More work for ticket #485: updated pjnath with TURN-07 and added authentication in the server

git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@1852 74dad513-b988-da41-8d7b-12977e46ad98

1 files changed, 132 insertions, 0 deletions

diff --git a/pjnath/src/pjturn-srv/auth.c b/pjnath/src/pjturn-srv/auth.c
new file mode 100644
index 00000000..3071221c
--- /dev/null
+++ b/pjnath/src/pjturn-srv/auth.c
@@ -0,0 +1,132 @@
+/* $Id$ */
+/* 
+ * Copyright (C) 2003-2007 Benny Prijono <benny@prijono.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA 
+ */
+#include "auth.h"
+#include <pjlib.h>
+
+
+#define MAX_REALM	80
+#define MAX_USERNAME	32
+#define MAX_PASSWORD	32
+#define MAX_NONCE	32
+
+static char g_realm[MAX_REALM];
+
+static struct cred_t
+{
+    char    username[MAX_USERNAME];
+    char    passwd[MAX_PASSWORD];
+} g_cred[] = 
+{
+    { "user", "passwd" },
+};
+
+#define THE_NONCE	"pjnath"
+
+
+/*
+ * Initialize TURN authentication subsystem.
+ */
+PJ_DEF(pj_status_t) pj_turn_auth_init(const char *realm)
+{
+    PJ_ASSERT_RETURN(pj_ansi_strlen(realm) < MAX_REALM, PJ_ENAMETOOLONG);
+    pj_ansi_strcpy(g_realm, realm);
+    return PJ_SUCCESS;
+}
+
+/*
+ * Shutdown TURN authentication subsystem.
+ */
+PJ_DEF(void) pj_turn_auth_dinit(void)
+{
+    /* Nothing to do */
+}
+
+
+/*
+ * This function is called by pj_stun_verify_credential() when
+ * server needs to challenge the request with 401 response.
+ */
+PJ_DEF(pj_status_t) pj_turn_get_auth(void *user_data,
+				     pj_pool_t *pool,
+				     pj_str_t *realm,
+				     pj_str_t *nonce)
+{
+    PJ_UNUSED_ARG(user_data);
+    PJ_UNUSED_ARG(pool);
+
+    *realm = pj_str(g_realm);
+    *nonce = pj_str(THE_NONCE);
+
+    return PJ_SUCCESS;
+}
+
+/*
+ * This function is called to get the password for the specified username.
+ * This function is also used to check whether the username is valid.
+ */
+PJ_DEF(pj_status_t) pj_turn_get_password(const pj_stun_msg *msg,
+					 void *user_data, 
+					 const pj_str_t *realm,
+					 const pj_str_t *username,
+					 pj_pool_t *pool,
+					 int *data_type,
+					 pj_str_t *data)
+{
+    unsigned i;
+
+    PJ_UNUSED_ARG(msg);
+    PJ_UNUSED_ARG(user_data);
+    PJ_UNUSED_ARG(pool);
+
+    if (pj_stricmp2(realm, g_realm))
+	PJ_EINVAL;
+
+    for (i=0; i<PJ_ARRAY_SIZE(g_cred); ++i) {
+	if (pj_stricmp2(username, g_cred[i].username) == 0) {
+	    *data_type = 0;
+	    *data = pj_str(g_cred[i].passwd);
+	    return PJ_SUCCESS;
+	}
+    }
+
+    return PJ_ENOTFOUND;
+}
+
+/*
+ * This function will be called to verify that the NONCE given
+ * in the message can be accepted. If this callback returns
+ * PJ_FALSE, 438 (Stale Nonce) response will be created.
+ */
+PJ_DEF(pj_status_t) pj_turn_verify_nonce(const pj_stun_msg *msg,
+					 void *user_data,
+					 const pj_str_t *realm,
+					 const pj_str_t *username,
+					 const pj_str_t *nonce)
+{
+    PJ_UNUSED_ARG(msg);
+    PJ_UNUSED_ARG(user_data);
+    PJ_UNUSED_ARG(realm);
+    PJ_UNUSED_ARG(username);
+
+    if (pj_stricmp2(nonce, THE_NONCE))
+	return PJ_FALSE;
+
+    return PJ_SUCCESS;
+}
+