Commit f575f94b authored by Sylvain Berfini's avatar Sylvain Berfini 🎩

Added methods to set TLS certificate/key on LinphoneAuthInfo + updated auth_info_requested callback

parent 9aa49cdc
...@@ -109,7 +109,7 @@ static char **linephonec_readline_completion(const char *text, ...@@ -109,7 +109,7 @@ static char **linephonec_readline_completion(const char *text,
#endif #endif
/* These are callback for linphone core */ /* These are callback for linphone core */
static void linphonec_prompt_for_auth(LinphoneCore *lc, const char *realm, const char *username, const char *domain); static void linphonec_prompt_for_auth(LinphoneCore *lc, const char *realm, const char *username, const char *domain, LinphoneAuthMethod method);
static void linphonec_display_refer (LinphoneCore * lc, const char *refer_to); static void linphonec_display_refer (LinphoneCore * lc, const char *refer_to);
static void linphonec_display_something (LinphoneCore * lc, const char *something); static void linphonec_display_something (LinphoneCore * lc, const char *something);
static void linphonec_display_url (LinphoneCore * lc, const char *something, const char *url); static void linphonec_display_url (LinphoneCore * lc, const char *something, const char *url);
...@@ -249,7 +249,7 @@ linphonec_display_url (LinphoneCore * lc, const char *something, const char *url ...@@ -249,7 +249,7 @@ linphonec_display_url (LinphoneCore * lc, const char *something, const char *url
* Linphone core callback * Linphone core callback
*/ */
static void static void
linphonec_prompt_for_auth(LinphoneCore *lc, const char *realm, const char *username, const char *domain) linphonec_prompt_for_auth(LinphoneCore *lc, const char *realm, const char *username, const char *domain, LinphoneAuthMethod method)
{ {
/* no prompt possible when using pipes or tcp mode*/ /* no prompt possible when using pipes or tcp mode*/
if (unix_socket){ if (unix_socket){
......
...@@ -44,161 +44,226 @@ LinphoneAuthInfo *linphone_auth_info_new(const char *username, const char *useri ...@@ -44,161 +44,226 @@ LinphoneAuthInfo *linphone_auth_info_new(const char *username, const char *useri
LinphoneAuthInfo *linphone_auth_info_clone(const LinphoneAuthInfo *ai){ LinphoneAuthInfo *linphone_auth_info_clone(const LinphoneAuthInfo *ai){
LinphoneAuthInfo *obj=ms_new0(LinphoneAuthInfo,1); LinphoneAuthInfo *obj=ms_new0(LinphoneAuthInfo,1);
if (ai->username) obj->username=ms_strdup(ai->username); if (ai->username) obj->username = ms_strdup(ai->username);
if (ai->userid) obj->userid=ms_strdup(ai->userid); if (ai->userid) obj->userid = ms_strdup(ai->userid);
if (ai->passwd) obj->passwd=ms_strdup(ai->passwd); if (ai->passwd) obj->passwd = ms_strdup(ai->passwd);
if (ai->ha1) obj->ha1=ms_strdup(ai->ha1); if (ai->ha1) obj->ha1 = ms_strdup(ai->ha1);
if (ai->realm) obj->realm=ms_strdup(ai->realm); if (ai->realm) obj->realm = ms_strdup(ai->realm);
if (ai->domain) obj->domain=ms_strdup(ai->domain); if (ai->domain) obj->domain = ms_strdup(ai->domain);
if (ai->tls_cert) obj->domain = ms_strdup(ai->tls_cert);
if (ai->tls_key) obj->domain = ms_strdup(ai->tls_key);
if (ai->tls_cert_path) obj->domain = ms_strdup(ai->tls_cert_path);
if (ai->tls_key_path) obj->domain = ms_strdup(ai->tls_key_path);
return obj; return obj;
} }
const char *linphone_auth_info_get_username(const LinphoneAuthInfo *i){ const char *linphone_auth_info_get_username(const LinphoneAuthInfo *i) {
return i->username; return i->username;
} }
const char *linphone_auth_info_get_passwd(const LinphoneAuthInfo *i){ const char *linphone_auth_info_get_passwd(const LinphoneAuthInfo *i) {
return i->passwd; return i->passwd;
} }
const char *linphone_auth_info_get_userid(const LinphoneAuthInfo *i){ const char *linphone_auth_info_get_userid(const LinphoneAuthInfo *i) {
return i->userid; return i->userid;
} }
const char *linphone_auth_info_get_realm(const LinphoneAuthInfo *i){ const char *linphone_auth_info_get_realm(const LinphoneAuthInfo *i) {
return i->realm; return i->realm;
} }
const char *linphone_auth_info_get_domain(const LinphoneAuthInfo *i){ const char *linphone_auth_info_get_domain(const LinphoneAuthInfo *i) {
return i->domain; return i->domain;
} }
const char *linphone_auth_info_get_ha1(const LinphoneAuthInfo *i){ const char *linphone_auth_info_get_ha1(const LinphoneAuthInfo *i) {
return i->ha1; return i->ha1;
} }
void linphone_auth_info_set_passwd(LinphoneAuthInfo *info, const char *passwd){ const char *linphone_auth_info_get_tls_cert(const LinphoneAuthInfo *i) {
if (info->passwd!=NULL) { return i->tls_cert;
}
const char *linphone_auth_info_get_tls_key(const LinphoneAuthInfo *i) {
return i->tls_key;
}
const char *linphone_auth_info_get_tls_cert_path(const LinphoneAuthInfo *i) {
return i->tls_cert_path;
}
const char *linphone_auth_info_get_tls_key_path(const LinphoneAuthInfo *i) {
return i->tls_key_path;
}
void linphone_auth_info_set_passwd(LinphoneAuthInfo *info, const char *passwd) {
if (info->passwd) {
ms_free(info->passwd); ms_free(info->passwd);
info->passwd=NULL; info->passwd = NULL;
} }
if (passwd!=NULL && (strlen(passwd)>0)) info->passwd=ms_strdup(passwd); if (passwd && strlen(passwd) > 0) info->passwd = ms_strdup(passwd);
} }
void linphone_auth_info_set_username(LinphoneAuthInfo *info, const char *username){ void linphone_auth_info_set_username(LinphoneAuthInfo *info, const char *username) {
if (info->username){ if (info->username) {
ms_free(info->username); ms_free(info->username);
info->username=NULL; info->username = NULL;
} }
if (username && strlen(username)>0) info->username=ms_strdup(username); if (username && strlen(username) > 0) info->username = ms_strdup(username);
} }
void linphone_auth_info_set_userid(LinphoneAuthInfo *info, const char *userid){ void linphone_auth_info_set_userid(LinphoneAuthInfo *info, const char *userid) {
if (info->userid){ if (info->userid) {
ms_free(info->userid); ms_free(info->userid);
info->userid=NULL; info->userid = NULL;
} }
if (userid && strlen(userid)>0) info->userid=ms_strdup(userid); if (userid && strlen(userid) > 0) info->userid = ms_strdup(userid);
} }
void linphone_auth_info_set_realm(LinphoneAuthInfo *info, const char *realm){ void linphone_auth_info_set_realm(LinphoneAuthInfo *info, const char *realm) {
if (info->realm){ if (info->realm) {
ms_free(info->realm); ms_free(info->realm);
info->realm=NULL; info->realm = NULL;
} }
if (realm && strlen(realm)>0) info->realm=ms_strdup(realm); if (realm && strlen(realm) > 0) info->realm = ms_strdup(realm);
} }
void linphone_auth_info_set_domain(LinphoneAuthInfo *info, const char *domain){ void linphone_auth_info_set_domain(LinphoneAuthInfo *info, const char *domain) {
if (info->domain){ if (info->domain) {
ms_free(info->domain); ms_free(info->domain);
info->domain=NULL; info->domain = NULL;
} }
if (domain && strlen(domain)>0) info->domain=ms_strdup(domain); if (domain && strlen(domain) > 0) info->domain = ms_strdup(domain);
} }
void linphone_auth_info_set_ha1(LinphoneAuthInfo *info, const char *ha1){ void linphone_auth_info_set_ha1(LinphoneAuthInfo *info, const char *ha1) {
if (info->ha1){ if (info->ha1) {
ms_free(info->ha1); ms_free(info->ha1);
info->ha1=NULL; info->ha1 = NULL;
}
if (ha1 && strlen(ha1) > 0) info->ha1 = ms_strdup(ha1);
}
void linphone_auth_info_set_tls_cert(LinphoneAuthInfo *info, const char *tls_cert) {
if (info->tls_cert) {
ms_free(info->tls_cert);
info->tls_cert = NULL;
}
if (tls_cert && strlen(tls_cert) > 0) info->tls_cert = ms_strdup(tls_cert);
}
void linphone_auth_info_set_tls_key(LinphoneAuthInfo *info, const char *tls_key) {
if (info->tls_key) {
ms_free(info->tls_key);
info->tls_key = NULL;
} }
if (ha1 && strlen(ha1)>0) info->ha1=ms_strdup(ha1); if (tls_key && strlen(tls_key) > 0) info->tls_key = ms_strdup(tls_key);
}
void linphone_auth_info_set_tls_cert_path(LinphoneAuthInfo *info, const char *tls_cert_path) {
if (info->tls_cert_path) {
ms_free(info->tls_cert_path);
info->tls_cert_path = NULL;
}
if (tls_cert_path && strlen(tls_cert_path) > 0) info->tls_cert_path = ms_strdup(tls_cert_path);
}
void linphone_auth_info_set_tls_key_path(LinphoneAuthInfo *info, const char *tls_key_path) {
if (info->tls_key_path) {
ms_free(info->tls_key_path);
info->tls_key_path = NULL;
}
if (tls_key_path && strlen(tls_key_path) > 0) info->tls_key_path = ms_strdup(tls_key_path);
} }
/** /**
* Destroys a LinphoneAuthInfo object. * Destroys a LinphoneAuthInfo object.
**/ **/
void linphone_auth_info_destroy(LinphoneAuthInfo *obj){ void linphone_auth_info_destroy(LinphoneAuthInfo *obj){
if (obj->username!=NULL) ms_free(obj->username); if (obj->username != NULL) ms_free(obj->username);
if (obj->userid!=NULL) ms_free(obj->userid); if (obj->userid != NULL) ms_free(obj->userid);
if (obj->passwd!=NULL) ms_free(obj->passwd); if (obj->passwd != NULL) ms_free(obj->passwd);
if (obj->ha1!=NULL) ms_free(obj->ha1); if (obj->ha1 != NULL) ms_free(obj->ha1);
if (obj->realm!=NULL) ms_free(obj->realm); if (obj->realm != NULL) ms_free(obj->realm);
if (obj->domain!=NULL) ms_free(obj->domain); if (obj->domain != NULL) ms_free(obj->domain);
if (obj->tls_cert != NULL) ms_free(obj->tls_cert);
if (obj->tls_key != NULL) ms_free(obj->tls_key);
if (obj->tls_cert_path != NULL) ms_free(obj->tls_cert_path);
if (obj->tls_key_path != NULL) ms_free(obj->tls_key_path);
ms_free(obj); ms_free(obj);
} }
void linphone_auth_info_write_config(LpConfig *config, LinphoneAuthInfo *obj, int pos) void linphone_auth_info_write_config(LpConfig *config, LinphoneAuthInfo *obj, int pos) {
{
char key[50]; char key[50];
bool_t store_ha1_passwd = lp_config_get_int(config, "sip", "store_ha1_passwd", 1); bool_t store_ha1_passwd = lp_config_get_int(config, "sip", "store_ha1_passwd", 1);
sprintf(key, "auth_info_%i", pos);
lp_config_clean_section(config, key);
sprintf(key,"auth_info_%i",pos); if (obj == NULL || lp_config_get_int(config, "sip", "store_auth_info", 1) == 0) {
lp_config_clean_section(config,key);
if (obj==NULL || lp_config_get_int(config, "sip", "store_auth_info", 1) == 0){
return; return;
} }
if (!obj->ha1 && obj->realm && obj->passwd && (obj->username||obj->userid) && store_ha1_passwd) { if (!obj->ha1 && obj->realm && obj->passwd && (obj->username || obj->userid) && store_ha1_passwd) {
/*compute ha1 to avoid storing clear text password*/ /*compute ha1 to avoid storing clear text password*/
obj->ha1=ms_malloc(33); obj->ha1 = ms_malloc(33);
sal_auth_compute_ha1(obj->userid?obj->userid:obj->username,obj->realm,obj->passwd,obj->ha1); sal_auth_compute_ha1(obj->userid ? obj->userid : obj->username, obj->realm, obj->passwd, obj->ha1);
} }
if (obj->username!=NULL){ if (obj->username != NULL) {
lp_config_set_string(config,key,"username",obj->username); lp_config_set_string(config, key, "username", obj->username);
} }
if (obj->userid!=NULL){ if (obj->userid != NULL) {
lp_config_set_string(config,key,"userid",obj->userid); lp_config_set_string(config, key, "userid", obj->userid);
} }
if (obj->ha1!=NULL){ if (obj->ha1 != NULL) {
lp_config_set_string(config,key,"ha1",obj->ha1); lp_config_set_string(config, key, "ha1", obj->ha1);
} }
if (obj->passwd != NULL){ if (obj->passwd != NULL) {
if (store_ha1_passwd && obj->ha1){ if (store_ha1_passwd && obj->ha1) {
/*if we have our ha1 and store_ha1_passwd set to TRUE, then drop the clear text password for security*/ /*if we have our ha1 and store_ha1_passwd set to TRUE, then drop the clear text password for security*/
linphone_auth_info_set_passwd(obj, NULL); linphone_auth_info_set_passwd(obj, NULL);
}else{ } else {
/*we store clear text password only if store_ha1_passwd is FALSE AND we have an ha1 to store. Otherwise, passwd would simply be removed, which might bring major auth issue*/ /*we store clear text password only if store_ha1_passwd is FALSE AND we have an ha1 to store. Otherwise, passwd would simply be removed, which might bring major auth issue*/
lp_config_set_string(config,key,"passwd",obj->passwd); lp_config_set_string(config, key, "passwd", obj->passwd);
} }
} }
if (obj->realm!=NULL){ if (obj->realm != NULL) {
lp_config_set_string(config,key,"realm",obj->realm); lp_config_set_string(config, key, "realm", obj->realm);
} }
if (obj->domain!=NULL){ if (obj->domain != NULL) {
lp_config_set_string(config,key,"domain",obj->domain); lp_config_set_string(config, key, "domain", obj->domain);
}
if (obj->tls_cert_path != NULL) {
lp_config_set_string(config, key, "client_cert_chain", obj->tls_cert_path);
}
if (obj->tls_key_path != NULL) {
lp_config_set_string(config, key, "client_cert_key", obj->tls_key_path);
} }
} }
LinphoneAuthInfo *linphone_auth_info_new_from_config_file(LpConfig * config, int pos) LinphoneAuthInfo *linphone_auth_info_new_from_config_file(LpConfig * config, int pos)
{ {
char key[50]; char key[50];
const char *username,*userid,*passwd,*ha1,*realm,*domain; const char *username,*userid,*passwd,*ha1,*realm,*domain,*tls_cert_path,*tls_key_path;
LinphoneAuthInfo *ret; LinphoneAuthInfo *ret;
sprintf(key,"auth_info_%i",pos); sprintf(key, "auth_info_%i", pos);
if (!lp_config_has_section(config,key)){ if (!lp_config_has_section(config, key)) {
return NULL; return NULL;
} }
username=lp_config_get_string(config,key,"username",NULL); username = lp_config_get_string(config, key, "username", NULL);
userid=lp_config_get_string(config,key,"userid",NULL); userid = lp_config_get_string(config, key, "userid", NULL);
passwd=lp_config_get_string(config,key,"passwd",NULL); passwd = lp_config_get_string(config, key, "passwd", NULL);
ha1=lp_config_get_string(config,key,"ha1",NULL); ha1 = lp_config_get_string(config, key, "ha1", NULL);
realm=lp_config_get_string(config,key,"realm",NULL); realm = lp_config_get_string(config, key, "realm", NULL);
domain=lp_config_get_string(config,key,"domain",NULL); domain = lp_config_get_string(config, key, "domain", NULL);
ret=linphone_auth_info_new(username,userid,passwd,ha1,realm,domain); tls_cert_path = lp_config_get_string(config, key, "client_cert_chain", NULL);
tls_key_path = lp_config_get_string(config, key, "client_cert_key", NULL);
ret = linphone_auth_info_new(username, userid, passwd, ha1, realm, domain);
linphone_auth_info_set_tls_cert_path(ret, tls_cert_path);
linphone_auth_info_set_tls_key_path(ret, tls_key_path);
return ret; return ret;
} }
...@@ -351,6 +416,13 @@ void linphone_core_add_auth_info(LinphoneCore *lc, const LinphoneAuthInfo *info) ...@@ -351,6 +416,13 @@ void linphone_core_add_auth_info(LinphoneCore *lc, const LinphoneAuthInfo *info)
sai.realm=ai->realm; sai.realm=ai->realm;
sai.password=ai->passwd; sai.password=ai->passwd;
sai.ha1=ai->ha1; sai.ha1=ai->ha1;
if (ai->tls_cert && ai->tls_key) {
sal_certificates_chain_parse(&sai, ai->tls_cert, SAL_CERTIFICATE_RAW_FORMAT_PEM);
sal_signing_key_parse(&sai, ai->tls_key, "");
} else if (ai->tls_cert_path && ai->tls_key_path) {
sal_certificates_chain_parse_file(&sai, ai->tls_cert_path, SAL_CERTIFICATE_RAW_FORMAT_PEM);
sal_signing_key_parse_file(&sai, ai->tls_key_path, "");
}
/*proxy case*/ /*proxy case*/
for (proxy=(bctbx_list_t*)linphone_core_get_proxy_config_list(lc);proxy!=NULL;proxy=proxy->next) { for (proxy=(bctbx_list_t*)linphone_core_get_proxy_config_list(lc);proxy!=NULL;proxy=proxy->next) {
if (proxy->data == sal_op_get_user_pointer(op)) { if (proxy->data == sal_op_get_user_pointer(op)) {
......
...@@ -1182,7 +1182,7 @@ void sal_enable_unconditional_answer(Sal *sal,int value) { ...@@ -1182,7 +1182,7 @@ void sal_enable_unconditional_answer(Sal *sal,int value) {
* @param format either PEM or DER * @param format either PEM or DER
*/ */
void sal_certificates_chain_parse_file(SalAuthInfo* auth_info, const char* path, SalCertificateRawFormat format) { void sal_certificates_chain_parse_file(SalAuthInfo* auth_info, const char* path, SalCertificateRawFormat format) {
auth_info->certificates = (SalCertificatesChain*) belle_sip_certificates_chain_parse_file(path, (belle_sip_certificate_raw_format_t)format); // auth_info->certificates = (SalCertificatesChain*) belle_sip_certificates_chain_parse_file(path, (belle_sip_certificate_raw_format_t)format);
if (auth_info->certificates) belle_sip_object_ref((belle_sip_object_t *) auth_info->certificates); if (auth_info->certificates) belle_sip_object_ref((belle_sip_object_t *) auth_info->certificates);
} }
...@@ -1196,6 +1196,28 @@ void sal_signing_key_parse_file(SalAuthInfo* auth_info, const char* path, const ...@@ -1196,6 +1196,28 @@ void sal_signing_key_parse_file(SalAuthInfo* auth_info, const char* path, const
if (auth_info->key) belle_sip_object_ref((belle_sip_object_t *) auth_info->key); if (auth_info->key) belle_sip_object_ref((belle_sip_object_t *) auth_info->key);
} }
/** Parse a buffer containing either a certificate chain order in PEM format or a single DER cert
* @param auth_info structure where to store the result of parsing
* @param buffer the buffer to parse
* @param format either PEM or DER
*/
void sal_certificates_chain_parse(SalAuthInfo* auth_info, const char* buffer, SalCertificateRawFormat format) {
size_t len = buffer != NULL ? strlen(buffer) : 0;
auth_info->certificates = (SalCertificatesChain*) belle_sip_certificates_chain_parse(buffer, len, (belle_sip_certificate_raw_format_t)format);
if (auth_info->certificates) belle_sip_object_ref((belle_sip_object_t *) auth_info->certificates);
}
/**
* Parse a buffer containing either a private or public rsa key
* @param auth_info structure where to store the result of parsing
* @param passwd password (optionnal)
*/
void sal_signing_key_parse(SalAuthInfo* auth_info, const char* buffer, const char *passwd) {
size_t len = buffer != NULL ? strlen(buffer) : 0;
auth_info->key = (SalSigningKey *) belle_sip_signing_key_parse(buffer, len, passwd);
if (auth_info->key) belle_sip_object_ref((belle_sip_object_t *) auth_info->key);
}
/** /**
* Parse a directory to get a certificate with the given subject common name * Parse a directory to get a certificate with the given subject common name
* *
......
...@@ -970,19 +970,18 @@ static void call_released(SalOp *op){ ...@@ -970,19 +970,18 @@ static void call_released(SalOp *op){
} }
static void auth_failure(SalOp *op, SalAuthInfo* info) { static void auth_failure(SalOp *op, SalAuthInfo* info) {
LinphoneCore *lc=(LinphoneCore *)sal_get_user_pointer(sal_op_get_sal(op)); LinphoneCore *lc = (LinphoneCore *)sal_get_user_pointer(sal_op_get_sal(op));
LinphoneAuthInfo *ai=NULL; LinphoneAuthInfo *ai = NULL;
if( info != NULL ){
ai = (LinphoneAuthInfo*)_linphone_core_find_auth_info(lc,info->realm,info->username,info->domain, TRUE);
if (info != NULL) {
ai = (LinphoneAuthInfo*)_linphone_core_find_auth_info(lc, info->realm, info->username, info->domain, TRUE);
if (ai){ if (ai){
ms_message("%s/%s/%s authentication fails.",info->realm,info->username,info->domain); LinphoneAuthMethod method = info->mode == SalAuthModeHttpDigest ? LinphoneAuthHttpDigest : LinphoneAuthTls;
ms_message("%s/%s/%s/%s authentication fails.", info->realm, info->username, info->domain, info->mode == SalAuthModeHttpDigest ? "HttpDigest" : "Tls");
/*ask again for password if auth info was already supplied but apparently not working*/ /*ask again for password if auth info was already supplied but apparently not working*/
linphone_core_notify_auth_info_requested(lc,info->realm,info->username,info->domain); linphone_core_notify_auth_info_requested(lc, info->realm, info->username, info->domain, method);
} }
} }
} }
static void register_success(SalOp *op, bool_t registered){ static void register_success(SalOp *op, bool_t registered){
...@@ -1171,35 +1170,50 @@ static void ping_reply(SalOp *op){ ...@@ -1171,35 +1170,50 @@ static void ping_reply(SalOp *op){
} }
static bool_t fill_auth_info_with_client_certificate(LinphoneCore *lc, SalAuthInfo* sai) { static bool_t fill_auth_info_with_client_certificate(LinphoneCore *lc, SalAuthInfo* sai) {
const char *chain_file = lp_config_get_string(lc->config,"sip","client_cert_chain", 0); const char *chain_file = linphone_core_get_tls_cert_path(lc);
const char *key_file = lp_config_get_string(lc->config,"sip","client_cert_key", 0);; const char *key_file = linphone_core_get_tls_key_path(lc);
if (key_file && chain_file) {
#ifndef _WIN32 #ifndef _WIN32
{ // optinal check for files
// optinal check for files struct stat st;
struct stat st; if (stat(key_file, &st)) {
if (stat(key_file,&st)) { ms_warning("No client certificate key found in %s", key_file);
ms_warning("No client certificate key found in %s", key_file); return FALSE;
return FALSE; }
} if (stat(chain_file, &st)) {
if (stat(chain_file,&st)) { ms_warning("No client certificate chain found in %s", chain_file);
ms_warning("No client certificate chain found in %s", chain_file); return FALSE;
return FALSE; }
}
}
#endif #endif
sal_certificates_chain_parse_file(sai, chain_file, SAL_CERTIFICATE_RAW_FORMAT_PEM);
sal_certificates_chain_parse_file(sai, chain_file, SAL_CERTIFICATE_RAW_FORMAT_PEM ); sal_signing_key_parse_file(sai, key_file, "");
sal_signing_key_parse_file(sai, key_file, ""); } else if (lc->tls_cert && lc->tls_key) {
sal_certificates_chain_parse(sai, lc->tls_cert, SAL_CERTIFICATE_RAW_FORMAT_PEM);
sal_signing_key_parse(sai, lc->tls_key, "");
}
return sai->certificates && sai->key; return sai->certificates && sai->key;
} }
static bool_t fill_auth_info(LinphoneCore *lc, SalAuthInfo* sai) { static bool_t fill_auth_info(LinphoneCore *lc, SalAuthInfo* sai) {
LinphoneAuthInfo *ai=(LinphoneAuthInfo*)_linphone_core_find_auth_info(lc,sai->realm,sai->username,sai->domain, FALSE); LinphoneAuthInfo *ai=(LinphoneAuthInfo*)_linphone_core_find_auth_info(lc,sai->realm,sai->username,sai->domain, FALSE);
if (ai) { if (ai) {
sai->userid=ms_strdup(ai->userid?ai->userid:ai->username); if (sai->mode == SalAuthModeHttpDigest) {
sai->password=ai->passwd?ms_strdup(ai->passwd):NULL; sai->userid=ms_strdup(ai->userid?ai->userid:ai->username);
sai->ha1=ai->ha1?ms_strdup(ai->ha1):NULL; sai->password=ai->passwd?ms_strdup(ai->passwd):NULL;
sai->ha1=ai->ha1?ms_strdup(ai->ha1):NULL;
} else if (sai->mode == SalAuthModeTls) {
if (ai->tls_cert && ai->tls_key) {
sal_certificates_chain_parse(sai, ai->tls_cert, SAL_CERTIFICATE_RAW_FORMAT_PEM);
sal_signing_key_parse(sai, ai->tls_key, "");
} else if (ai->tls_cert_path && ai->tls_key_path) {
sal_certificates_chain_parse_file(sai, ai->tls_cert_path, SAL_CERTIFICATE_RAW_FORMAT_PEM);
sal_signing_key_parse_file(sai, ai->tls_key_path, "");
} else {
fill_auth_info_with_client_certificate(lc, sai);
}
}
if (sai->realm && !ai->realm){ if (sai->realm && !ai->realm){
/*if realm was not known, then set it so that ha1 may eventually be calculated and clear text password dropped*/ /*if realm was not known, then set it so that ha1 may eventually be calculated and clear text password dropped*/
linphone_auth_info_set_realm(ai, sai->realm); linphone_auth_info_set_realm(ai, sai->realm);
...@@ -1211,22 +1225,15 @@ static bool_t fill_auth_info(LinphoneCore *lc, SalAuthInfo* sai) { ...@@ -1211,22 +1225,15 @@ static bool_t fill_auth_info(LinphoneCore *lc, SalAuthInfo* sai) {
} }
} }
static bool_t auth_requested(Sal* sal, SalAuthInfo* sai) { static bool_t auth_requested(Sal* sal, SalAuthInfo* sai) {
LinphoneCore *lc=(LinphoneCore *)sal_get_user_pointer(sal); LinphoneCore *lc = (LinphoneCore *)sal_get_user_pointer(sal);
if (sai->mode == SalAuthModeHttpDigest) { if (fill_auth_info(lc,sai)) {
if (fill_auth_info(lc,sai)) { return TRUE;
} else {
LinphoneAuthMethod method = sai->mode == SalAuthModeHttpDigest ? LinphoneAuthHttpDigest : LinphoneAuthTls;
</