuthInstance::authenticate(pjsip_rx_data *rdata)
+bool ServerAuthInstance::authenticate(pjsip_rx_data *rdata)
{
//For each server auth, we need to call pjsip_auth_srv_verify(), which will then
//annoyingly call into the lookup function we created for pjsip. That's where the
@@ -171,14 +171,14 @@ bool AuthInstance::authenticate(pjsip_rx_data *rdata)
static const int AuthTimeoutSeconds = 60;
-void AuthInstance::scheduleAuthTimeout(int id, pj_timer_heap_callback *cb)
+void ServerAuthInstance::scheduleAuthTimeout(int id, pj_timer_heap_callback *cb)
{
const pj_time_val time = {AuthTimeoutSeconds, 0};
pj_timer_entry_init(&mImpl->entry, id, this, cb);
pjsip_endpt_schedule_timer(mImpl->mEndpoint, &mImpl->entry, &time);
}
-void AuthInstance::addDigests(pjsip_tx_data *tdata, const DigestChallengeSeq &digests)
+void ServerAuthInstance::addDigests(pjsip_tx_data *tdata, const DigestChallengeSeq &digests)
{
static char qop[] = "auth";
pj_str_t pjqop = pj_str(qop);
@@ -230,7 +230,7 @@ void AuthInstance::addDigests(pjsip_tx_data *tdata, const DigestChallengeSeq &di
}
}
-void AuthInstance::fillInRequestInfo(pjsip_rx_data *rdata, RequestInfoPtr &info)
+void ServerAuthInstance::fillInRequestInfo(pjsip_rx_data *rdata, RequestInfoPtr &info)
{
char buf[512];
size_t pos;
@@ -303,12 +303,12 @@ void AuthInstance::fillInRequestInfo(pjsip_rx_data *rdata, RequestInfoPtr &info)
}
}
-bool AuthInstance::isEqual(const std::string &fromTag, const std::string &callId)
+bool ServerAuthInstance::isEqual(const std::string &fromTag, const std::string &callId)
{
return fromTag == mImpl->fromTag && callId == mImpl->callId;
}
-void AuthInstance::cancelAuthTimeout()
+void ServerAuthInstance::cancelAuthTimeout()
{
pjsip_endpt_cancel_timer(mImpl->mEndpoint, &mImpl->entry);
}
@@ -322,16 +322,40 @@ public:
~AuthManagerPriv()
{
- mAuthInstances.erase(mAuthInstances.begin(), mAuthInstances.end());
+ mServerAuthInstances.erase(mServerAuthInstances.begin(), mServerAuthInstances.end());
}
- std::vector<boost::shared_ptr<AuthInstance> > mAuthInstances;
+ Ice::StringSeq getRealms(pjsip_rx_data *rdata)
+ {
+ Ice::StringSeq realms;
+
+ pjsip_proxy_authenticate_hdr *authHeader = (pjsip_proxy_authenticate_hdr*) &rdata->msg_info.msg->hdr;
+
+ while ((authHeader = (pjsip_proxy_authenticate_hdr*) pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_WWW_AUTHENTICATE, authHeader->next)))
+ {
+ std::string realm(pj_strbuf(&authHeader->challenge.digest.realm), pj_strlen(&authHeader->challenge.digest.realm));
+ mLogger(Debug) << "Found the realm " << realm;
+ realms.push_back(realm);
+ }
+
+ authHeader = (pjsip_proxy_authenticate_hdr*) &rdata->msg_info.msg->hdr;
+
+ while ((authHeader = (pjsip_proxy_authenticate_hdr*) pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_PROXY_AUTHENTICATE, authHeader->next)))
+ {
+ std::string realm(pj_strbuf(&authHeader->challenge.digest.realm), pj_strlen(&authHeader->challenge.digest.realm));
+ realms.push_back(realm);
+ }
+
+ return realms;
+ }
+
+ std::vector<boost::shared_ptr<ServerAuthInstance> > mServerAuthInstances;
pjsip_endpoint *mEndpoint;
moduleHookVector mRegisteredHooks;
Logger mLogger;
int mCounter;
boost::mutex mHooksLock;
- boost::mutex mAuthInstancesLock;
+ boost::mutex mServerAuthInstancesLock;
};
AuthManager::AuthManager(pjsip_endpoint *endpt, const Logger &logger)
@@ -341,16 +365,16 @@ AuthManager::~AuthManager()
{
}
-boost::shared_ptr<AuthInstance> AuthManager::createAuthInstance(pjsip_rx_data *rdata, RequestType type)
+boost::shared_ptr<ServerAuthInstance> AuthManager::createServerAuthInstance(pjsip_rx_data *rdata, RequestType type)
{
- boost::shared_ptr<AuthInstance> instance;
+ boost::shared_ptr<ServerAuthInstance> instance;
{
boost::lock_guard<boost::mutex> hookLock(mImpl->mHooksLock);
- instance.reset(new AuthInstance(rdata, mImpl->mRegisteredHooks,
+ instance.reset(new ServerAuthInstance(rdata, mImpl->mRegisteredHooks,
type, mImpl->mEndpoint, mImpl->mLogger));
}
- boost::lock_guard<boost::mutex> instancesLock(mImpl->mAuthInstancesLock);
- mImpl->mAuthInstances.push_back(instance);
+ boost::lock_guard<boost::mutex> instancesLock(mImpl->mServerAuthInstancesLock);
+ mImpl->mServerAuthInstances.push_back(instance);
return instance;
}
@@ -360,19 +384,19 @@ bool AuthManager::authenticateRequest(pjsip_rx_data *rdata)
pj_strlen(&rdata->msg_info.from->tag));
const std::string callId(pj_strbuf(&rdata->msg_info.cid->id),
pj_strlen(&rdata->msg_info.cid->id));
- boost::shared_ptr<AuthInstance> instance;
- boost::lock_guard<boost::mutex> lock(mImpl->mAuthInstancesLock);
- for (std::vector<boost::shared_ptr<AuthInstance> >::iterator iter = mImpl->mAuthInstances.begin();
- iter != mImpl->mAuthInstances.end(); ++iter)
+ boost::shared_ptr<ServerAuthInstance> instance;
+ boost::lock_guard<boost::mutex> lock(mImpl->mServerAuthInstancesLock);
+ for (std::vector<boost::shared_ptr<ServerAuthInstance> >::iterator iter = mImpl->mServerAuthInstances.begin();
+ iter != mImpl->mServerAuthInstances.end(); ++iter)
{
if ((*iter)->isEqual(fromTag, callId))
{
if ((*iter)->authenticate(rdata))
{
- //If authentication has succeeded, then we can remove this AuthInstance
+ //If authentication has succeeded, then we can remove this ServerAuthInstance
//from our list, and we need to cancel the scheduled task
(*iter)->cancelAuthTimeout();
- mImpl->mAuthInstances.erase(iter);
+ mImpl->mServerAuthInstances.erase(iter);
return true;
}
break;
@@ -381,58 +405,34 @@ bool AuthManager::authenticateRequest(pjsip_rx_data *rdata)
return false;
}
-void AuthManager::destroyAuthInstance(const boost::shared_ptr<AuthInstance> &instance)
+void AuthManager::destroyServerAuthInstance(const boost::shared_ptr<ServerAuthInstance> &instance)
{
- boost::lock_guard<boost::mutex> lock(mImpl->mAuthInstancesLock);
- for (std::vector<boost::shared_ptr<AuthInstance> >::iterator iter = mImpl->mAuthInstances.begin();
- iter != mImpl->mAuthInstances.end(); ++ iter)
+ boost::lock_guard<boost::mutex> lock(mImpl->mServerAuthInstancesLock);
+ for (std::vector<boost::shared_ptr<ServerAuthInstance> >::iterator iter = mImpl->mServerAuthInstances.begin();
+ iter != mImpl->mServerAuthInstances.end(); ++ iter)
{
if (*iter == instance)
{
- mImpl->mAuthInstances.erase(iter);
+ mImpl->mServerAuthInstances.erase(iter);
break;
}
}
}
-void AuthManager::destroyAuthInstance(const AuthInstance* instance)
+void AuthManager::destroyServerAuthInstance(const ServerAuthInstance* instance)
{
- boost::lock_guard<boost::mutex> lock(mImpl->mAuthInstancesLock);
- for (std::vector<boost::shared_ptr<AuthInstance> >::iterator iter = mImpl->mAuthInstances.begin();
- iter != mImpl->mAuthInstances.end(); ++ iter)
+ boost::lock_guard<boost::mutex> lock(mImpl->mServerAuthInstancesLock);
+ for (std::vector<boost::shared_ptr<ServerAuthInstance> >::iterator iter = mImpl->mServerAuthInstances.begin();
+ iter != mImpl->mServerAuthInstances.end(); ++ iter)
{
if ((*iter).get() == instance)
{
- mImpl->mAuthInstances.erase(iter);
+ mImpl->mServerAuthInstances.erase(iter);
break;
}
}
}
-Ice::StringSeq AuthManager::getRealms(pjsip_rx_data *rdata)
-{
- Ice::StringSeq realms;
-
- pjsip_proxy_authenticate_hdr *authHeader = (pjsip_proxy_authenticate_hdr*) &rdata->msg_info.msg->hdr;
-
- while ((authHeader = (pjsip_proxy_authenticate_hdr*) pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_WWW_AUTHENTICATE, authHeader->next)))
- {
- std::string realm(pj_strbuf(&authHeader->challenge.digest.realm), pj_strlen(&authHeader->challenge.digest.realm));
- mImpl->mLogger(Debug) << "Found the realm " << realm;
- realms.push_back(realm);
- }
-
- authHeader = (pjsip_proxy_authenticate_hdr*) &rdata->msg_info.msg->hdr;
-
- while ((authHeader = (pjsip_proxy_authenticate_hdr*) pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_PROXY_AUTHENTICATE, authHeader->next)))
- {
- std::string realm(pj_strbuf(&authHeader->challenge.digest.realm), pj_strlen(&authHeader->challenge.digest.realm));
- realms.push_back(realm);
- }
-
- return realms;
-}
-
void AuthManager::getAuthCredentials(pjsip_rx_data *rdata, std::vector<pjsip_cred_info>& creds, const std::string& endpointName)
{
AuthHookSeq hooks = getHooks();
@@ -440,12 +440,11 @@ void AuthManager::getAuthCredentials(pjsip_rx_data *rdata, std::vector<pjsip_cre
iter != hooks.end(); ++iter)
{
ClientAuthSeq auths;
- Ice::StringSeq realms = getRealms(rdata);
+ Ice::StringSeq realms = mImpl->getRealms(rdata);
HookResult result = (*iter)->respondToChallenge(endpointName, realms, auths);
if (result.status == Succeeded)
{
- //Cool. So now we need to update the auth info on mReg
for (ClientAuthSeq::iterator authIter = auths.begin();
authIter != auths.end(); ++authIter)
{
@@ -462,20 +461,20 @@ void AuthManager::getAuthCredentials(pjsip_rx_data *rdata, std::vector<pjsip_cre
}
}
-void AuthManager::scheduleAuthTimeout(const boost::shared_ptr<AuthInstance> &instance, pj_timer_heap_callback *cb)
+void AuthManager::scheduleAuthTimeout(const boost::shared_ptr<ServerAuthInstance> &instance, pj_timer_heap_callback *cb)
{
instance->scheduleAuthTimeout(mImpl->mCounter++, cb);
}
void AuthManager::authTimeout(pj_timer_heap_t *, pj_timer_entry *entry)
{
- destroyAuthInstance(static_cast<AuthInstance *>(entry->user_data));
+ destroyServerAuthInstance(static_cast<ServerAuthInstance *>(entry->user_data));
}
void AuthManager::addAuthHook(const AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookPrx &hook,
int priority, const AsteriskSCF::SIP::ExtensionPoint::V1::RequestTypeSeq &types)
{
- boost::shared_ptr<AuthHookData> hookData(new AuthHookData(priority, hook, types));
+ boost::shared_ptr<AuthHookWrapper> hookData(new AuthHookWrapper(priority, hook, types));
boost::lock_guard<boost::mutex> lock(mImpl->mHooksLock);
mImpl->mRegisteredHooks.push_back(hookData);
std::stable_sort(mImpl->mRegisteredHooks.begin(), mImpl->mRegisteredHooks.end());
diff --git a/src/AuthManager.h b/src/AuthManager.h
index 37d4341..7dea61b 100644
--- a/src/AuthManager.h
+++ b/src/AuthManager.h
@@ -30,25 +30,25 @@ namespace AsteriskSCF
namespace SipSessionManager
{
-class AuthHookData;
+class AuthHookWrapper;
-typedef std::vector<boost::shared_ptr<AuthHookData> > moduleHookVector;
+typedef std::vector<boost::shared_ptr<AuthHookWrapper> > moduleHookVector;
void sessionAuthTimeout(pj_timer_heap_t *timer_heap, pj_timer_entry *entry);
-class AuthInstancePriv;
+class ServerAuthInstancePriv;
/**
- * An AuthInstance represents a single attempt of us
+ * An ServerAuthInstance represents a single attempt of us
* as the authentication server to authenticate a
* SIP requester.
*/
-class AuthInstance
+class ServerAuthInstance
{
public:
/**
- * The AuthInstance is able to distill all of the registered hooks
+ * The ServerAuthInstance is able to distill all of the registered hooks
* down to a smaller list based on the request types that the hooks
* service. This is a helper function to get the distilled
* list of hooks.
@@ -71,26 +71,26 @@ public:
* Attempt to authenticate an incoming request.
*
* It's most convenient to just call AuthManager::authenticate() so
- * that the proper AuthInstance may be found for you.
+ * that the proper ServerAuthInstance may be found for you.
*/
bool authenticate(pjsip_rx_data *rdata);
/**
- * Schedule the destruction of this AuthInstance.
+ * Schedule the destruction of this ServerAuthInstance.
*
* This will generally be called via AuthManager::scheduleAuthTimeout
* so that the id parameter can be guaranteed to be unique per
- * AuthInstance.
+ * ServerAuthInstance.
*/
void scheduleAuthTimeout(int id, pj_timer_heap_callback *cb);
/**
- * Cancel the current scheduled auth timeout task on the AuthInstance.
+ * Cancel the current scheduled auth timeout task on the ServerAuthInstance.
*/
void cancelAuthTimeout();
/**
- * Determine if this AuthInstance matches a message with the given
+ * Determine if this ServerAuthInstance matches a message with the given
* from tag and call-id.
*/
bool isEqual(const std::string &fromTag, const std::string &callId);
@@ -98,19 +98,19 @@ public:
friend class AuthManager;
private:
- AuthInstance(pjsip_rx_data *rdata,
+ ServerAuthInstance(pjsip_rx_data *rdata,
const moduleHookVector &hooks,
AsteriskSCF::SIP::ExtensionPoint::V1::RequestType type,
pjsip_endpoint *endpoint,
const AsteriskSCF::System::Logging::Logger &logger);
- boost::shared_ptr<AuthInstancePriv> mImpl;
+ boost::shared_ptr<ServerAuthInstancePriv> mImpl;
};
class AuthManagerPriv;
/**
- * The AuthManager contains all AuthInstances
+ * The AuthManager contains all ServerAuthInstances
* for a given PJSIP module. It also contains
* all of a PJSIP module's registered authentication
* hooks.
@@ -123,27 +123,20 @@ public:
/**
* Attempt to authenticate a request
*
- * This will search through the AuthManager's AuthInstances to
+ * This will search through the AuthManager's ServerAuthInstances to
* attempt to authenticate the request.
- * XXX Note that since the current task at hand is just to set
- * up the extension point for authentication and not to actually
- * authenticate, this doesn't actually do anything useful.
*/
bool authenticateRequest(pjsip_rx_data *rdata);
/**
- * Create a new AuthInstance
+ * Create a new ServerAuthInstance
*
* If a PJSIP module wants to challenge a requester, then
- * it must create an AuthInstance in order to do so. Do not
- * construct AuthInstances directly, but rather use this function
- * so that the AuthManager will have a reference to the AuthInstance
+ * it must create an ServerAuthInstance in order to do so. Do not
+ * construct ServerAuthInstances directly, but rather use this function
+ * so that the AuthManager will have a reference to the ServerAuthInstance
* for later.
*/
- boost::shared_ptr<AuthInstance> createAuthInstance(pjsip_rx_data *rdata, AsteriskSCF::SIP::ExtensionPoint::V1::RequestType type);
- /**
- * Get the realms from an authentication challenge
- */
- Ice::StringSeq getRealms(pjsip_rx_data *rdata);
+ boost::shared_ptr<ServerAuthInstance> createServerAuthInstance(pjsip_rx_data *rdata, AsteriskSCF::SIP::ExtensionPoint::V1::RequestType type);
/**
* Call out to registered hooks to get credentials.
*
@@ -151,26 +144,26 @@ public:
*/
void getAuthCredentials(pjsip_rx_data *rdata, std::vector<pjsip_cred_info>& creds, const std::string& endpointName);
/**
- * Schedule the destruction of an AuthInstance
+ * Schedule the destruction of an ServerAuthInstance
*
* After challenging a requester for authentication information,
* a PJSIP module should call this method. This will ensure that if
* the requester does not attempt to authenticate or never succeeds
- * in authenticating, the AuthInstance will eventually be destroyed.
+ * in authenticating, the ServerAuthInstance will eventually be destroyed.
*/
- void scheduleAuthTimeout(const boost::shared_ptr<AuthInstance> &instance, pj_timer_heap_callback *cb);
+ void scheduleAuthTimeout(const boost::shared_ptr<ServerAuthInstance> &instance, pj_timer_heap_callback *cb);
/**
- * Destroy an AuthInstance
+ * Destroy an ServerAuthInstance
*
- * This method is handy for destroying an AuthInstance if one has been created,
+ * This method is handy for destroying an ServerAuthInstance if one has been created,
* but a failure condition occurs before a challenge can be sent to the
* requesting UA.
*/
- void destroyAuthInstance(const boost::shared_ptr<AuthInstance> &instance);
+ void destroyServerAuthInstance(const boost::shared_ptr<ServerAuthInstance> &instance);
/**
- * Destroy an AuthInstance
+ * Destroy an ServerAuthInstance
*/
- void destroyAuthInstance(const AuthInstance* instance);
+ void destroyServerAuthInstance(const ServerAuthInstance* instance);
/**
* This is the callback that scheduleAuthDestruction sets up.
*
@@ -189,12 +182,10 @@ public:
* Remove all registered authentication hooks from the AuthManager
*/
void clearAuthHooks();
-
/**
* Get all registered hooks
*/
AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookSeq getHooks();
-
private:
boost::shared_ptr<AuthManagerPriv> mImpl;
};
diff --git a/src/PJSipRegistrarModule.cpp b/src/PJSipRegistrarModule.cpp
index b7193c6..101fbdf 100644
--- a/src/PJSipRegistrarModule.cpp
+++ b/src/PJSipRegistrarModule.cpp
@@ -712,7 +712,7 @@ bool PJSipRegistrarModule::checkAuth(pjsip_rx_data *rdata, pjsip_transaction *ts
return false;
}
- boost::shared_ptr<AuthInstance> authInstance(mAuthManager->createAuthInstance(rdata, type));
+ boost::shared_ptr<ServerAuthInstance> authInstance(mAuthManager->createServerAuthInstance(rdata, type));
std::vector<AuthHookPrx> hooks = authInstance->getHooks();
if (hooks.empty())
@@ -726,7 +726,7 @@ bool PJSipRegistrarModule::checkAuth(pjsip_rx_data *rdata, pjsip_transaction *ts
//We have our RequestInfo created. Now start calling out to any registered hooks
//
//XXX While this seems like something that could be taken care of in either the
- //AuthInstance or AuthManager class, there are some specific issues with this.
+ //ServerAuthInstance or AuthManager class, there are some specific issues with this.
//For instance, in this case, we create the outgoing message using the inv_session,
//whereas other PJSIP modules will either access the base dialog directly
//or have a different layer of indirection instead of the inv_session.
@@ -743,9 +743,9 @@ bool PJSipRegistrarModule::checkAuth(pjsip_rx_data *rdata, pjsip_transaction *ts
{
if (digests.empty())
{
- //Hook says not to challenge. This AuthInstance
+ //Hook says not to challenge. This ServerAuthInstance
//is deader than dead.
- mAuthManager->destroyAuthInstance(authInstance);
+ mAuthManager->destroyServerAuthInstance(authInstance);
return false;
}
diff --git a/src/PJSipSessionModule.cpp b/src/PJSipSessionModule.cpp
index 1d81826..9e960d8 100644
--- a/src/PJSipSessionModule.cpp
+++ b/src/PJSipSessionModule.cpp
@@ -345,7 +345,7 @@ bool PJSipSessionModule::checkAuth(pjsip_rx_data *rdata, pjsip_inv_session *inv,
return false;
}
- boost::shared_ptr<AuthInstance> authInstance(mAuthManager->createAuthInstance(rdata, type));
+ boost::shared_ptr<ServerAuthInstance> authInstance(mAuthManager->createServerAuthInstance(rdata, type));
AuthHookSeq hooks = authInstance->getHooks();
if (hooks.empty())
@@ -358,7 +358,7 @@ bool PJSipSessionModule::checkAuth(pjsip_rx_data *rdata, pjsip_inv_session *inv,
//We have our RequestInfo created. Now start calling out to any registered hooks
//
//XXX While this seems like something that could be taken care of in either the
- //AuthInstance or AuthManager class, there are some specific issues with this.
+ //ServerAuthInstance or AuthManager class, there are some specific issues with this.
//For instance, in this case, we create the outgoing message using the inv_session,
//whereas other PJSIP modules will either access the base dialog directly
//or have a different layer of indirection instead of the inv_session.
@@ -375,9 +375,9 @@ bool PJSipSessionModule::checkAuth(pjsip_rx_data *rdata, pjsip_inv_session *inv,
{
if (digests.empty())
{
- //Hook says not to challenge. This AuthInstance
+ //Hook says not to challenge. This ServerAuthInstance
//is deader than dead.
- mAuthManager->destroyAuthInstance(authInstance);
+ mAuthManager->destroyServerAuthInstance(authInstance);
return false;
}
commit 6e2f71bbd46c8475a112b35dd37ba2527bfc7907
Author: Mark Michelson <mmichelson at digium.com>
Date: Wed Nov 16 12:41:48 2011 -0600
Get rid of the SipRegistrationClientManager class. It has no use.
diff --git a/src/PJSipManager.cpp b/src/PJSipManager.cpp
index b041000..58b6523 100644
--- a/src/PJSipManager.cpp
+++ b/src/PJSipManager.cpp
@@ -62,7 +62,6 @@ void PJSipManager::addAuthHook(const AuthHookPrx &hook, int priority, const Requ
{
mLoggingModule->addAuthHook(hook, priority, types);
}
- mClientRegistrationManager->addAuthHook(hook);
}
void PJSipManager::removeAuthHook(const AuthHookPrx &hook)
@@ -75,7 +74,6 @@ void PJSipManager::removeAuthHook(const AuthHookPrx &hook)
{
mLoggingModule->removeAuthHook(hook);
}
- mClientRegistrationManager->removeAuthHook(hook);
}
void PJSipManager::clearAuthHooks()
@@ -88,7 +86,6 @@ void PJSipManager::clearAuthHooks()
{
mLoggingModule->clearAuthHooks();
}
- mClientRegistrationManager->clearAuthHooks();
}
static void *monitorThread(void *endpt)
@@ -264,18 +261,12 @@ pj_pool_t* PJSipManager::getMemoryPool()
return mMemoryPool;
}
-SipRegistrationClientManagerPtr PJSipManager::getClientRegistrationManager() const
-{
- return mClientRegistrationManager;
-}
-
PJSipManager::PJSipManager() :
mEndpoint(0),
mSessionModule(0),
mLoggingModule(0),
mPjThread(0),
- mMemoryPool(0),
- mClientRegistrationManager(new SipRegistrationClientManager)
+ mMemoryPool(0)
{
memset(&mCachingPool, 0, sizeof(mCachingPool));
diff --git a/src/PJSipManager.h b/src/PJSipManager.h
index 5dd019d..c2c797d 100644
--- a/src/PJSipManager.h
+++ b/src/PJSipManager.h
@@ -137,8 +137,6 @@ public:
void handleEvents();
- SipRegistrationClientManagerPtr getClientRegistrationManager() const;
-
private:
pjsip_endpoint *mEndpoint;
PJSipSessionModulePtr mSessionModule;
@@ -152,8 +150,6 @@ private:
SipModuleMap mModules;
std::map<std::string, TransportPtr> mTransports;
- SipRegistrationClientManagerPtr mClientRegistrationManager;
-
PJSipManager();
};
diff --git a/src/SipClientRegistration.cpp b/src/SipClientRegistration.cpp
index 6ab868f..c792230 100644
--- a/src/SipClientRegistration.cpp
+++ b/src/SipClientRegistration.cpp
@@ -126,37 +126,6 @@ private:
using namespace AsteriskSCF::SIP::ExtensionPoint::V1;
-SipRegistrationClientManager::SipRegistrationClientManager()
-{
-}
-
-void SipRegistrationClientManager::addAuthHook(const AuthHookPrx& hook)
-{
- boost::unique_lock<boost::shared_mutex> lock(mLock);
- if (std::find(mAuthHooks.begin(), mAuthHooks.end(), hook) == mAuthHooks.end())
- {
- mAuthHooks.push_back(hook);
- }
-}
-
-void SipRegistrationClientManager::removeAuthHook(const AuthHookPrx& hook)
-{
- boost::unique_lock<boost::shared_mutex> lock(mLock);
- mAuthHooks.erase(std::remove(mAuthHooks.begin(), mAuthHooks.end(), hook), mAuthHooks.end());
-}
-
-void SipRegistrationClientManager::clearAuthHooks()
-{
- boost::unique_lock<boost::shared_mutex> lock(mLock);
- mAuthHooks.clear();
-}
-
-AuthHookSeq SipRegistrationClientManager::getAuthHooks()
-{
- boost::shared_lock<boost::shared_mutex> lock(mLock);
- return mAuthHooks;
-}
-
SipRegistrationClient::SipRegistrationClient(
const SipClientRegistrationItemPtr& confItem,
pjsip_endpoint* pjEndpoint,
diff --git a/src/SipClientRegistration.h b/src/SipClientRegistration.h
index 8cc4132..edcd9e8 100644
--- a/src/SipClientRegistration.h
+++ b/src/SipClientRegistration.h
@@ -30,50 +30,6 @@ namespace AsteriskSCF
namespace SipSessionManager
{
-/**
- * A centralized class.
- *
- * Outside entities will populate this with information
- * central to all client registrations.
- *
- * The client registrations themselves will then use
- * accessors in order to get the necessary information.
- */
-class SipRegistrationClientManager : public IceUtil::Shared
-{
-public:
- SipRegistrationClientManager();
-
- /**
- * Get a list of registered authentication hooks
- */
- AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookSeq getAuthHooks();
-
- /**
- * Add an authentication hook
- */
- void addAuthHook(const AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookPrx& hook);
-
- /**
- * Remove an authentication hook
- */
- void removeAuthHook(const AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookPrx& hook);
-
- /**
- * Remove all authentication hooks
- */
- void clearAuthHooks();
-
-private:
- /**
- * The registered auth hooks
- */
- AsteriskSCF::SIP::ExtensionPoint::V1::AuthHookSeq mAuthHooks;
- boost::shared_mutex mLock;
-};
-
-typedef IceUtil::Handle<SipRegistrationClientManager> SipRegistrationClientManagerPtr;
-
class RescheduleRegister;
class ClientRegistrationReplicaListener;
commit 582cd705da6d1c6837a797701844e4c55853f388
Author: Mark Michelson <mmichelson at digium.com>
Date: Wed Nov 16 12:29:00 2011 -0600
Use the auth manager in the client registration code to get rid of duplicate code.
diff --git a/src/AuthManager.h b/src/AuthManager.h
index ade0127..37d4341 100644
--- a/src/AuthManager.h
+++ b/src/AuthManager.h
@@ -199,5 +199,7 @@ private:
boost::shared_ptr<AuthManagerPriv> mImpl;
};
+typedef boost::shared_ptr<AuthManager> AuthManagerPtr;
+
}; //end namespace SipSessionManager
}; //end namespace AsteriskSCF
diff --git a/src/PJSipManager.cpp b/src/PJSipManager.cpp
index 6beef79..b041000 100644
--- a/src/PJSipManager.cpp
+++ b/src/PJSipManager.cpp
@@ -21,12 +21,15 @@
#include <boost/lexical_cast.hpp>
#include <boost/shared_ptr.hpp>
#include <boost/thread/locks.hpp>
+#include <boost/lexical_cast.hpp>
#include <vector>
#include "PJUtil.h"
#include "STUNModule.h"
#include "UDPTransport.h"
-#include <boost/lexical_cast.hpp>
+#include "PJSipSessionModule.h"
+#include "PJSipRegistrarModule.h"
+#include "PJSipLoggingModule.h"
using namespace AsteriskSCF::System::Logging;
using namespace AsteriskSCF::System::Hook::V1;
diff --git a/src/PJSipManager.h b/src/PJSipManager.h
index 91f7e74..5dd019d 100644
--- a/src/PJSipManager.h
+++ b/src/PJSipManager.h
@@ -30,11 +30,8 @@
#include <AsteriskSCF/SIP/SIPExtensionPointIf.h>
#include <AsteriskSCF/System/Hook/HookIf.h>
-#include "PJSipSessionModule.h"
-#include "PJSipLoggingModule.h"
#include "Transports.h"
#include "SipModule.h"
-#include "PJSipRegistrarModule.h"
#include "SipReplicationContext.h"
#include "SipClientRegistration.h"
@@ -47,6 +44,15 @@ namespace SipSessionManager
class PJSipManager;
typedef boost::shared_ptr<PJSipManager> PJSipManagerPtr;
+class PJSipSessionModule;
+typedef IceUtil::Handle<PJSipSessionModule> PJSipSessionModulePtr;
+
+class PJSipRegistrarModule;
+typedef IceUtil::Handle<PJSipRegistrarModule> PJSipRegistrarModulePtr;
+
+class PJSipLoggingModule;
+typedef IceUtil::Handle<PJSipLoggingModule> PJSipLoggingModulePtr;
+
/*
* This class is responsible for providing access to the pjsip_endpoint for the Asterisk SCF SIP component.
*
diff --git a/src/PJSipModule.h b/src/PJSipModule.h
index be85772..e2e13cc 100644
--- a/src/PJSipModule.h
+++ b/src/PJSipModule.h
@@ -56,7 +56,7 @@ protected:
PJSipModule() { }
virtual ~PJSipModule() { }
pjsip_module mModule;
- boost::shared_ptr<AuthManager> mAuthManager;
+ AuthManagerPtr mAuthManager;
private:
const std::string mName;
};
diff --git a/src/SipClientRegistration.cpp b/src/SipClientRegistration.cpp
index 9aee763..6ab868f 100644
--- a/src/SipClientRegistration.cpp
+++ b/src/SipClientRegistration.cpp
@@ -161,7 +161,7 @@ SipRegistrationClient::SipRegistrationClient(
const SipClientRegistrationItemPtr& confItem,
pjsip_endpoint* pjEndpoint,
const SipEndpointPtr& sipEndpoint,
- const SipRegistrationClientManagerPtr& manager,
+ const AuthManagerPtr& manager,
const SipReplicationContextPtr& replicationContext,
const Ice::ObjectAdapterPtr& backplaneAdapter,
const ReplicaPrx& replica)
@@ -337,67 +337,20 @@ void SipRegistrationClient::handleRegisterResponse(pjsip_regc_cbparam *param)
}
}
-Ice::StringSeq SipRegistrationClient::getRealms(pjsip_rx_data *rdata)
-{
- Ice::StringSeq realms;
-
- pjsip_proxy_authenticate_hdr *authHeader = (pjsip_proxy_authenticate_hdr*) &rdata->msg_info.msg->hdr;
-
- while ((authHeader = (pjsip_proxy_authenticate_hdr*) pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_WWW_AUTHENTICATE, authHeader->next)))
- {
- std::string realm(pj_strbuf(&authHeader->challenge.digest.realm), pj_strlen(&authHeader->challenge.digest.realm));
- lg(Debug) << "Found the realm " << realm;
- realms.push_back(realm);
- }
-
- authHeader = (pjsip_proxy_authenticate_hdr*) &rdata->msg_info.msg->hdr;
-
- while ((authHeader = (pjsip_proxy_authenticate_hdr*) pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_PROXY_AUTHENTICATE, authHeader->next)))
- {
- std::string realm(pj_strbuf(&authHeader->challenge.digest.realm), pj_strlen(&authHeader->challenge.digest.realm));
- realms.push_back(realm);
- }
-
- return realms;
-}
-
//XXX This function seems like it may fit better into AuthManager
//or some more central place since it could be useful for authentication
//responses for any type of request. This is mostly not REGISTER-specific, in
//other words.
void SipRegistrationClient::authenticate(pjsip_rx_data *rdata)
{
- AuthHookSeq hooks = mManager->getAuthHooks();
- for (AuthHookSeq::iterator iter = hooks.begin();
- iter != hooks.end(); ++iter)
+ std::vector<pjsip_cred_info> creds;
+ mManager->getAuthCredentials(rdata, creds, mEndpointName);
+ if (!creds.empty())
{
- ClientAuthSeq auths;
- Ice::StringSeq realms = getRealms(rdata);
-
- HookResult result = (*iter)->respondToChallenge(mEndpointName, realms, auths);
- if (result.status == Succeeded)
- {
- std::vector<pjsip_cred_info> creds;
- //Cool. So now we need to update the auth info on mReg
- for (ClientAuthSeq::iterator authIter = auths.begin();
- authIter != auths.end(); ++authIter)
- {
- pjsip_cred_info info;
- pj_cstr(&info.realm, authIter->realm.c_str());
- pj_cstr(&info.scheme, "digest");
- pj_cstr(&info.username, authIter->username.c_str());
- pj_cstr(&info.data, authIter->password.c_str());
- info.data_type = PJSIP_CRED_DATA_PLAIN_PASSWD;
- creds.push_back(info);
- }
- if (creds.size() != 0)
- {
- pjsip_regc_set_credentials(mReg, boost::numeric_cast<int>(creds.size()), &creds.front());
- sendRegister();
- }
- return;
- }
+ pjsip_regc_set_credentials(mReg, boost::numeric_cast<int>(creds.size()), &creds.front());
+ sendRegister();
}
+ return;
}
}
diff --git a/src/SipClientRegistration.h b/src/SipClientRegistration.h
index 035d95c..8cc4132 100644
--- a/src/SipClientRegistration.h
+++ b/src/SipClientRegistration.h
@@ -110,7 +110,7 @@ public:
const AsteriskSCF::Configuration::SipSessionManager::V1::SipClientRegistrationItemPtr& confItem,
pjsip_endpoint* pjEndpoint,
const SipEndpointPtr& sipEndpoint,
- const SipRegistrationClientManagerPtr& manager,
+ const AuthManagerPtr& manager,
const SipReplicationContextPtr& replicationContext,
const Ice::ObjectAdapterPtr& backplaneAdapter,
const AsteriskSCF::System::Component::V1::ReplicaPrx& replica);
@@ -214,7 +214,7 @@ private:
/**
* The central point from which to get information such as authentication hooks.
*/
- SipRegistrationClientManagerPtr mManager;
+ AuthManagerPtr mManager;
/**
* The PJSIP client registration structure.
diff --git a/src/SipEndpoint.cpp b/src/SipEndpoint.cpp
index 7e5a4ca..b2e8185 100644
--- a/src/SipEndpoint.cpp
+++ b/src/SipEndpoint.cpp
@@ -199,7 +199,8 @@ public:
const PJSipManagerPtr& manager,
const AsteriskSCF::Core::Discovery::V1::ServiceLocatorPrx& serviceLocator,
const SipReplicationContextPtr& replicationContext,
- const ReplicaPrx& replica) :
+ const ReplicaPrx& replica,
+ const AuthManagerPtr& authManager) :
mName(name),
mAdapter(adapter),
mBackplaneAdapter(backplaneAdapter),
@@ -208,6 +209,7 @@ public:
mServiceLocator(serviceLocator),
mReplicationContext(replicationContext),
mReplica(replica),
+ mAuthManager(authManager),
mDefaultListeners(new AsteriskSCF::Collections::ProxySet<SessionListenerPrx>(adapter, lg, "Default Session Listeners")),
mDefaultSessionCookies(new AsteriskSCF::Collections::HandleSet<AsteriskSCF::SessionCommunications::V1::SessionCookiePtr>(lg, "Default Cookies"))
{
@@ -230,6 +232,7 @@ public:
Ice::ObjectAdapterPtr mAdapter;
Ice::ObjectAdapterPtr mBackplaneAdapter;
+
/**
* The endpoint factory that created us.
*/
@@ -263,6 +266,7 @@ public:
AsteriskSCF::Core::Discovery::V1::ServiceLocatorPrx mServiceLocator;
SipReplicationContextPtr mReplicationContext;
ReplicaPrx mReplica;
+ AuthManagerPtr mAuthManager;
AsteriskSCF::Collections::ProxySet<SessionListenerPrx>::SetPtr mDefaultListeners;
std::map<std::string, SipRegistrationClientPtr> mClientRegistrations;
@@ -276,8 +280,9 @@ SipEndpoint::SipEndpoint(const Ice::ObjectAdapterPtr& adapter,
const PJSipManagerPtr& manager,
const ServiceLocatorPrx& serviceLocator,
const SipReplicationContextPtr& replicationContext,
- const ReplicaPrx& replica)
- : mImplPriv(new SipEndpointImplPriv(adapter, backplaneAdapter, factory, name, manager, serviceLocator, replicationContext, replica))
+ const ReplicaPrx& replica,
+ const AuthManagerPtr& authManager)
+ : mImplPriv(new SipEndpointImplPriv(adapter, backplaneAdapter, factory, name, manager, serviceLocator, replicationContext, replica, authManager))
{
lg(Debug) << "Constructing SIP endpoint " << name;
@@ -408,7 +413,7 @@ void SipEndpoint::updateClientRegistrations(SipClientRegistrationItemSeq& items)
*item,
mImplPriv->mManager->getEndpoint(),
this,
- mImplPriv->mManager->getClientRegistrationManager(),
+ mImplPriv->mAuthManager,
mImplPriv->mReplicationContext,
mImplPriv->mBackplaneAdapter,
mImplPriv->mReplica);
diff --git a/src/SipEndpoint.h b/src/SipEndpoint.h
index f758392..0514c1e 100644
--- a/src/SipEndpoint.h
+++ b/src/SipEndpoint.h
@@ -38,6 +38,7 @@
#include "SipSession.h"
#include "SipReplicationContext.h"
+#include "AuthManager.h"
namespace AsteriskSCF
{
@@ -287,7 +288,8 @@ public:
const PJSipManagerPtr& manager,
const AsteriskSCF::Core::Discovery::V1::ServiceLocatorPrx& serviceLocator,
const SipReplicationContextPtr& replicationContext,
- const AsteriskSCF::System::Component::V1::ReplicaPrx& replica);
+ const AsteriskSCF::System::Component::V1::ReplicaPrx& replica,
+ const AuthManagerPtr& authManager);
bool operator==(const std::string &name) const;
diff --git a/src/SipEndpointFactory.cpp b/src/SipEndpointFactory.cpp
index dfa4d74..a36626a 100644
--- a/src/SipEndpointFactory.cpp
+++ b/src/SipEndpointFactory.cpp
@@ -31,6 +31,22 @@ namespace AsteriskSCF
{
namespace SipSessionManager
{
+
+SipEndpointFactory::SipEndpointFactory(
+ const Ice::ObjectAdapterPtr& adapter,
+ const Ice::ObjectAdapterPtr& backplaneAdapter,
+ const PJSipManagerPtr& manager,
+ const AsteriskSCF::Core::Discovery::V1::ServiceLocatorPrx& serviceLocator,
+ const SipReplicationContextPtr& replicationContext) :
+ mAdapter(adapter),
+ mBackplaneAdapter(backplaneAdapter),
+ mManager(manager),
+ mServiceLocator(serviceLocator),
+ mReplicationContext(replicationContext),
+ mAuthManager(new AuthManager(mManager->getEndpoint(), AsteriskSCF::System::Logging::getLoggerFactory().getLogger("AsteriskSCF.SipSessionGateway")))
+{
+}
+
SipEndpointPtr SipEndpointFactory::createEndpoint(std::string endpointName)
{
SipEndpointPtr endpoint = new SipEndpoint(
@@ -41,7 +57,8 @@ SipEndpointPtr SipEndpointFactory::createEndpoint(std::string endpointName)
mManager,
mServiceLocator,
mReplicationContext,
- mReplica);
+ mReplica,
+ mAuthManager);
mEndpoints.push_back(endpoint);
return endpoint;
}
diff --git a/src/SipEndpointFactory.h b/src/SipEndpointFactory.h
index 7d792b5..e8102a9 100644
--- a/src/SipEndpointFactory.h
+++ b/src/SipEndpointFactory.h
@@ -23,7 +23,9 @@
#include <AsteriskSCF/Core/Endpoint/EndpointIf.h>
#include <AsteriskSCF/SessionCommunications/SessionCommunicationsExtensionPointsIf.h>
#include <AsteriskSCF/SIP/SIPRegistrarIf.h>
+#include <AsteriskSCF/logger.h>
#include "SipReplicationContext.h"
+#include "PJSipManager.h"
namespace AsteriskSCF
{
@@ -43,12 +45,7 @@ public:
const Ice::ObjectAdapterPtr& backplaneAdapter,
const PJSipManagerPtr& manager,
const AsteriskSCF::Core::Discovery::V1::ServiceLocatorPrx& serviceLocator,
- const SipReplicationContextPtr& replicationContext) :
- mAdapter(adapter),
- mBackplaneAdapter(backplaneAdapter),
- mManager(manager),
- mServiceLocator(serviceLocator),
- mReplicationContext(replicationContext) { }
+ const SipReplicationContextPtr& replicationContext);
SipEndpointPtr createEndpoint(std::string);
@@ -89,6 +86,8 @@ private:
SipReplicationContextPtr mReplicationContext;
AsteriskSCF::System::Component::V1::ReplicaPrx mReplica;
+
+ AuthManagerPtr mAuthManager;
};
}; // end SipSessionManager
diff --git a/src/SipSession.cpp b/src/SipSession.cpp
index 3182731..21bf0fb 100755
--- a/src/SipSession.cpp
+++ b/src/SipSession.cpp
@@ -46,6 +46,7 @@
#include <AsteriskSCF/SessionCookies/SipSessionManager/SipSessionCookiesIf.h>
#include <AsteriskSCF/Collections/HandleSet.h>
#include "NATOptions.h"
+#include "PJSipSessionModule.h"
using namespace AsteriskSCF::System::Logging;
using namespace AsteriskSCF::System::NAT::V1;
diff --git a/src/SipStateReplicatorListener.cpp b/src/SipStateReplicatorListener.cpp
index 689785a..7f5e01b 100644
--- a/src/SipStateReplicatorListener.cpp
+++ b/src/SipStateReplicatorListener.cpp
@@ -21,6 +21,7 @@
#include "SipSession.h"
#include "PJSipManager.h"
#include "SipTransfer.h"
+#include "PJSipRegistrarModule.h"
#include <pjlib.h>
#include <IceUtil/UUID.h>
commit 67af305c398f1ad12b626b5f2da01aa336b4e451
Author: Mark Michelson <mmichelson at digium.com>
Date: Tue Nov 15 18:39:43 2011 -0600
Move some common code into the AuthManger.
diff --git a/src/AuthManager.cpp b/src/AuthManager.cpp
index d03069c..ec4dd50 100644
--- a/src/AuthManager.cpp
+++ b/src/AuthManager.cpp
@@ -433,6 +433,35 @@ Ice::StringSeq AuthManager::getRealms(pjsip_rx_data *rdata)
return realms;
}
+void AuthManager::getAuthCredentials(pjsip_rx_data *rdata, std::vector<pjsip_cred_info>& creds, const std::string& endpointName)
+{
+ AuthHookSeq hooks = getHooks();
+ for (AuthHookSeq::iterator iter = hooks.begin();
+ iter != hooks.end(); ++iter)
+ {
+ ClientAuthSeq auths;
+ Ice::StringSeq realms = getRealms(rdata);
+
+ HookResult result = (*iter)->respondToChallenge(endpointName, realms, auths);
+ if (result.status == Succeeded)
+ {
+ //Cool. So now we need to update the auth info on mReg
+ for (ClientAuthSeq::iterator authIter = auths.begin();
+ authIter != auths.end(); ++authIter)
+ {
+ pjsip_cred_info info;
+ pj_cstr(&info.realm, authIter->realm.c_str());
+ pj_cstr(&info.scheme, "digest");
+ pj_cstr(&info.username, authIter->username.c_str());
+ pj_cstr(&info.data, authIter->password.c_str());
+ info.data_type = PJSIP_CRED_DATA_PLAIN_PASSWD;
+ creds.push_back(info);
+ }
+ return;
+ }
+ }
+}
+
void AuthManager::scheduleAuthTimeout(const boost::shared_ptr<AuthInstance> &instance, pj_timer_heap_callback *cb)
{
instance->scheduleAuthTimeout(mImpl->mCounter++, cb);
diff --git a/src/AuthManager.h b/src/AuthManager.h
index 1f799ce..ade0127 100644
--- a/src/AuthManager.h
+++ b/src/AuthManager.h
@@ -145,6 +145,12 @@ public:
*/
Ice::StringSeq getRealms(pjsip_rx_data *rdata);
/**
+ * Call out to registered hooks to get credentials.
+ *
+ * Used when receiving a 401 or 407 response
+ */
+ void getAuthCredentials(pjsip_rx_data *rdata, std::vector<pjsip_cred_info>& creds, const std::string& endpointName);
+ /**
* Schedule the destruction of an AuthInstance
*
* After challenging a requester for authentication information,
diff --git a/src/PJSipSessionModule.cpp b/src/PJSipSessionModule.cpp
index 5a04ef6..1d81826 100644
--- a/src/PJSipSessionModule.cpp
+++ b/src/PJSipSessionModule.cpp
@@ -1223,45 +1223,21 @@ void PJSipSessionModule::handleInviteRejection(pjsip_inv_session* inv,
if (respCode == 401 || respCode == 407)
{
//Aw peas, they be wanting to authenticate, boooooooooiiiiiiiiiii
-
- AuthHookSeq hooks = mAuthManager->getHooks();
- for (AuthHookSeq::iterator iter = hooks.begin();
- iter != hooks.end(); ++iter)
+ std::vector<pjsip_cred_info> creds;
+ mAuthManager->getAuthCredentials(rdata, creds, session->getEndpoint()->getName());
+ if (creds.size() != 0)
{
- ClientAuthSeq auths;
- Ice::StringSeq realms = mAuthManager->getRealms(rdata);
-
- HookResult result = (*iter)->respondToChallenge(session->getEndpoint()->getName(), realms, auths);
- if (result.status == Succeeded)
- {
- std::vector<pjsip_cred_info> creds;
- //Cool. So now we need to update the auth info on mReg
- for (ClientAuthSeq::iterator authIter = auths.begin();
- authIter != auths.end(); ++authIter)
- {
- pjsip_cred_info info;
- pj_cstr(&info.realm, authIter->realm.c_str());
- pj_cstr(&info.scheme, "digest");
- pj_cstr(&info.username, authIter->username.c_str());
- pj_cstr(&info.data, authIter->password.c_str());
- info.data_type = PJSIP_CRED_DATA_PLAIN_PASSWD;
- creds.push_back(info);
- }
- if (creds.size() != 0)
- {
- pjsip_inv_uac_restart(inv, PJ_FALSE);
- pjsip_auth_clt_set_credentials(&inv->dlg->auth_sess,
- boost::numeric_cast<int>(creds.size()), &creds.front());
- pjsip_tx_data *tdata;
- pjsip_auth_clt_reinit_req(&inv->dlg->auth_sess,
- rdata, tsx->last_tx, &tdata);
- //XXX The actual sending of the message should probably be done as
- //a queued operation.
- pjsip_inv_send_msg(inv, tdata);
- }
- return;
- }
+ pjsip_inv_uac_restart(inv, PJ_FALSE);
+ pjsip_auth_clt_set_credentials(&inv->dlg->auth_sess,
+ boost::numeric_cast<int>(creds.size()), &creds.front());
+ pjsip_tx_data *tdata;
+ pjsip_auth_clt_reinit_req(&inv->dlg->auth_sess,
+ rdata, tsx->last_tx, &tdata);
+ //XXX The actual sending of the message should probably be done as
+ //a queued operation.
+ pjsip_inv_send_msg(inv, tdata);
}
+ return;
}
}
@@ -1495,43 +1471,20 @@ void PJSipSessionModule::handleNonInviteAuthentication(pjsip_inv_session* inv,
{
PJSipSessionModInfo *session_mod_info = (PJSipSessionModInfo*)inv->mod_data[mModule.id];
SipSessionPtr session = session_mod_info->getSessionPtr();
- AuthHookSeq hooks = mAuthManager->getHooks();
- for (AuthHookSeq::iterator iter = hooks.begin();
- iter != hooks.end(); ++iter)
- {
- ClientAuthSeq auths;
- Ice::StringSeq realms = mAuthManager->getRealms(rdata);
-
- HookResult result = (*iter)->respondToChallenge(session->getEndpoint()->getName(), realms, auths);
- if (result.status == Succeeded)
- {
- std::vector<pjsip_cred_info> creds;
- //Cool. So now we need to update the auth info on mReg
- for (ClientAuthSeq::iterator authIter = auths.begin();
- authIter != auths.end(); ++authIter)
- {
- pjsip_cred_info info;
- pj_cstr(&info.realm, authIter->realm.c_str());
- pj_cstr(&info.scheme, "digest");
- pj_cstr(&info.username, authIter->username.c_str());
- pj_cstr(&info.data, authIter->password.c_str());
- info.data_type = PJSIP_CRED_DATA_PLAIN_PASSWD;
- creds.push_back(info);
- }
- if (creds.size() != 0)
- {
- pjsip_auth_clt_set_credentials(&dlg->auth_sess,
- boost::numeric_cast<int>(creds.size()), &creds.front());
- pjsip_tx_data *tdata;
- pjsip_auth_clt_reinit_req(&dlg->auth_sess,
- rdata, tsx->last_tx, &tdata);
- //XXX The actual sending of the message should probably be done as
- //a queued operation.
- pjsip_dlg_send_request(dlg, tdata, -1, NULL);
- }
- return;
- }
+ std::vector<pjsip_cred_info> creds;
+ mAuthManager->getAuthCredentials(rdata, creds, session->getEndpoint()->getName());
+ if (creds.size() != 0)
+ {
+ pjsip_auth_clt_set_credentials(&dlg->auth_sess,
+ boost::numeric_cast<int>(creds.size()), &creds.front());
+ pjsip_tx_data *tdata;
+ pjsip_auth_clt_reinit_req(&dlg->auth_sess,
+ rdata, tsx->last_tx, &tdata);
+ //XXX The actual sending of the message should probably be done as
+ //a queued operation.
+ pjsip_dlg_send_request(dlg, tdata, -1, NULL);
}
+ return;
}
void PJSipSessionModule::invOnTsxStateChanged(pjsip_inv_session *inv, pjsip_transaction *tsx, pjsip_event *e)
commit 01875837a0d54f89089c83311c14c1f0b90f7b14
Author: Mark Michelson <mmichelson at digium.com>
Date: Tue Nov 15 18:15:25 2011 -0600
Add authentication response for in-dialog stuff.
diff --git a/src/PJSipSessionModule.cpp b/src/PJSipSessionModule.cpp
index 4e7afe1..5a04ef6 100644
--- a/src/PJSipSessionModule.cpp
+++ b/src/PJSipSessionModule.cpp
@@ -1490,6 +1490,49 @@ void PJSipSessionModule::invOnNewSession(pjsip_inv_session*, pjsip_event*)
{
//stub
}
+void PJSipSessionModule::handleNonInviteAuthentication(pjsip_inv_session* inv,
+ pjsip_rx_data* rdata, pjsip_dialog* dlg, pjsip_transaction *tsx)
+{
+ PJSipSessionModInfo *session_mod_info = (PJSipSessionModInfo*)inv->mod_data[mModule.id];
+ SipSessionPtr session = session_mod_info->getSessionPtr();
+ AuthHookSeq hooks = mAuthManager->getHooks();
+ for (AuthHookSeq::iterator iter = hooks.begin();
+ iter != hooks.end(); ++iter)
+ {
+ ClientAuthSeq auths;
+ Ice::StringSeq realms = mAuthManager->getRealms(rdata);
+
+ HookResult result = (*iter)->respondToChallenge(session->getEndpoint()->getName(), realms, auths);
+ if (result.status == Succeeded)
+ {
+ std::vector<pjsip_cred_info> creds;
+ //Cool. So now we need to update the auth info on mReg
+ for (ClientAuthSeq::iterator authIter = auths.begin();
+ authIter != auths.end(); ++authIter)
+ {
+ pjsip_cred_info info;
+ pj_cstr(&info.realm, authIter->realm.c_str());
+ pj_cstr(&info.scheme, "digest");
+ pj_cstr(&info.username, authIter->username.c_str());
+ pj_cstr(&info.data, authIter->password.c_str());
+ info.data_type = PJSIP_CRED_DATA_PLAIN_PASSWD;
+ creds.push_back(info);
+ }
+ if (creds.size() != 0)
+ {
+ pjsip_auth_clt_set_credentials(&dlg->auth_sess,
+ boost::numeric_cast<int>(creds.size()), &creds.front());
+ pjsip_tx_data *tdata;
+ pjsip_auth_clt_reinit_req(&dlg->auth_sess,
+ rdata, tsx->last_tx, &tdata);
+ //XXX The actual sending of the message should probably be done as
+ //a queued operation.
+ pjsip_dlg_send_request(dlg, tdata, -1, NULL);
+ }
+ return;
+ }
+ }
+}
void PJSipSessionModule::invOnTsxStateChanged(pjsip_inv_session *inv, pjsip_transaction *tsx, pjsip_event *e)
{
@@ -1498,7 +1541,7 @@ void PJSipSessionModule::invOnTsxStateChanged(pjsip_inv_session *inv, pjsip_tran
int respCode = e->body.tsx_state.src.rdata->msg_info.msg->line.status.code;
if (respCode == 401 || respCode == 407)
{
- //We need to authenticate. This is for non-INVITE transactions.
+ handleNonInviteAuthentication(inv, e->body.tsx_state.src.rdata, pjsip_tsx_get_dlg(tsx), tsx);
}
}
diff --git a/src/PJSipSessionModule.h b/src/PJSipSessionModule.h
index 74621be..59e840a 100644
--- a/src/PJSipSessionModule.h
+++ b/src/PJSipSessionModule.h
@@ -142,6 +142,7 @@ private:
void handleNewInvite(pjsip_rx_data *rdata);
void handleInviteResponse(pjsip_inv_session *inv, pjsip_rx_data *rdata, pjsip_dialog *dlg);
void handleInviteRejection(pjsip_inv_session *inv, pjsip_rx_data *rdata, pjsip_transaction *tsx);
+ void handleNonInviteAuthentication(pjsip_inv_session *inv, pjsip_rx_data *rdata, pjsip_dialog *dlg, pjsip_transaction *tsx);
void handleRefer(pjsip_inv_session *inv, pjsip_rx_data *rdata);
void handleInfo(pjsip_inv_session *inv, pjsip_rx_data *rdata);
bool isDTMF(pjsip_rx_data *rdata);
commit 1a9c552d54bbabefed475aa78937ccacc812ef1d
Author: Mark Michelson <mmichelson at digium.com>
Date: Tue Nov 15 17:38:35 2011 -0600
Change the name of the authenticate() method and remove some extra debugging cruft.
diff --git a/src/AuthManager.cpp b/src/AuthManager.cpp
index e5a3e90..d03069c 100644
--- a/src/AuthManager.cpp
+++ b/src/AuthManager.cpp
@@ -354,7 +354,7 @@ boost::shared_ptr<AuthInstance> AuthManager::createAuthInstance(pjsip_rx_data *r
return instance;
}
-bool AuthManager::authenticate(pjsip_rx_data *rdata)
+bool AuthManager::authenticateRequest(pjsip_rx_data *rdata)
{
const std::string fromTag(pj_strbuf(&rdata->msg_info.from->tag),
pj_strlen(&rdata->msg_info.from->tag));
diff --git a/src/AuthManager.h b/src/AuthManager.h
index 54fc98c..1f799ce 100644
--- a/src/AuthManager.h
+++ b/src/AuthManager.h
@@ -129,7 +129,7 @@ public:
* up the extension point for authentication and not to actually
* authenticate, this doesn't actually do anything useful.
*/
- bool authenticate(pjsip_rx_data *rdata);
+ bool authenticateRequest(pjsip_rx_data *rdata);
/**
* Create a new AuthInstance
*
diff --git a/src/PJSipRegistrarModule.cpp b/src/PJSipRegistrarModule.cpp
index 5da604a..b7193c6 100644
--- a/src/PJSipRegistrarModule.cpp
+++ b/src/PJSipRegistrarModule.cpp
@@ -706,7 +706,7 @@ private:
bool PJSipRegistrarModule::checkAuth(pjsip_rx_data *rdata, pjsip_transaction *tsx, RequestType type)
{
//First, let's see if this message has some auth that we know about.
- if (mAuthManager->authenticate(rdata) == true)
+ if (mAuthManager->authenticateRequest(rdata) == true)
{
//Oh yeah! Authentication succeeded!
return false;
diff --git a/src/PJSipSessionModule.cpp b/src/PJSipSessionModule.cpp
index 6321878..4e7afe1 100644
--- a/src/PJSipSessionModule.cpp
+++ b/src/PJSipSessionModule.cpp
@@ -339,7 +339,7 @@ pj_status_t PJSipSessionModule::unload()
bool PJSipSessionModule::checkAuth(pjsip_rx_data *rdata, pjsip_inv_session *inv, RequestInfoPtr& info, RequestType type)
{
//First, let's see if this message has some auth that we know about.
- if (mAuthManager->authenticate(rdata) == true)
+ if (mAuthManager->authenticateRequest(rdata) == true)
{
//Oh yeah! Authentication succeeded!
return false;
@@ -1169,10 +1169,6 @@ protected:
}
}
}
- else if (mRespCode == 401 || mRespCode == 407)
- {
- lg(Notice) << "!!!!!!!!! OH SNAP GOT A 401 or 407 !!!!!!!!";
- }
return Complete;
}
@@ -1228,10 +1224,7 @@ void PJSipSessionModule::handleInviteRejection(pjsip_inv_session* inv,
{
//Aw peas, they be wanting to authenticate, boooooooooiiiiiiiiiii
- //What do we need to do?
- //1. Get the registered hooks...
AuthHookSeq hooks = mAuthManager->getHooks();
- //2. Call out and get authentication information.
for (AuthHookSeq::iterator iter = hooks.begin();
iter != hooks.end(); ++iter)
{
@@ -1262,9 +1255,6 @@ void PJSipSessionModule::handleInviteRejection(pjsip_inv_session* inv,
pjsip_tx_data *tdata;
pjsip_auth_clt_reinit_req(&inv->dlg->auth_sess,
rdata, tsx->last_tx, &tdata);
- //XXX I'm not sure if I need to be adding an SDP offer here since
- //I called pjsip_inv_uac_restart() above...
- //
//XXX The actual sending of the message should probably be done as
//a queued operation.
pjsip_inv_send_msg(inv, tdata);
@@ -1272,15 +1262,6 @@ void PJSipSessionModule::handleInviteRejection(pjsip_inv_session* inv,
return;
}
}
- //
- //to normal
- //4. Send an ACK
- //5. Set credentials on the inv_session
- //6. Re-send the INVITE with credentials.
- //
- //We need to call out to any registered extension points. This will at the
- //very least allow for us to figure out if we can authenticate.
-
}
}
@@ -1512,6 +1493,15 @@ void PJSipSessionModule::invOnNewSession(pjsip_inv_session*, pjsip_event*)
void PJSipSessionModule::invOnTsxStateChanged(pjsip_inv_session *inv, pjsip_transaction *tsx, pjsip_event *e)
{
+ if (tsx->role == PJSIP_ROLE_UAC && tsx->state == PJSIP_TSX_STATE_COMPLETED)
+ {
+ int respCode = e->body.tsx_state.src.rdata->msg_info.msg->line.status.code;
+ if (respCode == 401 || respCode == 407)
+ {
+ //We need to authenticate. This is for non-INVITE transactions.
+ }
... 724 lines suppressed ...
--
asterisk-scf/release/sip.git
More information about the asterisk-scf-commits
mailing list