ims_auth: Fix for SIP Digest (Segmentation fault)

- Fix by Marek Bazler ([email protected])

modules/ims_auth/authorize.c

@@ -89,8 +89,7 @@ extern int ignore_failed_auth;
 extern int av_check_only_impu;
 
 auth_hash_slot_t *auth_data; /**< Authentication vector hash table */
-extern int auth_data_hash_size; /**< authentication vector hash table size */
-
+static int act_auth_data_hash_size = 0; /**< authentication vector hash table size */
 
 static str empty_s = {0, 0};
 
@@ -192,7 +191,7 @@ void reg_await_timer(unsigned int ticks, void* param) {
     int i;
 
     LM_DBG("Looking for expired/useless at %d\n", ticks);
-    for (i = 0; i < auth_data_hash_size; i++) {
+    for (i = 0; i < act_auth_data_hash_size; i++) {
         auth_data_lock(i);
         aud = auth_data[i].head;
         while (aud) {
@@ -704,8 +703,27 @@ int authenticate(struct sip_msg* msg, char* _realm, char* str2, int is_proxy_aut
                     &qop_str,
                     qop == QOP_AUTHINT,
                     &msg->first_line.u.request.method, &uri, hbody, expected);
-            LM_INFO("UE said: %.*s and we  expect %.*s ha1 %.*s (%.*s)\n",
-                    response16.len, response16.s, /*av->authorization.len,av->authorization.s,*/32, expected, 32, ha1, msg->first_line.u.request.method.len, msg->first_line.u.request.method.s);
+            LM_INFO("UE said: %.*s and we expect %.*s ha1 %.*s (%.*s)\n",
+                    response16.len, response16.s, 
+                    /*av->authorization.len,av->authorization.s,*/32, expected,
+                    32, ha1,
+                    msg->first_line.u.request.method.len, msg->first_line.u.request.method.s);
+            break;
+        case AUTH_SIP_DIGEST:
+        case AUTH_DIGEST:
+            // memcpy of received HA1
+            memcpy(ha1, av->authorization.s, HASHHEXLEN); 
+            calc_response(ha1, &(av->authenticate),
+                    &nc,
+                    &cnonce,
+                    &qop_str,
+                    qop == QOP_AUTHINT,
+                    &msg->first_line.u.request.method, &uri, hbody, expected);
+            LM_INFO("UE said: %.*s and we expect %.*s ha1 %.*s (%.*s)\n",
+                    response16.len, response16.s, 
+                    32,expected, 
+                    32,ha1, 
+                    msg->first_line.u.request.method.len, msg->first_line.u.request.method.s);
             break;
         default:
             LM_ERR("algorithm %.*s is not handled.\n",
@@ -902,11 +920,11 @@ int auth_data_init(int size) {
         return 0;
     }
     memset(auth_data, 0, sizeof (auth_hash_slot_t) * size);
-    auth_data_hash_size = size;
     for (i = 0; i < size; i++) {
         auth_data[i].lock = lock_alloc();
         lock_init(auth_data[i].lock);
     }
+    act_auth_data_hash_size = size;
     return 1;
 }
 
@@ -915,7 +933,7 @@ int auth_data_init(int size) {
 void auth_data_destroy() {
     int i;
     auth_userdata *aud, *next;
-    for (i = 0; i < auth_data_hash_size; i++) {
+    for (i = 0; i < act_auth_data_hash_size; i++) {
         auth_data_lock(i);
         lock_destroy(auth_data[i].lock);
         lock_dealloc(auth_data[i].lock);
@@ -1181,9 +1199,9 @@ void free_auth_userdata(auth_userdata * aud) {
  */
 inline unsigned int get_hash_auth(str private_identity, str public_identity) {
 if (av_check_only_impu)
-	return core_hash(&public_identity, 0, auth_data_hash_size);
+	return core_hash(&public_identity, 0, act_auth_data_hash_size);
 else
-	return core_hash(&public_identity, 0, auth_data_hash_size);
+	return core_hash(&public_identity, 0, act_auth_data_hash_size);
 /*