Browse code

secsipid: added secsipid_check(sidentity, keypath)

- check the identity value provided in the first parameter

Daniel-Constantin Mierla authored on 18/06/2021 12:02:07
Showing 1 changed files
... ...
@@ -52,6 +52,7 @@ static int child_init(int);
52 52
 static void mod_destroy(void);
53 53
 
54 54
 static int w_secsipid_check_identity(sip_msg_t *msg, char *pkeypath, char *str2);
55
+static int w_secsipid_check(sip_msg_t *msg, char *pidentity, char *pkeypath);
55 56
 static int w_secsipid_check_identity_pubkey(sip_msg_t *msg, char *pkeyval, char *str2);
56 57
 static int w_secsipid_add_identity(sip_msg_t *msg, char *porigtn, char *pdesttn,
57 58
 			char *pattest, char *porigid, char *px5u, char *pkeypath);
... ...
@@ -82,6 +83,8 @@ static cmd_export_t cmds[]={
82 83
 		fixup_spve_null, fixup_free_spve_null, ANY_ROUTE},
83 84
 	{"secsipid_check_identity_pubkey", (cmd_function)w_secsipid_check_identity_pubkey, 1,
84 85
 		fixup_spve_null, fixup_free_spve_null, ANY_ROUTE},
86
+	{"secsipid_check", (cmd_function)w_secsipid_check, 2,
87
+		fixup_spve_spve, fixup_free_spve_spve, ANY_ROUTE},
85 88
 	{"secsipid_add_identity", (cmd_function)w_secsipid_add_identity, 6,
86 89
 		fixup_spve_all, fixup_free_spve_all, ANY_ROUTE},
87 90
 	{"secsipid_build_identity", (cmd_function)w_secsipid_build_identity, 6,
... ...
@@ -325,6 +328,56 @@ static int w_secsipid_check_identity_pubkey(sip_msg_t *msg, char *pkeyval, char
325 328
 	return ki_secsipid_check_identity_pubkey(msg, &keyval);
326 329
 }
327 330
 
331
+/**
332
+ *
333
+ */
334
+static int ki_secsipid_check(sip_msg_t *msg, str *sidentity, str *keypath)
335
+{
336
+	int ret = 1;
337
+
338
+	if(secsipid_cache_dir.len > 0) {
339
+		_secsipid_papi.SecSIPIDSetFileCacheOptions(secsipid_cache_dir.s,
340
+				secsipid_cache_expire);
341
+	}
342
+	if(secsipid_libopt_list_used==0) {
343
+		str_list_t *sit;
344
+		for(sit=secsipid_libopt_list; sit!=NULL; sit=sit->next) {
345
+			_secsipid_papi.SecSIPIDOptSetV(sit->s.s);
346
+		}
347
+		secsipid_libopt_list_used = 1;
348
+	}
349
+	ret = _secsipid_papi.SecSIPIDCheckFull(sidentity->s, sidentity->len,
350
+			secsipid_expire, keypath->s, secsipid_timeout);
351
+
352
+	if(ret==0) {
353
+		LM_DBG("identity check: ok\n");
354
+		return 1;
355
+	}
356
+
357
+	LM_DBG("identity check: failed\n");
358
+	return ret;
359
+}
360
+
361
+/**
362
+ *
363
+ */
364
+static int w_secsipid_check(sip_msg_t *msg, char *pidentity, char *pkeypath)
365
+{
366
+	str sidentity = STR_NULL;
367
+	str keypath = STR_NULL;
368
+
369
+	if(fixup_get_svalue(msg, (gparam_t*)pidentity, &sidentity)<0) {
370
+		LM_ERR("failed to get identity value parameter\n");
371
+		return -1;
372
+	}
373
+
374
+	if(fixup_get_svalue(msg, (gparam_t*)pkeypath, &keypath)<0) {
375
+		LM_ERR("failed to get keypath parameter\n");
376
+		return -1;
377
+	}
378
+
379
+	return ki_secsipid_check(msg, &sidentity, &keypath);
380
+}
328 381
 
329 382
 /**
330 383
  *
... ...
@@ -704,6 +757,11 @@ static sr_kemi_t sr_kemi_secsipid_exports[] = {
704 757
 		{ SR_KEMIP_STR, SR_KEMIP_NONE, SR_KEMIP_NONE,
705 758
 			SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE }
706 759
 	},
760
+	{ str_init("secsipid"), str_init("secsipid_check"),
761
+		SR_KEMIP_INT, ki_secsipid_check,
762
+		{ SR_KEMIP_STR, SR_KEMIP_STR, SR_KEMIP_NONE,
763
+			SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE }
764
+	},
707 765
 	{ str_init("secsipid"), str_init("secsipid_add_identity"),
708 766
 		SR_KEMIP_INT, ki_secsipid_add_identity,
709 767
 		{ SR_KEMIP_STR, SR_KEMIP_STR, SR_KEMIP_STR,