Hi Andrea,
Seems to be an inconsistency in the code, as the aaa_proxy function
accepts as second optional param a custom auth username. But the aaa_www
does not :(
Try the attached patch and you should be able to pass a second param as
a variable containing the auth username.
Regards,
Bogdan
On 04/27/2012 05:58 PM, AndreaM wrote:
Hi to all,
I have to change the authentication Digest-URI value
(http://www.opensips.org/Resources/DocsCoreVar18#toc5) before sending
the AAA RADIUS request.
For example:
if (is_method("REGISTER"))
{
# Change here Digest-URI (before sending RADIUS request)
if (!aaa_www_authorize("1.2.3.4")) {
www_challenge("1.2.3.4", "1");
exit;
};
I tried to:
1) set $adu pseudo-variable (no way, it's a read-only PV...)
2) parse the SIP message and change Digest-URI, using "subst()"
function from TEXTOPS module. It didn't work.
3) use "radius_send_auth()" from AAA_RADIUS module, but I'd rather not
use it (too much complex !).
Anyone can suggest a way to change authentication Digest-URI value ?
Thank you.
AndreaM
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
--
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
Index: modules/auth_aaa/authaaa_mod.c
===================================================================
--- modules/auth_aaa/authaaa_mod.c (revision 8979)
+++ modules/auth_aaa/authaaa_mod.c (working copy)
@@ -66,6 +66,8 @@
static cmd_export_t cmds[] = {
{"aaa_www_authorize", (cmd_function)aaa_www_authorize, 1, auth_fixup,
0, REQUEST_ROUTE},
+ {"aaa_www_authorize", (cmd_function)aaa_www_authorize, 2, auth_fixup,
+ 0, REQUEST_ROUTE},
{"aaa_proxy_authorize", (cmd_function)aaa_proxy_authorize_1, 1, auth_fixup,
0, REQUEST_ROUTE},
{"aaa_proxy_authorize", (cmd_function)aaa_proxy_authorize_2, 2, auth_fixup,
Index: modules/auth_aaa/authorize.c
===================================================================
--- modules/auth_aaa/authorize.c (revision 8979)
+++ modules/auth_aaa/authorize.c (working copy)
@@ -169,8 +169,8 @@
/*
* Authorize using WWW-Authorize header field
*/
-int aaa_www_authorize(struct sip_msg* _msg, char* _realm, char* _s2)
+int aaa_www_authorize(struct sip_msg* _msg, char* _realm, char* _uri_user)
{
- return authorize(_msg, (pv_elem_t*)_realm, (pv_spec_t *)0,
- HDR_AUTHORIZATION_T);
+ return authorize(_msg, (pv_elem_t*)_realm, (pv_spec_t *)_uri_user,
+ HDR_AUTHORIZATION_T);
}
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
