auth_diameter: avoid passing large structs as params and better error handling
authorDaniel-Constantin Mierla <miconda@gmail.com>
Thu, 27 Jul 2017 07:11:17 +0000 (09:11 +0200)
committerDaniel-Constantin Mierla <miconda@gmail.com>
Thu, 27 Jul 2017 07:11:17 +0000 (09:11 +0200)
src/modules/auth_diameter/authorize.c
src/modules/auth_diameter/authorize.h
src/modules/auth_diameter/avp.c
src/modules/auth_diameter/message.c
src/modules/auth_diameter/tcp_comm.c
src/modules/auth_diameter/user_in.c

index 996d122..77b9f47 100644 (file)
@@ -261,7 +261,7 @@ int authorize(struct sip_msg* msg, pv_elem_t* realm, int hftype)
        }
        
        if( diameter_authorize(cred?h:NULL, &msg->first_line.u.request.method,
-                                       puri, msg->parsed_uri, msg->id, rb) != 1)
+                                       &puri, &msg->parsed_uri, msg->id, rb) != 1)
        {
                send_resp(msg, 500, &dia_500_err, NULL, 0);
                return AUTH_ERROR;
@@ -286,8 +286,8 @@ int authorize(struct sip_msg* msg, pv_elem_t* realm, int hftype)
  *             -1 - error
  *                     
  */
-int diameter_authorize(struct hdr_field* hdr, str* p_method, struct sip_uri uri,
-                                               struct sip_uri ruri, unsigned int m_id, rd_buf_t* rb)
+int diameter_authorize(struct hdr_field* hdr, str* p_method, sip_uri_t *uri,
+                                               sip_uri_t *ruri, unsigned int m_id, rd_buf_t* rb)
 {
        str user_name;
        AAAMessage *req;
@@ -314,21 +314,21 @@ int diameter_authorize(struct hdr_field* hdr, str* p_method, struct sip_uri uri,
        {
                /* Username AVP */
                user_name.s = 0;
-               user_name.len = uri.user.len + uri.host.len;
+               user_name.len = uri->user.len + uri->host.len;
                if(user_name.len>0)
                {
                        user_name.len += 2;
                        user_name.s = (char*)ad_malloc(user_name.len*sizeof(char));
                        memset(user_name.s, 0, user_name.len);
 
-                       memcpy(user_name.s, uri.user.s, uri.user.len);
-                       if(uri.user.len>0)
+                       memcpy(user_name.s, uri->user.s, uri->user.len);
+                       if(uri->user.len>0)
                        {
-                               memcpy(user_name.s+uri.user.len, "@", 1);
-                               memcpy(user_name.s+uri.user.len+1, uri.host.s, uri.host.len);
+                               memcpy(user_name.s+uri->user.len, "@", 1);
+                               memcpy(user_name.s+uri->user.len+1, uri->host.s, uri->host.len);
                        }
                        else
-                               memcpy(user_name.s, uri.host.s, uri.host.len);
+                               memcpy(user_name.s, uri->host.s, uri->host.len);
                }
 
                if( (avp=AAACreateAVP(AVP_User_Name, 0, 0, user_name.s, 
@@ -419,8 +419,6 @@ int diameter_authorize(struct hdr_field* hdr, str* p_method, struct sip_uri uri,
                goto error1;
        }
 
-       
-       
        /* SIP Service AVP */
        if( (avp=AAACreateAVP(AVP_Service_Type, 0, 0, SIP_AUTHENTICATION, 
                                SERVICE_LEN, AVP_DUPLICATE_DATA)) == 0)
@@ -435,15 +433,15 @@ int diameter_authorize(struct hdr_field* hdr, str* p_method, struct sip_uri uri,
        }
                
        /* Destination-Realm AVP */
-       if( (avp=AAACreateAVP(AVP_Destination_Realm, 0, 0, uri.host.s,
-                                               uri.host.len, AVP_DUPLICATE_DATA)) == 0)
+       if( (avp=AAACreateAVP(AVP_Destination_Realm, 0, 0, uri->host.s,
+                                               uri->host.len, AVP_DUPLICATE_DATA)) == 0)
        {
                LM_ERR(" no more pkg memory left!\n");
                goto error;
        }
 
 #ifdef DEBUG   
-       LM_DBG("Destination Realm: %.*s\n", uri.host.len, uri.host.s);  
+       LM_DBG("Destination Realm: %.*s\n", uri->host.len, uri->host.s);        
 #endif
 
        if( AAAAddAVPToMessage(req, avp, 0)!= AAA_ERR_SUCCESS)
@@ -453,27 +451,27 @@ int diameter_authorize(struct hdr_field* hdr, str* p_method, struct sip_uri uri,
        }
        
        /* Resource AVP */
-       user_name.len = ruri.user.len + ruri.host.len + ruri.port.len + 2;
+       user_name.len = ruri->user.len + ruri->host.len + ruri->port.len + 2;
        user_name.s = (char*)ad_malloc(user_name.len*sizeof(char));
        memset(user_name.s, 0, user_name.len);
-       memcpy(user_name.s, ruri.user.s, ruri.user.len);
+       memcpy(user_name.s, ruri->user.s, ruri->user.len);
 
        name_flag= 0;
-       if(ruri.user.s)
+       if(ruri->user.s)
        {               
                name_flag = 1;
-               memcpy(user_name.s+ruri.user.len, "@", 1);
+               memcpy(user_name.s+ruri->user.len, "@", 1);
        }       
 
-       memcpy(user_name.s+ruri.user.len+name_flag, ruri.host.s, ruri.host.len);
+       memcpy(user_name.s+ruri->user.len+name_flag, ruri->host.s, ruri->host.len);
 
        port_flag=0;
-       if(ruri.port.s)
+       if(ruri->port.s)
        {
                port_flag = 1;  
-               memcpy(user_name.s+ruri.user.len+ruri.host.len+1, ":", 1);
-               memcpy(user_name.s+ruri.user.len+ruri.host.len+name_flag+port_flag, 
-                                       ruri.port.s, ruri.port.len);
+               memcpy(user_name.s+ruri->user.len+ruri->host.len+1, ":", 1);
+               memcpy(user_name.s+ruri->user.len+ruri->host.len+name_flag+port_flag, 
+                                       ruri->port.s, ruri->port.len);
        }
 #ifdef DEBUG
        LM_DBG(": AVP_Resource=%.*s\n", user_name.len, user_name.s);
index 68104e1..7f4edaa 100644 (file)
@@ -58,7 +58,7 @@ auth_diam_result_t diam_pre_auth(struct sip_msg* m, str* realm, int hftype,
 int authorize(struct sip_msg* msg, pv_elem_t* realm, int hftype);
 
 int diameter_authorize(struct hdr_field* cred, str* p_method, 
-                                       struct sip_uri uri,     struct sip_uri ruri,
+                                       sip_uri_t *uri, sip_uri_t *ruri,
                                        unsigned int m_id, rd_buf_t *response);
 
 int srv_response(struct sip_msg* msg, rd_buf_t* rb, int hftype);
index 3235fa1..2a78df0 100644 (file)
@@ -102,7 +102,7 @@ AAA_AVP*  AAACreateAVP(
        unsigned int length,
        AVPDataStatus data_status)
 {
-       AAA_AVP *avp;
+       AAA_AVP *avp = NULL;
 
        /* first check the params */
        if( data==0 || length==0) {
@@ -142,6 +142,7 @@ AAA_AVP*  AAACreateAVP(
        return avp;
 error:
        LM_ERR("no more pkg memory left!\n");
+       if(avp) ad_free(avp);
        return 0;
 }
 
index 3240263..43d2773 100644 (file)
@@ -293,7 +293,9 @@ AAAMessage* AAATranslateMessage( unsigned char* source, unsigned int sourceLen,
                        goto error;
 
                /* link the avp into aaa message to the end */
-               AAAAddAVPToMessage( msg, avp, msg->avpList.tail);
+               if(AAAAddAVPToMessage(msg, avp, msg->avpList.tail)!=AAA_ERR_SUCCESS) {
+                       LM_ERR("failed to add avp to message\n");
+               }
 
                ptr += to_32x_len( avp_data_len );
        }
index e550f17..6283829 100644 (file)
@@ -64,6 +64,7 @@ int init_mytcp(char* host, int port)
     if (server == NULL) 
        {
                LM_ERR("error finding the host\n");
+               close(sockfd);
                return -1;
     }
 
@@ -76,8 +77,8 @@ int init_mytcp(char* host, int port)
     if (connect(sockfd, (const struct sockaddr *)&serv_addr, 
                                                        sizeof(serv_addr)) < 0) 
        {
-        LM_ERR("error connecting to the "
-                                               "DIAMETER client\n");
+        LM_ERR("error connecting to the DIAMETER client\n");
+               close(sockfd);
                return -1;
        }       
 
index 4e4847d..b9bc533 100644 (file)
@@ -239,7 +239,6 @@ int diameter_is_user_in(struct sip_msg* _m, char* _hf, char* _group)
                goto error1;
        }
 
-       
        /* ServiceType AVP */
        if( (avp=AAACreateAVP(AVP_Service_Type, 0, 0, SIP_GROUP_CHECK, 
                                SERVICE_LEN, AVP_DUPLICATE_DATA)) == 0)
@@ -252,24 +251,26 @@ int diameter_is_user_in(struct sip_msg* _m, char* _hf, char* _group)
                LM_ERR("avp not added \n");
                goto error1;
        }
-       
 
        /* Destination-Realm AVP */
        uri = *(GET_RURI(_m));
-       parse_uri(uri.s, uri.len, &puri);
+       if(parse_uri(uri.s, uri.len, &puri)<0) {
+               LM_ERR("failed to parse uri\n");
+               goto error;
+       }
        if( (avp=AAACreateAVP(AVP_Destination_Realm, 0, 0, puri.host.s,
                                                puri.host.len, AVP_DUPLICATE_DATA)) == 0)
        {
                LM_ERR("no more pkg memory!\n");
                goto error;
        }
-       
+
        if( AAAAddAVPToMessage(req, avp, 0)!= AAA_ERR_SUCCESS)
        {
                LM_ERR("avp not added \n");
                goto error1;
        }
-       
+
 #ifdef DEBUG
        AAAPrintMessage(req);
 #endif
@@ -317,5 +318,4 @@ error:
        AAAFreeMessage(&req);
        return -1;
 
-}
-
+}
\ No newline at end of file