Browse code

- rpid stuff - ZSW escaping

Jan Janak authored on 28/04/2003 22:03:15
Showing 15 changed files
... ...
@@ -34,6 +34,7 @@
34 34
 #include "auth_mod.h"
35 35
 #include "nonce.h"
36 36
 #include "common.h"
37
+#include "rpid.h"
37 38
 
38 39
 
39 40
 /*
... ...
@@ -164,7 +165,7 @@ auth_result_t pre_auth(struct sip_msg* _m, str* _realm, int _hftype, struct hdr_
164 165
 	if (check_dig_cred(&(c->digest)) != E_DIG_OK) {
165 166
 		LOG(L_ERR, "pre_auth(): Credentials received are not filled properly\n");
166 167
 		if (send_resp(_m, 400, MESSAGE_400, 0, 0) == -1) {
167
-			LOG(L_ERR, "authorize(): Error while sending 400 reply\n");
168
+			LOG(L_ERR, "pre_auth(): Error while sending 400 reply\n");
168 169
 		}
169 170
 		return ERROR;
170 171
 	}
... ...
@@ -182,7 +183,7 @@ auth_result_t pre_auth(struct sip_msg* _m, str* _realm, int _hftype, struct hdr_
182 183
  * Purpose of this function is to do post authentication steps like
183 184
  * marking authorized credentials and so on.
184 185
  */
185
-auth_result_t post_auth(struct sip_msg* _m, struct hdr_field* _h)
186
+auth_result_t post_auth(struct sip_msg* _m, struct hdr_field* _h, str* _rpid)
186 187
 {
187 188
 	auth_body_t* c;
188 189
 
... ...
@@ -208,10 +209,11 @@ auth_result_t post_auth(struct sip_msg* _m, struct hdr_field* _h)
208 209
 	if (mark_authorized_cred(_m, _h) < 0) {
209 210
 		LOG(L_ERR, "post_auth(): Error while marking parsed credentials\n");
210 211
 		if (send_resp(_m, 500, MESSAGE_500, 0, 0) == -1) {
211
-			LOG(L_ERR, "authorize(): Error while sending 400 reply\n");
212
+			LOG(L_ERR, "post_auth(): Error while sending 500 reply\n");
212 213
 		}
213 214
 		return ERROR;
214 215
 	}
215 216
 
217
+	save_rpid(_rpid);
216 218
 	return AUTHORIZED;
217 219
 }
... ...
@@ -35,6 +35,7 @@
35 35
 #include "../../parser/hf.h"
36 36
 #include "../../str.h"
37 37
 
38
+#define MAX_RPID_LEN 1024  /* Size of the buffer */
38 39
 
39 40
 typedef enum auth_result {
40 41
 	ERROR = -2 ,        /* Error occured, a reply has been sent out -> return 0 to the ser core */
... ...
@@ -59,9 +60,8 @@ auth_result_t pre_auth(struct sip_msg* _m, str* _realm, int _hftype, struct hdr_
59 60
  * Purpose of this function is to do post authentication steps like
60 61
  * marking authorized credentials and so on.
61 62
  */
62
-typedef auth_result_t (*post_auth_f)(struct sip_msg* _m, struct hdr_field* _h);
63
-
64
-auth_result_t post_auth(struct sip_msg* _m, struct hdr_field* _h);
63
+typedef auth_result_t (*post_auth_f)(struct sip_msg* _m, struct hdr_field* _h, str* _rpid);
65 64
 
65
+auth_result_t post_auth(struct sip_msg* _m, struct hdr_field* _h, str* _rpid);
66 66
 
67 67
 #endif /* API_H */
... ...
@@ -28,10 +28,11 @@
28 28
  *
29 29
  * History:
30 30
  * --------
31
- * 2003-02-26: checks and group moved to separate modules (janakj)
32
- * 2003-03-10: New module interface (janakj)
33
- * 2003-03-16: flags export parameter added (janakj)
34
- * 2003-03-19  all mallocs/frees replaced w/ pkg_malloc/pkg_free (andrei)
31
+ * 2003-02-26 checks and group moved to separate modules (janakj)
32
+ * 2003-03-10 New module interface (janakj)
33
+ * 2003-03-16 flags export parameter added (janakj)
34
+ * 2003-03-19 all mallocs/frees replaced w/ pkg_malloc/pkg_free (andrei)
35
+ * 2003-04-28 rpid contributed by Juha Heinanen added (janakj) 
35 36
  */
36 37
 
37 38
 #include <stdio.h>
... ...
@@ -44,6 +45,7 @@
44 45
 #include "../../ut.h"
45 46
 #include "auth_mod.h"
46 47
 #include "challenge.h"
48
+#include "rpid.h"
47 49
 #include "api.h"
48 50
 
49 51
 MODULE_VERSION
... ...
@@ -87,15 +89,24 @@ str secret;
87 89
 char* sec_rand = 0;
88 90
 
89 91
 
92
+/*
93
+ * Default Remote-Party-ID suffix
94
+ */
95
+char* rpid_suffix_param = ";party=calling;id-type=subscriber;screen=yes";
96
+str rpid_suffix;
97
+
98
+
90 99
 /*
91 100
  * Exported functions 
92 101
  */
93 102
 static cmd_export_t cmds[] = {
94 103
 	{"www_challenge",       www_challenge,           2, challenge_fixup, REQUEST_ROUTE},
95 104
 	{"proxy_challenge",     proxy_challenge,         2, challenge_fixup, REQUEST_ROUTE},
96
-	{"consume_credentials", consume_credentials,     0, 0              , REQUEST_ROUTE},
97
-	{"~pre_auth",           (cmd_function)pre_auth,  0, 0              , 0            },
98
-	{"~post_auth",          (cmd_function)post_auth, 0, 0              , 0            },
105
+	{"consume_credentials", consume_credentials,     0, 0,               REQUEST_ROUTE},
106
+	{"is_rpid_user_e164",   is_rpid_user_e164,       0, 0,               REQUEST_ROUTE},
107
+        {"append_rpid_hf",      append_rpid_hf,          0, 0,               REQUEST_ROUTE},
108
+	{"pre_auth",            (cmd_function)pre_auth,  0, 0,               0            },
109
+	{"post_auth",           (cmd_function)post_auth, 0, 0,               0            },
99 110
 	{0, 0, 0, 0, 0}
100 111
 };
101 112
 
... ...
@@ -104,8 +115,9 @@ static cmd_export_t cmds[] = {
104 115
  * Exported parameters
105 116
  */
106 117
 static param_export_t params[] = {
107
-	{"secret",       STR_PARAM, &sec_param   },
108
-	{"nonce_expire", INT_PARAM, &nonce_expire},
118
+	{"secret",       STR_PARAM, &sec_param        },
119
+	{"nonce_expire", INT_PARAM, &nonce_expire     },
120
+	{"rpid_suffix",  STR_PARAM, &rpid_suffix_param},
109 121
 	{0, 0, 0}
110 122
 };
111 123
 
... ...
@@ -156,7 +168,7 @@ static inline int generate_random_secret(void)
156 168
 
157 169
 static int mod_init(void)
158 170
 {
159
-	printf("auth module - initializing\n");
171
+	DBG("auth module - initializing\n");
160 172
 	
161 173
 	sl_reply = find_export("sl_send_reply", 2, 0);
162 174
 
... ...
@@ -178,6 +190,9 @@ static int mod_init(void)
178 190
 		secret.len = strlen(secret.s);
179 191
 	}
180 192
 	
193
+	rpid_suffix.s = rpid_suffix_param;
194
+	rpid_suffix.len = strlen(rpid_suffix.s);
195
+
181 196
 	return 0;
182 197
 }
183 198
 
... ...
@@ -25,20 +25,26 @@
25 25
  * You should have received a copy of the GNU General Public License 
26 26
  * along with this program; if not, write to the Free Software 
27 27
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
28
+ *
29
+ * History:
30
+ * --------
31
+ * 2003-04-28 rpid contributed by Juha Heinanen added (janakj)
28 32
  */
29 33
 
30
-
31 34
 #ifndef AUTH_MOD_H
32 35
 #define AUTH_MOD_H
33 36
 
34 37
 #include "../../str.h"
35 38
 #include "../../parser/msg_parser.h"    /* struct sip_msg */
36 39
 
40
+
37 41
 /*
38 42
  * Module parameters variables
39 43
  */
40 44
 extern str secret;            /* secret phrase used to generate nonce */
41 45
 extern int nonce_expire;      /* nonce expire interval */
46
+extern str rpid_suffix;       /* Remote-Party-ID suffix */
47
+
42 48
 
43 49
 /* Stateless reply function pointer */
44 50
 extern int (*sl_reply)(struct sip_msg* _m, char* _str1, char* _str2);
... ...
@@ -120,7 +120,7 @@ static inline char *build_auth_hf(int _retries, int _stale, str* _realm,
120 120
 	memcpy(p, CRLF, CRLF_LEN ); p+=CRLF_LEN;
121 121
 	*p=0; /* zero terminator, just in case */
122 122
 	
123
-	DBG("build_auth_hf(): \'%s\'\n", hf);
123
+	DBG("build_auth_hf(): '%s'\n", hf);
124 124
 	return hf;
125 125
 }
126 126
 
... ...
@@ -146,7 +146,7 @@ int check_nonce(str* _nonce, str* _secret)
146 146
 	calc_nonce(non, expires, _secret);
147 147
 
148 148
 	DBG("check_nonce(): comparing [%.*s] and [%.*s]\n",
149
-	    _nonce->len, _nonce->s, NONCE_LEN, non);
149
+	    _nonce->len, ZSW(_nonce->s), NONCE_LEN, non);
150 150
 	
151 151
 	if (!memcmp(non, _nonce->s, _nonce->len)) {
152 152
 		return 0;
153 153
new file mode 100644
... ...
@@ -0,0 +1,200 @@
1
+/*
2
+ * $Id$
3
+ *
4
+ * Remote-Party-ID related functions
5
+ *
6
+ * Copyright (C) 2001-2003 Fhg Fokus
7
+ *
8
+ * This file is part of ser, a free SIP server.
9
+ *
10
+ * ser is free software; you can redistribute it and/or modify
11
+ * it under the terms of the GNU General Public License as published by
12
+ * the Free Software Foundation; either version 2 of the License, or
13
+ * (at your option) any later version
14
+ *
15
+ * For a license to use the ser software under conditions
16
+ * other than those described here, or to purchase support for this
17
+ * software, please contact iptel.org by e-mail at the following addresses:
18
+ *    info@iptel.org
19
+ *
20
+ * ser is distributed in the hope that it will be useful,
21
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
22
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
23
+ * GNU General Public License for more details.
24
+ *
25
+ * You should have received a copy of the GNU General Public License 
26
+ * along with this program; if not, write to the Free Software 
27
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
28
+ *
29
+ * History:
30
+ * --------
31
+ * 2003-04-28 rpid contributed by Juha Heinanen added (janakj)
32
+ */
33
+
34
+#include <string.h>
35
+#include "../../str.h"
36
+#include "../../data_lump.h"
37
+#include "../../dprint.h"
38
+#include "../../mem/mem.h"
39
+#include "../../parser/parse_to.h"
40
+#include "../../parser/parse_uri.h"
41
+#include "../../ut.h"
42
+#include "auth_mod.h"
43
+#include "api.h"
44
+#include "rpid.h"
45
+
46
+
47
+#define RPID_PREFIX "Remote-Party-ID: "
48
+#define RPID_PREFIX_LEN (sizeof(RPID_PREFIX)-1)
49
+
50
+
51
+static str rpid;                /* rpid, stored in a backend authentication module */
52
+static int rpid_is_e164;        /* 1 - yes, 0 - unknown, -1 - no */
53
+
54
+
55
+/*
56
+ * Copy of is_e164 from enum module
57
+ */
58
+static inline int is_e164(str* _user)
59
+{
60
+	int i;
61
+	char c;
62
+	
63
+	if ((_user->len > 2) && (_user->len < 17) && ((_user->s)[0] == '+')) {
64
+		for (i = 1; i <= _user->len; i++) {
65
+			c = (_user->s)[i];
66
+			if (c < '0' && c > '9') return -1;
67
+		}
68
+		return 1;
69
+	}
70
+	return -1;
71
+}
72
+
73
+
74
+/* 
75
+ * Copy of append_hf_helper from textops.
76
+ */
77
+static inline int append_rpid_helper(struct sip_msg* _m, str *_s)
78
+{
79
+	struct lump* anchor;
80
+	char *s;
81
+	
82
+	if (parse_headers(_m, HDR_EOH, 0) == -1) {
83
+		LOG(L_ERR, "append_rpid(): Error while parsing message\n");
84
+		return -1;
85
+	}
86
+	
87
+	anchor = anchor_lump(&_m->add_rm, _m->unparsed - _m->buf, 0, 0);
88
+	if (!anchor) {
89
+		LOG(L_ERR, "append_rpid(): Can't get anchor\n");
90
+		return -2;
91
+	}
92
+	
93
+	s = pkg_malloc(_s->len);
94
+	if (!s) {
95
+		LOG(L_ERR, "append_rpid(): No memory left\n");
96
+	}
97
+	
98
+	memcpy(s, _s->s, _s->len);
99
+	if (!insert_new_lump_before(anchor, s, _s->len, 0)) {
100
+		LOG(L_ERR, "append_rpid(): Can't insert lump\n");
101
+		pkg_free(s);
102
+		return -3;
103
+	}
104
+
105
+	return 0;
106
+}
107
+
108
+
109
+/*
110
+ * Append RPID header field to the message
111
+ */
112
+int append_rpid_hf(struct sip_msg* _m, char* _s1, char* _s2)
113
+{
114
+	str rpid_hf;
115
+	char *at;
116
+
117
+	     /* No remote party ID, just return */
118
+	if (!rpid.len) {
119
+		DBG("append_rpid_hf(): rpid is empty, nothing to append\n");
120
+		return 1;
121
+	}
122
+	
123
+	rpid_hf.len = RPID_PREFIX_LEN + rpid.len + rpid_suffix.len + CRLF_LEN;
124
+	rpid_hf.s = pkg_malloc(rpid_hf.len);
125
+	if (!rpid_hf.s) {
126
+		LOG(L_ERR, "append_rpid_hf(): No memory left\n");
127
+		return -1;
128
+	}
129
+
130
+	at = rpid_hf.s;
131
+	memcpy(at, RPID_PREFIX, RPID_PREFIX_LEN);
132
+	at += RPID_PREFIX_LEN;
133
+
134
+	memcpy(at, rpid.s, rpid.len);
135
+	at += rpid.len;
136
+
137
+	memcpy(at, rpid_suffix.s, rpid_suffix.len);
138
+	at += rpid_suffix.len;
139
+
140
+	memcpy(at, CRLF, CRLF_LEN);
141
+
142
+	append_rpid_helper(_m, &rpid_hf);
143
+	pkg_free(rpid_hf.s);
144
+	return 1;
145
+}
146
+
147
+
148
+/*
149
+ * Check if SIP URI in rpid contains an e164 user part
150
+ */
151
+int is_rpid_user_e164(struct sip_msg* _m, char* _s1, char* _s2)
152
+{
153
+	struct to_body parsed;
154
+	struct sip_uri uri;
155
+
156
+	if (rpid_is_e164) return rpid_is_e164;
157
+
158
+	if (!rpid.len) {
159
+		DBG("is_rpid_user_e164(): Empty rpid\n");
160
+		rpid_is_e164 = -1;
161
+		return -1;
162
+	}
163
+
164
+	memset(&parsed, 0, sizeof(struct to_body));
165
+	parse_to(rpid.s, rpid.s + rpid.len + 1, &parsed);
166
+	
167
+	if (parsed.error == PARSE_ERROR) {
168
+		LOG(L_ERR, "is_rpid_user_e164(): Bad RPID header\n");
169
+		rpid_is_e164 = -1;
170
+		return -1;
171
+	}
172
+	
173
+	if (parse_uri(parsed.uri.s, parsed.uri.len, &uri) < 0) {
174
+		LOG(L_ERR, "is_rpid_user_e164(): Error while parsing RPID URI\n");
175
+		rpid_is_e164 = -1;
176
+		return -1;
177
+	}
178
+
179
+	rpid_is_e164 = (is_e164(&uri.user) ? 1 : -1);
180
+	return rpid_is_e164;
181
+}
182
+
183
+	
184
+/*
185
+ * Process rpid
186
+ * Will be alway called upon an authentication attempt
187
+ */
188
+void save_rpid(str* _rpid)
189
+{
190
+	rpid.s = 0;
191
+	rpid.len = rpid_is_e164 = 0;
192
+
193
+	if (!_rpid) {
194
+		return;
195
+	}
196
+	
197
+	rpid.s = _rpid->s;
198
+	rpid.len = _rpid->len;
199
+	DBG("save_rpid(): rpid value is '%.*s'\n", _rpid->len, ZSW(_rpid->s));
200
+}
0 201
new file mode 100644
... ...
@@ -0,0 +1,59 @@
1
+/*
2
+ * $Id$
3
+ *
4
+ * Remote-Party-ID related functions
5
+ *
6
+ * Copyright (C) 2001-2003 Fhg Fokus
7
+ *
8
+ * This file is part of ser, a free SIP server.
9
+ *
10
+ * ser is free software; you can redistribute it and/or modify
11
+ * it under the terms of the GNU General Public License as published by
12
+ * the Free Software Foundation; either version 2 of the License, or
13
+ * (at your option) any later version
14
+ *
15
+ * For a license to use the ser software under conditions
16
+ * other than those described here, or to purchase support for this
17
+ * software, please contact iptel.org by e-mail at the following addresses:
18
+ *    info@iptel.org
19
+ *
20
+ * ser is distributed in the hope that it will be useful,
21
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
22
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
23
+ * GNU General Public License for more details.
24
+ *
25
+ * You should have received a copy of the GNU General Public License 
26
+ * along with this program; if not, write to the Free Software 
27
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
28
+ *
29
+ * History:
30
+ * --------
31
+ * 2003-04-28 rpid contributed by Juha Heinanen added (janakj)
32
+ */
33
+
34
+#ifndef RPID_H
35
+#define RPID_H
36
+
37
+#include "../../parser/msg_parser.h"
38
+#include "../../str.h"
39
+
40
+
41
+/*
42
+ * Append RPID header field to the message
43
+ */
44
+int append_rpid_hf(struct sip_msg* _m, char* _s1, char* _s2);
45
+
46
+
47
+/*
48
+ * Check if SIP URI in rpid contains an e164 user part
49
+ */
50
+int is_rpid_user_e164(struct sip_msg* _m, char* _s1, char* _s2);
51
+
52
+
53
+/*
54
+ * Store rpid
55
+ */
56
+void save_rpid(str* _rpid);
57
+
58
+
59
+#endif /* RPID_H */
... ...
@@ -133,7 +133,7 @@ static int child_init(int rank)
133 133
 {
134 134
 	db_handle = db_init(db_url);
135 135
 	if (!db_handle) {
136
-		LOG(L_ERR, "auth:init_child(): Unable to connect database\n");
136
+		LOG(L_ERR, "auth_db:init_child(): Unable to connect database\n");
137 137
 		return -1;
138 138
 	}
139 139
 	return 0;
... ...
@@ -143,7 +143,7 @@ static int child_init(int rank)
143 143
 
144 144
 static int mod_init(void)
145 145
 {
146
-	DBG("auth module - initializing\n");
146
+	DBG("auth_db module - initializing\n");
147 147
 	
148 148
 	     /* Find a database module */
149 149
 	if (bind_dbmod()) {
... ...
@@ -151,8 +151,8 @@ static int mod_init(void)
151 151
 		return -1;
152 152
 	}
153 153
 
154
-	pre_auth_func = (pre_auth_f)find_export("~pre_auth", 0, 0);
155
-	post_auth_func = (post_auth_f)find_export("~post_auth", 0, 0);
154
+	pre_auth_func = (pre_auth_f)find_export("pre_auth", 0, 0);
155
+	post_auth_func = (post_auth_f)find_export("post_auth", 0, 0);
156 156
 
157 157
 	if (!(pre_auth_func && post_auth_func)) {
158 158
 		LOG(L_ERR, "auth_db:mod_init(): This module requires auth module\n");
... ...
@@ -34,6 +34,7 @@
34 34
 
35 35
 
36 36
 #include <string.h>
37
+#include "../../ut.h"
37 38
 #include "../../str.h"
38 39
 #include "../../db/db.h"
39 40
 #include "../../dprint.h"
... ...
@@ -75,7 +76,7 @@ static inline int get_ha1(str* _user, str* _domain, int use_ha1b, char* _table,
75 76
 
76 77
 	if (RES_ROW_N(res) == 0) {
77 78
 		DBG("get_ha1(): no result for user \'%.*s@%.*s\'\n", 
78
-		    _user->len, _user->s, _domain->len, _domain->s);
79
+		    _user->len, ZSW(_user->s), _domain->len, ZSW(_domain->s));
79 80
 		db_free_query(db_handle, res);
80 81
 		return 1;
81 82
 	}
... ...
@@ -150,7 +151,7 @@ static inline int authorize(struct sip_msg* _m, str* _realm, char* _table, int _
150 151
 	struct hdr_field* h;
151 152
 	auth_body_t* cred;
152 153
 	auth_result_t ret;
153
-	str domain;
154
+	str domain, rpid;
154 155
 
155 156
 	domain = *_realm;
156 157
 
... ...
@@ -179,7 +180,11 @@ static inline int authorize(struct sip_msg* _m, str* _realm, char* _table, int _
179 180
 
180 181
 	     /* Recalculate response, it must be same to authorize sucessfully */
181 182
         if (!check_response(&(cred->digest), &_m->first_line.u.request.method, ha1)) {
182
-		ret = post_auth_func(_m, h);
183
+		     /* Not supported yet */
184
+		rpid.s = 0;
185
+		rpid.len = 0;
186
+
187
+		ret = post_auth_func(_m, h, &rpid);
183 188
 		switch(ret) {
184 189
 		case ERROR:          return 0;
185 190
 		case NOT_AUTHORIZED: return -1;
... ...
@@ -49,6 +49,12 @@
49 49
 #include "authrad_mod.h"
50 50
 
51 51
 
52
+/*
53
+ * Buffer to store rpid retrieved from the radius server
54
+ */
55
+static char rpid_buffer[MAX_RPID_LEN];
56
+
57
+
52 58
 /* 
53 59
  * Extract URI depending on the request from To or From header 
54 60
  */
... ...
@@ -80,7 +86,7 @@ static inline int authorize(struct sip_msg* _msg, str* _realm, int _hftype)
80 86
 	auth_result_t ret;
81 87
 	struct hdr_field* h;
82 88
 	auth_body_t* cred;
83
-	str* uri;
89
+	str* uri, rpid;
84 90
 	struct sip_uri puri;
85 91
 	str user, domain;
86 92
 
... ...
@@ -118,11 +124,14 @@ static inline int authorize(struct sip_msg* _msg, str* _realm, int _hftype)
118 124
 	user.s = (char *)pkg_malloc(puri.user.len);
119 125
 	un_escape(&(puri.user), &user);
120 126
 
121
-	res = radius_authorize_sterman(&cred->digest, &_msg->first_line.u.request.method, &user);
127
+	rpid.s = rpid_buffer;
128
+	rpid.len = MAX_RPID_LEN;
129
+
130
+	res = radius_authorize_sterman(&cred->digest, &_msg->first_line.u.request.method, &user, &rpid);
122 131
 	pkg_free(user.s);
123 132
 
124 133
 	if (res == 1) {
125
-		ret = post_auth_func(_msg, h);
134
+		ret = post_auth_func(_msg, h, &rpid);
126 135
 		switch(ret) {
127 136
 		case ERROR:          return 0;
128 137
 		case NOT_AUTHORIZED: return -1;
... ...
@@ -112,8 +112,8 @@ static int mod_init(void)
112 112
 		return -2;
113 113
 	}
114 114
 
115
-	pre_auth_func = (pre_auth_f)find_export("~pre_auth", 0, 0);
116
-	post_auth_func = (post_auth_f)find_export("~post_auth", 0, 0);
115
+	pre_auth_func = (pre_auth_f)find_export("pre_auth", 0, 0);
116
+	post_auth_func = (post_auth_f)find_export("post_auth", 0, 0);
117 117
 
118 118
 	if (!(pre_auth_func && post_auth_func)) {
119 119
 		LOG(L_ERR, "auth_radius: This module requires auth module\n");
... ...
@@ -47,6 +47,7 @@
47 47
 #define PW_SIP_METHOD                   209     /* int */
48 48
 #define PW_SIP_REQ_URI                  210     /* string */
49 49
 #define PW_SIP_CC                       212     /* string */
50
+#define PW_SIP_RPID                     213     /* string */
50 51
 
51 52
 #define PW_DIGEST_REALM		        1063	/* string */
52 53
 #define	PW_DIGEST_NONCE		        1064	/* string */
... ...
@@ -47,7 +47,7 @@
47 47
  * which can be be used as a check item in the request.  Service type of
48 48
  * the request is Authenticate-Only.
49 49
  */
50
-int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user) 
50
+int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user, str* _rpid) 
51 51
 {
52 52
 	static char msg[4096];
53 53
 	VALUE_PAIR *send, *received, *vp;
... ...
@@ -209,14 +209,25 @@ int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user)
209 209
        
210 210
 	/* Send request */
211 211
 	if (rc_auth(SIP_PORT, send, &received, msg) == OK_RC) {
212
-		printf("radius_authorize_sterman(): Success\n");
212
+		DBG("radius_authorize_sterman(): Success\n");
213 213
 		rc_avpair_free(send);
214
+
215
+		     /* Make a copy of rpid if available */
216
+		if ((vp = rc_avpair_get(received, PW_SIP_RPID))) {
217
+			if (_rpid->len < vp->lvalue) {
218
+				LOG(L_ERR, "radius_authorize_sterman(): rpid buffer too small\n");
219
+				return -20;
220
+			}
221
+			memcpy(_rpid->s, vp->strvalue, vp->lvalue);
222
+			_rpid->len = vp->lvalue;
223
+		}
224
+
214 225
 		rc_avpair_free(received);
215 226
 		return 1;
216 227
 	} else {
217
-		printf("radius_authorize_sterman(): Failure\n");
228
+		DBG("radius_authorize_sterman(): Failure\n");
218 229
 		rc_avpair_free(send);
219 230
 		rc_avpair_free(received);
220
-		return -20;
231
+		return -21;
221 232
 	}
222 233
 }
... ...
@@ -45,6 +45,6 @@
45 45
  * which can be be used as a check item in the request.  Service type of
46 46
  * the request is Authenticate-Only.
47 47
  */
48
-int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user); 
48
+int radius_authorize_sterman(dig_cred_t* _cred, str* _method, str* _user, str* _rpid); 
49 49
 
50 50
 #endif /* STERMAN_H */