diff --git a/src/modules/uid_auth_db/aaa_avps.h b/src/modules/uid_auth_db/aaa_avps.h index 25b6cbeda3b..6f61402173b 100644 --- a/src/modules/uid_auth_db/aaa_avps.h +++ b/src/modules/uid_auth_db/aaa_avps.h @@ -39,16 +39,16 @@ * Parse list of tokens separated by some char and put each token * into result array. Caller frees result array! */ -static inline int parse_token_list(char *p, char *pend, char separator, - str **result) +static inline int parse_token_list( + char *p, char *pend, char separator, str **result) { int i; i = 0; *result = NULL; - while ((pend - p) > 0) { + while((pend - p) > 0) { *result = pkg_reallocxf(*result, sizeof(**result) * (i + 1)); - if (*result == NULL) + if(*result == NULL) return -1; (*result)[i].s = p; p = eat_token2_end(p, pend, separator) + 1; @@ -68,34 +68,34 @@ static int aaa_avps_init(str *avp_list, str **parsed_avps, int *avps_n) int errcode, i; char *cp; - if (!avp_list->s || !avp_list->len) { + if(!avp_list->s || !avp_list->len) { /* AVPs disabled, nothing to do */ *avps_n = 0; return 1; } cp = pkg_malloc(avp_list->len + 1); - if (cp == NULL) { + if(cp == NULL) { PKG_MEM_ERROR; errcode = -1; goto bad; } memcpy(cp, avp_list->s, avp_list->len); *avps_n = parse_token_list(cp, cp + avp_list->len, '|', parsed_avps); - if (*avps_n == -1) { + if(*avps_n == -1) { LM_ERR("can't parse avps_column_int parameter\n"); errcode = -2; pkg_free(cp); goto bad; } - for (i = 0; i < *avps_n; i++) { + for(i = 0; i < *avps_n; i++) { (*parsed_avps)[i].s[(*parsed_avps)[i].len] = '\0'; } return 0; bad: - if (*parsed_avps != NULL) { + if(*parsed_avps != NULL) { pkg_free((*parsed_avps)[0].s); pkg_free(*parsed_avps); } diff --git a/src/modules/uid_auth_db/authorize.c b/src/modules/uid_auth_db/authorize.c index a71fd45793e..ee3804a5563 100644 --- a/src/modules/uid_auth_db/authorize.c +++ b/src/modules/uid_auth_db/authorize.c @@ -46,19 +46,20 @@ #include "uid_auth_db_mod.h" -#define IS_NULL(f) ((f).flags & DB_NULL) +#define IS_NULL(f) ((f).flags & DB_NULL) -static inline int get_ha1(struct username* username, str* did, str* realm, - authdb_table_info_t *table_info, char* ha1, db_res_t** res, db_rec_t** row) +static inline int get_ha1(struct username *username, str *did, str *realm, + authdb_table_info_t *table_info, char *ha1, db_res_t **res, + db_rec_t **row) { str result; db_cmd_t *q = NULL; - if (calc_ha1) { + if(calc_ha1) { q = table_info->query_password; LM_DBG("querying plain password\n"); } else { - if (username->domain.len) { + if(username->domain.len) { q = table_info->query_pass2; LM_DBG("querying ha1b\n"); } else { @@ -70,26 +71,29 @@ static inline int get_ha1(struct username* username, str* did, str* realm, q->match[0].v.lstr = username->user; q->match[1].v.lstr = *realm; - if (use_did) q->match[2].v.lstr = *did; + if(use_did) + q->match[2].v.lstr = *did; - if (db_exec(res, q) < 0 ) { + if(db_exec(res, q) < 0) { LM_ERR("Error while querying database\n"); return -1; } - if (*res) *row = db_first(*res); - else *row = NULL; - while (*row) { - if (IS_NULL((*row)->fld[0]) || IS_NULL((*row)->fld[1])) { + if(*res) + *row = db_first(*res); + else + *row = NULL; + while(*row) { + if(IS_NULL((*row)->fld[0]) || IS_NULL((*row)->fld[1])) { LM_ERR("Credentials for '%.*s'@'%.*s' contain NULL value," - " skipping\n", - username->user.len, ZSW(username->user.s), - realm->len, ZSW(realm->s)); + " skipping\n", + username->user.len, ZSW(username->user.s), realm->len, + ZSW(realm->s)); } else { - if ((*row)->fld[1].v.int4 & SRDB_DISABLED) { + if((*row)->fld[1].v.int4 & SRDB_DISABLED) { /* disabled rows ignored */ } else { - if ((*row)->fld[1].v.int4 & SRDB_LOAD_SER) { + if((*row)->fld[1].v.int4 & SRDB_LOAD_SER) { /* *row = i; */ break; } @@ -98,17 +102,16 @@ static inline int get_ha1(struct username* username, str* did, str* realm, *row = db_next(*res); } - if (!*row) { - LM_DBG("Credentials for '%.*s'@'%.*s' not found\n", - username->user.len, ZSW(username->user.s), - realm->len, ZSW(realm->s)); + if(!*row) { + LM_DBG("Credentials for '%.*s'@'%.*s' not found\n", username->user.len, + ZSW(username->user.s), realm->len, ZSW(realm->s)); return 1; } result.s = (*row)->fld[0].v.cstr; result.len = strlen(result.s); - if (calc_ha1) { + if(calc_ha1) { /* Only plaintext passwords are stored in database, * we have to calculate HA1 */ auth_api.calc_HA1(HA_MD5, &username->whole, realm, &result, 0, 0, ha1); @@ -125,7 +128,7 @@ static inline int get_ha1(struct username* username, str* did, str* realm, * Calculate the response and compare with the given response string * Authorization is successful if this two strings are same */ -static inline int check_response(dig_cred_t* cred, str* method, char* ha1) +static inline int check_response(dig_cred_t *cred, str *method, char *ha1) { HASHHEX resp, hent; @@ -133,7 +136,7 @@ static inline int check_response(dig_cred_t* cred, str* method, char* ha1) * First, we have to verify that the response received has * the same length as responses created by us */ - if (cred->response.len != 32) { + if(cred->response.len != 32) { LM_DBG("Receive response len != 32\n"); return 1; } @@ -142,10 +145,9 @@ static inline int check_response(dig_cred_t* cred, str* method, char* ha1) * Now, calculate our response from parameters received * from the user agent */ - auth_api.calc_response(ha1, &(cred->nonce), - &(cred->nc), &(cred->cnonce), - &(cred->qop.qop_str), cred->qop.qop_parsed == QOP_AUTHINT, - method, &(cred->uri), hent, resp); + auth_api.calc_response(ha1, &(cred->nonce), &(cred->nc), &(cred->cnonce), + &(cred->qop.qop_str), cred->qop.qop_parsed == QOP_AUTHINT, method, + &(cred->uri), hent, resp); LM_DBG("Our result = \'%s\'\n", resp); @@ -153,7 +155,7 @@ static inline int check_response(dig_cred_t* cred, str* method, char* ha1) * And simply compare the strings, the user is * authorized if they match */ - if (!memcmp(resp, cred->response.s, 32)) { + if(!memcmp(resp, cred->response.s, 32)) { LM_DBG("Authorization is OK\n"); return 0; } else { @@ -166,20 +168,20 @@ static inline int check_response(dig_cred_t* cred, str* method, char* ha1) /* * Generate AVPs from the database result */ -static int generate_avps(db_res_t* result, db_rec_t *row) +static int generate_avps(db_res_t *result, db_rec_t *row) { int i; int_str iname, ivalue; str value; char buf[32]; - for (i = 2; i < credentials_n + 2; i++) { + for(i = 2; i < credentials_n + 2; i++) { value = row->fld[i].v.lstr; - if (IS_NULL(row->fld[i])) + if(IS_NULL(row->fld[i])) continue; - switch (row->fld[i].type) { + switch(row->fld[i].type) { case DB_STR: value = row->fld[i].v.lstr; break; @@ -194,20 +196,20 @@ static int generate_avps(db_res_t* result, db_rec_t *row) break; } - if (value.s == NULL) + if(value.s == NULL) continue; iname.s = credentials[i - 2]; ivalue.s = value; - if (add_avp(AVP_NAME_STR | AVP_VAL_STR | AVP_CLASS_USER, - iname, ivalue) < 0) { + if(add_avp(AVP_NAME_STR | AVP_VAL_STR | AVP_CLASS_USER, iname, ivalue) + < 0) { LM_ERR("Error while creating AVPs\n"); return -1; } - LM_DBG("set string AVP \'%.*s = %.*s\'\n", - iname.s.len, ZSW(iname.s.s), value.len, ZSW(value.s)); + LM_DBG("set string AVP \'%.*s = %.*s\'\n", iname.s.len, ZSW(iname.s.s), + value.len, ZSW(value.s)); } return 0; @@ -222,73 +224,71 @@ static int generate_avps(db_res_t* result, db_rec_t *row) * WARNING: if -1 is returned res _must_ _not_ be freed (it's empty) * */ -static inline int check_all_ha1(struct sip_msg* msg, struct hdr_field* hdr, - dig_cred_t* dig, str* method, str* did, str* realm, - authdb_table_info_t *table_info, db_res_t** res) +static inline int check_all_ha1(struct sip_msg *msg, struct hdr_field *hdr, + dig_cred_t *dig, str *method, str *did, str *realm, + authdb_table_info_t *table_info, db_res_t **res) { char ha1[256]; db_rec_t *row; str result; db_cmd_t *q; - if (calc_ha1) { + if(calc_ha1) { q = table_info->query_password; LM_DBG("querying plain password\n"); - } - else { - if (dig->username.domain.len) { + } else { + if(dig->username.domain.len) { q = table_info->query_pass2; LM_DBG("querying ha1b\n"); - } - else { + } else { q = table_info->query_pass; LM_DBG("querying ha1\n"); } } q->match[0].v.lstr = dig->username.user; - if (dig->username.domain.len) + if(dig->username.domain.len) q->match[1].v.lstr = dig->username.domain; else q->match[1].v.lstr = *realm; - if (use_did) q->match[2].v.lstr = *did; + if(use_did) + q->match[2].v.lstr = *did; - if (db_exec(res, q) < 0 ) { + if(db_exec(res, q) < 0) { LM_ERR("Error while querying database\n"); } - if (*res) row = db_first(*res); - else row = NULL; - while (row) { - if (IS_NULL(row->fld[0]) || IS_NULL(row->fld[1])) { + if(*res) + row = db_first(*res); + else + row = NULL; + while(row) { + if(IS_NULL(row->fld[0]) || IS_NULL(row->fld[1])) { LM_ERR("Credentials for '%.*s'@'%.*s' contain NULL value," - " skipping\n", + " skipping\n", dig->username.user.len, ZSW(dig->username.user.s), realm->len, ZSW(realm->s)); - } - else { - if (row->fld[1].v.int4 & SRDB_DISABLED) { + } else { + if(row->fld[1].v.int4 & SRDB_DISABLED) { /* disabled rows ignored */ - } - else { - if (row->fld[1].v.int4 & SRDB_LOAD_SER) { + } else { + if(row->fld[1].v.int4 & SRDB_LOAD_SER) { result.s = row->fld[0].v.cstr; result.len = strlen(result.s); - if (calc_ha1) { + if(calc_ha1) { /* Only plaintext passwords are stored in database, * we have to calculate HA1 */ - auth_api.calc_HA1(HA_MD5, &(dig->username.whole), - realm, &result, 0, 0, ha1); + auth_api.calc_HA1(HA_MD5, &(dig->username.whole), realm, + &result, 0, 0, ha1); LM_DBG("HA1 string calculated: %s\n", ha1); } else { memcpy(ha1, result.s, result.len); ha1[result.len] = '\0'; } - if (!check_response(dig, method, ha1)) { - if (auth_api.post_auth(msg, hdr, ha1) - == AUTHENTICATED) { + if(!check_response(dig, method, ha1)) { + if(auth_api.post_auth(msg, hdr, ha1) == AUTHENTICATED) { generate_avps(*res, row); return 0; } @@ -299,14 +299,12 @@ static inline int check_all_ha1(struct sip_msg* msg, struct hdr_field* hdr, row = db_next(*res); } - if (!row) { + if(!row) { LM_DBG("Credentials for '%.*s'@'%.*s' not found", - dig->username.user.len, ZSW(dig->username.user.s), - realm->len, ZSW(realm->s)); + dig->username.user.len, ZSW(dig->username.user.s), realm->len, + ZSW(realm->s)); } return 1; - - } @@ -318,15 +316,15 @@ static inline int check_all_ha1(struct sip_msg* msg, struct hdr_field* hdr, * -1 -- Authentication failed * 1 -- Authentication successful */ -static inline int authenticate(struct sip_msg* msg, str* realm, +static inline int authenticate(struct sip_msg *msg, str *realm, authdb_table_info_t *table, hdr_types_t hftype) { char ha1[256]; int res, ret; db_rec_t *row; - struct hdr_field* h; - auth_body_t* cred; - db_res_t* result; + struct hdr_field *h; + auth_body_t *cred; + db_res_t *result; str did; cred = 0; @@ -371,15 +369,15 @@ static inline int authenticate(struct sip_msg* msg, str* realm, goto end; } - cred = (auth_body_t*)h->parsed; + cred = (auth_body_t *)h->parsed; - if (use_did) { - if (msg->REQ_METHOD == METHOD_REGISTER) { + if(use_did) { + if(msg->REQ_METHOD == METHOD_REGISTER) { ret = get_to_did(&did, msg); } else { ret = get_from_did(&did, msg); } - if (ret == 0) { + if(ret == 0) { did.s = DEFAULT_DID; did.len = sizeof(DEFAULT_DID) - 1; } @@ -389,29 +387,27 @@ static inline int authenticate(struct sip_msg* msg, str* realm, } - if (check_all) { + if(check_all) { res = check_all_ha1(msg, h, &(cred->digest), &msg->first_line.u.request.method, &did, realm, table, &result); - if (res < 0) { + if(res < 0) { ret = -2; goto end; - } - else if (res > 0) { + } else if(res > 0) { ret = -1; goto end; - } - else { + } else { ret = 1; goto end; } } else { - res = get_ha1(&cred->digest.username, &did, realm, table, ha1, - &result, &row); - if (res < 0) { + res = get_ha1( + &cred->digest.username, &did, realm, table, ha1, &result, &row); + if(res < 0) { ret = -2; goto end; } - if (res > 0) { + if(res > 0) { /* Username not found in the database */ ret = -1; goto end; @@ -419,8 +415,8 @@ static inline int authenticate(struct sip_msg* msg, str* realm, } /* Recalculate response, it must be same to authorize successfully */ - if (!check_response(&(cred->digest), &msg->first_line.u.request.method, - ha1)) { + if(!check_response( + &(cred->digest), &msg->first_line.u.request.method, ha1)) { switch(auth_api.post_auth(msg, h, ha1)) { case ERROR: case BAD_CREDENTIALS: @@ -445,10 +441,12 @@ static inline int authenticate(struct sip_msg* msg, str* realm, } end: - if (result) db_res_free(result); - if (ret < 0) { - if (auth_api.build_challenge(msg, (cred ? cred->stale : 0), realm, - NULL, NULL, hftype) < 0) { + if(result) + db_res_free(result); + if(ret < 0) { + if(auth_api.build_challenge( + msg, (cred ? cred->stale : 0), realm, NULL, NULL, hftype) + < 0) { LM_ERR("Error while creating challenge\n"); ret = -2; } @@ -460,33 +458,34 @@ static inline int authenticate(struct sip_msg* msg, str* realm, /* * Authenticate using Proxy-Authorize header field */ -int proxy_authenticate(struct sip_msg* msg, char* p1, char* p2) +int proxy_authenticate(struct sip_msg *msg, char *p1, char *p2) { str realm; - if (get_str_fparam(&realm, msg, (fparam_t*)p1) < 0) { + if(get_str_fparam(&realm, msg, (fparam_t *)p1) < 0) { LM_ERR("Cannot obtain digest realm from parameter '%s'\n", - ((fparam_t*)p1)->orig); + ((fparam_t *)p1)->orig); return -1; } - return authenticate(msg, &realm, (authdb_table_info_t*)p2, HDR_PROXYAUTH_T); + return authenticate( + msg, &realm, (authdb_table_info_t *)p2, HDR_PROXYAUTH_T); } /* * Authorize using WWW-Authorize header field */ -int www_authenticate(struct sip_msg* msg, char* p1, char* p2) +int www_authenticate(struct sip_msg *msg, char *p1, char *p2) { str realm; - if (get_str_fparam(&realm, msg, (fparam_t*)p1) < 0) { + if(get_str_fparam(&realm, msg, (fparam_t *)p1) < 0) { LM_ERR("Cannot obtain digest realm from parameter '%s'\n", - ((fparam_t*)p1)->orig); + ((fparam_t *)p1)->orig); return -1; } - return authenticate(msg, &realm, (authdb_table_info_t*)p2, - HDR_AUTHORIZATION_T); + return authenticate( + msg, &realm, (authdb_table_info_t *)p2, HDR_AUTHORIZATION_T); } diff --git a/src/modules/uid_auth_db/authorize.h b/src/modules/uid_auth_db/authorize.h index dbda474d5ca..dd57aa6ea54 100644 --- a/src/modules/uid_auth_db/authorize.h +++ b/src/modules/uid_auth_db/authorize.h @@ -32,19 +32,19 @@ #include "../../core/parser/msg_parser.h" -int auth_db_init(char* db_url); -int auth_db_bind(char* db_url); +int auth_db_init(char *db_url); +int auth_db_bind(char *db_url); void auth_db_close(); /* * Authorize using Proxy-Authorization header field */ -int proxy_authenticate(struct sip_msg* msg, char* realm, char* table); +int proxy_authenticate(struct sip_msg *msg, char *realm, char *table); /* * Authorize using WWW-Authorization header field */ -int www_authenticate(struct sip_msg* msg, char* realm, char* table); +int www_authenticate(struct sip_msg *msg, char *realm, char *table); #endif /* AUTHORIZE_H */ diff --git a/src/modules/uid_auth_db/uid_auth_db_mod.c b/src/modules/uid_auth_db/uid_auth_db_mod.c index 2fd206bb970..4c780807313 100644 --- a/src/modules/uid_auth_db/uid_auth_db_mod.c +++ b/src/modules/uid_auth_db/uid_auth_db_mod.c @@ -60,8 +60,7 @@ static int child_init(int rank); static int mod_init(void); -static int authdb_fixup(void** param, int param_no); - +static int authdb_fixup(void **param, int param_no); #define USERNAME_COL "auth_username" @@ -76,102 +75,90 @@ static int authdb_fixup(void** param, int param_no); /* * Module parameter variables */ -static char* db_url = DEFAULT_RODB_URL; +static char *db_url = DEFAULT_RODB_URL; -str username_column = STR_STATIC_INIT(USERNAME_COL); -str did_column = STR_STATIC_INIT(DID_COL); -str realm_column = STR_STATIC_INIT(REALM_COL); -str pass_column = STR_STATIC_INIT(PASS_COL); -str pass_column_2 = STR_STATIC_INIT(PASS_COL_2); -str flags_column = STR_STATIC_INIT(FLAGS_COL); -str plain_password_column = STR_STATIC_INIT(PLAIN_PASS_COL); +str username_column = STR_STATIC_INIT(USERNAME_COL); +str did_column = STR_STATIC_INIT(DID_COL); +str realm_column = STR_STATIC_INIT(REALM_COL); +str pass_column = STR_STATIC_INIT(PASS_COL); +str pass_column_2 = STR_STATIC_INIT(PASS_COL_2); +str flags_column = STR_STATIC_INIT(FLAGS_COL); +str plain_password_column = STR_STATIC_INIT(PLAIN_PASS_COL); -int calc_ha1 = 0; -int use_did = 0; -int check_all = 0; +int calc_ha1 = 0; +int use_did = 0; +int check_all = 0; -db_ctx_t* auth_db_handle = 0; /* database connection handle */ +db_ctx_t *auth_db_handle = 0; /* database connection handle */ auth_api_s_t auth_api; -str credentials_list = STR_STATIC_INIT(DEFAULT_CRED_LIST); +str credentials_list = STR_STATIC_INIT(DEFAULT_CRED_LIST); -str* credentials; /* Parsed list of credentials to load */ -int credentials_n; /* Number of credentials in the list */ +str *credentials; /* Parsed list of credentials to load */ +int credentials_n; /* Number of credentials in the list */ /* * Exported functions */ -static cmd_export_t cmds[] = { - {"www_authenticate", www_authenticate, 2, authdb_fixup, 0, - REQUEST_ROUTE}, - {"www_authorize", www_authenticate, 2, authdb_fixup, 0, - REQUEST_ROUTE}, - {"proxy_authenticate", proxy_authenticate, 2, authdb_fixup, 0, - REQUEST_ROUTE}, - {"proxy_authorize", proxy_authenticate, 2, authdb_fixup, 0, - REQUEST_ROUTE}, - {0, 0, 0, 0, 0, 0} -}; +static cmd_export_t cmds[] = {{"www_authenticate", www_authenticate, 2, + authdb_fixup, 0, REQUEST_ROUTE}, + {"www_authorize", www_authenticate, 2, authdb_fixup, 0, REQUEST_ROUTE}, + {"proxy_authenticate", proxy_authenticate, 2, authdb_fixup, 0, + REQUEST_ROUTE}, + {"proxy_authorize", proxy_authenticate, 2, authdb_fixup, 0, + REQUEST_ROUTE}, + {0, 0, 0, 0, 0, 0}}; /* * Exported parameters */ -static param_export_t params[] = { - {"db_url", PARAM_STRING, &db_url }, - {"username_column", PARAM_STR, &username_column }, - {"did_column", PARAM_STR, &did_column }, - {"realm_column", PARAM_STR, &realm_column }, - {"password_column", PARAM_STR, &pass_column }, - {"password_column_2", PARAM_STR, &pass_column_2 }, - {"plain_password_column", PARAM_STR, &plain_password_column }, - {"flags_column", PARAM_STR, &flags_column }, - {"calculate_ha1", PARAM_INT, &calc_ha1 }, - {"load_credentials", PARAM_STR, &credentials_list}, - {"use_did", PARAM_INT, &use_did }, - {"check_all_ha1", PARAM_INT, &check_all }, - {0, 0, 0} -}; +static param_export_t params[] = {{"db_url", PARAM_STRING, &db_url}, + {"username_column", PARAM_STR, &username_column}, + {"did_column", PARAM_STR, &did_column}, + {"realm_column", PARAM_STR, &realm_column}, + {"password_column", PARAM_STR, &pass_column}, + {"password_column_2", PARAM_STR, &pass_column_2}, + {"plain_password_column", PARAM_STR, &plain_password_column}, + {"flags_column", PARAM_STR, &flags_column}, + {"calculate_ha1", PARAM_INT, &calc_ha1}, + {"load_credentials", PARAM_STR, &credentials_list}, + {"use_did", PARAM_INT, &use_did}, + {"check_all_ha1", PARAM_INT, &check_all}, {0, 0, 0}}; /* * Module interface */ struct module_exports exports = { - "uid_auth_db", /* module name */ - DEFAULT_DLFLAGS, /* dlopen flags */ - cmds, /* exported functions */ - params, /* exported parameters */ - 0, /* exported RPC methods */ - 0, /* exported pseudo-variables */ - 0, /* response function */ - mod_init, /* module init function */ - child_init, /* child init function */ - destroy /* destroy function */ + "uid_auth_db", /* module name */ + DEFAULT_DLFLAGS, /* dlopen flags */ + cmds, /* exported functions */ + params, /* exported parameters */ + 0, /* exported RPC methods */ + 0, /* exported pseudo-variables */ + 0, /* response function */ + mod_init, /* module init function */ + child_init, /* child init function */ + destroy /* destroy function */ }; static authdb_table_info_t *registered_tables = NULL; static int generate_queries(authdb_table_info_t *info) { - db_fld_t match_with_did[] = { - { .name = username_column.s, .type = DB_STR }, - { .name = realm_column.s, .type = DB_STR }, - { .name = did_column.s, .type = DB_STR }, - { .name = NULL } - }; - db_fld_t match_without_did[] = { - { .name = username_column.s, .type = DB_STR }, - { .name = realm_column.s, .type = DB_STR }, - { .name = NULL } - }; + db_fld_t match_with_did[] = {{.name = username_column.s, .type = DB_STR}, + {.name = realm_column.s, .type = DB_STR}, + {.name = did_column.s, .type = DB_STR}, {.name = NULL}}; + db_fld_t match_without_did[] = {{.name = username_column.s, .type = DB_STR}, + {.name = realm_column.s, .type = DB_STR}, {.name = NULL}}; db_fld_t *result_cols = NULL; int len, i; len = sizeof(*result_cols) * (credentials_n + 3); result_cols = pkg_malloc(len); - if (!result_cols) { + if(!result_cols) { PKG_MEM_ERROR; return -1; } @@ -182,13 +169,13 @@ static int generate_queries(authdb_table_info_t *info) result_cols[1].name = flags_column.s; result_cols[1].type = DB_INT; - for (i = 0; i < credentials_n; i++) { + for(i = 0; i < credentials_n; i++) { result_cols[2 + i].name = credentials[i].s; result_cols[2 + i].type = DB_STR; } result_cols[2 + i].name = NULL; - if (use_did) { + if(use_did) { info->query_pass = db_cmd(DB_GET, auth_db_handle, info->table.s, result_cols, match_with_did, NULL); result_cols[0].name = pass_column_2.s; @@ -197,8 +184,7 @@ static int generate_queries(authdb_table_info_t *info) result_cols[0].name = plain_password_column.s; info->query_password = db_cmd(DB_GET, auth_db_handle, info->table.s, result_cols, match_with_did, NULL); - } - else { + } else { info->query_pass = db_cmd(DB_GET, auth_db_handle, info->table.s, result_cols, match_without_did, NULL); result_cols[0].name = pass_column_2.s; @@ -210,26 +196,31 @@ static int generate_queries(authdb_table_info_t *info) } pkg_free(result_cols); - if (info->query_pass && info->query_pass2 && info->query_password) return 0; - else return -1; + if(info->query_pass && info->query_pass2 && info->query_password) + return 0; + else + return -1; } static int child_init(int rank) { authdb_table_info_t *i; - if (rank==PROC_INIT || rank==PROC_MAIN || rank==PROC_TCP_MAIN) + if(rank == PROC_INIT || rank == PROC_MAIN || rank == PROC_TCP_MAIN) return 0; /* do nothing for the main process */ auth_db_handle = db_ctx("auth_db"); - if (!auth_db_handle) goto err; - if (db_add_db(auth_db_handle, db_url) < 0) goto err; - if (db_connect(auth_db_handle) < 0) goto err; + if(!auth_db_handle) + goto err; + if(db_add_db(auth_db_handle, db_url) < 0) + goto err; + if(db_connect(auth_db_handle) < 0) + goto err; /* initializing queries */ i = registered_tables; - while (i) { - if (generate_queries(i) < 0) { + while(i) { + if(generate_queries(i) < 0) { LM_ERR("can't prepare queries\n"); return -1; } @@ -240,7 +231,7 @@ static int child_init(int rank) err: - if (auth_db_handle) { + if(auth_db_handle) { auth_db_handle = NULL; db_ctx_free(auth_db_handle); } @@ -257,16 +248,16 @@ static int mod_init(void) LM_DBG("auth_db module - initializing\n"); bind_auth = (bind_auth_s_t)find_export("bind_auth_s", 0, 0); - if (!bind_auth) { + if(!bind_auth) { LM_ERR("Unable to find bind_auth function\n"); return -1; } - if (bind_auth(&auth_api) < 0) { + if(bind_auth(&auth_api) < 0) { LM_ERR("Unable to bind auth module\n"); return -3; } - if (aaa_avps_init(&credentials_list, &credentials, &credentials_n)) { + if(aaa_avps_init(&credentials_list, &credentials, &credentials_n)) { return -1; } @@ -276,7 +267,7 @@ static int mod_init(void) static void destroy(void) { - if (auth_db_handle) { + if(auth_db_handle) { db_ctx_free(auth_db_handle); auth_db_handle = NULL; } @@ -287,15 +278,20 @@ static int str_case_equals(const str *a, const str *b) /* ugly hack: taken from libcds */ int i; - if (!a) { - if (!b) return 0; - else return (b->len == 0) ? 0 : 1; + if(!a) { + if(!b) + return 0; + else + return (b->len == 0) ? 0 : 1; } - if (!b) return (a->len == 0) ? 0 : 1; - if (a->len != b->len) return 1; - - for (i = 0; i < a->len; i++) - if (a->s[i] != b->s[i]) return 1; + if(!b) + return (a->len == 0) ? 0 : 1; + if(a->len != b->len) + return 1; + + for(i = 0; i < a->len; i++) + if(a->s[i] != b->s[i]) + return 1; return 0; } @@ -304,8 +300,9 @@ static authdb_table_info_t *find_table_info(str *table) authdb_table_info_t *i = registered_tables; /* sequential search is OK because it is called only in child init */ - while (i) { - if (str_case_equals(&i->table, table) == 0) return i; + while(i) { + if(str_case_equals(&i->table, table) == 0) + return i; i = i->next; } return NULL; @@ -316,11 +313,12 @@ static authdb_table_info_t *register_table(str *table) authdb_table_info_t *info; info = find_table_info(table); - if (info) return info; /* queries for this table already exist */ + if(info) + return info; /* queries for this table already exist */ - info = (authdb_table_info_t*)pkg_malloc(sizeof(authdb_table_info_t) - + table->len + 1); - if (!info) { + info = (authdb_table_info_t *)pkg_malloc( + sizeof(authdb_table_info_t) + table->len + 1); + if(!info) { PKG_MEM_ERROR; return NULL; } @@ -339,24 +337,25 @@ static authdb_table_info_t *register_table(str *table) /* * Convert char* parameter to str* parameter */ -static int authdb_fixup(void** param, int param_no) +static int authdb_fixup(void **param, int param_no) { - fparam_t* p; + fparam_t *p; - if (param_no == 1) { + if(param_no == 1) { return fixup_var_str_12(param, param_no); - } else if (param_no == 2) { - if (fixup_var_str_12(param, param_no) < 0) return -1; - p = (fparam_t*)(*param); - if (p->type == FPARAM_STR) { + } else if(param_no == 2) { + if(fixup_var_str_12(param, param_no) < 0) + return -1; + p = (fparam_t *)(*param); + if(p->type == FPARAM_STR) { *param = register_table(&p->v.str); - if (!*param) { + if(!*param) { ERR("can't register table %.*s\n", p->v.str.len, p->v.str.s); return -1; } } else { LM_ERR("Non-string value of table with credentials" - " is not allowed.\n"); + " is not allowed.\n"); /* TODO: allow this too */ return -1; } diff --git a/src/modules/uid_auth_db/uid_auth_db_mod.h b/src/modules/uid_auth_db/uid_auth_db_mod.h index 00dc138d07c..bc84a3f73e3 100644 --- a/src/modules/uid_auth_db/uid_auth_db_mod.h +++ b/src/modules/uid_auth_db/uid_auth_db_mod.h @@ -39,32 +39,33 @@ * Module parameters variables */ extern str username_column; /* 'username' column name */ -extern str did_column; /* 'did' column name */ -extern str realm_column; /* 'realm' column name */ -extern str pass_column; /* 'password' column name */ -extern str pass_column_2; /* Column containing HA1 string constructed +extern str did_column; /* 'did' column name */ +extern str realm_column; /* 'realm' column name */ +extern str pass_column; /* 'password' column name */ +extern str pass_column_2; /* Column containing HA1 string constructed * of user@domain username */ -extern str flags_column; /* Flags column in credentials table */ +extern str flags_column; /* Flags column in credentials table */ -extern int calc_ha1; /* if set to 1, ha1 is calculated by the server */ -extern int use_did; /* Whether query should also use did in query */ -extern int check_all; /* if set to 1, multiple db entries are checked */ +extern int calc_ha1; /* if set to 1, ha1 is calculated by the server */ +extern int use_did; /* Whether query should also use did in query */ +extern int check_all; /* if set to 1, multiple db entries are checked */ -extern db_ctx_t* auth_db_handle; /* database connection handle */ +extern db_ctx_t *auth_db_handle; /* database connection handle */ extern auth_api_s_t auth_api; -extern str* credentials; +extern str *credentials; extern int credentials_n; /* structure holding information for a table (holds * only pregenerated DB queries now) */ -typedef struct _authdb_table_info_t { - str table; /* s is zero terminated */ - db_cmd_t *query_pass; /* queries HA1 */ - db_cmd_t *query_pass2; /* queries HA1B */ +typedef struct _authdb_table_info_t +{ + str table; /* s is zero terminated */ + db_cmd_t *query_pass; /* queries HA1 */ + db_cmd_t *query_pass2; /* queries HA1B */ db_cmd_t *query_password; /* queries plain password */ struct _authdb_table_info_t *next;