Changeset 427:3d9f300f3b49 in freeDiameter for extensions/app_sip/multimediaauth.c
- Timestamp:
- Jul 26, 2010, 9:39:27 PM (14 years ago)
- Branch:
- default
- Phase:
- public
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/app_sip/multimediaauth.c
r420 r427 48 48 char * result; 49 49 char password[51]; 50 int idx=0, number_of_auth_items=0,i=0 ;50 int idx=0, number_of_auth_items=0,i=0, ret=0; 51 51 //Flags and variables for Database 52 52 int sipurinotstored=0, authenticationpending=0, querylen=0, usernamelen=0; … … 122 122 CHECK_FCT( fd_msg_avp_hdr( avp, &avphdr ) ); 123 123 124 //We allocate the double size of username because at worst it can be all quotes 125 username=malloc(avphdr->avp_value->os.len*2+1); 126 //We purify username not to have forbidden characters 127 usernamelen=mysql_real_escape_string(conn, username, (const char *)avphdr->avp_value->os.data, avphdr->avp_value->os.len); 124 128 125 129 126 … … 132 129 not_found=1; 133 130 134 //We copy username in query 135 querylen=SQL_GETPASSWORD_LEN + usernamelen; 136 query = malloc(querylen+2); 137 snprintf(query, querylen+1, SQL_GETPASSWORD, username); 138 139 140 141 //We make the query 142 request_mysql(query); 143 res=mysql_use_result(conn); 144 if(res==NULL) 131 //TODO TODO TODO TODO TODO TODO TODO: maybe doesn't work!!' 132 ret=get_password(avphdr->avp_value->os.data, avphdr->avp_value->os.len, (char *)&password); 133 134 if(ret>1) 145 135 { 146 136 //We couldn't make the request … … 148 138 goto out; 149 139 } 150 151 152 153 while ((row = mysql_fetch_row(res)) != NULL) 154 { 155 if(strlen(row[0])>0) 156 { 157 strcpy(password,row[0]); 158 not_found=0; 159 break; 160 } 161 } 162 mysql_free_result(res); 163 free(query); 164 165 if(not_found) 140 not_found=ret; 141 142 if(not_found) 166 143 { 167 144 TRACE_DEBUG(FULL,"The user %s doesn't exist!",username); … … 172 149 173 150 174 151 //We allocate the double size of username because at worst it can be all quotes 152 username=malloc(avphdr->avp_value->os.len*2+1); 153 //We purify username not to have forbidden characters 154 usernamelen=mysql_real_escape_string(conn, username, (const char *)avphdr->avp_value->os.data, avphdr->avp_value->os.len); 155 175 156 //Now that we know the user exist, we get the list of AOR owned by this user 176 157 querylen=SQL_GETSIPAOR_LEN + usernamelen; … … 194 175 not_found=1; 195 176 while ((row = mysql_fetch_row(res)) != NULL) 196 197 198 199 200 201 202 203 204 177 { 178 if(strncmp((const char *)avphdr->avp_value->os.data,row[0],avphdr->avp_value->os.len)==0) 179 { 180 not_found=0; 181 break; 182 } 183 } 184 mysql_free_result(res); 185 free(query); 205 186 206 187 if(not_found) 207 188 { 208 189 TRACE_DEBUG(FULL,"The user %s can't use this SIP-AOR!",username); … … 244 225 not_found=1; 245 226 while ((row = mysql_fetch_row(res)) != NULL) 246 { 247 if(strncmp((const char *)avphdr->avp_value->os.data,row[0],avphdr->avp_value->os.len)==0) 248 { 249 not_found=0; 250 break; 251 } 252 } 253 mysql_free_result(res); 254 free(query); 255 256 if(not_found) 257 { 258 //We update the SIP_URI for the user and we flag "authentication in progress" 259 querylen=SQL_SETSIPURI_LEN + usernamelen + sipurilen; 260 query = malloc(querylen+2); 261 snprintf(query, querylen+1, SQL_SETSIPURI, sipuri, username); 262 263 //We make the query 264 request_mysql(query); 227 { 228 if(strncmp((const char *)avphdr->avp_value->os.data,row[0],avphdr->avp_value->os.len)==0) 229 { 230 not_found=0; 231 break; 232 } 233 } 234 mysql_free_result(res); 235 free(query); 236 237 if(not_found) 238 { 239 //Temporary 240 set_sipserver_uri(username, usernamelen, sipuri,sipurilen); 265 241 266 free(query); 267 authenticationpending=1; 268 } 269 free(sipuri); 242 243 set_pending_flag(username, usernamelen); 244 245 246 authenticationpending=1; 247 } 248 free(sipuri); 270 249 271 250 } … … 715 694 if(username!=NULL && authenticationpending) 716 695 { 717 //We clear the flag "authentication pending" 718 querylen=SQL_CLEARFLAG_LEN + usernamelen; 719 query = malloc(querylen+2); 720 snprintf(query, querylen+1, SQL_CLEARFLAG, username); 721 722 //We make the query 723 request_mysql(query); 724 725 free(query); 696 //We clear the pending flag 697 clear_pending_flag(username, usernamelen); 726 698 } 727 699
Note: See TracChangeset
for help on using the changeset viewer.