Hi,
At 1&1, we found it useful to trigger the generation of AVPs even if
authentication fails. Do you find such a facility useful for upstream?
The changes are really small as you can see from the attached patch.
Thank you,
Lucian Balaceanu
>From 55f065b7f8a2ef600083d62e71a4573e5d261cdc Mon Sep 17 00:00:00 2001
From: lucian balanceanu <[email protected]>
Date: Wed, 30 Jul 2014 18:25:50 +0300
Subject: [PATCH] auth_db: trigger avp generation earlier
- avps are generated even if authentication fails
---
modules/auth_db/authorize.c | 17 ++++-------------
1 files changed, 4 insertions(+), 13 deletions(-)
diff --git a/modules/auth_db/authorize.c b/modules/auth_db/authorize.c
index b3700f2..976c740 100644
--- a/modules/auth_db/authorize.c
+++ b/modules/auth_db/authorize.c
@@ -291,23 +291,14 @@ static int digest_authenticate_hdr(sip_msg_t* msg, str *realm,
goto end;
}
+ generate_avps(msg, result);
+
/* Recalculate response, it must be same to authorize successfully */
ret = auth_api.check_response(&(cred->digest), method, ha1);
if(ret==AUTHENTICATED) {
- ret = AUTH_OK;
- switch(auth_api.post_auth(msg, h)) {
- case AUTHENTICATED:
- generate_avps(msg, result);
- break;
- default:
- ret = AUTH_ERROR;
- break;
- }
+ ret = ( AUTHENTICATED == auth_api.post_auth(msg, h)) ? AUTH_OK:AUTH_ERROR;
} else {
- if(ret==NOT_AUTHENTICATED)
- ret = AUTH_INVALID_PASSWORD;
- else
- ret = AUTH_ERROR;
+ ret = ( NOT_AUTHENTICATED == ret) ? AUTH_INVALID_PASSWORD:AUTH_ERROR;
}
end:
--
1.7.4.1
_______________________________________________
sr-dev mailing list
[email protected]
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
