forked from mirrors/linphone-iphone
fix ha1 issue and store ha1 instead of passwd
This commit is contained in:
Jehan Monnier
parent
0a51b53cc9
commit
86ba23e486
6 changed files with 33 additions and 4 deletions
|
|
@ -161,18 +161,22 @@ void linphone_auth_info_write_config(LpConfig *config, LinphoneAuthInfo *obj, in
|
|||
|
||||
if (obj==NULL || lp_config_get_int(config, "sip", "store_auth_info", 1) == 0){
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (!obj->ha1 && obj->realm && obj->passwd && (obj->username||obj->userid)) {
|
||||
/*compute ha1 to avoid storing clear text password*/
|
||||
obj->ha1=ms_malloc(33);
|
||||
sal_auth_compute_ha1(obj->userid?obj->userid:obj->username,obj->realm,obj->passwd,obj->ha1);
|
||||
}
|
||||
if (obj->username!=NULL){
|
||||
lp_config_set_string(config,key,"username",obj->username);
|
||||
}
|
||||
if (obj->userid!=NULL){
|
||||
lp_config_set_string(config,key,"userid",obj->userid);
|
||||
}
|
||||
if (obj->passwd!=NULL){
|
||||
lp_config_set_string(config,key,"passwd",obj->passwd);
|
||||
}
|
||||
if (obj->ha1!=NULL){
|
||||
lp_config_set_string(config,key,"ha1",obj->ha1);
|
||||
} else if (obj->passwd!=NULL){ /*only write passwd if no ha1*/
|
||||
lp_config_set_string(config,key,"passwd",obj->passwd);
|
||||
}
|
||||
if (obj->realm!=NULL){
|
||||
lp_config_set_string(config,key,"realm",obj->realm);
|
||||
|
|
@ -308,6 +312,7 @@ void linphone_core_add_auth_info(LinphoneCore *lc, const LinphoneAuthInfo *info)
|
|||
sai.userid=ai->userid;
|
||||
sai.realm=ai->realm;
|
||||
sai.password=ai->passwd;
|
||||
sai.ha1=ai->ha1;
|
||||
sal_op_authenticate(op,&sai);
|
||||
ai->usecount++;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -685,3 +685,7 @@ void sal_expire_old_registration_contacts(Sal *ctx, bool_t enabled){
|
|||
void sal_use_dates(Sal *ctx, bool_t enabled){
|
||||
ctx->use_dates=enabled;
|
||||
}
|
||||
|
||||
int sal_auth_compute_ha1(const char* userid,const char* realm,const char* password, char ha1[33]) {
|
||||
return belle_sip_auth_helper_compute_ha1(userid, realm, password, ha1);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -896,6 +896,7 @@ static bool_t fill_auth_info(LinphoneCore *lc, SalAuthInfo* sai) {
|
|||
if (ai) {
|
||||
sai->userid=ai->userid?ai->userid:ai->username;
|
||||
sai->password=ai->passwd;
|
||||
sai->ha1=ai->ha1;
|
||||
ai->usecount++;
|
||||
ai->last_use_time=ms_time(NULL);
|
||||
return TRUE;
|
||||
|
|
|
|||
|
|
@ -374,6 +374,7 @@ typedef struct SalCallbacks{
|
|||
SalAuthInfo* sal_auth_info_new();
|
||||
SalAuthInfo* sal_auth_info_clone(const SalAuthInfo* auth_info);
|
||||
void sal_auth_info_delete(const SalAuthInfo* auth_info);
|
||||
LINPHONE_PUBLIC int sal_auth_compute_ha1(const char* userid,const char* realm,const char* password, char ha1[33]);
|
||||
|
||||
void sal_set_callbacks(Sal *ctx, const SalCallbacks *cbs);
|
||||
int sal_listen_port(Sal *ctx, const char *addr, int port, SalTransport tr, int is_secure);
|
||||
|
|
|
|||
|
|
@ -92,6 +92,8 @@ LinphoneCore* create_lc_with_auth(unsigned int with_auth) {
|
|||
linphone_core_set_user_data(lc,&global_stat);
|
||||
/* until we have good certificates on our test server... */
|
||||
linphone_core_verify_server_certificates(lc,FALSE);
|
||||
/*to allow testing with 127.0.0.1*/
|
||||
linphone_core_set_network_reachable(lc,TRUE);
|
||||
return lc;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -199,6 +199,21 @@ static void simple_authenticated_register(){
|
|||
CU_ASSERT_EQUAL(counters->number_of_auth_info_requested,0);
|
||||
}
|
||||
|
||||
static void ha1_authenticated_register(){
|
||||
stats* counters;
|
||||
LinphoneCore* lc = create_lc();
|
||||
char ha1[33];
|
||||
LinphoneAuthInfo *info;
|
||||
char route[256];
|
||||
sal_auth_compute_ha1(test_username,auth_domain,test_password,ha1);
|
||||
info=linphone_auth_info_new(test_username,NULL,NULL,ha1,auth_domain); /*create authentication structure from identity*/
|
||||
sprintf(route,"sip:%s",test_route);
|
||||
linphone_core_add_auth_info(lc,info); /*add authentication info to LinphoneCore*/
|
||||
counters = (stats*)linphone_core_get_user_data(lc);
|
||||
register_with_refresh(lc,FALSE,auth_domain,route);
|
||||
CU_ASSERT_EQUAL(counters->number_of_auth_info_requested,0);
|
||||
}
|
||||
|
||||
static void authenticated_register_with_no_initial_credentials(){
|
||||
LinphoneCoreVTable v_table;
|
||||
LinphoneCore* lc;
|
||||
|
|
@ -345,6 +360,7 @@ test_t register_tests[] = {
|
|||
{ "TCP register compatibility mode", simple_tcp_register_compatibility_mode },
|
||||
{ "TLS register", simple_tls_register },
|
||||
{ "Simple authenticated register", simple_authenticated_register },
|
||||
{ "Ha1 authenticated register", ha1_authenticated_register },
|
||||
{ "Digest auth without initial credentials", authenticated_register_with_no_initial_credentials },
|
||||
{ "Authenticated register with late credentials", authenticated_register_with_late_credentials },
|
||||
{ "Register with refresh", simple_register_with_refresh },
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue