libsrdb1/kamctl: added definition of uid_credentials table

lib/srdb1/schema/kamailio-uid_auth_db.xml

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE database PUBLIC "-//kamailio.org//DTD DBSchema V1.1//EN"
+  "http://kamailio.org/pub/kamailio/dbschema/dtd/1.1/dbschema.dtd" [
+
+  <!ENTITY % entities SYSTEM "entities.xml">
+  %entities;
+]>
+
+<database xmlns:xi="http://www.w3.org/2001/XInclude">
+    <name>uid_credentials</name>
+    <xi:include href="uid_credentials.xml"/>
+</database>

lib/srdb1/schema/uid_credentials.xml

@@ -0,0 +1,271 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE table PUBLIC "-//iptel.org//DTD DBSchema V1.0//EN"
+  "http://iptel.org/dbschema/dtd/1.0/dbschema.dtd" [
+
+<!ENTITY % entities SYSTEM "entities.xml">
+%entities;
+
+]>
+
+<table id="uid_credentials" xmlns:db="http://docbook.org/ns/docbook">
+  <name>uid_credentials</name>
+  <version>7</version>
+  <type db="mysql">&MYSQL_TABLE_TYPE;</type>
+  <description>
+	Credentials table maps credentials, identified by username and realm to
+	users identified by uid. Credentials can be used in digest authentication
+	in SIP and/or authentication in SERWeb. In most situations credentials for
+	digest authentication and SERWeb authentication are same. There are cases,
+	however, where seperate credentials for SERWeb and separate credentials
+	for digest authentication may be needed. One such example are setups where
+	subscribers get HW user agents with locked configuration and thay do not
+	know the password and are not allowed to change it. If they should be able
+	to authenticate in SERWeb then they need different credentials with
+	different password.
+  </description>
+
+  <column id="id">
+    <name>id</name>
+    <type>unsigned int</type>
+    <size>&table_id_len;</size>
+    <autoincrement/>
+    <primary/>
+    <type db="dbtext">int,auto</type>
+    <description>Unique ID</description>
+  </column>
+
+  <column id="uid_credentials.auth_username">
+	<name>auth_username</name>
+	<type>string</type>
+	<size>&user_len;</size>
+	<description>
+	  Credentials username. In digest authentication this is the username
+	  configured in user agents, in SERWeb this is the login username.
+	</description>
+  </column>
+
+  <column id="uid_credentials.did">
+	<name>did</name>
+	<type>string</type>
+	<size>&id_len;</size>
+    <default>_default</default>
+	<description>
+	  DID of the virtual domain the username belongs to.
+	</description>
+  </column>
+
+  <column id="uid_credentials.realm">
+	<name>realm</name>
+	<type>string</type>
+	<size>&realm_len;</size>
+	<description>
+	  Credentials realm. In digest authentication this is the value of digest
+	  realm attribute, in SERWeb this is the part after @ in login username.
+	</description>
+  </column>
+
+  <column>
+	<name>password</name>
+	<type>string</type>
+	<default></default>
+	<size>28</size>
+	<description>
+	  Plain text password of the subscriber, can be used for both digest (SER)
+	  and SERWeb authentication.
+	</description>
+  </column>
+
+  <column id="uid_credentials.flags">
+	<name>flags</name>
+	<type>int</type>
+	<default>0</default>
+	<description>
+	  Flags that identify where this particular instance of credentials can be
+	  used. If FOR_SER flag is set then the credentials can be used in digest
+	  authentication in SIP. If FOR_SERWEB is set then the credentials can be
+	  used for authentication in SERWeb. Meaning of flags is summarized in the
+	  table below.
+	  <db:note>
+		<db:simpara>
+		  Note that several flags below have no meaning in this table and are
+		  only presented for completeness, because the flags column has
+		  identical meaning of flags across most tables in the database.
+		</db:simpara>
+	  </db:note>
+	  <db:table><db:title>possible credentials flags</db:title>
+		<db:tgroup cols="4">
+		  <db:thead>
+			<db:row>
+			  <db:entry>Bit</db:entry>
+			  <db:entry>Hex value</db:entry>
+			  <db:entry>Flag</db:entry>
+			  <db:entry>Description</db:entry>
+			</db:row>
+		  </db:thead>
+		  <db:tbody>
+			<db:row>
+			  <db:entry>0</db:entry>
+			  <db:entry>0x00000001</db:entry>
+			  <db:entry>FOR_SER</db:entry>
+			  <db:entry>
+				If set then SER will load the row (not applicable in this
+				table).
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>1</db:entry>
+			  <db:entry>0x00000002</db:entry>
+			  <db:entry>DISABLED</db:entry>
+			  <db:entry>
+				The data represented by the row is temporarily disabled, which
+				means it stays in the database but no applications use it.
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>2</db:entry>
+			  <db:entry>0x00000004</db:entry>
+			  <db:entry>CANONICAL</db:entry>
+			  <db:entry>
+				The URI or domain name is canonical. When displaying the URI
+				of the user or name of a domain then this entry should be
+				used.  Not applicable in this table.
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>3</db:entry>
+			  <db:entry>0x00000008</db:entry>
+			  <db:entry>ALLOWED_TO</db:entry>
+			  <db:entry>
+				The URI represented by this row can be used in The Request-URI
+				or To header field. In other words the user will be reachable
+				under this URI and can use it as an alias. Not applicable in
+				this table.
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>4</db:entry>
+			  <db:entry>0x00000010</db:entry>
+			  <db:entry>ALLOWED_FROM</db:entry>
+			  <db:entry>
+				The user identified by uid can use this URI in From header
+				field. Not applicable in this table.
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>5</db:entry>
+			  <db:entry>0x00000020</db:entry>
+			  <db:entry>FOR_SERWEB</db:entry>
+			  <db:entry>
+				The data represented by the row is for SERWeb. This is
+				currently used in credentials table only where the flags
+				allows to keep different credentials for digest authentication
+				in SIP and for SERWeb authentication. Not applicable in this
+				table.
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>6</db:entry>
+			  <db:entry>0x00000040</db:entry>
+			  <db:entry>PENDING</db:entry>
+			  <db:entry>
+				The account owning the piece of data has not been activated
+				yet. Not applicable in this table, this is mainly used in
+				credentials table.
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>7</db:entry>
+			  <db:entry>0x00000100</db:entry>
+			  <db:entry>DELETED</db:entry>
+			  <db:entry>
+				The row has been scheduled for deletion.
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>8</db:entry>
+			  <db:entry>0x00000200</db:entry>
+			  <db:entry>CALLER_DELETED</db:entry>
+			  <db:entry>
+				The accounting record has been scheduled for deletion by the
+				caller. The row can be deleted once both the caller and callee
+				schedule the record for deletion. A single record can be
+				shared by two users and thus both of them must schedule it for
+				deletion before it can be physically deleted.
+			  </db:entry>
+			</db:row>
+			<db:row>
+			  <db:entry>9</db:entry>
+			  <db:entry>0x00000400</db:entry>
+			  <db:entry>CALLEE_DELETED</db:entry>
+			  <db:entry>
+				The accounting record has been scheduled for deletion by the
+				callee. The row can be deleted once both the caller and callee
+				schedule the record for deletion. A single record can be
+				shared by two users and thus both of them must schedule it for
+				deletion before it can be physically deleted.
+			  </db:entry>
+			</db:row>
+		  </db:tbody>
+		</db:tgroup>
+	  </db:table>
+	</description>
+  </column>
+
+  <column>
+	<name>ha1</name>
+	<type>string</type>
+	<size>32</size>
+	<description>
+	  For digest authentication only. This is the H(A1) value calculated as
+	  per RFC2617. The value contains an MD5 hash of string concatenated from
+	  username,realm, and password: MD5(username:realm:password).
+	</description>
+  </column>
+
+  <column>
+	<name>ha1b</name>
+	<type>string</type>
+	<default></default>
+	<size>32</size>
+	<description>
+	  Similar to ha1, but username@domain is used as username. This is
+	  necessary for user agents that put username@domain into digest username
+	  attribute. This is often useful in multi-domain setups because it allows
+	  users to explicitly specify the domain they wish to sign in.
+	</description>
+  </column>
+
+  <column id="uid_credentials.uid">
+	<name>uid</name>
+	<name db="oracle">uuid</name>
+	<type>string</type>
+	<size>&id_len;</size>
+	<description>
+	  This is the UID (User ID) identifier of the user the credentials are
+	  assigned to. Each uid can have multiple credentials assigned. UIDs of
+	  subscribers with no credentials assigned do not appear in this table.
+	</description>
+  </column>
+
+  <index>
+	<name>cred_idx</name>
+	<colref linkend="uid_credentials.auth_username"/>
+	<colref linkend="uid_credentials.did"/>
+  </index>
+
+  <index>
+	<name>uid</name>
+	<name db="oracle">uuid</name>
+	<colref linkend="uid_credentials.uid"/>
+  </index>
+
+  <index>
+	<name>did_idx</name>
+	<colref linkend="uid_credentials.did"/>
+  </index>
+
+  <index>
+	<name>realm_idx</name>
+	<colref linkend="uid_credentials.realm"/>
+  </index>
+</table>

utils/kamctl/db_berkeley/kamailio/location_attrs

@@ -8,5 +8,3 @@ METADATA_LOGFLAGS
 0
 METADATA_DEFAULTS
 NIL|''|''|NULL|''|0|''|'1900-01-01 00:00:01'
-location_attrs|
-location_attrs|1

utils/kamctl/db_berkeley/kamailio/uid_credentials

@@ -0,0 +1,12 @@
+METADATA_COLUMNS
+id(int) auth_username(str) did(str) realm(str) password(str) flags(int) ha1(str) ha1b(str) uid(str)
+METADATA_KEY
+
+METADATA_READONLY
+0
+METADATA_LOGFLAGS
+0
+METADATA_DEFAULTS
+NIL|NIL|'_default'|NIL|''|0|NIL|''|NIL
+uid_credentials|
+uid_credentials|7

utils/kamctl/db_berkeley/kamailio/version

@@ -68,6 +68,8 @@ lcr_rule_target|
 lcr_rule_target|1
 location|
 location|6
+location_attrs|
+location_attrs|1
 matrix|
 matrix|1
 missed_calls|

utils/kamctl/db_sqlite/uid_auth_db-create.sql

@@ -0,0 +1,18 @@
+INSERT INTO version (table_name, table_version) values ('uid_credentials','7');
+CREATE TABLE uid_credentials (
+    id INTEGER PRIMARY KEY NOT NULL,
+    auth_username VARCHAR(64) NOT NULL,
+    did VARCHAR(64) DEFAULT '_default' NOT NULL,
+    realm VARCHAR(64) NOT NULL,
+    password VARCHAR(28) DEFAULT '' NOT NULL,
+    flags INTEGER DEFAULT 0 NOT NULL,
+    ha1 VARCHAR(32) NOT NULL,
+    ha1b VARCHAR(32) DEFAULT '' NOT NULL,
+    uid VARCHAR(64) NOT NULL
+);
+
+CREATE INDEX uid_credentials_cred_idx ON uid_credentials (auth_username, did);
+CREATE INDEX uid_credentials_uid ON uid_credentials (uid);
+CREATE INDEX uid_credentials_did_idx ON uid_credentials (did);
+CREATE INDEX uid_credentials_realm_idx ON uid_credentials (realm);
+

utils/kamctl/dbtext/kamailio/location_attrs

@@ -1,2 +1 @@
 id(int,auto) ruid(string) username(string) domain(string,null) aname(string) atype(int) avalue(string) last_modified(int) 
-location_attrs:1

utils/kamctl/dbtext/kamailio/uid_credentials

@@ -0,0 +1,2 @@
+id(int,auto) auth_username(string) did(string) realm(string) password(string) flags(int) ha1(string) ha1b(string) uid(string) 
+uid_credentials:7

utils/kamctl/dbtext/kamailio/version

@@ -29,6 +29,7 @@ lcr_gw:3
 lcr_rule:2
 lcr_rule_target:1
 location:6
+location_attrs:1
 matrix:1
 missed_calls:3
 mtree:1

utils/kamctl/mysql/uid_auth_db-create.sql

@@ -0,0 +1,18 @@
+INSERT INTO version (table_name, table_version) values ('uid_credentials','7');
+CREATE TABLE uid_credentials (
+    id INT(10) UNSIGNED AUTO_INCREMENT PRIMARY KEY NOT NULL,
+    auth_username VARCHAR(64) NOT NULL,
+    did VARCHAR(64) DEFAULT '_default' NOT NULL,
+    realm VARCHAR(64) NOT NULL,
+    password VARCHAR(28) DEFAULT '' NOT NULL,
+    flags INT DEFAULT 0 NOT NULL,
+    ha1 VARCHAR(32) NOT NULL,
+    ha1b VARCHAR(32) DEFAULT '' NOT NULL,
+    uid VARCHAR(64) NOT NULL
+) ENGINE=MyISAM;
+
+CREATE INDEX cred_idx ON uid_credentials (auth_username, did);
+CREATE INDEX uid ON uid_credentials (uid);
+CREATE INDEX did_idx ON uid_credentials (did);
+CREATE INDEX realm_idx ON uid_credentials (realm);
+

utils/kamctl/oracle/uid_auth_db-create.sql

@@ -0,0 +1,26 @@
+INSERT INTO version (table_name, table_version) values ('uid_credentials','7');
+CREATE TABLE uid_credentials (
+    id NUMBER(10) PRIMARY KEY,
+    auth_username VARCHAR2(64),
+    did VARCHAR2(64) DEFAULT '_default',
+    realm VARCHAR2(64),
+    password VARCHAR2(28) DEFAULT '',
+    flags NUMBER(10) DEFAULT 0 NOT NULL,
+    ha1 VARCHAR2(32),
+    ha1b VARCHAR2(32) DEFAULT '',
+    uuid VARCHAR2(64)
+);
+
+CREATE OR REPLACE TRIGGER uid_credentials_tr
+before insert on uid_credentials FOR EACH ROW
+BEGIN
+  auto_id(:NEW.id);
+END uid_credentials_tr;
+/
+BEGIN map2users('uid_credentials'); END;
+/
+CREATE INDEX uid_credentials_cred_idx  ON uid_credentials (auth_username, did);
+CREATE INDEX uid_credentials_uuid  ON uid_credentials (uuid);
+CREATE INDEX uid_credentials_did_idx  ON uid_credentials (did);
+CREATE INDEX uid_credentials_realm_idx  ON uid_credentials (realm);
+

utils/kamctl/postgres/uid_auth_db-create.sql

@@ -0,0 +1,18 @@
+INSERT INTO version (table_name, table_version) values ('uid_credentials','7');
+CREATE TABLE uid_credentials (
+    id SERIAL PRIMARY KEY NOT NULL,
+    auth_username VARCHAR(64) NOT NULL,
+    did VARCHAR(64) DEFAULT '_default' NOT NULL,
+    realm VARCHAR(64) NOT NULL,
+    password VARCHAR(28) DEFAULT '' NOT NULL,
+    flags INTEGER DEFAULT 0 NOT NULL,
+    ha1 VARCHAR(32) NOT NULL,
+    ha1b VARCHAR(32) DEFAULT '' NOT NULL,
+    uid VARCHAR(64) NOT NULL
+);
+
+CREATE INDEX uid_credentials_cred_idx ON uid_credentials (auth_username, did);
+CREATE INDEX uid_credentials_uid ON uid_credentials (uid);
+CREATE INDEX uid_credentials_did_idx ON uid_credentials (did);
+CREATE INDEX uid_credentials_realm_idx ON uid_credentials (realm);
+

utils/kamctl/xhttp_pi/pi_framework.xml

@@ -702,6 +702,20 @@
 		<column><field>auth_proxy</field><type>DB1_STR</type></column>
 		<column><field>expires</field><type>DB1_INT</type></column>
 	</db_table>
+	<!-- Declaration of uid_credentials table-->
+	<db_table id="uid_credentials">
+		<table_name>uid_credentials</table_name>
+		<db_url_id>mysql</db_url_id>
+		<column><field>id</field><type>DB1_INT</type></column>
+		<column><field>auth_username</field><type>DB1_STR</type></column>
+		<column><field>did</field><type>DB1_STR</type></column>
+		<column><field>realm</field><type>DB1_STR</type></column>
+		<column><field>password</field><type>DB1_STR</type></column>
+		<column><field>flags</field><type>DB1_INT</type></column>
+		<column><field>ha1</field><type>DB1_STR</type></column>
+		<column><field>ha1b</field><type>DB1_STR</type></column>
+		<column><field>uid</field><type>DB1_STR</type></column>
+	</db_table>
 	<!-- Declaration of uri table-->
 	<db_table id="uri">
 		<table_name>uri</table_name>
@@ -1683,6 +1697,24 @@
 			</query_cols>
 		</cmd>
 	</mod>
+	<!-- uid_credentials provisionning -->
+	<mod><mod_name>uid_credentials</mod_name>
+		<cmd><cmd_name>show</cmd_name>
+			<db_table_id>uid_credentials</db_table_id>
+			<cmd_type>DB1_QUERY</cmd_type>
+			<query_cols>
+				<col><field>id</field></col>
+				<col><field>auth_username</field></col>
+				<col><field>did</field></col>
+				<col><field>realm</field></col>
+				<col><field>password</field></col>
+				<col><field>flags</field></col>
+				<col><field>ha1</field></col>
+				<col><field>ha1b</field></col>
+				<col><field>uid</field></col>
+			</query_cols>
+		</cmd>
+	</mod>
 	<!-- uri provisionning -->
 	<mod><mod_name>uri</mod_name>
 		<cmd><cmd_name>show</cmd_name>

utils/kamctl/xhttp_pi/uid_auth_db-mod

@@ -0,0 +1,18 @@
+	<!-- uid_credentials provisionning -->
+	<mod><mod_name>uid_credentials</mod_name>
+		<cmd><cmd_name>show</cmd_name>
+			<db_table_id>uid_credentials</db_table_id>
+			<cmd_type>DB1_QUERY</cmd_type>
+			<query_cols>
+				<col><field>id</field></col>
+				<col><field>auth_username</field></col>
+				<col><field>did</field></col>
+				<col><field>realm</field></col>
+				<col><field>password</field></col>
+				<col><field>flags</field></col>
+				<col><field>ha1</field></col>
+				<col><field>ha1b</field></col>
+				<col><field>uid</field></col>
+			</query_cols>
+		</cmd>
+	</mod>

utils/kamctl/xhttp_pi/uid_auth_db-table

@@ -0,0 +1,14 @@
+	<!-- Declaration of uid_credentials table-->
+	<db_table id="uid_credentials">
+		<table_name>uid_credentials</table_name>
+		<db_url_id>mysql</db_url_id>
+		<column><field>id</field><type>DB1_INT</type></column>
+		<column><field>auth_username</field><type>DB1_STR</type></column>
+		<column><field>did</field><type>DB1_STR</type></column>
+		<column><field>realm</field><type>DB1_STR</type></column>
+		<column><field>password</field><type>DB1_STR</type></column>
+		<column><field>flags</field><type>DB1_INT</type></column>
+		<column><field>ha1</field><type>DB1_STR</type></column>
+		<column><field>ha1b</field><type>DB1_STR</type></column>
+		<column><field>uid</field><type>DB1_STR</type></column>
+	</db_table>