首页 发现 帮助
登录
Kamailio
/
kamailio-tests
镜像自地址 https://github.com/kamailio/kamailio-tests.git
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

tauthx0002: test for auth_xkeys module with kemi lua script

Daniel-Constantin Mierla 5 年之前
父节点
c4131b6045
当前提交
fdee6652ce
共有 4 个文件被更改,包括 92 次插入0 次删除
分列视图 显示文件统计
  1. 8 0
      units/tauthx0002/README.md
  2. 24 0
      units/tauthx0002/kamailio-tauthx0002.cfg
  3. 38 0
      units/tauthx0002/kamailio-tauthx0002.lua
  4. 22 0
      units/tauthx0002/tauthx0002.sh

+ 8 - 0
units/tauthx0002/README.md
查看文件 

@@ -0,0 +1,8 @@
 
+# XKeys Authentication - Using KEMI Lua Script #
 
+
 
+Summary: xkeys authentication - using kemi lua script
 
+
 
+Following tests are done:
 
+
 
+  * run kamailio with `kamailio-tauth0002.cfg` and do xkeys authentication
 
+  using KEMI Lua script

+ 24 - 0
units/tauthx0002/kamailio-tauthx0002.cfg
查看文件 

@@ -0,0 +1,24 @@
 
+#!KAMAILIO
 
+
 
+debug=3
 
+children=2
 
+
 
+loadmodule "jsonrpcs.so"
 
+loadmodule "kex.so"
 
+loadmodule "corex.so"
 
+loadmodule "sl.so"
 
+loadmodule "pv.so"
 
+loadmodule "kemix.so"
 
+loadmodule "auth_xkeys.so"
 
+loadmodule "app_lua.so"
 
+
 
+# ----- auth_xkeys params -----
 
+modparam("auth_xkeys", "xkey", "id=kid1;name=key1;value=zbbmWVQ7mofEJ6yJHxuc")
 
+
 
+# ----- app_lua params -----
 
+modparam("app_lua", "reload", 1)
 
+modparam("app_lua", "load", "kamailio-tauthx0002.lua")
 
+
 
+####### Routing Logic ########
 
+
 
+cfgengine "lua"

+ 38 - 0
units/tauthx0002/kamailio-tauthx0002.lua
查看文件 

@@ -0,0 +1,38 @@
 
+--
 
+--
 
+--
 
+
 
+AUTH_XKEYS_TIMEFRAME=90
 
+
 
+-- SIP request routing
 
+-- equivalent of request_route{}
 
+function ksr_request_route()
 
+	local timehdr = "";
 
+	-- from nodes with auth xkeys support
 
+    if KSR.hdr.is_present("X-AuthXKeys-Token") > 0
 
+            and KSR.hdr.is_present("X-AuthXKeys-Time") > 0 then
 
+        timehdr = KSR.pv.gete("$hdr(X-AuthXKeys-Time)");
 
+        local tlimit = tonumber(timehdr);
 
+        if tlimit ~= NILL and tlimit >= os.time() then
 
+            if KSR.auth_xkeys.auth_xkeys_check("X-AuthXKeys-Token", "kid1", "sha256",
 
+                    timehdr .. ":" .. KSR.pv.gete("$hdr(CSeq)") .. ":" .. KSR.pv.gete("$ci")
 
+                    .. ":" .. KSR.pv.gete("$fu") .. ":" .. KSR.pv.gete("$ru")) > 0 then
 
+                KSR.info("auth xkeys ok\n");
 
+                KSR.sl.sl_send_reply(200, "ok");
 
+                return 1;
 
+            end
 
+        end
 
+        KSR.info("auth xkeys failed\n");
 
+        KSR.sl.sl_send_reply(403, "Not allowed");
 
+        return 1;
 
+    end
 
+
 
+	timehdr = tostring(os.time() + AUTH_XKEYS_TIMEFRAME);
 
+    KSR.hdr.append("X-AuthXKeys-Time: " .. timehdr .. "\r\n");
 
+    KSR.auth_xkeys.auth_xkeys_add("X-AuthXKeys-Token", "kid1", "sha256",
 
+            timehdr .. ":" .. KSR.pv.gete("$hdr(CSeq)") .. ":" .. KSR.pv.gete("$ci")
 
+            .. ":" .. KSR.kx.get_furi() .. ":" .. KSR.kx.get_ruri());
 
+    KSR.setdsturi("sip:" .. KSR.pv.gete("$Ri") .. ":" .. KSR.pv.gete("$Rp"));
 
+	KSR.forward();
 
+	return 1;
 
+end

+ 22 - 0
units/tauthx0002/tauthx0002.sh
查看文件 

@@ -0,0 +1,22 @@
 
+#!/bin/bash
 
+
 
+. ../../etc/config
 
+. ../../libs/utils
 
+
 
+echo "--- start kamailio -f ./kamailio-tauthx0002.cfg"
 
+${KAMBIN} -P ${KAMPID} -w . -Y ${KAMRUN} -f ./kamailio-tauthx0002.cfg -a no -ddd -E 2>&1 | tee /tmp/kamailio-tauthx0002.log &
 
+ret=$?
 
+sleep 1
 
+sipsak -H 127.0.0.1 -c sip:[email protected] -s sip:[email protected] -B "hello there"
 
+sleep 1
 
+kill_pidfile ${KAMPID}
 
+sleep 1
 
+echo
 
+echo "--- grep output"
 
+echo
 
+grep "auth xkeys ok" /tmp/kamailio-tauthx0002.log
 
+ret=$?
 
+if [ ! "$ret" -eq 0 ] ; then
 
+    exit 1
 
+fi
 
+exit 0