1 /* $Id$ */
2 /*
3 * Copyright (C) 2008-2011 Teluu Inc. (http://www.teluu.com)
4 * Copyright (C) 2003-2008 Benny Prijono <benny@prijono.org>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
20 #include <pjsip/sip_auth_msg.h>
21 #include <pjsip/sip_auth_parser.h>
22 #include <pjsip/sip_parser.h>
23 #include <pj/pool.h>
24 #include <pj/list.h>
25 #include <pj/string.h>
26 #include <pj/assert.h>
27 #include <pjsip/print_util.h>
28
29 ///////////////////////////////////////////////////////////////////////////////
30 /*
31 * Authorization and Proxy-Authorization header.
32 */
33 static pjsip_authorization_hdr* pjsip_authorization_hdr_clone( pj_pool_t *pool,
34 const pjsip_authorization_hdr *hdr);
35 static pjsip_authorization_hdr* pjsip_authorization_hdr_shallow_clone( pj_pool_t *pool,
36 const pjsip_authorization_hdr *hdr);
37 static int pjsip_authorization_hdr_print( pjsip_authorization_hdr *hdr,
38 char *buf, pj_size_t size);
39
40 static pjsip_hdr_vptr authorization_hdr_vptr =
41 {
42 (pjsip_hdr_clone_fptr) &pjsip_authorization_hdr_clone,
43 (pjsip_hdr_clone_fptr) &pjsip_authorization_hdr_shallow_clone,
44 (pjsip_hdr_print_fptr) &pjsip_authorization_hdr_print,
45 };
46
47
pjsip_authorization_hdr_create(pj_pool_t * pool)48 PJ_DEF(pjsip_authorization_hdr*) pjsip_authorization_hdr_create(pj_pool_t *pool)
49 {
50 pjsip_authorization_hdr *hdr;
51 hdr = PJ_POOL_ZALLOC_T(pool, pjsip_authorization_hdr);
52 init_hdr(hdr, PJSIP_H_AUTHORIZATION, &authorization_hdr_vptr);
53 pj_list_init(&hdr->credential.common.other_param);
54 return hdr;
55 }
56
pjsip_proxy_authorization_hdr_create(pj_pool_t * pool)57 PJ_DEF(pjsip_proxy_authorization_hdr*) pjsip_proxy_authorization_hdr_create(pj_pool_t *pool)
58 {
59 pjsip_proxy_authorization_hdr *hdr;
60 hdr = PJ_POOL_ZALLOC_T(pool, pjsip_proxy_authorization_hdr);
61 init_hdr(hdr, PJSIP_H_PROXY_AUTHORIZATION, &authorization_hdr_vptr);
62 pj_list_init(&hdr->credential.common.other_param);
63 return hdr;
64 }
65
print_digest_credential(pjsip_digest_credential * cred,char * buf,pj_size_t size)66 static int print_digest_credential(pjsip_digest_credential *cred, char *buf, pj_size_t size)
67 {
68 pj_ssize_t printed;
69 char *startbuf = buf;
70 char *endbuf = buf + size;
71 const pjsip_parser_const_t *pc = pjsip_parser_const();
72
73 copy_advance_pair_quote_cond(buf, "username=", 9, cred->username, '"', '"');
74 copy_advance_pair_quote_cond_always(buf, ", realm=", 8, cred->realm, '"',
75 '"');
76 copy_advance_pair_quote(buf, ", nonce=", 8, cred->nonce, '"', '"');
77 copy_advance_pair_quote_cond(buf, ", uri=", 6, cred->uri, '"', '"');
78 copy_advance_pair_quote(buf, ", response=", 11, cred->response, '"', '"');
79 copy_advance_pair(buf, ", algorithm=", 12, cred->algorithm);
80 copy_advance_pair_quote_cond(buf, ", cnonce=", 9, cred->cnonce, '"', '"');
81 copy_advance_pair_quote_cond(buf, ", opaque=", 9, cred->opaque, '"', '"');
82 //Note: there's no dbl-quote in qop in Authorization header
83 // (unlike WWW-Authenticate)
84 //copy_advance_pair_quote_cond(buf, ", qop=", 6, cred->qop, '"', '"');
85 copy_advance_pair(buf, ", qop=", 6, cred->qop);
86 copy_advance_pair(buf, ", nc=", 5, cred->nc);
87
88 printed = pjsip_param_print_on(&cred->other_param, buf, endbuf-buf,
89 &pc->pjsip_TOKEN_SPEC,
90 &pc->pjsip_TOKEN_SPEC, ',');
91 if (printed < 0)
92 return -1;
93 buf += printed;
94
95 return (int) (buf-startbuf);
96 }
97
print_pgp_credential(pjsip_pgp_credential * cred,char * buf,pj_size_t size)98 static int print_pgp_credential(pjsip_pgp_credential *cred, char *buf, pj_size_t size)
99 {
100 PJ_UNUSED_ARG(cred);
101 PJ_UNUSED_ARG(buf);
102 PJ_UNUSED_ARG(size);
103 return -1;
104 }
105
print_oauth_credential(pjsip_oauth_credential * cred,char * buf,pj_size_t size)106 static int print_oauth_credential(pjsip_oauth_credential *cred, char *buf,
107 pj_size_t size)
108 {
109 pj_ssize_t printed;
110 char *startbuf = buf;
111 char *endbuf = buf + size;
112
113 copy_advance_pair_quote_cond_always(buf, "token=", 6, cred->token,
114 '"', '"');
115 copy_advance_pair_quote_cond_always(buf, ", username=", 11, cred->username,
116 '"', '"');
117 copy_advance_pair_quote_cond_always(buf, ", realm=", 8, cred->realm,
118 '"', '"');
119
120 return (int) (buf-startbuf);
121 }
122
pjsip_authorization_hdr_print(pjsip_authorization_hdr * hdr,char * buf,pj_size_t size)123 static int pjsip_authorization_hdr_print( pjsip_authorization_hdr *hdr,
124 char *buf, pj_size_t size)
125 {
126 int printed;
127 char *startbuf = buf;
128 char *endbuf = buf + size;
129
130 copy_advance(buf, hdr->name);
131 *buf++ = ':';
132 *buf++ = ' ';
133
134 copy_advance(buf, hdr->scheme);
135 *buf++ = ' ';
136
137 if (pj_stricmp(&hdr->scheme, &pjsip_DIGEST_STR) == 0)
138 {
139 printed = print_digest_credential(&hdr->credential.digest, buf, endbuf - buf);
140 }
141 else if (pj_stricmp(&hdr->scheme, &pjsip_PGP_STR) == 0)
142 {
143 printed = print_pgp_credential(&hdr->credential.pgp, buf, endbuf - buf);
144 }
145 else if (pj_stricmp(&hdr->scheme, &pjsip_BEARER_STR) == 0)
146 {
147 printed = print_oauth_credential(&hdr->credential.oauth, buf,
148 endbuf - buf);
149 }
150 else {
151 pj_assert(0);
152 return -1;
153 }
154
155 if (printed == -1)
156 return -1;
157
158 buf += printed;
159 *buf = '\0';
160 return (int)(buf-startbuf);
161 }
162
pjsip_authorization_hdr_clone(pj_pool_t * pool,const pjsip_authorization_hdr * rhs)163 static pjsip_authorization_hdr* pjsip_authorization_hdr_clone( pj_pool_t *pool,
164 const pjsip_authorization_hdr *rhs)
165 {
166 /* This function also serves Proxy-Authorization header. */
167 pjsip_authorization_hdr *hdr;
168 if (rhs->type == PJSIP_H_AUTHORIZATION)
169 hdr = pjsip_authorization_hdr_create(pool);
170 else
171 hdr = pjsip_proxy_authorization_hdr_create(pool);
172
173 pj_strdup(pool, &hdr->scheme, &rhs->scheme);
174
175 if (pj_stricmp2(&hdr->scheme, "digest") == 0) {
176 pj_strdup(pool, &hdr->credential.digest.username, &rhs->credential.digest.username);
177 pj_strdup(pool, &hdr->credential.digest.realm, &rhs->credential.digest.realm);
178 pj_strdup(pool, &hdr->credential.digest.nonce, &rhs->credential.digest.nonce);
179 pj_strdup(pool, &hdr->credential.digest.uri, &rhs->credential.digest.uri);
180 pj_strdup(pool, &hdr->credential.digest.response, &rhs->credential.digest.response);
181 pj_strdup(pool, &hdr->credential.digest.algorithm, &rhs->credential.digest.algorithm);
182 pj_strdup(pool, &hdr->credential.digest.cnonce, &rhs->credential.digest.cnonce);
183 pj_strdup(pool, &hdr->credential.digest.opaque, &rhs->credential.digest.opaque);
184 pj_strdup(pool, &hdr->credential.digest.qop, &rhs->credential.digest.qop);
185 pj_strdup(pool, &hdr->credential.digest.nc, &rhs->credential.digest.nc);
186 pjsip_param_clone(pool, &hdr->credential.digest.other_param, &rhs->credential.digest.other_param);
187 } else if (pj_stricmp2(&hdr->scheme, "pgp") == 0) {
188 pj_assert(0);
189 return NULL;
190 } else {
191 pj_assert(0);
192 return NULL;
193 }
194
195 return hdr;
196 }
197
198 static pjsip_authorization_hdr*
pjsip_authorization_hdr_shallow_clone(pj_pool_t * pool,const pjsip_authorization_hdr * rhs)199 pjsip_authorization_hdr_shallow_clone( pj_pool_t *pool,
200 const pjsip_authorization_hdr *rhs)
201 {
202 /* This function also serves Proxy-Authorization header. */
203 pjsip_authorization_hdr *hdr;
204 hdr = PJ_POOL_ALLOC_T(pool, pjsip_authorization_hdr);
205 pj_memcpy(hdr, rhs, sizeof(*hdr));
206 pjsip_param_shallow_clone(pool, &hdr->credential.common.other_param,
207 &rhs->credential.common.other_param);
208 return hdr;
209 }
210
211
212 ///////////////////////////////////////////////////////////////////////////////
213 /*
214 * Proxy-Authenticate and WWW-Authenticate header.
215 */
216 static int pjsip_www_authenticate_hdr_print( pjsip_www_authenticate_hdr *hdr,
217 char *buf, pj_size_t size);
218 static pjsip_www_authenticate_hdr* pjsip_www_authenticate_hdr_clone( pj_pool_t *pool,
219 const pjsip_www_authenticate_hdr *hdr);
220 static pjsip_www_authenticate_hdr* pjsip_www_authenticate_hdr_shallow_clone( pj_pool_t *pool,
221 const pjsip_www_authenticate_hdr *hdr);
222
223 static pjsip_hdr_vptr www_authenticate_hdr_vptr =
224 {
225 (pjsip_hdr_clone_fptr) &pjsip_www_authenticate_hdr_clone,
226 (pjsip_hdr_clone_fptr) &pjsip_www_authenticate_hdr_shallow_clone,
227 (pjsip_hdr_print_fptr) &pjsip_www_authenticate_hdr_print,
228 };
229
230
pjsip_www_authenticate_hdr_create(pj_pool_t * pool)231 PJ_DEF(pjsip_www_authenticate_hdr*) pjsip_www_authenticate_hdr_create(pj_pool_t *pool)
232 {
233 pjsip_www_authenticate_hdr *hdr;
234 hdr = PJ_POOL_ZALLOC_T(pool, pjsip_www_authenticate_hdr);
235 init_hdr(hdr, PJSIP_H_WWW_AUTHENTICATE, &www_authenticate_hdr_vptr);
236 pj_list_init(&hdr->challenge.common.other_param);
237 return hdr;
238 }
239
240
pjsip_proxy_authenticate_hdr_create(pj_pool_t * pool)241 PJ_DEF(pjsip_proxy_authenticate_hdr*) pjsip_proxy_authenticate_hdr_create(pj_pool_t *pool)
242 {
243 pjsip_proxy_authenticate_hdr *hdr;
244 hdr = PJ_POOL_ZALLOC_T(pool, pjsip_proxy_authenticate_hdr);
245 init_hdr(hdr, PJSIP_H_PROXY_AUTHENTICATE, &www_authenticate_hdr_vptr);
246 pj_list_init(&hdr->challenge.common.other_param);
247 return hdr;
248 }
249
print_digest_challenge(pjsip_digest_challenge * chal,char * buf,pj_size_t size)250 static int print_digest_challenge( pjsip_digest_challenge *chal,
251 char *buf, pj_size_t size)
252 {
253 pj_ssize_t printed;
254 char *startbuf = buf;
255 char *endbuf = buf + size;
256 const pjsip_parser_const_t *pc = pjsip_parser_const();
257
258 /* Allow empty realm, see http://trac.pjsip.org/repos/ticket/1061 */
259 copy_advance_pair_quote(buf, "realm=", 6, chal->realm, '"', '"');
260 copy_advance_pair_quote_cond(buf, ",domain=", 8, chal->domain, '"', '"');
261 copy_advance_pair_quote_cond(buf, ",nonce=", 7, chal->nonce, '"', '"');
262 copy_advance_pair_quote_cond(buf, ",opaque=", 8, chal->opaque, '"', '"');
263 if (chal->stale) {
264 pj_str_t true_str = { "true", 4 };
265 copy_advance_pair(buf, ",stale=", 7, true_str);
266 }
267 copy_advance_pair(buf, ",algorithm=", 11, chal->algorithm);
268 copy_advance_pair_quote_cond(buf, ",qop=", 5, chal->qop, '"', '"');
269
270 printed = pjsip_param_print_on(&chal->other_param, buf, endbuf-buf,
271 &pc->pjsip_TOKEN_SPEC,
272 &pc->pjsip_TOKEN_SPEC, ',');
273 if (printed < 0)
274 return -1;
275 buf += printed;
276
277 return (int)(buf-startbuf);
278 }
279
print_pgp_challenge(pjsip_pgp_challenge * chal,char * buf,pj_size_t size)280 static int print_pgp_challenge( pjsip_pgp_challenge *chal,
281 char *buf, pj_size_t size)
282 {
283 PJ_UNUSED_ARG(chal);
284 PJ_UNUSED_ARG(buf);
285 PJ_UNUSED_ARG(size);
286 return -1;
287 }
288
pjsip_www_authenticate_hdr_print(pjsip_www_authenticate_hdr * hdr,char * buf,pj_size_t size)289 static int pjsip_www_authenticate_hdr_print( pjsip_www_authenticate_hdr *hdr,
290 char *buf, pj_size_t size)
291 {
292 int printed;
293 char *startbuf = buf;
294 char *endbuf = buf + size;
295
296 copy_advance(buf, hdr->name);
297 *buf++ = ':';
298 *buf++ = ' ';
299
300 copy_advance(buf, hdr->scheme);
301 *buf++ = ' ';
302
303 if (pj_stricmp2(&hdr->scheme, "digest") == 0)
304 printed = print_digest_challenge(&hdr->challenge.digest, buf, endbuf - buf);
305 else if (pj_stricmp2(&hdr->scheme, "pgp") == 0)
306 printed = print_pgp_challenge(&hdr->challenge.pgp, buf, endbuf - buf);
307 else {
308 pj_assert(0);
309 return -1;
310 }
311
312 if (printed == -1)
313 return -1;
314
315 buf += printed;
316 *buf = '\0';
317 return (int)(buf-startbuf);
318 }
319
pjsip_www_authenticate_hdr_clone(pj_pool_t * pool,const pjsip_www_authenticate_hdr * rhs)320 static pjsip_www_authenticate_hdr* pjsip_www_authenticate_hdr_clone( pj_pool_t *pool,
321 const pjsip_www_authenticate_hdr *rhs)
322 {
323 /* This function also serves Proxy-Authenticate header. */
324 pjsip_www_authenticate_hdr *hdr;
325 if (rhs->type == PJSIP_H_WWW_AUTHENTICATE)
326 hdr = pjsip_www_authenticate_hdr_create(pool);
327 else
328 hdr = pjsip_proxy_authenticate_hdr_create(pool);
329
330 pj_strdup(pool, &hdr->scheme, &rhs->scheme);
331
332 if (pj_stricmp2(&hdr->scheme, "digest") == 0) {
333 pj_strdup(pool, &hdr->challenge.digest.realm, &rhs->challenge.digest.realm);
334 pj_strdup(pool, &hdr->challenge.digest.domain, &rhs->challenge.digest.domain);
335 pj_strdup(pool, &hdr->challenge.digest.nonce, &rhs->challenge.digest.nonce);
336 pj_strdup(pool, &hdr->challenge.digest.opaque, &rhs->challenge.digest.opaque);
337 hdr->challenge.digest.stale = rhs->challenge.digest.stale;
338 pj_strdup(pool, &hdr->challenge.digest.algorithm, &rhs->challenge.digest.algorithm);
339 pj_strdup(pool, &hdr->challenge.digest.qop, &rhs->challenge.digest.qop);
340 pjsip_param_clone(pool, &hdr->challenge.digest.other_param,
341 &rhs->challenge.digest.other_param);
342 } else if (pj_stricmp2(&hdr->scheme, "pgp") == 0) {
343 pj_assert(0);
344 return NULL;
345 } else {
346 pj_assert(0);
347 return NULL;
348 }
349
350 return hdr;
351
352 }
353
pjsip_www_authenticate_hdr_shallow_clone(pj_pool_t * pool,const pjsip_www_authenticate_hdr * rhs)354 static pjsip_www_authenticate_hdr* pjsip_www_authenticate_hdr_shallow_clone( pj_pool_t *pool,
355 const pjsip_www_authenticate_hdr *rhs)
356 {
357 /* This function also serves Proxy-Authenticate header. */
358 pjsip_www_authenticate_hdr *hdr;
359 hdr = PJ_POOL_ALLOC_T(pool, pjsip_www_authenticate_hdr);
360 pj_memcpy(hdr, rhs, sizeof(*hdr));
361 pjsip_param_shallow_clone(pool, &hdr->challenge.common.other_param,
362 &rhs->challenge.common.other_param);
363 return hdr;
364 }
365
366
367