fix Digest auth for http

16f22638 · jehan · 87a03883 · 16f22638 · 16f22638 · 16f22638
Commit 16f22638 authored Jan 14, 2014 by jehan
Showing with 52 additions and 27 deletions

src/belle_sip_headers_impl.c src/belle_sip_headers_impl.c +19 -10

src/http-provider.c src/http-provider.c +4 -6

tester/belle_http_tester.c tester/belle_http_tester.c +29 -11

No files found.
--- a/src/belle_sip_headers_impl.c
+++ b/src/belle_sip_headers_impl.c
@@ -1005,17 +1005,23 @@ GET_SET_STRING(belle_sip_header_extension,value);
 		error=belle_sip_snprintf(buff,buff_size,offset,"%srealm=\"%s\"",border,header->realm);\
 		if (error!=BELLE_SIP_OK) return error;\
 		border=", ";\
-		}\
+	}\
 	if (header->nonce) {\
 		error=belle_sip_snprintf(buff,buff_size,offset,"%snonce=\"%s\"",border,header->nonce);\
 		if (error!=BELLE_SIP_OK) return error;\
 		border=", ";\
-		}\
+	}\
 	if (header->algorithm) {\
-		error=belle_sip_snprintf(buff,buff_size,offset,"%salgorithm=%s",border,header->algorithm);\
+		const char* format;\
+		if (BELLE_SIP_OBJECT_IS_INSTANCE_OF(header,belle_http_header_authorization_t)) {\
+			format="%salgorithm=\"%s\"";\
+		} else {\
+			format="%salgorithm=%s";\
+		}\
+		error=belle_sip_snprintf(buff,buff_size,offset,format,border,header->algorithm);\
 		if (error!=BELLE_SIP_OK) return error;\
 		border=", ";\
-		}\
+	}\
 	if (header->opaque) {\
 		error=belle_sip_snprintf(buff,buff_size,offset,"%sopaque=\"%s\"",border,header->opaque);\
 		if (error!=BELLE_SIP_OK) return error;\
@@ -1088,11 +1094,7 @@ belle_sip_error_code belle_sip_header_authorization_marshal(belle_sip_header_aut
 		error=belle_sip_snprintf(buff,buff_size,offset,"%s","\"");
 		if (error!=BELLE_SIP_OK) return error;
 	}
-	if (authorization->algorithm) {
-		error=belle_sip_snprintf(buff,buff_size,offset,"%salgorithm=%s",border,authorization->algorithm);
-		if (error!=BELLE_SIP_OK) return error;
-		border=", ";
-	}
+
 	if (authorization->response) {
 		error=belle_sip_snprintf(buff,buff_size,offset,"%sresponse=\"%s\"",border,authorization->response);
 		if (error!=BELLE_SIP_OK) return error;
@@ -1110,7 +1112,13 @@ belle_sip_error_code belle_sip_header_authorization_marshal(belle_sip_header_aut
 		border=", ";
 	}
 	if (authorization->qop) {
-		error=belle_sip_snprintf(buff,buff_size,offset,"%sqop=%s",border,authorization->qop);
+		const char* format;
+		if (BELLE_SIP_OBJECT_IS_INSTANCE_OF(authorization,belle_http_header_authorization_t)) {
+			format="%sqop=\"%s\"";
+		} else {
+			format="%sqop=%s";
+		}
+		error=belle_sip_snprintf(buff,buff_size,offset,format,border,authorization->qop);
 		if (error!=BELLE_SIP_OK) return error;
 	}
 	return error;
@@ -1189,6 +1197,7 @@ static void belle_http_header_authorization_clone(belle_http_header_authorizatio

 belle_sip_error_code belle_http_header_authorization_marshal(belle_http_header_authorization_t* authorization, char* buff, size_t buff_size, size_t *offset) {
 	belle_sip_error_code error=BELLE_SIP_OK;
+
 	/*first make sure there is no sip uri*/
 	if (belle_sip_header_authorization_get_uri(BELLE_SIP_HEADER_AUTHORIZATION(authorization))) {
 		belle_sip_error ("Cannot marshal http_header_authorization because a sip uri is set. Use belle_http_authorization_set uri instead of belle_sip_header_authorization_set_uri");

--- a/src/http-provider.c
+++ b/src/http-provider.c
@@ -78,11 +78,6 @@ static int http_channel_context_handle_authentication(belle_http_channel_context
 		return -1;
 	}

-	if (strcasecmp("MD5",belle_sip_header_www_authenticate_get_algorithm(authenticate)) != 0) {
-		belle_sip_error("Unsupported auth algo [%s] in response  [%p], cannot authenticate", belle_sip_header_www_authenticate_get_algorithm(authenticate),resp);
-		return -1;
-	}
-	
 	/*find if username, passwd were already supplied in original request uri*/
 	if (req->orig_uri){
 		username=belle_generic_uri_get_user(req->orig_uri);
@@ -110,7 +105,10 @@ static int http_channel_context_handle_authentication(belle_http_channel_context
 		req->auth_attempt_count++;

 		authorization = belle_http_auth_helper_create_authorization(authenticate);
-
+		/*select first qop mode*/
+		belle_sip_header_authorization_set_qop(BELLE_SIP_HEADER_AUTHORIZATION(authorization),belle_sip_header_www_authenticate_get_qop_first(authenticate));
+		belle_sip_header_authorization_set_nonce_count(BELLE_SIP_HEADER_AUTHORIZATION(authorization),1); /*we don't store nonce count for now*/
+		belle_sip_header_authorization_set_username(BELLE_SIP_HEADER_AUTHORIZATION(authorization),username);
 		belle_http_header_authorization_set_uri(authorization,belle_http_request_get_uri(req));
 		if (belle_sip_auth_helper_fill_authorization(BELLE_SIP_HEADER_AUTHORIZATION(authorization),belle_http_request_get_method(req),ha1)) {
 			belle_sip_error("Cannot fill auth header for request [%p]",req);

--- a/tester/belle_http_tester.c
+++ b/tester/belle_http_tester.c
@@ -25,6 +25,9 @@
 typedef struct http_counters{
 	int response_count;
 	int io_error_count;
+	int two_hundred;
+	int three_hundred;
+	int four_hundred;
 }http_counters_t;

 static int wait_for(belle_sip_stack_t*s1,int* counter,int value,int timeout) {
@@ -44,7 +47,13 @@ static void process_response(void *data, const belle_http_response_event_t *even
 	if (event->response){
 		int code=belle_http_response_get_status_code(event->response);
 		const char *body=belle_sip_message_get_body(BELLE_SIP_MESSAGE(event->response));
-		CU_ASSERT_EQUAL(code,200);
+		if (code>=200 & code <300)
+			counters->two_hundred++;
+		else if (code>=300 & code <400)
+			counters->three_hundred++;
+		else if (code>=300 & code <400)
+			counters->four_hundred++;
+
 		CU_ASSERT_PTR_NOT_NULL(body);
 	}
 }
@@ -80,9 +89,9 @@ static int http_cleanup(void){
 	return 0;
 }

-static void one_get(const char *url){
+static void one_get(const char *url,http_counters_t* counters){
 	belle_http_request_listener_callbacks_t cbs={0};
-	http_counters_t counters={0};
+
 	belle_http_request_listener_t *l;
 	belle_generic_uri_t *uri;
 	belle_http_request_t *req;
@@ -96,32 +105,41 @@ static void one_get(const char *url){
 	cbs.process_response=process_response;
 	cbs.process_io_error=process_io_error;
 	cbs.process_auth_requested=process_auth_requested;
-	l=belle_http_request_listener_create_from_callbacks(&cbs,&counters);
+	l=belle_http_request_listener_create_from_callbacks(&cbs,counters);
 	belle_http_provider_send_request(prov,req,l);
-	wait_for(stack,&counters.response_count,1,3000);
-	CU_ASSERT_TRUE(counters.response_count==1);
-	CU_ASSERT_TRUE(counters.io_error_count==0);
+	wait_for(stack,&counters->response_count,1,3000);
+
+	CU_ASSERT_TRUE(counters->response_count==1);
+	CU_ASSERT_TRUE(counters->io_error_count==0);
 	
 	belle_sip_object_unref(l);
 }

 static void one_http_get(void){
-	one_get("http://smtp.linphone.org");
+	http_counters_t counters={0};
+	one_get("http://smtp.linphone.org",&counters);
+	CU_ASSERT_EQUAL(counters.two_hundred,1);
 }

 static void one_https_get(void){
-	one_get("https://smtp.linphone.org");
+	http_counters_t counters={0};
+	one_get("https://smtp.linphone.org",&counters);
+	CU_ASSERT_EQUAL(counters.two_hundred,1);
 }

 static void https_digest_get(void){
-	one_get("https://pauline:pouet@smtp.linphone.org/restricted");
+	http_counters_t counters={0};
+	one_get("https://pauline:pouet@smtp.linphone.org/restricted",&counters);
+	CU_ASSERT_EQUAL(counters.three_hundred,1);
 }

 static void https_client_cert_connection(void){
 	belle_tls_verify_policy_t *policy=belle_tls_verify_policy_new();
+	http_counters_t counters={0};
 	belle_tls_verify_policy_set_exceptions(policy,BELLE_TLS_VERIFY_ANY_REASON);/*ignore the server verification because we don't have a true certificate*/
 	belle_http_provider_set_tls_verify_policy(prov,policy);
-	one_get("https://sip2.linphone.org:5063");
+	one_get("https://sip2.linphone.org:5063",&counters);
+	CU_ASSERT_EQUAL(counters.two_hundred,1);
 	belle_tls_verify_policy_set_exceptions(policy,0);
 	belle_sip_object_unref(policy);
 }