Commit 16f22638 authored by jehan's avatar jehan
Browse files

fix Digest auth for http

parent 87a03883
...@@ -1005,17 +1005,23 @@ GET_SET_STRING(belle_sip_header_extension,value); ...@@ -1005,17 +1005,23 @@ GET_SET_STRING(belle_sip_header_extension,value);
error=belle_sip_snprintf(buff,buff_size,offset,"%srealm=\"%s\"",border,header->realm);\ error=belle_sip_snprintf(buff,buff_size,offset,"%srealm=\"%s\"",border,header->realm);\
if (error!=BELLE_SIP_OK) return error;\ if (error!=BELLE_SIP_OK) return error;\
border=", ";\ border=", ";\
}\ }\
if (header->nonce) {\ if (header->nonce) {\
error=belle_sip_snprintf(buff,buff_size,offset,"%snonce=\"%s\"",border,header->nonce);\ error=belle_sip_snprintf(buff,buff_size,offset,"%snonce=\"%s\"",border,header->nonce);\
if (error!=BELLE_SIP_OK) return error;\ if (error!=BELLE_SIP_OK) return error;\
border=", ";\ border=", ";\
}\ }\
if (header->algorithm) {\ if (header->algorithm) {\
error=belle_sip_snprintf(buff,buff_size,offset,"%salgorithm=%s",border,header->algorithm);\ const char* format;\
if (BELLE_SIP_OBJECT_IS_INSTANCE_OF(header,belle_http_header_authorization_t)) {\
format="%salgorithm=\"%s\"";\
} else {\
format="%salgorithm=%s";\
}\
error=belle_sip_snprintf(buff,buff_size,offset,format,border,header->algorithm);\
if (error!=BELLE_SIP_OK) return error;\ if (error!=BELLE_SIP_OK) return error;\
border=", ";\ border=", ";\
}\ }\
if (header->opaque) {\ if (header->opaque) {\
error=belle_sip_snprintf(buff,buff_size,offset,"%sopaque=\"%s\"",border,header->opaque);\ error=belle_sip_snprintf(buff,buff_size,offset,"%sopaque=\"%s\"",border,header->opaque);\
if (error!=BELLE_SIP_OK) return error;\ if (error!=BELLE_SIP_OK) return error;\
...@@ -1088,11 +1094,7 @@ belle_sip_error_code belle_sip_header_authorization_marshal(belle_sip_header_aut ...@@ -1088,11 +1094,7 @@ belle_sip_error_code belle_sip_header_authorization_marshal(belle_sip_header_aut
error=belle_sip_snprintf(buff,buff_size,offset,"%s","\""); error=belle_sip_snprintf(buff,buff_size,offset,"%s","\"");
if (error!=BELLE_SIP_OK) return error; if (error!=BELLE_SIP_OK) return error;
} }
if (authorization->algorithm) {
error=belle_sip_snprintf(buff,buff_size,offset,"%salgorithm=%s",border,authorization->algorithm);
if (error!=BELLE_SIP_OK) return error;
border=", ";
}
if (authorization->response) { if (authorization->response) {
error=belle_sip_snprintf(buff,buff_size,offset,"%sresponse=\"%s\"",border,authorization->response); error=belle_sip_snprintf(buff,buff_size,offset,"%sresponse=\"%s\"",border,authorization->response);
if (error!=BELLE_SIP_OK) return error; if (error!=BELLE_SIP_OK) return error;
...@@ -1110,7 +1112,13 @@ belle_sip_error_code belle_sip_header_authorization_marshal(belle_sip_header_aut ...@@ -1110,7 +1112,13 @@ belle_sip_error_code belle_sip_header_authorization_marshal(belle_sip_header_aut
border=", "; border=", ";
} }
if (authorization->qop) { if (authorization->qop) {
error=belle_sip_snprintf(buff,buff_size,offset,"%sqop=%s",border,authorization->qop); const char* format;
if (BELLE_SIP_OBJECT_IS_INSTANCE_OF(authorization,belle_http_header_authorization_t)) {
format="%sqop=\"%s\"";
} else {
format="%sqop=%s";
}
error=belle_sip_snprintf(buff,buff_size,offset,format,border,authorization->qop);
if (error!=BELLE_SIP_OK) return error; if (error!=BELLE_SIP_OK) return error;
} }
return error; return error;
...@@ -1189,6 +1197,7 @@ static void belle_http_header_authorization_clone(belle_http_header_authorizatio ...@@ -1189,6 +1197,7 @@ static void belle_http_header_authorization_clone(belle_http_header_authorizatio
belle_sip_error_code belle_http_header_authorization_marshal(belle_http_header_authorization_t* authorization, char* buff, size_t buff_size, size_t *offset) { belle_sip_error_code belle_http_header_authorization_marshal(belle_http_header_authorization_t* authorization, char* buff, size_t buff_size, size_t *offset) {
belle_sip_error_code error=BELLE_SIP_OK; belle_sip_error_code error=BELLE_SIP_OK;
/*first make sure there is no sip uri*/ /*first make sure there is no sip uri*/
if (belle_sip_header_authorization_get_uri(BELLE_SIP_HEADER_AUTHORIZATION(authorization))) { if (belle_sip_header_authorization_get_uri(BELLE_SIP_HEADER_AUTHORIZATION(authorization))) {
belle_sip_error ("Cannot marshal http_header_authorization because a sip uri is set. Use belle_http_authorization_set uri instead of belle_sip_header_authorization_set_uri"); belle_sip_error ("Cannot marshal http_header_authorization because a sip uri is set. Use belle_http_authorization_set uri instead of belle_sip_header_authorization_set_uri");
......
...@@ -78,11 +78,6 @@ static int http_channel_context_handle_authentication(belle_http_channel_context ...@@ -78,11 +78,6 @@ static int http_channel_context_handle_authentication(belle_http_channel_context
return -1; return -1;
} }
if (strcasecmp("MD5",belle_sip_header_www_authenticate_get_algorithm(authenticate)) != 0) {
belle_sip_error("Unsupported auth algo [%s] in response [%p], cannot authenticate", belle_sip_header_www_authenticate_get_algorithm(authenticate),resp);
return -1;
}
/*find if username, passwd were already supplied in original request uri*/ /*find if username, passwd were already supplied in original request uri*/
if (req->orig_uri){ if (req->orig_uri){
username=belle_generic_uri_get_user(req->orig_uri); username=belle_generic_uri_get_user(req->orig_uri);
...@@ -110,7 +105,10 @@ static int http_channel_context_handle_authentication(belle_http_channel_context ...@@ -110,7 +105,10 @@ static int http_channel_context_handle_authentication(belle_http_channel_context
req->auth_attempt_count++; req->auth_attempt_count++;
authorization = belle_http_auth_helper_create_authorization(authenticate); authorization = belle_http_auth_helper_create_authorization(authenticate);
/*select first qop mode*/
belle_sip_header_authorization_set_qop(BELLE_SIP_HEADER_AUTHORIZATION(authorization),belle_sip_header_www_authenticate_get_qop_first(authenticate));
belle_sip_header_authorization_set_nonce_count(BELLE_SIP_HEADER_AUTHORIZATION(authorization),1); /*we don't store nonce count for now*/
belle_sip_header_authorization_set_username(BELLE_SIP_HEADER_AUTHORIZATION(authorization),username);
belle_http_header_authorization_set_uri(authorization,belle_http_request_get_uri(req)); belle_http_header_authorization_set_uri(authorization,belle_http_request_get_uri(req));
if (belle_sip_auth_helper_fill_authorization(BELLE_SIP_HEADER_AUTHORIZATION(authorization),belle_http_request_get_method(req),ha1)) { if (belle_sip_auth_helper_fill_authorization(BELLE_SIP_HEADER_AUTHORIZATION(authorization),belle_http_request_get_method(req),ha1)) {
belle_sip_error("Cannot fill auth header for request [%p]",req); belle_sip_error("Cannot fill auth header for request [%p]",req);
......
...@@ -25,6 +25,9 @@ ...@@ -25,6 +25,9 @@
typedef struct http_counters{ typedef struct http_counters{
int response_count; int response_count;
int io_error_count; int io_error_count;
int two_hundred;
int three_hundred;
int four_hundred;
}http_counters_t; }http_counters_t;
static int wait_for(belle_sip_stack_t*s1,int* counter,int value,int timeout) { static int wait_for(belle_sip_stack_t*s1,int* counter,int value,int timeout) {
...@@ -44,7 +47,13 @@ static void process_response(void *data, const belle_http_response_event_t *even ...@@ -44,7 +47,13 @@ static void process_response(void *data, const belle_http_response_event_t *even
if (event->response){ if (event->response){
int code=belle_http_response_get_status_code(event->response); int code=belle_http_response_get_status_code(event->response);
const char *body=belle_sip_message_get_body(BELLE_SIP_MESSAGE(event->response)); const char *body=belle_sip_message_get_body(BELLE_SIP_MESSAGE(event->response));
CU_ASSERT_EQUAL(code,200); if (code>=200 & code <300)
counters->two_hundred++;
else if (code>=300 & code <400)
counters->three_hundred++;
else if (code>=300 & code <400)
counters->four_hundred++;
CU_ASSERT_PTR_NOT_NULL(body); CU_ASSERT_PTR_NOT_NULL(body);
} }
} }
...@@ -80,9 +89,9 @@ static int http_cleanup(void){ ...@@ -80,9 +89,9 @@ static int http_cleanup(void){
return 0; return 0;
} }
static void one_get(const char *url){ static void one_get(const char *url,http_counters_t* counters){
belle_http_request_listener_callbacks_t cbs={0}; belle_http_request_listener_callbacks_t cbs={0};
http_counters_t counters={0};
belle_http_request_listener_t *l; belle_http_request_listener_t *l;
belle_generic_uri_t *uri; belle_generic_uri_t *uri;
belle_http_request_t *req; belle_http_request_t *req;
...@@ -96,32 +105,41 @@ static void one_get(const char *url){ ...@@ -96,32 +105,41 @@ static void one_get(const char *url){
cbs.process_response=process_response; cbs.process_response=process_response;
cbs.process_io_error=process_io_error; cbs.process_io_error=process_io_error;
cbs.process_auth_requested=process_auth_requested; cbs.process_auth_requested=process_auth_requested;
l=belle_http_request_listener_create_from_callbacks(&cbs,&counters); l=belle_http_request_listener_create_from_callbacks(&cbs,counters);
belle_http_provider_send_request(prov,req,l); belle_http_provider_send_request(prov,req,l);
wait_for(stack,&counters.response_count,1,3000); wait_for(stack,&counters->response_count,1,3000);
CU_ASSERT_TRUE(counters.response_count==1);
CU_ASSERT_TRUE(counters.io_error_count==0); CU_ASSERT_TRUE(counters->response_count==1);
CU_ASSERT_TRUE(counters->io_error_count==0);
belle_sip_object_unref(l); belle_sip_object_unref(l);
} }
static void one_http_get(void){ static void one_http_get(void){
one_get("http://smtp.linphone.org"); http_counters_t counters={0};
one_get("http://smtp.linphone.org",&counters);
CU_ASSERT_EQUAL(counters.two_hundred,1);
} }
static void one_https_get(void){ static void one_https_get(void){
one_get("https://smtp.linphone.org"); http_counters_t counters={0};
one_get("https://smtp.linphone.org",&counters);
CU_ASSERT_EQUAL(counters.two_hundred,1);
} }
static void https_digest_get(void){ static void https_digest_get(void){
one_get("https://pauline:pouet@smtp.linphone.org/restricted"); http_counters_t counters={0};
one_get("https://pauline:pouet@smtp.linphone.org/restricted",&counters);
CU_ASSERT_EQUAL(counters.three_hundred,1);
} }
static void https_client_cert_connection(void){ static void https_client_cert_connection(void){
belle_tls_verify_policy_t *policy=belle_tls_verify_policy_new(); belle_tls_verify_policy_t *policy=belle_tls_verify_policy_new();
http_counters_t counters={0};
belle_tls_verify_policy_set_exceptions(policy,BELLE_TLS_VERIFY_ANY_REASON);/*ignore the server verification because we don't have a true certificate*/ belle_tls_verify_policy_set_exceptions(policy,BELLE_TLS_VERIFY_ANY_REASON);/*ignore the server verification because we don't have a true certificate*/
belle_http_provider_set_tls_verify_policy(prov,policy); belle_http_provider_set_tls_verify_policy(prov,policy);
one_get("https://sip2.linphone.org:5063"); one_get("https://sip2.linphone.org:5063",&counters);
CU_ASSERT_EQUAL(counters.two_hundred,1);
belle_tls_verify_policy_set_exceptions(policy,0); belle_tls_verify_policy_set_exceptions(policy,0);
belle_sip_object_unref(policy); belle_sip_object_unref(policy);
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment