auth: re-introduced realm_prefix parameter

- strip its value from realm, if parameter is set
- reported by Kelvin Chua

modules/auth/api.c

@@ -76,6 +76,7 @@ auth_result_t pre_auth(struct sip_msg* msg, str* realm, hdr_types_t hftype,
 	      * in the message, parse them and return pointer to
 	      * parsed structure
 	      */
+	strip_realm(realm);
 	ret = find_credentials(msg, realm, hftype, hdr);
 	if (ret < 0) {
 		LOG(L_ERR, "auth:pre_auth: Error while looking for credentials\n");

modules/auth/auth_mod.c

@@ -100,6 +100,9 @@ int   nonce_expire = 300;   /* Nonce lifetime */
 int   protect_contacts = 0; /* Do not include contacts in nonce by default */
 int force_stateless_reply = 0; /* Always send reply statelessly */
 
+/*! Prefix to strip from realm */
+str auth_realm_prefix = {"", 0};
+
 str secret1;
 str secret2;
 char* sec_rand1 = 0;
@@ -177,6 +180,7 @@ static param_export_t params[] = {
 	{"otn_in_flight_order",    PARAM_INT,    &otn_in_flight_k       },
 	{"nid_pool_no",            PARAM_INT,    &nid_pool_no            },
     {"force_stateless_reply",  PARAM_INT,    &force_stateless_reply },
+	{"realm_prefix",           PARAM_STRING, &auth_realm_prefix.s   },
     {0, 0, 0}
 };
 
@@ -244,6 +248,8 @@ static int mod_init(void)
     
     DBG("auth module - initializing\n");
     
+	auth_realm_prefix.len = strlen(auth_realm_prefix.s);
+
 	/* bind the SL API */
 	if (sl_load_api(&slb)!=0) {
 		LM_ERR("cannot bind to SL API\n");

modules/auth/challenge.c

@@ -66,6 +66,31 @@
 #define DIGEST_ALGORITHM_LEN (sizeof(DIGEST_ALGORITHM)-1)
 
 
+extern str auth_realm_prefix;
+/**
+ * @brief Strip the beginning of a realm string
+ *
+ * Strip the beginning of a realm string, depending on the length of
+ * the realm_prefix.
+ * @param _realm realm string
+ */
+void strip_realm(str* _realm)
+{
+	/* no param defined -- return */
+	if (!auth_realm_prefix.len) return;
+
+	/* prefix longer than realm -- return */
+	if (auth_realm_prefix.len > _realm->len) return;
+
+	/* match ? -- if so, shorten realm -*/
+	if (memcmp(auth_realm_prefix.s, _realm->s, auth_realm_prefix.len) == 0) {
+		_realm->s += auth_realm_prefix.len;
+		_realm->len -= auth_realm_prefix.len;
+	}
+	return;
+}
+
+
 /**
  * Create and return {WWW,Proxy}-Authenticate header field
  * @param nonce nonce value
@@ -98,6 +123,7 @@ int get_challenge_hf(struct sip_msg* msg, int stale, str* realm,
 		return -1;
 	}
 
+	strip_realm(realm);
     if (realm) {
         DEBUG("build_challenge_hf: realm='%.*s'\n", realm->len, realm->s);
     }

modules/auth/challenge.h

@@ -53,4 +53,6 @@ int build_challenge_hf(struct sip_msg* msg, int stale, str* realm,
 int get_challenge_hf(struct sip_msg* msg, int stale, str* realm,
 		str* nonce, str* algorithm, struct qp* qop, int hftype, str *ahf);
 
+void strip_realm(str* _realm);
+
 #endif /* CHALLENGE_H */