[svn-commits] mmichelson: branch mmichelson/authenticate r381057 - /team/mmichelson/authent...

[SVN commits to the Digium repositories]

Author: mmichelson
Date: Thu Feb  7 14:13:08 2013
New Revision: 381057

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=381057
Log:
Add scheduler usage to authentication.

Now authentication challenges will be deleted if there is no
verification within a time limit (set at 32 seconds currently).

Those of you who are extra observant may notice that I don't save
a scheduler ID anywhere, nor do I delete scheduler entries at any
point. This is done for two reasons:

1) Storage of the scheduler IDs would be a bit iffy. We'd have to
have a container that correlated scheduler IDs with response IDs. That
way, given a response ID, we could look up the scheduler ID to delete.

2) There would be a memory leak. The data passed into the scheduler for
callbacks is a malloced int pointer. There's no way to free that memory
unless the scheduler callback is called. So even if there's no real
need for the scheduler callback to be called, we still call it just
so we can delete the scheduler data.


Modified:
    team/mmichelson/authenticate/res/res_sip_authenticator_digest.c

Modified: team/mmichelson/authenticate/res/res_sip_authenticator_digest.c
URL: http://svnview.digium.com/svn/asterisk/team/mmichelson/authenticate/res/res_sip_authenticator_digest.c?view=diff&rev=381057&r1=381056&r2=381057
==============================================================================
--- team/mmichelson/authenticate/res/res_sip_authenticator_digest.c (original)
+++ team/mmichelson/authenticate/res/res_sip_authenticator_digest.c Thu Feb  7 14:13:08 2013
@@ -24,6 +24,7 @@
 #include "asterisk/res_sip.h"
 #include "asterisk/logger.h"
 #include "asterisk/module.h"
+#include "asterisk/sched.h"
 
 /*** MODULEINFO
 	<depend>res_sip</depend>
@@ -31,6 +32,9 @@
  ***/
 
 #define CHALLENGE_BUCKETS 83
+#define AUTH_TIMEOUT 32000
+
+struct ast_sched_context *auth_sched;
 
 static pj_status_t digest_lookup(pj_pool_t *pool, const pj_str_t *realm,
 		const pj_str_t *acc_name, pjsip_cred_info *info);
@@ -105,6 +109,14 @@
 static void remove_challenges(int response_id)
 {
 	ao2_callback(challenges, OBJ_MULTIPLE | OBJ_UNLINK | OBJ_NODATA, match_response_id, &response_id);
+}
+
+static int auth_timeout(const void *data)
+{
+	const int *response_id = data;
+	remove_challenges(*response_id);
+	ast_free((int *) response_id);
+	return 0;
 }
 
 /*!
@@ -364,7 +376,7 @@
 		pjsip_rx_data *rdata, pjsip_tx_data *tdata)
 {
 	struct ast_sip_auth *auth;
-	int response_id;
+	int *response_id;
 
 	auth = ao2_callback_data(endpoint->sip_auths, 0, verify, rdata, tdata->pool);
 	if (auth) {
@@ -372,8 +384,12 @@
 		return AST_SIP_AUTHENTICATION_SUCCESS;
 	}
 	
-	response_id = ast_atomic_fetchadd_int(&response_id_counter, +1);
-	ao2_callback_data(endpoint->sip_auths, 0, challenge, tdata, &response_id);
+	response_id = ast_malloc(sizeof(*response_id));
+	*response_id = ast_atomic_fetchadd_int(&response_id_counter, +1);
+	ao2_callback_data(endpoint->sip_auths, 0, challenge, tdata, response_id);
+	if (ast_sched_add(auth_sched, AUTH_TIMEOUT, auth_timeout, response_id) == -1) {
+		return AST_SIP_AUTHENTICATION_ERROR;
+	}
 	return AST_SIP_AUTHENTICATION_CHALLENGE;
 }
 
@@ -384,12 +400,22 @@
 
 static int load_module(void)
 {
+	auth_sched = ast_sched_context_create();
+	if (!auth_sched) {
+		return AST_MODULE_LOAD_DECLINE;
+	}
+	if (ast_sched_start_thread(auth_sched)) {
+		ast_sched_context_destroy(auth_sched);
+		return AST_MODULE_LOAD_DECLINE;
+	}
 	challenges = ao2_container_alloc(CHALLENGE_BUCKETS, challenge_hash, challenge_cmp);
 	if (!challenges) {
+		ast_sched_context_destroy(auth_sched);
 		return AST_MODULE_LOAD_DECLINE;
 	}
 	if (ast_sip_register_authenticator(&digest_authenticator)) {
 		ao2_cleanup(challenges);
+		ast_sched_context_destroy(auth_sched);
 		return AST_MODULE_LOAD_DECLINE;
 	}
 	return AST_MODULE_LOAD_SUCCESS;
@@ -399,6 +425,7 @@
 {
 	ao2_cleanup(challenges);
 	ast_sip_unregister_authenticator(&digest_authenticator);
+	ast_sched_context_destroy(auth_sched);
 	return 0;
 }