Add support for IMS AKA authentication configuration
This commit is contained in:
parent
7016dc46d8
commit
c25cf594d4
|
@ -563,7 +563,9 @@ enum ast_sip_auth_type {
|
|||
/*! Google Oauth */
|
||||
AST_SIP_AUTH_TYPE_GOOGLE_OAUTH,
|
||||
/*! Credentials not stored this is a fake auth */
|
||||
AST_SIP_AUTH_TYPE_ARTIFICIAL
|
||||
AST_SIP_AUTH_TYPE_ARTIFICIAL,
|
||||
/*! Credentials stored as a username and RES combination */
|
||||
AST_SIP_AUTH_TYPE_IMS_AKA
|
||||
};
|
||||
|
||||
#define SIP_SORCERY_AUTH_TYPE "auth"
|
||||
|
@ -578,6 +580,9 @@ struct ast_sip_auth {
|
|||
AST_STRING_FIELD(auth_user);
|
||||
/*! Authentication password */
|
||||
AST_STRING_FIELD(auth_pass);
|
||||
/*! IMS Authentication password */
|
||||
char ims_res[8];
|
||||
int ims_res_len;
|
||||
/*! Authentication credentials in MD5 format (hash of user:realm:pass) */
|
||||
AST_STRING_FIELD(md5_creds);
|
||||
/*! Refresh token to use for OAuth authentication */
|
||||
|
@ -586,7 +591,13 @@ struct ast_sip_auth {
|
|||
AST_STRING_FIELD(oauth_clientid);
|
||||
/*! Secret to use for OAuth authentication */
|
||||
AST_STRING_FIELD(oauth_secret);
|
||||
/*! Use USIM emulation with these parameters */
|
||||
AST_STRING_FIELD(usim_opc);
|
||||
AST_STRING_FIELD(usim_k);
|
||||
AST_STRING_FIELD(usim_sqn);
|
||||
);
|
||||
/*! Use AMI interface for communication with USIM (instead of emulation) */
|
||||
unsigned int usim_ami;
|
||||
/*! The time period (in seconds) that a nonce may be reused */
|
||||
unsigned int nonce_lifetime;
|
||||
/*! Used to determine what to use when authenticating */
|
||||
|
|
|
@ -63,6 +63,8 @@ static int auth_type_handler(const struct aco_option *opt, struct ast_variable *
|
|||
ast_log(LOG_WARNING, "OAuth support is not available in the version of PJSIP in use\n");
|
||||
return -1;
|
||||
#endif
|
||||
} else if (!strcasecmp(var->value, "ims_aka")) {
|
||||
auth->type = AST_SIP_AUTH_TYPE_IMS_AKA;
|
||||
} else {
|
||||
ast_log(LOG_WARNING, "Unknown authentication storage type '%s' specified for %s\n",
|
||||
var->value, var->name);
|
||||
|
@ -74,7 +76,8 @@ static int auth_type_handler(const struct aco_option *opt, struct ast_variable *
|
|||
static const char *auth_types_map[] = {
|
||||
[AST_SIP_AUTH_TYPE_USER_PASS] = "userpass",
|
||||
[AST_SIP_AUTH_TYPE_MD5] = "md5",
|
||||
[AST_SIP_AUTH_TYPE_GOOGLE_OAUTH] = "google_oauth"
|
||||
[AST_SIP_AUTH_TYPE_GOOGLE_OAUTH] = "google_oauth",
|
||||
[AST_SIP_AUTH_TYPE_IMS_AKA] = "ims_aka"
|
||||
};
|
||||
|
||||
const char *ast_sip_auth_type_to_str(enum ast_sip_auth_type type)
|
||||
|
@ -126,6 +129,7 @@ static int auth_apply(const struct ast_sorcery *sorcery, void *obj)
|
|||
break;
|
||||
case AST_SIP_AUTH_TYPE_USER_PASS:
|
||||
case AST_SIP_AUTH_TYPE_ARTIFICIAL:
|
||||
case AST_SIP_AUTH_TYPE_IMS_AKA:
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -395,6 +399,14 @@ int ast_sip_initialize_sorcery_auth(void)
|
|||
"", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_auth, realm));
|
||||
ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "nonce_lifetime",
|
||||
"32", OPT_UINT_T, 0, FLDSET(struct ast_sip_auth, nonce_lifetime));
|
||||
ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "usim_ami",
|
||||
"no", OPT_BOOL_T, 0, FLDSET(struct ast_sip_auth, usim_ami));
|
||||
ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "usim_opc",
|
||||
"", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_auth, usim_opc));
|
||||
ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "usim_k",
|
||||
"", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_auth, usim_k));
|
||||
ast_sorcery_object_field_register(sorcery, SIP_SORCERY_AUTH_TYPE, "usim_sqn",
|
||||
"", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_auth, usim_sqn));
|
||||
ast_sorcery_object_field_register_custom(sorcery, SIP_SORCERY_AUTH_TYPE, "auth_type",
|
||||
"userpass", auth_type_handler, auth_type_to_str, NULL, 0, 0);
|
||||
|
||||
|
|
|
@ -314,6 +314,11 @@ static pj_status_t set_outbound_authentication_credentials(pjsip_auth_clt_sess *
|
|||
pj_cstr(&auth_cred.data, auth->auth_pass);
|
||||
auth_cred.data_type = PJSIP_CRED_DATA_PLAIN_PASSWD;
|
||||
break;
|
||||
case AST_SIP_AUTH_TYPE_IMS_AKA:
|
||||
auth_cred.data.ptr = auth->ims_res;
|
||||
auth_cred.data.slen = auth->ims_res_len;
|
||||
auth_cred.data_type = PJSIP_CRED_DATA_PLAIN_PASSWD;
|
||||
break;
|
||||
case AST_SIP_AUTH_TYPE_MD5:
|
||||
pj_cstr(&auth_cred.data, auth->md5_creds);
|
||||
auth_cred.data_type = PJSIP_CRED_DATA_DIGEST;
|
||||
|
|
Loading…
Reference in New Issue