Changeset 4214

Timestamp:

Jul 25, 2012 2:29:28 PM (12 years ago)

Author:

nanang

Message:

Close #1561: Added new user credentials lookup callback that also passes 'pjsip_rx_data'.

Location:

pjproject/trunk/pjsip

Files:

• include/pjsip/sip_auth.h (modified) (3 diffs)
• src/pjsip/sip_auth_server.c (modified) (2 diffs)

pjproject/trunk/pjsip/include/pjsip/sip_auth.h

@@ -276 +276 @@
                                             pjsip_cred_info *cred_info );
 
+
+/**
+ * This structure describes input param for credential lookup.
+ */
+typedef struct pjsip_auth_lookup_cred_param
+{
+    pj_str_t realm;         /**< Realm to find the account.             */
+    pj_str_t acc_name;      /**< Account name to look for.              */
+    pjsip_rx_data *rdata;   /**< Incoming request to be authenticated.  */
+
+} pjsip_auth_lookup_cred_param;
+
+
+/**
+ * Type of function to lookup credential for the specified name.
+ *
+ * @param pool          Pool to initialize the credential info.
+ * @param param         The input param for credential lookup.
+ * @param cred_info     The structure to put the credential when it's found.
+ *
+ * @return              The function MUST return PJ_SUCCESS when it found
+ *                      a correct credential for the specified account and
+ *                      realm. Otherwise it may return PJSIP_EAUTHACCNOTFOUND
+ *                      or PJSIP_EAUTHACCDISABLED.
+ */
+typedef pj_status_t pjsip_auth_lookup_cred2(
+                                pj_pool_t *pool,
+                                const pjsip_auth_lookup_cred_param *param,
+                                pjsip_cred_info *cred_info );
+
+
 /** Flag to specify that server is a proxy. */
 #define PJSIP_AUTH_SRV_IS_PROXY     1
@@ -287 +318 @@
     pj_bool_t                is_proxy;  /**< Will issue 407 instead of 401  */
     pjsip_auth_lookup_cred  *lookup;    /**< Lookup function.               */
-
+    pjsip_auth_lookup_cred2 *lookup2;   /**< Lookup function with additional
+                                             info in its input param.       */
 } pjsip_auth_srv;
 
@@ -433 +465 @@
                                           unsigned options );
 
+
+/**
+ * This structure describes initialization settings of server authorization
+ * session.
+ */
+typedef struct pjsip_auth_srv_init_param
+{
+    /**
+     * Realm to be served by the server.
+     */
+    const pj_str_t              *realm;
+
+    /**
+     * Account lookup function.
+     */
+    pjsip_auth_lookup_cred2     *lookup2;
+
+    /**
+     * Options, bitmask of:
+     * - PJSIP_AUTH_SRV_IS_PROXY: to specify that the server will authorize
+     *   clients as a proxy server (instead of as UAS), which means that
+     *   Proxy-Authenticate will be used instead of WWW-Authenticate.
+     */
+    unsigned                     options;
+
+} pjsip_auth_srv_init_param;
+
+
+/**
+ * Initialize server authorization session data structure to serve the 
+ * specified realm and to use lookup_func function to look for the credential
+ * info. 
+ *
+ * @param pool          Pool used to initialize the authentication server.
+ * @param auth_srv      The authentication server structure.
+ * @param param         The initialization param.
+ *
+ * @return              PJ_SUCCESS on success.
+ */
+PJ_DECL(pj_status_t) pjsip_auth_srv_init2(
+                                    pj_pool_t *pool,
+                                    pjsip_auth_srv *auth_srv,
+                                    const pjsip_auth_srv_init_param *param);
 
 /**

pjproject/trunk/pjsip/src/pjsip/sip_auth_server.c

@@ -41 +41 @@
     PJ_ASSERT_RETURN(pool && auth_srv && realm && lookup, PJ_EINVAL);
 
+    pj_bzero(auth_srv, sizeof(*auth_srv));
     pj_strdup( pool, &auth_srv->realm, realm);
     auth_srv->lookup = lookup;
     auth_srv->is_proxy = (options & PJSIP_AUTH_SRV_IS_PROXY);
+
+    return PJ_SUCCESS;
+}
+
+/*
+ * Initialize server authorization session data structure to serve the 
+ * specified realm and to use lookup_func function to look for the credential 
+ * info. 
+ */
+PJ_DEF(pj_status_t) pjsip_auth_srv_init2(
+                                    pj_pool_t *pool,
+                                    pjsip_auth_srv *auth_srv,
+                                    const pjsip_auth_srv_init_param *param)
+{
+    PJ_ASSERT_RETURN(pool && auth_srv && param, PJ_EINVAL);
+
+    pj_bzero(auth_srv, sizeof(*auth_srv));
+    pj_strdup( pool, &auth_srv->realm, param->realm);
+    auth_srv->lookup2 = param->lookup2;
+    auth_srv->is_proxy = (param->options & PJSIP_AUTH_SRV_IS_PROXY);
 
     return PJ_SUCCESS;
@@ -149 +170 @@
 
     /* Find the credential information for the account. */
-    status = (*auth_srv->lookup)(rdata->tp_info.pool, &auth_srv->realm,
-                                 &acc_name, &cred_info);
-    if (status != PJ_SUCCESS) {
-        *status_code = PJSIP_SC_FORBIDDEN;
-        return status;
+    if (auth_srv->lookup2) {
+        pjsip_auth_lookup_cred_param param;
+
+        pj_bzero(&param, sizeof(param));
+        param.realm = auth_srv->realm;
+        param.acc_name = acc_name;
+        param.rdata = rdata;
+        status = (*auth_srv->lookup2)(rdata->tp_info.pool, &param, &cred_info);
+        if (status != PJ_SUCCESS) {
+            *status_code = PJSIP_SC_FORBIDDEN;
+            return status;
+        }
+    } else {
+        status = (*auth_srv->lookup)(rdata->tp_info.pool, &auth_srv->realm,
+                                     &acc_name, &cred_info);
+        if (status != PJ_SUCCESS) {
+            *status_code = PJSIP_SC_FORBIDDEN;
+            return status;
+        }
     }