[svn-commits] mmichelson: branch mmichelson/pool_shark2 r381570 - in /team/mmichelson/pool_...
SVN commits to the Digium repositories
svn-commits at lists.digium.com
Fri Feb 15 13:14:09 CST 2013
Author: mmichelson
Date: Fri Feb 15 13:14:06 2013
New Revision: 381570
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=381570
Log:
Put authentication at the same point as endpoint identification.
It certainly works, BUT the current configuration means that ALL incoming
SIP requests (aside from ACK and CANCEL) will be challenged.
Modified:
team/mmichelson/pool_shark2/res/res_sip/sip_distributor.c
team/mmichelson/pool_shark2/res/res_sip_session.c
Modified: team/mmichelson/pool_shark2/res/res_sip/sip_distributor.c
URL: http://svnview.digium.com/svn/asterisk/team/mmichelson/pool_shark2/res/res_sip/sip_distributor.c?view=diff&rev=381570&r1=381569&r2=381570
==============================================================================
--- team/mmichelson/pool_shark2/res/res_sip/sip_distributor.c (original)
+++ team/mmichelson/pool_shark2/res/res_sip/sip_distributor.c Fri Feb 15 13:14:06 2013
@@ -50,6 +50,7 @@
pjsip_rx_data *rdata = data;
int is_request = rdata->msg_info.msg->type == PJSIP_REQUEST_MSG;
int is_ack = is_request ? rdata->msg_info.msg->line.req.method.id == PJSIP_ACK_METHOD : 0;
+ int is_cancel = is_request ? rdata->msg_info.msg->line.req.method.id == PJSIP_CANCEL_METHOD : 0;
struct ast_sip_endpoint *endpoint;
endpoint = ast_sip_identify_endpoint(rdata);
@@ -61,14 +62,37 @@
*/
pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 403, NULL, NULL, NULL);
}
- return 0;
+ goto end;
}
rdata->endpt_info.mod_data[cloner_mod.id] = endpoint;
+
+ if (is_request && !is_ack && !is_cancel) {
+ if (ast_sip_requires_authentication(endpoint, rdata)) {
+ pjsip_tx_data *tdata;
+ pjsip_endpt_create_response(ast_sip_get_pjsip_endpoint(), rdata, 401, NULL, &tdata);
+ switch (ast_sip_check_authentication(endpoint, rdata, tdata)) {
+ case AST_SIP_AUTHENTICATION_CHALLENGE:
+ /* Send the 401 we created for them */
+ pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL);
+ goto end;
+ case AST_SIP_AUTHENTICATION_SUCCESS:
+ break;
+ case AST_SIP_AUTHENTICATION_FAILED:
+ pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 403, NULL, NULL, NULL);
+ goto end;
+ case AST_SIP_AUTHENTICATION_ERROR:
+ pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 500, NULL, NULL, NULL);
+ goto end;
+ }
+ }
+ }
pjsip_endpt_process_rx_data(ast_sip_get_pjsip_endpoint(), rdata, ¶m, &handled);
if (!handled) {
/* This will never happen right now due to the Unhandled module */
}
+
+end:
ao2_cleanup(endpoint);
pjsip_rx_data_free_cloned(rdata);
return 0;
Modified: team/mmichelson/pool_shark2/res/res_sip_session.c
URL: http://svnview.digium.com/svn/asterisk/team/mmichelson/pool_shark2/res/res_sip_session.c?view=diff&rev=381570&r1=381569&r2=381570
==============================================================================
--- team/mmichelson/pool_shark2/res/res_sip_session.c (original)
+++ team/mmichelson/pool_shark2/res/res_sip_session.c Fri Feb 15 13:14:06 2013
@@ -770,26 +770,6 @@
* it ourselves. When the session dies, so will the serializer.
*/
destroy_serializer = 0;
-
- if (ast_sip_requires_authentication(endpoint, rdata)) {
- pjsip_inv_initial_answer(inv_session, rdata, 401, NULL, NULL, &tdata);
- switch (ast_sip_check_authentication(endpoint, rdata, tdata)) {
- case AST_SIP_AUTHENTICATION_CHALLENGE:
- /* Send the 401 we created for them */
- pjsip_inv_send_msg(inv_session, tdata);
- goto end;
- case AST_SIP_AUTHENTICATION_SUCCESS:
- break;
- case AST_SIP_AUTHENTICATION_FAILED:
- pjsip_inv_answer(inv_session, 403, NULL, NULL, &tdata);
- pjsip_inv_send_msg(inv_session, tdata);
- goto end;
- case AST_SIP_AUTHENTICATION_ERROR:
- pjsip_inv_answer(inv_session, 500, NULL, NULL, &tdata);
- pjsip_inv_send_msg(inv_session, tdata);
- goto end;
- }
- }
switch (get_destination(session, rdata)) {
case SIP_GET_DEST_EXTEN_FOUND:
More information about the svn-commits
mailing list