sjero.net Git - linphone/blob - coreapi/authentication.c

   1 /***************************************************************************
   2  *            authentication.c
   3  *
   4  *  Fri Jul 16 12:08:34 2004
   5  *  Copyright  2004-2009  Simon MORLAT
   6  *  simon.morlat@linphone.org
   7  ****************************************************************************/
   8
   9 /*
  10  *  This program is free software; you can redistribute it and/or modify
  11  *  it under the terms of the GNU General Public License as published by
  12  *  the Free Software Foundation; either version 2 of the License, or
  13  *  (at your option) any later version.
  14  *
  15  *  This program is distributed in the hope that it will be useful,
  16  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  *  GNU Library General Public License for more details.
  19  *
  20  *  You should have received a copy of the GNU General Public License
  21  *  along with this program; if not, write to the Free Software
  22  *  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  23  */
  24
  25 #include "linphonecore.h"
  26 #include "private.h"
  27 #include <eXosip2/eXosip.h>
  28 #include <osipparser2/osip_message.h>
  29 #include "lpconfig.h"
  30
  31 extern LinphoneProxyConfig *linphone_core_get_proxy_config_from_rid(LinphoneCore *lc, int rid);
  32
  33 /**
  34  * @addtogroup authentication
  35  * @{
  36 **/
  37
  38 /**
  39  * Create a LinphoneAuthInfo object with supplied information.
  40  *
  41  * The object can be created empty, that is with all arguments set to NULL.
  42  * Username, userid, password and realm can be set later using specific methods.
  43 **/
  44 LinphoneAuthInfo *linphone_auth_info_new(const char *username, const char *userid,
  45                                                                                                                 const char *passwd, const char *ha1,const char *realm)
  46 {
  47         LinphoneAuthInfo *obj=ms_new0(LinphoneAuthInfo,1);
  48         if (username!=NULL && (strlen(username)>0) ) obj->username=ms_strdup(username);
  49         if (userid!=NULL && (strlen(userid)>0)) obj->userid=ms_strdup(userid);
  50         if (passwd!=NULL && (strlen(passwd)>0)) obj->passwd=ms_strdup(passwd);
  51         if (ha1!=NULL && (strlen(ha1)>0)) obj->ha1=ms_strdup(ha1);
  52         if (realm!=NULL && (strlen(realm)>0)) obj->realm=ms_strdup(realm);
  53         obj->works=FALSE;
  54         obj->first_time=TRUE;
  55         return obj;
  56 }
  57
  58 static LinphoneAuthInfo *linphone_auth_info_clone(const LinphoneAuthInfo *ai){
  59         LinphoneAuthInfo *obj=ms_new0(LinphoneAuthInfo,1);
  60         if (ai->username) obj->username=ms_strdup(ai->username);
  61         if (ai->userid) obj->userid=ms_strdup(ai->userid);
  62         if (ai->passwd) obj->passwd=ms_strdup(ai->passwd);
  63         if (ai->ha1)    obj->ha1=ms_strdup(ai->ha1);
  64         if (ai->realm)  obj->realm=ms_strdup(ai->realm);
  65         obj->works=FALSE;
  66         obj->first_time=TRUE;
  67         return obj;
  68 }
  69
  70 /**
  71  * Sets the password.
  72 **/
  73 void linphone_auth_info_set_passwd(LinphoneAuthInfo *info, const char *passwd){
  74         if (info->passwd!=NULL) {
  75                 ms_free(info->passwd);
  76                 info->passwd=NULL;
  77         }
  78         if (passwd!=NULL && (strlen(passwd)>0)) info->passwd=ms_strdup(passwd);
  79 }
  80
  81 /**
  82  * Sets the username.
  83 **/
  84 void linphone_auth_info_set_username(LinphoneAuthInfo *info, const char *username){
  85         if (info->username){
  86                 ms_free(info->username);
  87                 info->username=NULL;
  88         }
  89         if (username && strlen(username)>0) info->username=ms_strdup(username);
  90 }
  91
  92 /**
  93  * Sets userid.
  94 **/
  95 void linphone_auth_info_set_userid(LinphoneAuthInfo *info, const char *userid){
  96         if (info->userid){
  97                 ms_free(info->userid);
  98                 info->userid=NULL;
  99         }
 100         if (userid && strlen(userid)>0) info->userid=ms_strdup(userid);
 101 }
 102
 103 /**
 104  * Destroys a LinphoneAuthInfo object.
 105 **/
 106 void linphone_auth_info_destroy(LinphoneAuthInfo *obj){
 107         if (obj->username!=NULL) ms_free(obj->username);
 108         if (obj->userid!=NULL) ms_free(obj->userid);
 109         if (obj->passwd!=NULL) ms_free(obj->passwd);
 110         if (obj->ha1!=NULL) ms_free(obj->ha1);
 111         if (obj->realm!=NULL) ms_free(obj->realm);
 112         ms_free(obj);
 113 }
 114
 115 void linphone_auth_info_write_config(LpConfig *config, LinphoneAuthInfo *obj, int pos)
 116 {
 117         char key[50];
 118         sprintf(key,"auth_info_%i",pos);
 119         lp_config_clean_section(config,key);
 120
 121         if (obj==NULL){
 122                 return;
 123         }
 124         if (obj->username!=NULL){
 125                 lp_config_set_string(config,key,"username",obj->username);
 126         }
 127         if (obj->userid!=NULL){
 128                 lp_config_set_string(config,key,"userid",obj->userid);
 129         }
 130         if (obj->passwd!=NULL){
 131                 lp_config_set_string(config,key,"passwd",obj->passwd);
 132         }
 133         if (obj->ha1!=NULL){
 134                 lp_config_set_string(config,key,"ha1",obj->ha1);
 135         }
 136         if (obj->realm!=NULL){
 137                 lp_config_set_string(config,key,"realm",obj->realm);
 138         }
 139 }
 140
 141 LinphoneAuthInfo *linphone_auth_info_new_from_config_file(LpConfig * config, int pos)
 142 {
 143         char key[50];
 144         const char *username,*userid,*passwd,*ha1,*realm;
 145
 146         sprintf(key,"auth_info_%i",pos);
 147         if (!lp_config_has_section(config,key)){
 148                 return NULL;
 149         }
 150
 151         username=lp_config_get_string(config,key,"username",NULL);
 152         userid=lp_config_get_string(config,key,"userid",NULL);
 153         passwd=lp_config_get_string(config,key,"passwd",NULL);
 154         ha1=lp_config_get_string(config,key,"ha1",NULL);
 155         realm=lp_config_get_string(config,key,"realm",NULL);
 156         return linphone_auth_info_new(username,userid,passwd,ha1,realm);
 157 }
 158
 159 static bool_t key_match(const char *tmp1, const char *tmp2){
 160         if (tmp1==NULL && tmp2==NULL) return TRUE;
 161         if (tmp1!=NULL && tmp2!=NULL && strcmp(tmp1,tmp2)==0) return TRUE;
 162         return FALSE;
 163
 164 }
 165
 166 static char * remove_quotes(char * input){
 167         char *tmp;
 168         if (*input=='"') input++;
 169         tmp=strchr(input,'"');
 170         if (tmp) *tmp='\0';
 171         return input;
 172 }
 173
 174 static int realm_match(const char *realm1, const char *realm2){
 175         if (realm1==NULL && realm2==NULL) return TRUE;
 176         if (realm1!=NULL && realm2!=NULL){
 177                 if (strcmp(realm1,realm2)==0) return TRUE;
 178                 else{
 179                         char tmp1[128];
 180                         char tmp2[128];
 181                         char *p1,*p2;
 182                         strncpy(tmp1,realm1,sizeof(tmp1)-1);
 183                         strncpy(tmp2,realm2,sizeof(tmp2)-1);
 184                         p1=remove_quotes(tmp1);
 185                         p2=remove_quotes(tmp2);
 186                         return strcmp(p1,p2)==0;
 187                 }
 188         }
 189         return FALSE;
 190 }
 191
 192 /**
 193  * Retrieves a LinphoneAuthInfo previously entered into the LinphoneCore.
 194 **/
 195 const LinphoneAuthInfo *linphone_core_find_auth_info(LinphoneCore *lc, const char *realm, const char *username)
 196 {
 197         MSList *elem;
 198         LinphoneAuthInfo *ret=NULL,*candidate=NULL;
 199         for (elem=lc->auth_info;elem!=NULL;elem=elem->next){
 200                 LinphoneAuthInfo *pinfo=(LinphoneAuthInfo*)elem->data;
 201                 if (realm==NULL){
 202                         /*return the authinfo for any realm provided that there is only one for that username*/
 203                         if (key_match(pinfo->username,username)){
 204                                 if (ret!=NULL){
 205                                         ms_warning("There are several auth info for username '%s'",username);
 206                                         return NULL;
 207                                 }
 208                                 ret=pinfo;
 209                         }
 210                 }else{
 211                         /*return the exact authinfo, or an authinfo for which realm was not supplied yet*/
 212                         if (pinfo->realm!=NULL){
 213                                 if (realm_match(pinfo->realm,realm)
 214                                         && key_match(pinfo->username,username))
 215                                         ret=pinfo;
 216                         }else{
 217                                 if (key_match(pinfo->username,username))
 218                                         candidate=pinfo;
 219                         }
 220                 }
 221         }
 222         if (ret==NULL && candidate!=NULL)
 223                 ret=candidate;
 224         return ret;
 225 }
 226
 227 static void refresh_exosip_auth_info(LinphoneCore *lc){
 228         MSList *elem;
 229         eXosip_lock();
 230         eXosip_clear_authentication_info();
 231         for (elem=lc->auth_info;elem!=NULL;elem=ms_list_next(elem)){
 232                 LinphoneAuthInfo *info=(LinphoneAuthInfo*)elem->data;
 233                 char *userid;
 234                 if (info->userid==NULL || info->userid[0]=='\0') userid=info->username;
 235                 else userid=info->userid;
 236                 eXosip_add_authentication_info(info->username,userid,
 237                                 info->passwd,info->ha1,info->realm);
 238         }
 239         eXosip_unlock();
 240 }
 241
 242 /**
 243  * Adds authentication information to the LinphoneCore.
 244  *
 245  * This information will be used during all SIP transacations that require authentication.
 246 **/
 247 void linphone_core_add_auth_info(LinphoneCore *lc, const LinphoneAuthInfo *info)
 248 {
 249         LinphoneAuthInfo *ai;
 250
 251         /* find if we are attempting to modify an existing auth info */
 252         ai=(LinphoneAuthInfo*)linphone_core_find_auth_info(lc,info->realm,info->username);
 253         if (ai!=NULL){
 254                 lc->auth_info=ms_list_remove(lc->auth_info,ai);
 255                 linphone_auth_info_destroy(ai);
 256         }
 257         lc->auth_info=ms_list_append(lc->auth_info,linphone_auth_info_clone(info));
 258
 259         refresh_exosip_auth_info(lc);
 260         /* if the user was prompted, re-allow automatic_action */
 261         if (lc->automatic_action>0) lc->automatic_action--;
 262 }
 263
 264
 265 /**
 266  * This method is used to abort a user authentication request initiated by LinphoneCore
 267  * from the auth_info_requested callback of LinphoneCoreVTable.
 268 **/
 269 void linphone_core_abort_authentication(LinphoneCore *lc,  LinphoneAuthInfo *info){
 270         if (lc->automatic_action>0) lc->automatic_action--;
 271 }
 272
 273 /**
 274  * Removes an authentication information object.
 275 **/
 276 void linphone_core_remove_auth_info(LinphoneCore *lc, const LinphoneAuthInfo *info){
 277         int i;
 278         MSList *elem;
 279         LinphoneAuthInfo *r;
 280         r=(LinphoneAuthInfo*)linphone_core_find_auth_info(lc,info->realm,info->username);
 281         if (r){
 282                 lc->auth_info=ms_list_remove(lc->auth_info,r);
 283                 /*printf("len=%i newlen=%i\n",len,newlen);*/
 284                 linphone_auth_info_destroy(r);
 285                 for (elem=lc->auth_info,i=0;elem!=NULL;elem=ms_list_next(elem),i++){
 286                         linphone_auth_info_write_config(lc->config,(LinphoneAuthInfo*)elem->data,i);
 287                 }
 288                 linphone_auth_info_write_config(lc->config,NULL,i);
 289                 refresh_exosip_auth_info(lc);
 290         }
 291 }
 292
 293 /**
 294  * Returns an unmodifiable list of currently entered LinphoneAuthInfo.
 295 **/
 296 const MSList *linphone_core_get_auth_info_list(const LinphoneCore *lc){
 297         return lc->auth_info;
 298 }
 299
 300 /**
 301  * Clear all authentication information.
 302 **/
 303 void linphone_core_clear_all_auth_info(LinphoneCore *lc){
 304         MSList *elem;
 305         int i;
 306         eXosip_lock();
 307         eXosip_clear_authentication_info();
 308         eXosip_unlock();
 309         for(i=0,elem=lc->auth_info;elem!=NULL;elem=ms_list_next(elem),i++){
 310                 LinphoneAuthInfo *info=(LinphoneAuthInfo*)elem->data;
 311                 linphone_auth_info_destroy(info);
 312                 linphone_auth_info_write_config(lc->config,NULL,i);
 313         }
 314         ms_list_free(lc->auth_info);
 315         lc->auth_info=NULL;
 316 }
 317
 318 void linphone_authentication_ok(LinphoneCore *lc, eXosip_event_t *ev){
 319         char *prx_realm=NULL,*www_realm=NULL;
 320         osip_proxy_authorization_t *prx_auth;
 321         osip_authorization_t *www_auth;
 322         osip_message_t *msg=ev->request;
 323         char *username;
 324         LinphoneAuthInfo *as=NULL;
 325
 326         username=osip_uri_get_username(msg->from->url);
 327         osip_message_get_proxy_authorization(msg,0,&prx_auth);
 328         osip_message_get_authorization(msg,0,&www_auth);
 329         if (prx_auth!=NULL)
 330                 prx_realm=osip_proxy_authorization_get_realm(prx_auth);
 331         if (www_auth!=NULL)
 332                 www_realm=osip_authorization_get_realm(www_auth);
 333
 334         if (prx_realm==NULL && www_realm==NULL){
 335                 ms_message("No authentication info in the request, ignoring");
 336                 return;
 337         }
 338         /* see if we already have this auth information , not to ask it everytime to the user */
 339         if (prx_realm!=NULL)
 340                 as=(LinphoneAuthInfo*)linphone_core_find_auth_info(lc,prx_realm,username);
 341         if (www_realm!=NULL)
 342                 as=(LinphoneAuthInfo*)linphone_core_find_auth_info(lc,www_realm,username);
 343         if (as){
 344                 ms_message("Authentication for user=%s realm=%s is working.",username,prx_realm ? prx_realm : www_realm);
 345                 as->works=TRUE;
 346         }
 347 }
 348
 349
 350 void linphone_core_find_or_ask_for_auth_info(LinphoneCore *lc,const char *username,const char* realm, int tid)
 351 {
 352         LinphoneAuthInfo *as=(LinphoneAuthInfo*)linphone_core_find_auth_info(lc,realm,username);
 353         if ( as==NULL || (as!=NULL && as->works==FALSE && as->first_time==FALSE)){
 354                 if (lc->vtable.auth_info_requested!=NULL){
 355                         lc->vtable.auth_info_requested(lc,realm,username);
 356                         lc->automatic_action++;/*suspends eXosip_automatic_action until the user supplies a password */
 357                 }
 358         }
 359         if (as) as->first_time=FALSE;
 360 }
 361
 362 void linphone_process_authentication(LinphoneCore *lc, eXosip_event_t *ev)
 363 {
 364         char *prx_realm=NULL,*www_realm=NULL;
 365         osip_proxy_authenticate_t *prx_auth;
 366         osip_www_authenticate_t *www_auth;
 367         osip_message_t *resp=ev->response;
 368         char *username;
 369
 370         /*
 371         if (strcmp(ev->request->sip_method,"REGISTER")==0) {
 372                 gstate_new_state(lc, GSTATE_REG_FAILED, "Authentication required");
 373         }
 374         */
 375
 376         username=osip_uri_get_username(resp->from->url);
 377         prx_auth=(osip_proxy_authenticate_t*)osip_list_get(&resp->proxy_authenticates,0);
 378         www_auth=(osip_proxy_authenticate_t*)osip_list_get(&resp->www_authenticates,0);
 379         if (prx_auth!=NULL)
 380                 prx_realm=osip_proxy_authenticate_get_realm(prx_auth);
 381         if (www_auth!=NULL)
 382                 www_realm=osip_www_authenticate_get_realm(www_auth);
 383
 384         if (prx_realm==NULL && www_realm==NULL){
 385                 ms_warning("No realm in the server response.");
 386                 return;
 387         }
 388         /* see if we already have this auth information , not to ask it everytime to the user */
 389         if (prx_realm!=NULL)
 390                 linphone_core_find_or_ask_for_auth_info(lc,username,prx_realm,ev->tid);
 391         if (www_realm!=NULL)
 392                 linphone_core_find_or_ask_for_auth_info(lc,username,www_realm,ev->tid);
 393 }
 394
 395
 396 /**
 397  * @}
 398 **/