kamailio/ser_stun.c

/*
 * $Id$
 *
 * Copyright (C) 2001-2003 FhG Fokus
 *
 * This file is part of ser, a free SIP server.
 *
 * ser is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version
 *
 * For a license to use the ser software under conditions
 * other than those described here, or to purchase support for this
 * software, please contact iptel.org by e-mail at the following addresses:
 *    [email protected]
 *
 * ser is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License 
 * along with this program; if not, write to the Free Software 
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *
 * History
 * --------
 *  2006-10-13  created (vlada)
 *  2006-12-14  fixed calculation of body length (vlada) 
 */

#ifdef USE_STUN 
 
#include <arpa/inet.h>
#include "ser_stun.h"
#include "forward.h"

extern unsigned char* SHA1(const unsigned char* d, size_t m,unsigned char* md);

/*
 * ****************************************************************************
 *                     Declaration of functions                               *
 * ****************************************************************************
 */
int stun_parse_header(struct stun_msg* req, USHORT_T* error_code);
int stun_parse_body(
				struct stun_msg* req,
				struct stun_unknown_att** unknown,
				USHORT_T* error_code);
void stun_delete_unknown_attrs(struct stun_unknown_att* unknown);
struct stun_unknown_att* stun_alloc_unknown_attr(USHORT_T type);
int stun_add_address_attr(struct stun_msg* res, 
						UINT_T		af,
						USHORT_T	port,
						UINT_T*		ip_addr,
						USHORT_T	type,
						int do_xor);
int add_unknown_attr(struct stun_msg* res, struct stun_unknown_att* unknown);
int add_error_code(struct stun_msg* res, USHORT_T error_code);
int add_fingerprint(struct stun_buffer* msg);
int copy_str_to_buffer(struct stun_msg* res, const char* data, UINT_T pad);
int validate_fingerprint(struct stun_msg* req, USHORT_T* error_code);
int reallock_buffer(struct stun_buffer* buffer, UINT_T len);
int buf_copy(struct stun_buffer* msg, void* source, UINT_T len);
void clean_memory(struct stun_msg* req,
				struct stun_msg* res,	struct stun_unknown_att* unknown);
int stun_create_response(
						struct stun_msg* req,
						struct stun_msg* res,
						struct receive_info* ri,
						struct stun_unknown_att* unknown, 
						UINT_T error_code);
int stun_add_common_integer_attr(struct stun_msg* res, USHORT_T type, UINT_T value);
int stun_add_common_text_attr(struct stun_msg* res, USHORT_T type, char* value, 
							USHORT_T pad);


/*
 * ****************************************************************************
 *                      Definition of functions                               *
 * ****************************************************************************
 */
 
/* 
 * stun_process_msg(): 
 * 			buf - incoming message
 * 			len - length of incoming message
 * 			ri  - information about socket that received a message and 
 *                also information about sender (its IP, port, protocol)
 * 
 * This function ensures processing of incoming message. It's common for both
 * TCP and UDP protocol. There is no other function as an interface.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 * 
 */
int stun_process_msg(char* buf, unsigned len, struct receive_info* ri)
{
	struct stun_msg 			msg_req;
	struct stun_msg 			msg_res;
	struct dest_info			dst;
	struct stun_unknown_att*	unknown;
	USHORT_T					error_code;
	 
	memset(&msg_req, 0, sizeof(msg_req));
	memset(&msg_res, 0, sizeof(msg_res));
	
	msg_req.msg.buf.s = buf;
	msg_req.msg.buf.len = len;	
	unknown = NULL;
	error_code = RESPONSE_OK;
	
	if (stun_parse_header(&msg_req, &error_code) != 0) {
		goto error;
	}
	
	if (error_code == RESPONSE_OK) {
		if (stun_parse_body(&msg_req, &unknown, &error_code) != 0) {
			goto error;
		}
	}
	
	if (stun_create_response(&msg_req, &msg_res, ri,  
							unknown, error_code) != 0) {
		goto error;
	}
	
	init_dst_from_rcv(&dst, ri);

#ifdef EXTRA_DEBUG	
	struct ip_addr ip;
	su2ip_addr(&ip, &dst.to);
	LOG(L_DBG, "DEBUG: stun_process_msg: decoded request from (%s:%d)\n", ip_addr2a(&ip), 
		su_getport(&dst.to));
#endif
	
	/* send STUN response */
	if (msg_send(&dst, msg_res.msg.buf.s, msg_res.msg.buf.len) != 0) {
		goto error;
	}
	
#ifdef EXTRA_DEBUG
	LOG(L_DBG, "DEBUG: stun_process_msg: send response\n");
#endif
	clean_memory(&msg_req, &msg_res, unknown);
	return 0;
	
error:
#ifdef EXTRA_DEBUG
	LOG(L_DBG, "DEBUG: stun_process_msg: failed to decode request\n");
#endif
	clean_memory(&msg_req, &msg_res, unknown);
	return FATAL_ERROR;
}

/*
 * stun_parse_header():
 * 			- req: request from host that should be processed
 * 			- error_code: indication of any protocol error
 * 
 * This function ensures parsing of incoming header.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */

int stun_parse_header(struct stun_msg* req, USHORT_T* error_code)
{
	
	if (sizeof(req->hdr) > req->msg.buf.len) {
		/* the received message does not contain whole header */
		LOG(L_INFO, "INFO: stun_parse_header: incomplete header of STUN message\n");
		/* Any better solution? IMHO it's not possible to send error response
		 * because the transaction ID is not available.
		 */
		return FATAL_ERROR;
	}
	
	memcpy(&req->hdr, req->msg.buf.s, sizeof(struct stun_hdr));
	req->hdr.type = ntohs(req->hdr.type);
	
	/* the SER supports only Binding Request right now */ 
	if (req->hdr.type != BINDING_REQUEST) {
		LOG(L_INFO, "INFO: stun_parse_header: unsupported type of STUN message: %x\n", 
					req->hdr.type);
		/* resending of same message is not welcome */
		*error_code = GLOBAL_FAILURE_ERR;
	}
	
	req->hdr.len = ntohs(req->hdr.len);
	
	/* check if there is correct magic cookie */
	req->old = (req->hdr.id.magic_cookie == htonl(MAGIC_COOKIE)) ? 0 : 1;

#ifdef EXTRA_DEBUG
	LOG(L_DBG, "DEBUG: stun_parse_header: request is old: %i\n", req->old);
#endif
	return 0;
}

/*
 * stun_parse_body():
 * 			- req: request from host that should be processed
 * 			- unknown: this is a link list header of attributes 
 * 					   that are unknown to SER; defaul value is NULL
 * 			- error_code: indication of any protocol error
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int stun_parse_body(
				struct stun_msg* req,
				struct stun_unknown_att** unknown,
				USHORT_T* error_code)
{
	UINT_T not_parsed;
	struct stun_attr attr;
	USHORT_T attr_size;
	UINT_T padded_len;
	struct stun_unknown_att*	tmp_unknown;
	struct stun_unknown_att*	body;
	char*	buf;
	int		fp_present;
	
	attr_size = sizeof(struct stun_attr);
	buf = &req->msg.buf.s[sizeof(struct stun_hdr)];
	fp_present = 0;
	
	/* 
	 * Mark the body lenght as unparsed.
	 */
	not_parsed = req->msg.buf.len - sizeof(struct stun_hdr);
	
	if (not_parsed != req->hdr.len) {
#ifdef EXTRA_DEBUG
		LOG(L_DBG, "DEBUG: stun_parse_body: body too short to be valid\n");
#endif
		*error_code = BAD_REQUEST_ERR;
		return 0; 
	}
	
	tmp_unknown = *unknown;
	body = NULL;
	
	while (not_parsed > 0 && *error_code == RESPONSE_OK) {
		memset(&attr, 0, attr_size);
		
		/* check if there are 4 bytes for attribute type and its value */
		if (not_parsed < 4) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: stun_parse_body: attribute header short to be valid\n");
#endif
			*error_code = BAD_REQUEST_ERR;
			continue;
		}
		
		memcpy(&attr, buf, attr_size);
		
		buf += attr_size;
		not_parsed -= attr_size;
		
		/* check if there is enought unparsed space for attribute's value */
		if (not_parsed < ntohs(attr.len)) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: stun_parse_body: remaining message is shorter then attribute length\n");
#endif
			*error_code = BAD_REQUEST_ERR;
			continue;
		}
		
		/* check if the attribute is known to the server */
		switch (ntohs(attr.type)) {			
			case REALM_ATTR:
			case NONCE_ATTR:
			case MAPPED_ADDRESS_ATTR:
			case XOR_MAPPED_ADDRESS_ATTR:
			case ALTERNATE_SERVER_ATTR:
			case REFRESH_INTERVAL_ATTR:
			case RESPONSE_ADDRESS_ATTR:
			case SOURCE_ADDRESS_ATTR:
			case REFLECTED_FROM_ATTR:		
			case CHANGE_REQUEST_ATTR:
			case CHANGED_ADDRESS_ATTR:
				padded_len = ntohs(attr.len);
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_parse_body: known attributes\n");
#endif
				break;
			
			/* following attributes must be padded to 4 bytes */
			case USERNAME_ATTR:
			case PASSWORD_ATTR:
			case ERROR_CODE_ATTR:
			case UNKNOWN_ATTRIBUTES_ATTR:
			case SERVER_ATTR:
				padded_len = PADDED_TO_FOUR(ntohs(attr.len));
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_parse_body: padded to four\n");
#endif
				break;

			/* MESSAGE_INTEGRITY must be padded to sixty four bytes*/
			case MESSAGE_INTEGRITY_ATTR:
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_parse_body: message integrity attribute found\n");
#endif
				padded_len = PADDED_TO_SIXTYFOUR(ntohs(attr.len));
				break;
			
			case FINGERPRINT_ATTR:
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_parse_body: fingerprint attribute found\n");
#endif
				fp_present = 1;
				if (ntohs(attr.len) != SHA_DIGEST_LENGTH) {
					LOG(L_WARN, 
						"WARNING: STUN: Incorrect fingerprint of request.\n");
					*error_code = BAD_REQUEST_ERR;
					continue;
				}

				memcpy(req->fp, buf, SHA_DIGEST_LENGTH);
				if(stun_allow_fp) {
					if (validate_fingerprint(req, error_code) != 0) {
						LOG(L_WARN, 
							"WARNING: STUN: Incorrect fingerprint of request.\n");
						*error_code = BAD_REQUEST_ERR;
						continue;
					}
				} 

				padded_len = SHA_DIGEST_LENGTH;
				if (not_parsed > SHA_DIGEST_LENGTH) {
#ifdef EXTRA_DEBUG
					LOG(L_DBG, "DEBUG: stun_parse_body: fingerprint is not the last attribute\n");
#endif
					/* fingerprint must be last parameter in request */
					*error_code = BAD_REQUEST_ERR;
					continue;
				}
				break;
			
			default:
				/* 
				 * the attribute is uknnown to the server
				 * let see if it's necessary to generate error response 
				 */
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: low endian: attr - 0x%x   const - 0x%x\n", ntohs(attr.type), MANDATORY_ATTR);
		    LOG(L_DBG, "DEBUG: big endian: attr - 0x%x   const - 0x%x\n", attr.type, htons(MANDATORY_ATTR));
#endif
				if (ntohs(attr.type) <= MANDATORY_ATTR) {
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_parse_body: mandatory unknown attribute found - 0x%x\n", ntohs(attr.type));
#endif		
					tmp_unknown = stun_alloc_unknown_attr(attr.type);
					if (tmp_unknown == NULL) {
						return FATAL_ERROR;
					}
					if (*unknown == NULL) {
						*unknown = body = tmp_unknown;
					}
					else { 
						body->next = tmp_unknown;
						body = body->next;
					}
				}
#ifdef EXTRA_DEBUG
        else {
				  LOG(L_DBG, "DEBUG: stun_parse_body: optional unknown attribute found - 0x%x\n", ntohs(attr.type));
        }
#endif
				padded_len = ntohs(attr.len);
				break;
		}
		buf += padded_len;
		not_parsed -= padded_len;
	}  /* while */
	
	/*
	 * The unknown attribute error code must set after parsing of whole body
	 * because it's necessary to obtain all of unknown attributes! 
	 */
	if (*error_code == RESPONSE_OK && *unknown != NULL) {
		*error_code = UNKNOWN_ATTRIBUTE_ERR;
	} 
	
	if (fp_present == 0 && req->old == 0) {
#ifdef EXTRA_DEBUG
		LOG(L_DBG, "DEBUG: stun_parse_body: fingerprint is missing is this new request\n");
#endif
		/* missing mandatory attribute fingerprint */
		*error_code = BAD_REQUEST_ERR;
	}
	
	return 0;
}

/*
 * stun_create_response():
 * 			- req: original request from host
 * 			- res: this will represent response to host
 * 			- ri: information about request, necessary because of IP 
 * 				  address and port 
 *			- unknown: link list of unknown attributes
 * 			- error_code: indication of any protocol error
 * 
 * The function stun_create_response ensures creating response to a host.
 * The type of response depends on value of error_code parameter.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory  
 */

int stun_create_response(
						struct stun_msg* req,
						struct stun_msg* res,
						struct receive_info* ri,
						struct stun_unknown_att* unknown, 
						UINT_T error_code)
{
	UINT_T msg_len;
	/*
	 * Alloc some space for response.
	 * Optimalization? - maybe it would be better to use biggish static array.
	 */
	res->msg.buf.s = (char *) pkg_malloc(sizeof(char)*STUN_MSG_LEN);
	if (res->msg.buf.s == NULL) {
		LOG(L_ERR, "ERROR: STUN: out of memory\n");
		return FATAL_ERROR;
	}
	
	memset(res->msg.buf.s, 0, sizeof(char)*STUN_MSG_LEN); 
	res->msg.buf.len = 0;
	res->msg.empty = STUN_MSG_LEN;
	
	/* use magic cookie and transaction ID from request */
	memcpy(&res->hdr.id, &req->hdr.id, sizeof(struct transaction_id));
	/* the correct body length will be added ASAP it will be known */ 
	res->hdr.len = htons(0);
	
	if (error_code == RESPONSE_OK) {
#ifdef EXTRA_DEBUG
		LOG(L_DBG, "DEBUG: stun_create_response: creating normal response\n");
#endif
		res->hdr.type = htons(BINDING_RESPONSE);
		
		/* copy header into msg buffer */
		if (buf_copy(&res->msg, (void *) &res->hdr, 
					sizeof(struct stun_hdr)) != 0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: stun_create_response: failed to copy buffer\n");
#endif
			return FATAL_ERROR;
		}

		/* 
		 * If the SER received message in old format, then the body will 
		 * contain MAPPED-ADDRESS attribute instead of XOR-MAPPED-ADDRESS
		 * attribute.
		 */		
		if (req->old == 0) {
			if (stun_add_address_attr(res, ri->src_ip.af, ri->src_port, 
						  ri->src_ip.u.addr32, XOR_MAPPED_ADDRESS_ATTR, 
						  XOR) != 0) {
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_create_response: failed to add address\n");
#endif
				return FATAL_ERROR;
			}
			
			if (stun_add_common_integer_attr(res, REFRESH_INTERVAL_ATTR, 
						stun_refresh_interval) != 0) {
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_create_response: failed to common attributes\n");
#endif
				return FATAL_ERROR;
			}
		}
		else {
			if (stun_add_address_attr(res, ri->src_ip.af, ri->src_port, 
						ri->src_ip.u.addr32, MAPPED_ADDRESS_ATTR, !XOR) != 0) {
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_create_response: failed to add address\n");
#endif
				return FATAL_ERROR;
			}
		}
	}
	else {
#ifdef EXTRA_DEBUG
		LOG(L_DBG, "DEBUG: stun_create_response: creating error response\n");
#endif
		res->hdr.type = htons(BINDING_ERROR_RESPONSE);
		
		if (buf_copy(&res->msg, (void *) &res->hdr, 
								sizeof(struct stun_hdr)) != 0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: stun_create_response: failed to copy buffer\n");
#endif
			return FATAL_ERROR;
		}
		
		if (add_error_code(res, error_code) != 0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: stun_create_response: failed to add error code\n");
#endif
			return FATAL_ERROR;
		}
		
		if (unknown != NULL) {
			if (add_unknown_attr(res, unknown) != 0) {
#ifdef EXTRA_DEBUG
				LOG(L_DBG, "DEBUG: stun_create_response: failed to add unknown attribute\n");
#endif
				return FATAL_ERROR;
			}
		} 
	}
	
	if (req->old == 0) {
		/* 
		 * add optional information about server; attribute SERVER is not a part of 
		 * rfc3489.txt 
		 * */
		if (stun_add_common_text_attr(res, SERVER_ATTR, SERVER_HDR, PAD4)!=0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: stun_create_response: failed to add common text attribute\n");
#endif
			return FATAL_ERROR;
		}
	}	
	
	if (req->old == 0 && stun_allow_fp) {
		/* count length of body except header and fingerprint
	 	 * and copy message length at the beginning of buffer
	   */
	  msg_len = res->msg.buf.len - sizeof(struct stun_hdr);
	  msg_len += SHA_DIGEST_LENGTH + sizeof(struct stun_attr);
		res->hdr.len = htons(msg_len);
		memcpy(&res->msg.buf.s[sizeof(USHORT_T)], (void *) &res->hdr.len,
	  	sizeof(USHORT_T));
	  		
		if (add_fingerprint(&res->msg) != 0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: stun_create_response: failed to add fingerprint\n");
#endif
			return FATAL_ERROR;
		}
	}
	else {
		res->hdr.len = htons(res->msg.buf.len - sizeof(struct stun_hdr));
		memcpy(&res->msg.buf.s[sizeof(USHORT_T)], (void *) &res->hdr.len,
	  	sizeof(USHORT_T));
	}
	
	return 0;
}

/*
 * add_unknown_attr()
 * 			- res: response representation
 * 			- unknown: link list of unknown attributes
 * 
 * The function add_unknown_attr ensures copy of link list of unknown 
 * attributes into response buffer.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 * 
 */
int add_unknown_attr(struct stun_msg* res, struct stun_unknown_att* unknown)
{
	struct stun_attr attr;
	struct stun_unknown_att* tmp_unknown;
	UINT_T		counter;
	USHORT_T	orig_len;

	counter = 0;
	orig_len = res->msg.buf.len;
	tmp_unknown = unknown;
	
	attr.type = htons(UNKNOWN_ATTRIBUTES_ATTR);
	attr.len = htons(0);
	
	if (buf_copy(&res->msg, (void *) &attr, sizeof(struct stun_attr)) != 0) {
#ifdef EXTRA_DEBUG
		LOG(L_DBG, "DEBUG: add_unknown_attr: failed to copy buffer\n");
#endif
		return FATAL_ERROR;
	}
	
	while (tmp_unknown != NULL) {
		if (buf_copy(&res->msg, (void *)&tmp_unknown->type, 
								sizeof(USHORT_T)) != 0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: add_unknown_attr: failed to copy unknown attribute\n");
#endif
			return FATAL_ERROR;
		}
		tmp_unknown = tmp_unknown->next;
		++counter;
	}
	
	attr.len = htons(res->msg.buf.len - orig_len);
	memcpy(&res->msg.buf.s[orig_len], (void *)&attr, sizeof(struct stun_attr));
	
	/* check if there is an odd number of unknown attributes and if yes, 
	 * repeat one of them because of padding to 32
	 */
	if (counter/2 != 0 && unknown != NULL) {
		if (buf_copy(&res->msg, (void *)&unknown->type, sizeof(USHORT_T))!=0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: add_unknown_attr: failed to padd\n");
#endif
			return FATAL_ERROR;
		}
	}	
	
	return 0;
}

/*
 * add_error_code()
 * 			- res: response representation
 * 			- error_code: value of error type
 * 
 * The function add_error_code ensures copy of link list of unknown 
 * attributes into response buffer.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int add_error_code(struct stun_msg* res, USHORT_T error_code)
{
	struct stun_attr attr;
	USHORT_T	orig_len;
	USHORT_T	two_bytes;
	int			text_pad;
	char		err[2];
	
	orig_len = res->msg.buf.len;
	text_pad = 0;
	
	/* the type and length will be copy as last one because of unknown length*/
	if (res->msg.buf.len < sizeof(struct stun_attr)) {
		if (reallock_buffer(&res->msg, sizeof(struct stun_attr)) != 0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: add_error_code: failed to reallocate buffer\n");
#endif
			return FATAL_ERROR;
		}
	}
	res->msg.buf.len += sizeof(struct stun_attr);
	res->msg.empty -= sizeof(struct stun_attr);
	
	/* first two bytes are empty */
	two_bytes = 0x0000;
	
	if (buf_copy(&res->msg, (void *) &two_bytes, sizeof(USHORT_T)) != 0) {
#ifdef EXTRA_DEBUG
		LOG(L_DBG, "DEBUG: add_error_code: failed to copy buffer\n");
#endif
		return FATAL_ERROR;
	}
	
	err[0] = error_code / 100;
	err[1] = error_code % 100;
	if (buf_copy(&res->msg, (void *) err, sizeof(UCHAR_T)*2) != 0) {
		return FATAL_ERROR;
	}
	
	switch (error_code) {
		case TRY_ALTERNATE_ERR:
			text_pad = copy_str_to_buffer(res, TRY_ALTERNATE_TXT, PAD4); 
			break;
		case BAD_REQUEST_ERR:
			text_pad = copy_str_to_buffer(res, BAD_REQUEST_TXT, PAD4); 
			break;
		case UNAUTHORIZED_ERR:
			text_pad = copy_str_to_buffer(res, UNAUTHORIZED_TXT, PAD4); 
			break;
		case UNKNOWN_ATTRIBUTE_ERR:
			text_pad = copy_str_to_buffer(res, UNKNOWN_ATTRIBUTE_TXT, PAD4);
			break;
		case STALE_CREDENTIALS_ERR:
			text_pad = copy_str_to_buffer(res, STALE_CREDENTIALS_TXT, PAD4); 
			break;
		case INTEGRITY_CHECK_ERR:
			text_pad = copy_str_to_buffer(res, INTEGRITY_CHECK_TXT, PAD4); 
			break;
		case MISSING_USERNAME_ERR:
			text_pad = copy_str_to_buffer(res, MISSING_USERNAME_TXT, PAD4); 
			break;
		case USE_TLS_ERR:
			text_pad = copy_str_to_buffer(res, USE_TLS_TXT, PAD4); 
			break;
		case MISSING_REALM_ERR:
			text_pad = copy_str_to_buffer(res, MISSING_REALM_TXT, PAD4); 
			break;
		case MISSING_NONCE_ERR:
			text_pad = copy_str_to_buffer(res, MISSING_NONCE_TXT, PAD4); 
			break;
		case UNKNOWN_USERNAME_ERR:
			text_pad = copy_str_to_buffer(res, UNKNOWN_USERNAME_TXT, PAD4); 
			break;
		case STALE_NONCE_ERR:
			text_pad = copy_str_to_buffer(res, STALE_NONCE_TXT, PAD4);
			break;
		case SERVER_ERROR_ERR:
			text_pad = copy_str_to_buffer(res, SERVER_ERROR_TXT, PAD4); 
			break;
		case GLOBAL_FAILURE_ERR:
			text_pad = copy_str_to_buffer(res, GLOBAL_FAILURE_TXT, PAD4); 
			break;
		default:
			LOG(L_ERR, "ERROR: STUN: Unknown error code.\n");
			break;
	}
	if (text_pad < 0) {
#ifdef EXTRA_DEBUG
		LOG(L_DBG, "DEBUG: add_error_code: text_pad is negative\n");
#endif
		goto error;
	}
	attr.type = htons(ERROR_CODE_ATTR);
	/* count length of "value" field -> without type and lehgth field */
	attr.len = htons(res->msg.buf.len - orig_len - 
					 text_pad - sizeof(struct stun_attr));
	memcpy(&res->msg.buf.s[orig_len], (void *)&attr, sizeof(struct stun_attr));
	
	return 0;

error:
	return FATAL_ERROR;
}

/*
 * copy_str_to_buffer()
 * 			- res: response representation
 * 			- data: text data, in our case almost text representation of error
 * 			- pad: the size of pad (for how much bytes the string should be 
 * 				   padded
 * 
 * The function copy_str_to_buffer ensures copy of text buffer into response
 * buffer.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int copy_str_to_buffer(struct stun_msg* res, const char* data, UINT_T pad)
{
	USHORT_T	pad_len;
	UINT_T		data_len;
	UCHAR_T		empty[pad];
	
	data_len = strlen(data);
	memset(&empty, 0, pad);
	
	pad_len = pad - data_len%pad;
	
	if (buf_copy(&res->msg, (void *) data, sizeof(UCHAR_T)*data_len) != 0) {
#ifdef EXTRA_DEBUG
		LOG(L_DBG, "DEBUG: copy_str_to_buffer: failed to copy buffer\n");
#endif
		return FATAL_ERROR;
	}
	
	if (pad_len != 0) {
		if (buf_copy(&res->msg, &empty, pad_len) != 0) {
#ifdef EXTRA_DEBUG
			LOG(L_DBG, "DEBUG: copy_str_to_buffer: failed to pad\n");
#endif
			return FATAL_ERROR;
		}	
	}

	return pad_len;	
}

/*
 * stun_add_address_attr()
 * 			- res: response representation
 * 			- af: address family
 * 			- port: port
 * 			- ip_addr: represent both IPv4 and IPv6, the differences is in 
 * 			length  
 * 			- type: type of attribute
 * 			- do_xor: if the port should be XOR-ed or not.
 * 
 * The function stun_add_address_attr ensures copy of any IP attribute into
 * response buffer.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int stun_add_address_attr(struct stun_msg* res, 
						UINT_T		af,
						USHORT_T	port,
						UINT_T*		ip_addr,
						USHORT_T	type,
						int do_xor)
{
	struct stun_attr attr;
	UINT_T	 id[IP_ADDR];
	int		 ip_struct_len;
	int i;
	
	ip_struct_len = 0;
	attr.type = htons(type);
	res->ip_addr.port = (do_xor) ? htons(port) ^ MAGIC_COOKIE_2B : htons(port);
	switch(af) {
		case AF_INET:
			ip_struct_len = sizeof(struct stun_ip_addr) - 3*sizeof(UINT_T);
			res->ip_addr.family = htons(IPV4_FAMILY);
			memcpy(res->ip_addr.ip, ip_addr, IPV4_LEN);
			res->ip_addr.ip[0] = (do_xor) ? 
					res->ip_addr.ip[0] ^ MAGIC_COOKIE : res->ip_addr.ip[0];		
			break;
#ifdef USE_IPV6
		case AF_INET6:
			ip_struct_len = sizeof(struct stun_ip_addr);
			res->ip_addr.family = htons(IPV6_FAMILY);
			memcpy(&res->ip_addr.ip, ip_addr, IPV6_LEN);
			memcpy(id, &res->hdr.id, sizeof(struct transaction_id));
			for (i=0; i<IP_ADDR; i++) {
				res->ip_addr.ip[i] = (do_xor) ? 
							res->ip_addr.ip[i] ^ id[i] : res->ip_addr.ip[i];
			}
			break;
#endif /* USE_IPV6 */ 
		default:
			break;
	}
	
	attr.len = htons(ip_struct_len);
	
	/* copy type and attribute's length */ 
	if (buf_copy(&res->msg, (void *) &attr, sizeof(struct stun_attr)) != 0) {
		return FATAL_ERROR;
	}
	
	/* copy family, port and IP */
	if (buf_copy(&res->msg, (void *) &res->ip_addr, ip_struct_len) != 0) {
		return FATAL_ERROR;
	}

	return 0;
}

/*
 * add_fingerprint()
 * 			- msg: response buffer
 * 
 * The function add_fingerprint ensures adding fingerprint attribute into
 * response buffer.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int add_fingerprint(struct stun_buffer* msg)
{
	struct stun_attr attr;
	USHORT_T attr_type_size;
	
	attr_type_size = sizeof(struct stun_attr);
	attr.type = htons(FINGERPRINT_ATTR);
	attr.len = htons(SHA_DIGEST_LENGTH);
	
	if (msg->empty < (SHA_DIGEST_LENGTH + attr_type_size)) {
		if (reallock_buffer(msg, SHA_DIGEST_LENGTH + attr_type_size) != 0) {
			return FATAL_ERROR;
		}
	}
	
	memcpy(&msg->buf.s[msg->buf.len], (void *) &attr, attr_type_size);	
	msg->buf.len += attr_type_size;
	msg->empty -= attr_type_size;
	
	if (SHA1((UCHAR_T *)msg->buf.s, msg->buf.len-attr_type_size, 
			 (UCHAR_T *) &msg->buf.s[msg->buf.len]) == 0) {
		LOG(L_ERR, "ERROR: STUN: SHA-1 algorithm failed.\n");
		return FATAL_ERROR;
	}
	
	msg->buf.len += SHA_DIGEST_LENGTH;
	msg->empty -= SHA_DIGEST_LENGTH;
	
	return 0;
}

/*
 * stun_alloc_unknown_attr()
 * 			- type: type of unknown attribute
 * 
 * The function stun_alloc_unknown_attr ensures allocationg new element for
 * the link list of unknown attributes.
 * 
 * Return value: pointer to new element of link list in positive case
 * 				 NULL if there is some enviroment error such as insufficiency
 * 						of memory
 */
struct stun_unknown_att* stun_alloc_unknown_attr(USHORT_T type)
{
	struct stun_unknown_att* attr;

	attr = (struct stun_unknown_att *) pkg_malloc(sizeof(struct stun_unknown_att));
	if (attr == NULL) {
		LOG(L_ERR, "ERROR: STUN: out of memory\n");
		return NULL;
	}
	
	attr->type = type;
	attr->next = NULL;
	
	return attr;
}

/*
 * stun_delete_unknown_attrs()
 * 			- unknown: link list of unknown attributes
 * 
 * The function stun_delete_unknown_attrs ensures deleting of link list
 * 
 * Return value: none
 */
void stun_delete_unknown_attrs(struct stun_unknown_att* unknown)
{
	struct stun_unknown_att* tmp_unknown;
	
	if (unknown == NULL) {
		return;
	}
	
	while(unknown->next) {
		tmp_unknown = unknown->next;
		unknown->next = tmp_unknown->next;
		pkg_free(tmp_unknown);		
	}
	pkg_free(unknown);
}

/*
 * validate_fingerprint()
 * 			- req: structure representing request message
 * 			- error_code: indication of any protocol error
 * 
 * The function validate_fingerprint ensures validation of FINGERPRINT
 * attribute.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int validate_fingerprint(struct stun_msg* req, USHORT_T* error_code)
{
	UCHAR_T	msg_digest[SHA_DIGEST_LENGTH];
	UINT_T	buf_len; 
	
	buf_len = req->hdr.len + sizeof(struct stun_hdr);
	buf_len -= SHA_DIGEST_LENGTH + sizeof(struct stun_attr);
	
	if (SHA1((UCHAR_T *) req->msg.buf.s, buf_len, msg_digest) == 0) {
		LOG(L_ERR, "ERROR: STUN: SHA-1 algorithm failed.\n");
		return FATAL_ERROR;
	} 
	
	if (memcmp((void *)req->fp, (void *)&msg_digest, SHA_DIGEST_LENGTH) != 0) {
		*error_code = BAD_REQUEST_ERR;
	}
	
	return 0;	
}

/*
 * buf_copy()
 * 			- msg: buffer where the data will be copy to
 * 			- source: source data buffer
 * 			- len: number of bytes that should be copied
 * 
 * The function buf_copy copies "len" bytes from source into msg buffer
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int buf_copy(struct stun_buffer* msg, void* source, UINT_T len)
{
	if (msg->empty < len) {
		if (reallock_buffer(msg, len) != 0) {
			return FATAL_ERROR;
		}
	}
	
	memcpy(&msg->buf.s[msg->buf.len], source, len);
	msg->buf.len += len;
	msg->empty -= len;
	
	return 0;
}

/*
 * reallock_buffer()
 * 			- buffer: original buffer
 * 			- len: represents minimum of bytes that must be available after 
 * 					reallocation
 * 
 * The function reallock_buffer reallocks buffer. New buffer's length will be 
 * original length plus bigger from len and STUN_MSG_LEN constant.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int reallock_buffer(struct stun_buffer* buffer, UINT_T len)
{
	char*	tmp_buf;
	UINT_T	new_len;
	
	new_len = (STUN_MSG_LEN < len) ? STUN_MSG_LEN+len : STUN_MSG_LEN;
	
	tmp_buf = (char *) pkg_realloc(buffer->buf.s, 
								   buffer->buf.len + buffer->empty + new_len);
	if (tmp_buf == 0) {
		LOG(L_ERR, "ERROR: STUN: out of memory\n");
		return FATAL_ERROR;
	}
	
	buffer->buf.s = tmp_buf;
	buffer->empty += new_len;

	return 0;
}

/*
 * clean_memory()
 * 			- res: structure representing response message
 * 			- unknown: link list of unknown attributes
 * 
 * The function clean_memory should free dynamic allocated memory.
 * 
 * Return value: none
 */
void clean_memory(struct stun_msg* req,
				struct stun_msg* res,	struct stun_unknown_att* unknown)
{
#ifdef DYN_BUF
	pkg_free(req->msg.buf.s);
#endif

	if (res->msg.buf.s != NULL) {
		pkg_free(res->msg.buf.s);
	}
	stun_delete_unknown_attrs(unknown);
}

/*
 * stun_add_common_integer_attr()
 * 			- res: structure representing response
 * 			- type: type of attribute
 * 			- value: attribute's value
 * 
 * The function stun_add_common_integer_attr copy attribute with integer value 
 * into response buffer.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int stun_add_common_integer_attr(struct stun_msg* res, 
								 USHORT_T type, 
								 UINT_T value)
{
	struct stun_attr attr;
	
	attr.type = htons(type);
	attr.len = htons(sizeof(UINT_T));
	
	if (buf_copy(&res->msg, (void *) &attr, sizeof(struct stun_attr)) != 0) {
		return FATAL_ERROR;
	}
	
	value = htonl(value);
	if (buf_copy(&res->msg, (void *) &value, sizeof(UINT_T)) != 0) {
		return FATAL_ERROR;
	}
	
	return 0;
}

/*
 * stun_add_common_text_attr()
 * 			- res: structure representing response
 * 			- type: type of attribute
 * 			- value: attribute's value
 * 			- pad: size of pad
 * 
 * The function stun_add_common_text_attr copy attribute with string value 
 * into response buffer.
 * 
 * Return value:	0	if there is no environment error
 * 					-1	if there is some enviroment error such as insufficiency
 * 						of memory
 */
int stun_add_common_text_attr(struct stun_msg* res, 
							  USHORT_T type, 
							  char* value, 
							  USHORT_T pad)
{
	struct stun_attr attr;
	
	if (value == NULL) {
		LOG(L_INFO, "INFO: stun_add_common_text_attr: value is NULL\n");
		return 0;
	}
	
	attr.type = htons(type);
	attr.len = htons(strlen(value));
	
	if (buf_copy(&res->msg, (void *) &attr, sizeof(struct stun_attr)) != 0) {
		return FATAL_ERROR;
	}
	
	if (copy_str_to_buffer(res, value, pad) < 0) {
		return FATAL_ERROR;
	}
	
	return 0;
	
}

#endif  /* USE_STUN */