authentication.c 13.3 KB
Newer Older
aymeric's avatar
aymeric committed
1 2 3 4
/***************************************************************************
 *            authentication.c
 *
 *  Fri Jul 16 12:08:34 2004
5
 *  Copyright  2004-2009  Simon MORLAT
aymeric's avatar
aymeric committed
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
 *  simon.morlat@linphone.org
 ****************************************************************************/

/*
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Library General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */
24

aymeric's avatar
aymeric committed
25 26 27 28
#include "linphonecore.h"
#include "private.h"
#include "lpconfig.h"

smorlat's avatar
smorlat committed
29 30 31 32 33
/**
 * @addtogroup authentication
 * @{
**/

34
LinphoneAuthInfo *linphone_auth_info_new(const char *username, const char *userid, const char *passwd, const char *ha1, const char *realm, const char *domain){
aymeric's avatar
aymeric committed
35 36 37 38 39 40
	LinphoneAuthInfo *obj=ms_new0(LinphoneAuthInfo,1);
	if (username!=NULL && (strlen(username)>0) ) obj->username=ms_strdup(username);
	if (userid!=NULL && (strlen(userid)>0)) obj->userid=ms_strdup(userid);
	if (passwd!=NULL && (strlen(passwd)>0)) obj->passwd=ms_strdup(passwd);
	if (ha1!=NULL && (strlen(ha1)>0)) obj->ha1=ms_strdup(ha1);
	if (realm!=NULL && (strlen(realm)>0)) obj->realm=ms_strdup(realm);
41
	if (domain!=NULL && (strlen(domain)>0)) obj->domain=ms_strdup(domain);
aymeric's avatar
aymeric committed
42 43 44
	return obj;
}

45
LinphoneAuthInfo *linphone_auth_info_clone(const LinphoneAuthInfo *ai){
46 47 48 49 50 51
	LinphoneAuthInfo *obj=ms_new0(LinphoneAuthInfo,1);
	if (ai->username) obj->username=ms_strdup(ai->username);
	if (ai->userid) obj->userid=ms_strdup(ai->userid);
	if (ai->passwd) obj->passwd=ms_strdup(ai->passwd);
	if (ai->ha1)	obj->ha1=ms_strdup(ai->ha1);
	if (ai->realm)	obj->realm=ms_strdup(ai->realm);
52
	if (ai->domain)	obj->domain=ms_strdup(ai->domain);
53 54 55
	return obj;
}

56 57 58 59 60 61 62 63 64 65 66 67
const char *linphone_auth_info_get_username(const LinphoneAuthInfo *i){
	return i->username;
}

const char *linphone_auth_info_get_passwd(const LinphoneAuthInfo *i){
	return i->passwd;
}

const char *linphone_auth_info_get_userid(const LinphoneAuthInfo *i){
	return i->userid;
}

68 69 70
const char *linphone_auth_info_get_realm(const LinphoneAuthInfo *i){
	return i->realm;
}
71 72 73 74 75

const char *linphone_auth_info_get_domain(const LinphoneAuthInfo *i){
	return i->domain;
}

76 77 78 79
const char *linphone_auth_info_get_ha1(const LinphoneAuthInfo *i){
	return i->ha1;
}

aymeric's avatar
aymeric committed
80 81 82 83 84 85 86 87
void linphone_auth_info_set_passwd(LinphoneAuthInfo *info, const char *passwd){
	if (info->passwd!=NULL) {
		ms_free(info->passwd);
		info->passwd=NULL;
	}
	if (passwd!=NULL && (strlen(passwd)>0)) info->passwd=ms_strdup(passwd);
}

88 89 90 91 92 93 94 95
void linphone_auth_info_set_username(LinphoneAuthInfo *info, const char *username){
	if (info->username){
		ms_free(info->username);
		info->username=NULL;
	}
	if (username && strlen(username)>0) info->username=ms_strdup(username);
}

96 97 98 99 100 101 102 103
void linphone_auth_info_set_userid(LinphoneAuthInfo *info, const char *userid){
	if (info->userid){
		ms_free(info->userid);
		info->userid=NULL;
	}
	if (userid && strlen(userid)>0) info->userid=ms_strdup(userid);
}

104 105 106 107 108 109 110
void linphone_auth_info_set_realm(LinphoneAuthInfo *info, const char *realm){
	if (info->realm){
		ms_free(info->realm);
		info->realm=NULL;
	}
	if (realm && strlen(realm)>0) info->realm=ms_strdup(realm);
}
111 112 113 114 115 116 117 118 119

void linphone_auth_info_set_domain(LinphoneAuthInfo *info, const char *domain){
	if (info->domain){
		ms_free(info->domain);
		info->domain=NULL;
	}
	if (domain && strlen(domain)>0) info->domain=ms_strdup(domain);
}

120 121 122 123 124 125 126 127
void linphone_auth_info_set_ha1(LinphoneAuthInfo *info, const char *ha1){
	if (info->ha1){
		ms_free(info->ha1);
		info->ha1=NULL;
	}
	if (ha1 && strlen(ha1)>0) info->ha1=ms_strdup(ha1);
}

smorlat's avatar
smorlat committed
128 129 130
/**
 * Destroys a LinphoneAuthInfo object.
**/
aymeric's avatar
aymeric committed
131 132 133 134 135 136
void linphone_auth_info_destroy(LinphoneAuthInfo *obj){
	if (obj->username!=NULL) ms_free(obj->username);
	if (obj->userid!=NULL) ms_free(obj->userid);
	if (obj->passwd!=NULL) ms_free(obj->passwd);
	if (obj->ha1!=NULL) ms_free(obj->ha1);
	if (obj->realm!=NULL) ms_free(obj->realm);
137
	if (obj->domain!=NULL) ms_free(obj->domain);
aymeric's avatar
aymeric committed
138 139 140 141 142 143
	ms_free(obj);
}

void linphone_auth_info_write_config(LpConfig *config, LinphoneAuthInfo *obj, int pos)
{
	char key[50];
144
	bool_t store_ha1_passwd = lp_config_get_int(config, "sip", "store_ha1_passwd", 1);
145 146


aymeric's avatar
aymeric committed
147 148
	sprintf(key,"auth_info_%i",pos);
	lp_config_clean_section(config,key);
149

150
	if (obj==NULL || lp_config_get_int(config, "sip", "store_auth_info", 1) == 0){
aymeric's avatar
aymeric committed
151
		return;
152
	}
153
	if (!obj->ha1 && obj->realm && obj->passwd && (obj->username||obj->userid) && store_ha1_passwd) {
154 155 156 157
		/*compute ha1 to avoid storing clear text password*/
		obj->ha1=ms_malloc(33);
		sal_auth_compute_ha1(obj->userid?obj->userid:obj->username,obj->realm,obj->passwd,obj->ha1);
	}
aymeric's avatar
aymeric committed
158 159 160 161 162 163 164 165
	if (obj->username!=NULL){
		lp_config_set_string(config,key,"username",obj->username);
	}
	if (obj->userid!=NULL){
		lp_config_set_string(config,key,"userid",obj->userid);
	}
	if (obj->ha1!=NULL){
		lp_config_set_string(config,key,"ha1",obj->ha1);
166 167 168 169 170 171 172 173 174 175 176
	}
	if (obj->passwd != NULL){
		if (store_ha1_passwd){
			if (obj->ha1){
				/*if we have our ha1 and store_ha1_passwd set to TRUE, then drop the clear text password for security*/
				linphone_auth_info_set_passwd(obj, NULL);
			}
		}else{
			/*we store clear text password only if store_ha1_passwd is FALSE*/
			lp_config_set_string(config,key,"passwd",obj->passwd);
		}
aymeric's avatar
aymeric committed
177 178 179 180
	}
	if (obj->realm!=NULL){
		lp_config_set_string(config,key,"realm",obj->realm);
	}
181 182 183
	if (obj->domain!=NULL){
		lp_config_set_string(config,key,"domain",obj->domain);
	}
aymeric's avatar
aymeric committed
184 185 186 187 188
}

LinphoneAuthInfo *linphone_auth_info_new_from_config_file(LpConfig * config, int pos)
{
	char key[50];
189 190
	const char *username,*userid,*passwd,*ha1,*realm,*domain;
	LinphoneAuthInfo *ret;
191

aymeric's avatar
aymeric committed
192 193 194 195
	sprintf(key,"auth_info_%i",pos);
	if (!lp_config_has_section(config,key)){
		return NULL;
	}
196

aymeric's avatar
aymeric committed
197 198 199 200 201
	username=lp_config_get_string(config,key,"username",NULL);
	userid=lp_config_get_string(config,key,"userid",NULL);
	passwd=lp_config_get_string(config,key,"passwd",NULL);
	ha1=lp_config_get_string(config,key,"ha1",NULL);
	realm=lp_config_get_string(config,key,"realm",NULL);
202
	domain=lp_config_get_string(config,key,"domain",NULL);
203
	ret=linphone_auth_info_new(username,userid,passwd,ha1,realm,domain);
204
	return ret;
aymeric's avatar
aymeric committed
205 206
}

smorlat's avatar
smorlat committed
207 208 209 210 211 212 213 214
static char * remove_quotes(char * input){
	char *tmp;
	if (*input=='"') input++;
	tmp=strchr(input,'"');
	if (tmp) *tmp='\0';
	return input;
}

215
static bool_t realm_match(const char *realm1, const char *realm2){
smorlat's avatar
smorlat committed
216 217 218 219 220 221 222 223
	if (realm1==NULL && realm2==NULL) return TRUE;
	if (realm1!=NULL && realm2!=NULL){
		if (strcmp(realm1,realm2)==0) return TRUE;
		else{
			char tmp1[128];
			char tmp2[128];
			char *p1,*p2;
			strncpy(tmp1,realm1,sizeof(tmp1)-1);
224
			strncpy(tmp2,realm2,sizeof(tmp2)-1);
smorlat's avatar
smorlat committed
225 226 227 228 229 230 231 232
			p1=remove_quotes(tmp1);
			p2=remove_quotes(tmp2);
			return strcmp(p1,p2)==0;
		}
	}
	return FALSE;
}

233
static const LinphoneAuthInfo *find_auth_info(LinphoneCore *lc, const char *username, const char *realm, const char *domain, bool_t ignore_realm){
aymeric's avatar
aymeric committed
234
	MSList *elem;
235
	const LinphoneAuthInfo *ret=NULL;
236

237 238 239
	for (elem=lc->auth_info;elem!=NULL;elem=elem->next) {
		LinphoneAuthInfo *pinfo = (LinphoneAuthInfo*)elem->data;
		if (username && pinfo->username && strcmp(username,pinfo->username)==0) {
240
			if (realm && domain){
241
				if (pinfo->realm && realm_match(realm,pinfo->realm)
242
					&& pinfo->domain && strcmp(domain,pinfo->domain)==0) {
243
					return pinfo;
smorlat's avatar
smorlat committed
244
				}
245 246 247
			} else if (realm) {
				if (pinfo->realm && realm_match(realm,pinfo->realm)) {
					if (ret!=NULL) {
248 249 250
						ms_warning("Non unique realm found for %s",username);
						return NULL;
					}
smorlat's avatar
smorlat committed
251
					ret=pinfo;
252
				}
253
			} else if (domain && pinfo->domain && strcmp(domain,pinfo->domain)==0 && (pinfo->ha1==NULL || ignore_realm)) {
254
				return pinfo;
255
			} else if (!domain && (pinfo->ha1==NULL || ignore_realm)) {
256 257
				return pinfo;
			}
smorlat's avatar
smorlat committed
258
		}
259
	}
smorlat's avatar
smorlat committed
260
	return ret;
aymeric's avatar
aymeric committed
261 262
}

263 264

const LinphoneAuthInfo *_linphone_core_find_auth_info(LinphoneCore *lc, const char *realm, const char *username, const char *domain, bool_t ignore_realm){
265
	const LinphoneAuthInfo *ai=NULL;
266
	if (realm){
267
		ai=find_auth_info(lc,username,realm,NULL, FALSE);
268
		if (ai==NULL && domain){
269
			ai=find_auth_info(lc,username,realm,domain, FALSE);
270
		}
271
	}
272
	if (ai == NULL && domain != NULL) {
273
		ai=find_auth_info(lc,username,NULL,domain, ignore_realm);
274
	}
275
	if (ai==NULL){
276
		ai=find_auth_info(lc,username,NULL,NULL, ignore_realm);
277
	}
278
	if (ai) ms_message("linphone_core_find_auth_info(): returning auth info username=%s, realm=%s", ai->username ? ai->username : "", ai->realm ? ai->realm : "");
279 280
	return ai;
}
281

282 283 284
const LinphoneAuthInfo *linphone_core_find_auth_info(LinphoneCore *lc, const char *realm, const char *username, const char *domain){
	return _linphone_core_find_auth_info(lc, realm, username, domain, TRUE);
}
285

286 287 288 289
/*the auth info is expected to be in the core's list*/
void linphone_core_write_auth_info(LinphoneCore *lc, LinphoneAuthInfo *ai){
	int i;
	MSList *elem = lc->auth_info;
290

291
	if (!lc->sip_conf.save_auth_info) return;
292

293 294 295 296 297 298 299
	for (i=0; elem != NULL; elem = elem->next, i++){
		if (ai == elem->data){
			linphone_auth_info_write_config(lc->config, ai, i);
		}
	}
}

300 301 302 303 304
static void write_auth_infos(LinphoneCore *lc){
	MSList *elem;
	int i;

	if (!linphone_core_ready(lc)) return;
305
	if (!lc->sip_conf.save_auth_info) return;
306 307 308 309 310 311 312
	for(elem=lc->auth_info,i=0;elem!=NULL;elem=ms_list_next(elem),i++){
		LinphoneAuthInfo *ai=(LinphoneAuthInfo*)(elem->data);
		linphone_auth_info_write_config(lc->config,ai,i);
	}
	linphone_auth_info_write_config(lc->config,NULL,i); /* mark the end */
}

313 314
LinphoneAuthInfo * linphone_core_create_auth_info(LinphoneCore *lc, const char *username, const char *userid, const char *passwd, const char *ha1, const char *realm, const char *domain) {
	return linphone_auth_info_new(username, userid, passwd, ha1, realm, domain);
315 316
}

smorlat's avatar
smorlat committed
317 318
/**
 * Adds authentication information to the LinphoneCore.
319 320
 *
 * This information will be used during all SIP transactions that require authentication.
smorlat's avatar
smorlat committed
321
**/
322
void linphone_core_add_auth_info(LinphoneCore *lc, const LinphoneAuthInfo *info){
323
	LinphoneAuthInfo *ai;
324
	MSList *elem;
325
	MSList *l;
326 327
	int restarted_op_count=0;
	bool_t updating=FALSE;
328

329 330 331 332
	if (info->ha1==NULL && info->passwd==NULL){
		ms_error("linphone_core_add_auth_info(): info supplied with empty password or ha1.");
		return;
	}
aymeric's avatar
aymeric committed
333
	/* find if we are attempting to modify an existing auth info */
334
	ai=(LinphoneAuthInfo*)linphone_core_find_auth_info(lc,info->realm,info->username,info->domain);
Sylvain Berfini's avatar
Sylvain Berfini committed
335
	if (ai!=NULL && ai->domain && info->domain && strcmp(ai->domain, info->domain)==0){
336 337
		lc->auth_info=ms_list_remove(lc->auth_info,ai);
		linphone_auth_info_destroy(ai);
338
		updating=TRUE;
aymeric's avatar
aymeric committed
339
	}
340
	lc->auth_info=ms_list_append(lc->auth_info,linphone_auth_info_clone(info));
341

Simon Morlat's avatar
Simon Morlat committed
342
	/* retry pending authentication operations */
343
	for(l=elem=sal_get_pending_auths(lc->sal);elem!=NULL;elem=elem->next){
Simon Morlat's avatar
Simon Morlat committed
344 345
		SalOp *op=(SalOp*)elem->data;
		LinphoneAuthInfo *ai;
346
		const SalAuthInfo *req_sai=sal_op_get_auth_requested(op);
347
		ai=(LinphoneAuthInfo*)_linphone_core_find_auth_info(lc,req_sai->realm,req_sai->username,req_sai->domain, FALSE);
Simon Morlat's avatar
Simon Morlat committed
348 349
		if (ai){
			SalAuthInfo sai;
350
			MSList* proxy;
Simon Morlat's avatar
Simon Morlat committed
351 352 353 354
			sai.username=ai->username;
			sai.userid=ai->userid;
			sai.realm=ai->realm;
			sai.password=ai->passwd;
355
			sai.ha1=ai->ha1;
356 357 358 359 360 361 362
			/*proxy case*/
			for (proxy=(MSList*)linphone_core_get_proxy_config_list(lc);proxy!=NULL;proxy=proxy->next) {
				if (proxy->data == sal_op_get_user_pointer(op)) {
					linphone_proxy_config_set_state((LinphoneProxyConfig*)(proxy->data),LinphoneRegistrationProgress,"Authentication...");
					break;
				}
			}
Simon Morlat's avatar
Simon Morlat committed
363
			sal_op_authenticate(op,&sai);
364
			restarted_op_count++;
Simon Morlat's avatar
Simon Morlat committed
365 366
		}
	}
367 368 369 370 371 372 373 374 375 376 377
	if (l){
		ms_message("linphone_core_add_auth_info(): restarted [%i] operation(s) after %s auth info for\n"
			"\tusername: [%s]\n"
			"\trealm [%s]\n"
			"\tdomain [%s]\n",
			restarted_op_count,
			updating ? "updating" : "adding",
			info->username ? info->username : "",
			info->realm ? info->realm : "",
			info->domain ? info->domain : "");
	}
378
	ms_list_free(l);
379
	write_auth_infos(lc);
aymeric's avatar
aymeric committed
380 381
}

smorlat's avatar
smorlat committed
382 383 384 385 386

/**
 * This method is used to abort a user authentication request initiated by LinphoneCore
 * from the auth_info_requested callback of LinphoneCoreVTable.
**/
aymeric's avatar
aymeric committed
387 388 389
void linphone_core_abort_authentication(LinphoneCore *lc,  LinphoneAuthInfo *info){
}

smorlat's avatar
smorlat committed
390 391 392
/**
 * Removes an authentication information object.
**/
393 394
void linphone_core_remove_auth_info(LinphoneCore *lc, const LinphoneAuthInfo *info){
	LinphoneAuthInfo *r;
395
	r=(LinphoneAuthInfo*)linphone_core_find_auth_info(lc,info->realm,info->username,info->domain);
396 397 398
	if (r){
		lc->auth_info=ms_list_remove(lc->auth_info,r);
		linphone_auth_info_destroy(r);
399
		write_auth_infos(lc);
aymeric's avatar
aymeric committed
400 401 402
	}
}

smorlat's avatar
smorlat committed
403 404
/**
 * Returns an unmodifiable list of currently entered LinphoneAuthInfo.
405 406
 * @param[in] lc The LinphoneCore object
 * @return \mslist{LinphoneAuthInfo}
smorlat's avatar
smorlat committed
407
**/
smorlat's avatar
smorlat committed
408 409 410 411
const MSList *linphone_core_get_auth_info_list(const LinphoneCore *lc){
	return lc->auth_info;
}

smorlat's avatar
smorlat committed
412 413 414
/**
 * Clear all authentication information.
**/
aymeric's avatar
aymeric committed
415 416 417 418 419 420 421 422 423 424 425 426
void linphone_core_clear_all_auth_info(LinphoneCore *lc){
	MSList *elem;
	int i;
	for(i=0,elem=lc->auth_info;elem!=NULL;elem=ms_list_next(elem),i++){
		LinphoneAuthInfo *info=(LinphoneAuthInfo*)elem->data;
		linphone_auth_info_destroy(info);
		linphone_auth_info_write_config(lc->config,NULL,i);
	}
	ms_list_free(lc->auth_info);
	lc->auth_info=NULL;
}

smorlat's avatar
smorlat committed
427 428 429
/**
 * @}
**/