Skip to content
GitLab
Explore
Projects
Groups
Topics
Snippets
Projects
Groups
Topics
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
BC
public
belle-sip
Commits
5bb99d54
Commit
5bb99d54
authored
6 months ago
by
Ghislain MARY
Committed by
Simon Morlat
6 months ago
Browse files
Options
Download
Patches
Plain Diff
Check the all the WWW-Authenticate headers when handling authentication in a HTTP channel.
parent
328531ff
master
fix/auth_info_replacement
fix/fixes-from-5.4-march
fix/ios_build_add_libbelle-sip-tester_framework
release/5.4
5.5.0-alpha
5.4.2
5.4.1
5.4.0
5.4.0-beta
1 merge request
!375
Fix/sha256 md5 http
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
src/http-provider.c
+60
-55
src/http-provider.c
tester/belle_http_tester.c
+0
-1
tester/belle_http_tester.c
with
60 additions
and
56 deletions
src/http-provider.c
+
60
−
55
View file @
5bb99d54
...
...
@@ -149,66 +149,71 @@ static int http_channel_context_handle_authentication(belle_http_channel_context
belle_sip_list_copy
(
belle_sip_message_get_headers
(
BELLE_SIP_MESSAGE
(
resp
),
BELLE_SIP_WWW_AUTHENTICATE
));
for
(
it
=
authenticate_lst
;
it
!=
NULL
;
it
=
it
->
next
)
{
authenticate
=
BELLE_SIP_HEADER_WWW_AUTHENTICATE
(
it
->
data
);
const
char
*
requested_algorithm
=
belle_sip_header_www_authenticate_get_algorithm
(
authenticate
);
realm
=
belle_sip_header_www_authenticate_get_realm
(
authenticate
);
belle_sip_message
(
"Processing authenticate header"
);
if
(
strcasecmp
(
"Digest"
,
belle_sip_header_www_authenticate_get_scheme
(
authenticate
))
==
0
)
{
if
(
requested_algorithm
==
NULL
)
{
// default algorithm is MD5
requested_algorithm
=
"MD5"
;
do
{
const
char
*
requested_algorithm
=
belle_sip_header_www_authenticate_get_algorithm
(
authenticate
);
realm
=
belle_sip_header_www_authenticate_get_realm
(
authenticate
);
belle_sip_message
(
"Processing authenticate header"
);
if
(
strcasecmp
(
"Digest"
,
belle_sip_header_www_authenticate_get_scheme
(
authenticate
))
==
0
)
{
if
(
requested_algorithm
==
NULL
)
{
// default algorithm is MD5
requested_algorithm
=
"MD5"
;
}
auth_mode
=
BELLE_SIP_AUTH_MODE_HTTP_DIGEST
;
if
(
belle_sip_stack_check_digest_compatibility
(
ctx
->
provider
->
stack
,
authenticate
)
==
-
1
)
continue
;
}
else
if
(
strcasecmp
(
"Basic"
,
belle_sip_header_www_authenticate_get_scheme
(
authenticate
))
==
0
)
{
auth_mode
=
BELLE_SIP_AUTH_MODE_HTTP_BASIC
;
/* ok, Basic is supported*/
}
else
if
(
strcasecmp
(
"Bearer"
,
belle_sip_header_www_authenticate_get_scheme
(
authenticate
))
==
0
)
{
auth_mode
=
BELLE_SIP_AUTH_MODE_HTTP_BEARER
;
/* ok, Bearer is supported*/
}
else
{
belle_sip_error
(
"Unsupported auth scheme [%s] in response [%p], cannot authenticate"
,
belle_sip_header_www_authenticate_get_scheme
(
authenticate
),
resp
);
belle_sip_list_free
(
authenticate_lst
);
return
-
1
;
}
auth_mode
=
BELLE_SIP_AUTH_MODE_HTTP_DIGEST
;
if
(
belle_sip_stack_check_digest_compatibility
(
ctx
->
provider
->
stack
,
authenticate
)
==
-
1
)
continue
;
}
else
if
(
strcasecmp
(
"Basic"
,
belle_sip_header_www_authenticate_get_scheme
(
authenticate
))
==
0
)
{
auth_mode
=
BELLE_SIP_AUTH_MODE_HTTP_BASIC
;
/* ok, Basic is supported*/
}
else
if
(
strcasecmp
(
"Bearer"
,
belle_sip_header_www_authenticate_get_scheme
(
authenticate
))
==
0
)
{
auth_mode
=
BELLE_SIP_AUTH_MODE_HTTP_BEARER
;
/* ok, Bearer is supported*/
}
else
{
belle_sip_error
(
"Unsupported auth scheme [%s] in response [%p], cannot authenticate"
,
belle_sip_header_www_authenticate_get_scheme
(
authenticate
),
resp
);
belle_sip_list_free
(
authenticate_lst
);
return
-
1
;
}
if
(
header
)
{
belle_sip_header_address_t
*
from_address
=
belle_sip_header_address_parse
(
belle_sip_header_get_unparsed_value
(
header
));
from_uri
=
belle_sip_header_address_get_uri
(
from_address
);
}
else
if
(
username
&&
!
passwd
)
{
from_uri
=
belle_sip_uri_create
(
username
,
realm
);
}
if
(
header
)
{
belle_sip_header_address_t
*
from_address
=
belle_sip_header_address_parse
(
belle_sip_header_get_unparsed_value
(
header
));
from_uri
=
belle_sip_header_address_get_uri
(
from_address
);
}
else
if
(
username
&&
!
passwd
)
{
from_uri
=
belle_sip_uri_create
(
username
,
realm
);
}
if
((
!
username
||
!
passwd
)
&&
!
access_token
)
{
ev
=
belle_sip_auth_event_create
((
belle_sip_object_t
*
)
ctx
->
provider
,
realm
,
from_uri
);
belle_sip_auth_event_set_algorithm
(
ev
,
requested_algorithm
);
ev
->
mode
=
auth_mode
;
if
(
auth_mode
==
BELLE_SIP_AUTH_MODE_HTTP_BEARER
)
{
belle_sip_auth_event_set_authz_server
(
ev
,
belle_sip_header_www_authenticate_get_authz_server
(
authenticate
));
if
((
!
username
||
!
passwd
)
&&
!
access_token
)
{
ev
=
belle_sip_auth_event_create
((
belle_sip_object_t
*
)
ctx
->
provider
,
realm
,
from_uri
);
belle_sip_auth_event_set_algorithm
(
ev
,
requested_algorithm
);
ev
->
mode
=
auth_mode
;
if
(
auth_mode
==
BELLE_SIP_AUTH_MODE_HTTP_BEARER
)
{
belle_sip_auth_event_set_authz_server
(
ev
,
belle_sip_header_www_authenticate_get_authz_server
(
authenticate
));
}
belle_sip_message
(
"Invoking process_auth_requested"
);
BELLE_HTTP_REQUEST_INVOKE_LISTENER
(
req
,
process_auth_requested
,
ev
);
username
=
ev
->
userid
?
ev
->
userid
:
ev
->
username
;
passwd
=
ev
->
passwd
;
ha1
=
ev
->
ha1
;
access_token
=
ev
->
bearer_token
?
belle_sip_bearer_token_get_token
(
ev
->
bearer_token
)
:
NULL
;
algorithm
=
ev
->
algorithm
;
}
belle_sip_message
(
"Invoking process_auth_requested"
);
BELLE_HTTP_REQUEST_INVOKE_LISTENER
(
req
,
process_auth_requested
,
ev
);
username
=
ev
->
userid
?
ev
->
userid
:
ev
->
username
;
passwd
=
ev
->
passwd
;
ha1
=
ev
->
ha1
;
access_token
=
ev
->
bearer_token
?
belle_sip_bearer_token_get_token
(
ev
->
bearer_token
)
:
NULL
;
algorithm
=
ev
->
algorithm
;
}
if
(
auth_mode
==
BELLE_SIP_AUTH_MODE_HTTP_DIGEST
&&
!
ha1
)
{
if
(
username
&&
passwd
)
{
belle_sip_auth_helper_compute_ha1_for_algorithm
(
username
,
realm
,
passwd
,
computed_ha1
,
belle_sip_auth_define_size
(
requested_algorithm
),
requested_algorithm
);
ha1
=
computed_ha1
;
algorithm
=
requested_algorithm
;
break
;
if
(
auth_mode
==
BELLE_SIP_AUTH_MODE_HTTP_DIGEST
)
{
if
(
!
ha1
)
{
if
(
username
&&
passwd
)
{
belle_sip_auth_helper_compute_ha1_for_algorithm
(
username
,
realm
,
passwd
,
computed_ha1
,
belle_sip_auth_define_size
(
requested_algorithm
),
requested_algorithm
);
ha1
=
computed_ha1
;
algorithm
=
requested_algorithm
;
}
}
if
(
ha1
)
break
;
}
}
authenticate
=
BELLE_SIP_HEADER_WWW_AUTHENTICATE
(
belle_sip_header_get_next
(
BELLE_SIP_HEADER
(
authenticate
)));
}
while
(
authenticate
);
}
belle_sip_list_free
(
authenticate_lst
);
...
...
This diff is collapsed.
Click to expand it.
tester/belle_http_tester.c
+
0
−
1
View file @
5bb99d54
...
...
@@ -302,7 +302,6 @@ static void http_sha256_md5_digest_get(void) {
BC_ASSERT_EQUAL
(
counters
.
io_error_count
,
0
,
int
,
"%d"
);
BC_ASSERT_EQUAL
(
counters
.
two_hundred
,
1
,
int
,
"%d"
);
}
sleep
(
3
);
}
static
void
http_basic_auth_get
(
void
)
{
...
...
This diff is collapsed.
Click to expand it.
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
Menu
Explore
Projects
Groups
Topics
Snippets
