diff options
Diffstat (limited to 'pjnath/src/pjturn-srv/auth.c')
-rw-r--r-- | pjnath/src/pjturn-srv/auth.c | 132 |
1 files changed, 132 insertions, 0 deletions
diff --git a/pjnath/src/pjturn-srv/auth.c b/pjnath/src/pjturn-srv/auth.c new file mode 100644 index 00000000..3071221c --- /dev/null +++ b/pjnath/src/pjturn-srv/auth.c @@ -0,0 +1,132 @@ +/* $Id$ */ +/* + * Copyright (C) 2003-2007 Benny Prijono <benny@prijono.org> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ +#include "auth.h" +#include <pjlib.h> + + +#define MAX_REALM 80 +#define MAX_USERNAME 32 +#define MAX_PASSWORD 32 +#define MAX_NONCE 32 + +static char g_realm[MAX_REALM]; + +static struct cred_t +{ + char username[MAX_USERNAME]; + char passwd[MAX_PASSWORD]; +} g_cred[] = +{ + { "user", "passwd" }, +}; + +#define THE_NONCE "pjnath" + + +/* + * Initialize TURN authentication subsystem. + */ +PJ_DEF(pj_status_t) pj_turn_auth_init(const char *realm) +{ + PJ_ASSERT_RETURN(pj_ansi_strlen(realm) < MAX_REALM, PJ_ENAMETOOLONG); + pj_ansi_strcpy(g_realm, realm); + return PJ_SUCCESS; +} + +/* + * Shutdown TURN authentication subsystem. + */ +PJ_DEF(void) pj_turn_auth_dinit(void) +{ + /* Nothing to do */ +} + + +/* + * This function is called by pj_stun_verify_credential() when + * server needs to challenge the request with 401 response. + */ +PJ_DEF(pj_status_t) pj_turn_get_auth(void *user_data, + pj_pool_t *pool, + pj_str_t *realm, + pj_str_t *nonce) +{ + PJ_UNUSED_ARG(user_data); + PJ_UNUSED_ARG(pool); + + *realm = pj_str(g_realm); + *nonce = pj_str(THE_NONCE); + + return PJ_SUCCESS; +} + +/* + * This function is called to get the password for the specified username. + * This function is also used to check whether the username is valid. + */ +PJ_DEF(pj_status_t) pj_turn_get_password(const pj_stun_msg *msg, + void *user_data, + const pj_str_t *realm, + const pj_str_t *username, + pj_pool_t *pool, + int *data_type, + pj_str_t *data) +{ + unsigned i; + + PJ_UNUSED_ARG(msg); + PJ_UNUSED_ARG(user_data); + PJ_UNUSED_ARG(pool); + + if (pj_stricmp2(realm, g_realm)) + PJ_EINVAL; + + for (i=0; i<PJ_ARRAY_SIZE(g_cred); ++i) { + if (pj_stricmp2(username, g_cred[i].username) == 0) { + *data_type = 0; + *data = pj_str(g_cred[i].passwd); + return PJ_SUCCESS; + } + } + + return PJ_ENOTFOUND; +} + +/* + * This function will be called to verify that the NONCE given + * in the message can be accepted. If this callback returns + * PJ_FALSE, 438 (Stale Nonce) response will be created. + */ +PJ_DEF(pj_status_t) pj_turn_verify_nonce(const pj_stun_msg *msg, + void *user_data, + const pj_str_t *realm, + const pj_str_t *username, + const pj_str_t *nonce) +{ + PJ_UNUSED_ARG(msg); + PJ_UNUSED_ARG(user_data); + PJ_UNUSED_ARG(realm); + PJ_UNUSED_ARG(username); + + if (pj_stricmp2(nonce, THE_NONCE)) + return PJ_FALSE; + + return PJ_SUCCESS; +} + |