You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
80 lines
2.7 KiB
80 lines
2.7 KiB
#!trydef INCLUDE-DB-KAZOO
|
|
|
|
######## Generic Hash Table container in shared memory ########
|
|
modparam("htable", "htable", "auth_cache=>size=16;autoexpire=7200")
|
|
|
|
####### Authentication Interface module ##########
|
|
loadmodule "auth.so"
|
|
loadmodule "auth_db.so"
|
|
modparam("auth_db", "use_domain", 1)
|
|
modparam("auth_db", "version_table", 0)
|
|
modparam("auth_db", "calculate_ha1", 1)
|
|
modparam("auth_db", "password_column", "password")
|
|
modparam("auth_db", "load_credentials", "$avp(password)=password")
|
|
|
|
####### User Location Implementation module ##########
|
|
loadmodule "usrloc.so"
|
|
modparam("usrloc", "db_mode", 1)
|
|
modparam("usrloc", "db_update_as_insert", 1)
|
|
modparam("usrloc", "use_domain", 1)
|
|
modparam("usrloc", "nat_bflag", FLB_NATB)
|
|
|
|
######## NAT Traversal module - signaling functions ########
|
|
#!ifdef NAT-TRAVERSAL-ROLE
|
|
#!trydef NATHELPER-LOADED
|
|
loadmodule "nathelper.so"
|
|
modparam("nathelper", "natping_interval", 30)
|
|
modparam("nathelper", "ping_nated_only", 1)
|
|
modparam("nathelper", "natping_processes", 5)
|
|
modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
|
|
#!endif
|
|
|
|
####### SIP Registrar implementation module ##########
|
|
loadmodule "registrar.so"
|
|
modparam("registrar", "received_avp", "$avp(AVP_RECV_PARAM)")
|
|
|
|
####### Registrar Logic ########
|
|
route[HANDLE_REGISTER]
|
|
{
|
|
if (is_method("REGISTER")) {
|
|
#!ifdef NAT-TRAVERSAL-ROLE
|
|
if (nat_uac_test("3")) {
|
|
xlog("L_INFO", "$ci|log|Correcting NATed contact in registration\n");
|
|
force_rport();
|
|
|
|
setbflag(FLB_NATB);
|
|
setbflag(FLB_NATSIPPING);
|
|
|
|
fix_nated_register();
|
|
}
|
|
#!endif
|
|
|
|
if (is_present_hf("Authorization")) {
|
|
if ($sht(auth_cache=>$Au) != $null && pv_auth_check("$fd", "$sht(auth_cache=>$Au)", "0", "0")) {
|
|
xlog("L_INFO", "$ci|log|Authenticated $Au via cached SIP creds\n");
|
|
} else {
|
|
## RABBITMQ - Credentials fetch
|
|
if (!auth_check("$fd", "subscriber", "1")) {
|
|
auth_challenge("$fd", "0");
|
|
xlog("L_INFO", "$ci|log|Issued new auth challenge to failed registration attempt\n");
|
|
exit;
|
|
} else {
|
|
xlog("L_INFO", "$ci|log|Caching SIP credentials for $Au\n");
|
|
$sht(auth_cache=>$Au) = $avp(password);
|
|
}
|
|
}
|
|
} else {
|
|
auth_challenge("$fd", "0");
|
|
xlog("L_INFO", "$ci|log|Issued new auth challenge to new registration attempt\n");
|
|
exit;
|
|
}
|
|
|
|
# user authenticated - remove auth header
|
|
consume_credentials();
|
|
|
|
save("location");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
## vim:set tabstop=4 softtabstop=4 shiftwidth=4 expandtab
|