modules/websocket: Updated example configuration file
authorPeter Dunkley <peter.dunkley@crocodile-rcs.com>
Fri, 19 Oct 2012 13:34:54 +0000 (14:34 +0100)
committerPeter Dunkley <peter.dunkley@crocodile-rcs.com>
Fri, 19 Oct 2012 13:34:54 +0000 (14:34 +0100)
- Use qop="auth" for MSRP authentication
- Support Expires: header in MSRP AUTH requests
- Add Expires: header to 200 OK responses to MSRP AUTH requests
- Authenticate MSRP AUTH requests off subscriber DB

modules/websocket/example/kamailio.cfg

index 03827ad..09fd968 100644 (file)
@@ -12,6 +12,8 @@
 #!substdef "!MY_WS_ADDR!tcp:MY_IP_ADDR:MY_WS_PORT!g"
 #!substdef "!MY_WSS_ADDR!tls:MY_IP_ADDR:MY_WSS_PORT!g"
 #!substdef "!MY_MSRP_ADDR!tls:MY_IP_ADDR:MY_MSRP_PORT!g"
+#!substdef "!MSRP_MIN_EXPIRES!1800!g"
+#!substdef "!MSRP_MAX_EXPIRES!3600!g"
 
 ##!define LOCAL_TEST_RUN
 #!define WITH_TLS
@@ -110,6 +112,10 @@ modparam("registrar", "gruu_enabled", 0)
 modparam("usrloc", "db_url", "DBURL")
 modparam("usrloc", "db_mode", 0)
 
+# ----- auth params -----
+modparam("auth", "nonce_count", 1)
+modparam("auth", "qop", "auth")
+
 # ----- auth_db params -----
 modparam("auth_db", "db_url", "DBURL")
 modparam("auth_db", "calculate_ha1", yes)
@@ -137,7 +143,7 @@ modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
 
 #!ifdef WITH_MSRP
 # ----- htable params -----
-modparam("htable", "htable", "msrp=>size=8;autoexpire=3600;")
+modparam("htable", "htable", "msrp=>size=8;autoexpire=MSRP_MAX_EXPIRES;")
 #!endif
 
 
@@ -416,12 +422,10 @@ event_route[msrp:frame-in] {
                        msrp_relay();
                        exit;
                }
-               # frame for local server - send Use-Path
-               # -- passwd can be loaded from DB based on $au
-               $var(passwd) = "xyz123";
-               if(!pv_www_authenticate("myrealm", "$var(passwd)", "0"))
+
+               if(!www_authenticate("MY_DOMAIN", "subscriber"))
                {
-                       if(auth_get_www_authenticate("myrealm", "0",
+                       if(auth_get_www_authenticate("myrealm", "1",
                                                "$var(wauth)"))
                        {
                                msrp_reply("401", "Authorization Required",
@@ -431,14 +435,32 @@ event_route[msrp:frame-in] {
                        }
                        exit;
                }
+
+               if ($hdr(Expires) != $null) {
+                       $var(expires) = (int) $hdr(Expires);
+
+                       if ($var(expires) < MSRP_MIN_EXPIRES) {
+                               msrp_reply("423", "Interval Out-of-Bounds",
+                                       "Min-Expires: MSRP_MIN_EXPIRES\r\n");
+                               exit;
+                       } else if ($var(expires) > MSRP_MAX_EXPIRES) {
+                               msrp_reply("423", "Interval Out-of-Bounds",
+                                       "Max-Expires: MSRP_MAX_EXPIRES\r\n");
+                                       exit;
+                       }
+               } else
+                       $var(expires) = MSRP_MAX_EXPIRES;
+
                $var(cnt) = $var(cnt) + 1;
                pv_printf("$var(sessid)", "s.$(pp).$(var(cnt)).$(RANDOM)");
                $sht(msrp=>$var(sessid)::srcaddr) = $msrp(srcaddr);
                $sht(msrp=>$var(sessid)::srcsock) = $msrp(srcsock);
+               $shtex(msrp=>$var(sessid)) = MSRP_MAX_EXPIRES + 5;
                # - Use-Path: the MSRP address for server + session id
-               $var(UsePath) = "Use-Path: msrp://MY_IP_ADDR:MY_MSRP_PORT/"
-                               + $var(sessid) + ";tcp\r\n";
-               msrp_reply("200", "OK", "$var(UsePath)");
+               $var(headers) = "Use-Path: msrp://MY_IP_ADDR:MY_MSRP_PORT/"
+                               + $var(sessid) + ";tcp\r\n"
+                               + "Expires: " + $var(expires) + "\r\n";
+               msrp_reply("200", "OK", "$var(expires)");
                exit;
        }