Skip to content

Commit

Permalink
ims_auth: Improved reply, if HSS returned Error
Browse files Browse the repository at this point in the history
  • Loading branch information
@carstenbock
carstenbock committed Sep 21, 2015
1 parent 6c7d38e commit 7b8ad7a
Showing 1 changed file with 101 additions and 100 deletions.
201 changes: 101 additions & 100 deletions modules/ims_auth/cxdx_mar.c
View file
Expand Up @@ -160,110 +160,111 @@ void async_cdp_callback(int is_timeout, void *param, AAAMessage *maa, long elaps

if (!cxdx_get_sip_number_auth_items(maa, &sip_number_auth_items)) {
sip_number_auth_items = 0;
goto success;
}

//now assign the auth_data_item elements
//there can be many of these in the MAA
struct auth_data_item *adi;
int adi_len;
char *p;
int items_found = 0;
while ((cxdx_get_auth_data_item_answer(maa, &auth_data, &item_number,
&algorithm, &authenticate, &authorization2,
&ck, &ik,
&ip,
&ha1, &response_auth, &digest_realm,
&line_identifier))) {

//create an auth_data_item for each entry in the MAA
adi_len = sizeof (struct auth_data_item) +authenticate.len + authorization2.len + ck.len + ik.len + ip.len + ha1.len + line_identifier.len + response_auth.len + digest_realm.len + algorithm.len;
adi = (struct auth_data_item*) shm_malloc(adi_len);
if (!adi) {
LM_CRIT("Out of memory!\n");
result = CSCF_RETURN_ERROR;
goto done;
}
if (sip_number_auth_items > 0) {
//now assign the auth_data_item elements
//there can be many of these in the MAA
struct auth_data_item *adi;
int adi_len;
char *p;
int items_found = 0;
while ((cxdx_get_auth_data_item_answer(maa, &auth_data, &item_number,
&algorithm, &authenticate, &authorization2,
&ck, &ik,
&ip,
&ha1, &response_auth, &digest_realm,
&line_identifier))) {

//create an auth_data_item for each entry in the MAA
adi_len = sizeof (struct auth_data_item) +authenticate.len + authorization2.len + ck.len + ik.len + ip.len + ha1.len + line_identifier.len + response_auth.len + digest_realm.len + algorithm.len;
adi = (struct auth_data_item*) shm_malloc(adi_len);
if (!adi) {
LM_CRIT("Out of memory!\n");
result = CSCF_RETURN_ERROR;
goto done;
}

memset(adi, 0, adi_len);

//put all elements in the auth_data_item entry
p = (char*) (adi + 1);

adi->authenticate.s = p;
adi->authenticate.len = authenticate.len;
memcpy(p, authenticate.s, authenticate.len);
p += authenticate.len;

adi->authorization.s = p;
adi->authorization.len = authorization2.len;
memcpy(p, authorization2.s, authorization2.len);
p += authorization2.len;

adi->auth_scheme.s = p;
adi->auth_scheme.len = algorithm.len;
memcpy(p, algorithm.s, algorithm.len);
p += algorithm.len;

adi->ck.s = p;
adi->ck.len = ck.len;
memcpy(p, ck.s, ck.len);
p += ck.len;

adi->ik.s = p;
adi->ik.len = ik.len;
memcpy(p, ik.s, ik.len);
p += ik.len;

adi->ip.s = p;
adi->ip.len = ip.len;
memcpy(p, ip.s, ip.len);
p += ip.len;

adi->ha1.s = p;
adi->ha1.len = ha1.len;
memcpy(p, ha1.s, ha1.len);
p += ha1.len;

adi->line_identifier.s = p;
adi->line_identifier.len = line_identifier.len;
memcpy(p, line_identifier.s, line_identifier.len);
p += line_identifier.len;

adi->response_auth.s = p;
adi->response_auth.len = response_auth.len;
memcpy(p, response_auth.s, response_auth.len);
p += response_auth.len;

adi->digest_realm.s = p;
adi->digest_realm.len = digest_realm.len;
memcpy(p, digest_realm.s, digest_realm.len);
p += digest_realm.len;

if (p != (((char*) adi) + adi_len)) {
LM_CRIT("buffer overflow\n");
shm_free(adi);
adi = 0;
result = CSCF_RETURN_ERROR;
goto done;
}
auth_data->code = -auth_data->code;
adi->item_number = item_number;

int len = sizeof (struct auth_data_item_list);
adi_list = (struct auth_data_item_list*) shm_malloc(len);
memset(adi_list, 0, len);

if (adi_list->first == 0) {
adi_list->first = adi_list->last = adi;
} else {
adi_list->last->next = adi;
adi->previous = adi_list->last;
adi_list->last = adi;
}
memset(adi, 0, adi_len);

//put all elements in the auth_data_item entry
p = (char*) (adi + 1);

adi->authenticate.s = p;
adi->authenticate.len = authenticate.len;
memcpy(p, authenticate.s, authenticate.len);
p += authenticate.len;

adi->authorization.s = p;
adi->authorization.len = authorization2.len;
memcpy(p, authorization2.s, authorization2.len);
p += authorization2.len;

adi->auth_scheme.s = p;
adi->auth_scheme.len = algorithm.len;
memcpy(p, algorithm.s, algorithm.len);
p += algorithm.len;

adi->ck.s = p;
adi->ck.len = ck.len;
memcpy(p, ck.s, ck.len);
p += ck.len;

adi->ik.s = p;
adi->ik.len = ik.len;
memcpy(p, ik.s, ik.len);
p += ik.len;

adi->ip.s = p;
adi->ip.len = ip.len;
memcpy(p, ip.s, ip.len);
p += ip.len;

adi->ha1.s = p;
adi->ha1.len = ha1.len;
memcpy(p, ha1.s, ha1.len);
p += ha1.len;

adi->line_identifier.s = p;
adi->line_identifier.len = line_identifier.len;
memcpy(p, line_identifier.s, line_identifier.len);
p += line_identifier.len;

adi->response_auth.s = p;
adi->response_auth.len = response_auth.len;
memcpy(p, response_auth.s, response_auth.len);
p += response_auth.len;

adi->digest_realm.s = p;
adi->digest_realm.len = digest_realm.len;
memcpy(p, digest_realm.s, digest_realm.len);
p += digest_realm.len;

if (p != (((char*) adi) + adi_len)) {
LM_CRIT("buffer overflow\n");
shm_free(adi);
adi = 0;
result = CSCF_RETURN_ERROR;
goto done;
}
auth_data->code = -auth_data->code;
adi->item_number = item_number;

int len = sizeof (struct auth_data_item_list);
adi_list = (struct auth_data_item_list*) shm_malloc(len);
memset(adi_list, 0, len);

if (adi_list->first == 0) {
adi_list->first = adi_list->last = adi;
} else {
adi_list->last->next = adi;
adi->previous = adi_list->last;
adi_list->last = adi;
}

items_found++;
}
items_found++;
}
}

if (!(rc) && !(experimental_rc)) {
stateful_request_reply_async(t, t->uas.request, 480, MSG_480_DIAMETER_MISSING_AVP);
Expand Down

0 comments on commit 7b8ad7a

Please sign in to comment.