FS-9466: Use system MD5 if available
- Use system MD5 on BSD and Solaris based platforms - Use OpenSSL if system library is not available - Fallback to included APR - Optimize switch_md5_string() - replace libsofia MD5 routines in mod_sofia with switch_md5() ones FS-9466 #resolve
This commit is contained in:
parent
bf3b0ca3d1
commit
5a2f9d7a78
|
@ -814,6 +814,12 @@ esac
|
||||||
|
|
||||||
APR_REMOVEFROM(SWITCH_AM_CXXFLAGS, -std=c99)
|
APR_REMOVEFROM(SWITCH_AM_CXXFLAGS, -std=c99)
|
||||||
|
|
||||||
|
# check for usable system MD5 library
|
||||||
|
AS_CASE([$host],
|
||||||
|
[*-solaris2*], [AC_CHECK_LIB(md5, MD5Init)],
|
||||||
|
[*-freebsd*], [AC_CHECK_LIB(md, MD5Init)],
|
||||||
|
[*-openbsd*|*-netbsd*], [AC_CHECK_FUNCS([MD5Init])])
|
||||||
|
|
||||||
AC_CHECK_LIB(z, inflateReset, have_libz=yes, AC_MSG_ERROR([no usable zlib; please install zlib devel package or equivalent]))
|
AC_CHECK_LIB(z, inflateReset, have_libz=yes, AC_MSG_ERROR([no usable zlib; please install zlib devel package or equivalent]))
|
||||||
if test "x$have_libz" = "xyes" ; then
|
if test "x$have_libz" = "xyes" ; then
|
||||||
APR_ADDTO([PLATFORM_CORE_LIBS], [-lz])
|
APR_ADDTO([PLATFORM_CORE_LIBS], [-lz])
|
||||||
|
|
|
@ -2692,9 +2692,8 @@ auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile,
|
||||||
{
|
{
|
||||||
int indexnum;
|
int indexnum;
|
||||||
const char *cur;
|
const char *cur;
|
||||||
su_md5_t ctx;
|
char uridigest[SWITCH_MD5_DIGEST_STRING_SIZE];
|
||||||
char uridigest[2 * SU_MD5_DIGEST_SIZE + 1];
|
char bigdigest[SWITCH_MD5_DIGEST_STRING_SIZE];
|
||||||
char bigdigest[2 * SU_MD5_DIGEST_SIZE + 1];
|
|
||||||
char *username, *realm, *nonce, *uri, *qop, *cnonce, *nc, *response, *input = NULL, *input2 = NULL;
|
char *username, *realm, *nonce, *uri, *qop, *cnonce, *nc, *response, *input = NULL, *input2 = NULL;
|
||||||
auth_res_t ret = AUTH_FORBIDDEN;
|
auth_res_t ret = AUTH_FORBIDDEN;
|
||||||
int first = 0;
|
int first = 0;
|
||||||
|
@ -2706,7 +2705,7 @@ auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile,
|
||||||
char *sql;
|
char *sql;
|
||||||
char *number_alias = NULL;
|
char *number_alias = NULL;
|
||||||
switch_xml_t user = NULL, param, uparams;
|
switch_xml_t user = NULL, param, uparams;
|
||||||
char hexdigest[2 * SU_MD5_DIGEST_SIZE + 1] = "";
|
char hexdigest[SWITCH_MD5_DIGEST_STRING_SIZE] = "";
|
||||||
char *domain_name = NULL;
|
char *domain_name = NULL;
|
||||||
switch_event_t *params = NULL;
|
switch_event_t *params = NULL;
|
||||||
const char *auth_acl = NULL;
|
const char *auth_acl = NULL;
|
||||||
|
@ -3028,10 +3027,7 @@ auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile,
|
||||||
|
|
||||||
if (!a1_hash) {
|
if (!a1_hash) {
|
||||||
input = switch_mprintf("%s:%s:%s", username, realm, passwd);
|
input = switch_mprintf("%s:%s:%s", username, realm, passwd);
|
||||||
su_md5_init(&ctx);
|
switch_md5_string(hexdigest, (void *) input, strlen(input));
|
||||||
su_md5_strupdate(&ctx, input);
|
|
||||||
su_md5_hexdigest(&ctx, hexdigest);
|
|
||||||
su_md5_deinit(&ctx);
|
|
||||||
switch_safe_free(input);
|
switch_safe_free(input);
|
||||||
a1_hash = hexdigest;
|
a1_hash = hexdigest;
|
||||||
|
|
||||||
|
@ -3081,10 +3077,7 @@ auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile,
|
||||||
for_the_sake_of_interop:
|
for_the_sake_of_interop:
|
||||||
|
|
||||||
if ((input = switch_mprintf("%s:%q", regstr, uri))) {
|
if ((input = switch_mprintf("%s:%q", regstr, uri))) {
|
||||||
su_md5_init(&ctx);
|
switch_md5_string(uridigest, (void *) input, strlen(input));
|
||||||
su_md5_strupdate(&ctx, input);
|
|
||||||
su_md5_hexdigest(&ctx, uridigest);
|
|
||||||
su_md5_deinit(&ctx);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (nc && cnonce && qop) {
|
if (nc && cnonce && qop) {
|
||||||
|
@ -3094,11 +3087,7 @@ auth_res_t sofia_reg_parse_auth(sofia_profile_t *profile,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (input2) {
|
if (input2) {
|
||||||
memset(&ctx, 0, sizeof(ctx));
|
switch_md5_string(bigdigest, (void *) input2, strlen(input2));
|
||||||
su_md5_init(&ctx);
|
|
||||||
su_md5_strupdate(&ctx, input2);
|
|
||||||
su_md5_hexdigest(&ctx, bigdigest);
|
|
||||||
su_md5_deinit(&ctx);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (input2 && !strcasecmp(bigdigest, response)) {
|
if (input2 && !strcasecmp(bigdigest, response)) {
|
||||||
|
|
|
@ -65,7 +65,13 @@
|
||||||
/* apr-util headers */
|
/* apr-util headers */
|
||||||
#include <apr_queue.h>
|
#include <apr_queue.h>
|
||||||
#include <apr_uuid.h>
|
#include <apr_uuid.h>
|
||||||
|
#if (defined(HAVE_LIBMD5) || defined(HAVE_LIBMD) || defined(HAVE_MD5INIT))
|
||||||
|
#include <md5.h>
|
||||||
|
#elif defined(HAVE_LIBCRYPTO)
|
||||||
|
#include <openssl/md5.h>
|
||||||
|
#else
|
||||||
#include <apr_md5.h>
|
#include <apr_md5.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
/* apr stubs */
|
/* apr stubs */
|
||||||
|
|
||||||
|
@ -1086,20 +1092,43 @@ SWITCH_DECLARE(switch_status_t) switch_uuid_parse(switch_uuid_t *uuid, const cha
|
||||||
|
|
||||||
SWITCH_DECLARE(switch_status_t) switch_md5(unsigned char digest[SWITCH_MD5_DIGESTSIZE], const void *input, switch_size_t inputLen)
|
SWITCH_DECLARE(switch_status_t) switch_md5(unsigned char digest[SWITCH_MD5_DIGESTSIZE], const void *input, switch_size_t inputLen)
|
||||||
{
|
{
|
||||||
|
#if (defined(HAVE_LIBMD5) || defined(HAVE_LIBMD) || defined(HAVE_MD5INIT))
|
||||||
|
MD5_CTX md5_context;
|
||||||
|
|
||||||
|
MD5Init(&md5_context);
|
||||||
|
MD5Update(&md5_context, input, inputLen);
|
||||||
|
MD5Final(digest, &md5_context);
|
||||||
|
|
||||||
|
return SWITCH_STATUS_SUCCESS;
|
||||||
|
#elif defined(HAVE_LIBCRYPTO)
|
||||||
|
MD5_CTX md5_context;
|
||||||
|
|
||||||
|
MD5_Init(&md5_context);
|
||||||
|
MD5_Update(&md5_context, input, inputLen);
|
||||||
|
MD5_Final(digest, &md5_context);
|
||||||
|
|
||||||
|
return SWITCH_STATUS_SUCCESS;
|
||||||
|
#else
|
||||||
return apr_md5(digest, input, inputLen);
|
return apr_md5(digest, input, inputLen);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
SWITCH_DECLARE(switch_status_t) switch_md5_string(char digest_str[SWITCH_MD5_DIGEST_STRING_SIZE], const void *input, switch_size_t inputLen)
|
SWITCH_DECLARE(switch_status_t) switch_md5_string(char digest_str[SWITCH_MD5_DIGEST_STRING_SIZE], const void *input, switch_size_t inputLen)
|
||||||
{
|
{
|
||||||
unsigned char digest[SWITCH_MD5_DIGESTSIZE];
|
unsigned char digest[SWITCH_MD5_DIGESTSIZE];
|
||||||
apr_status_t status = apr_md5(digest, input, inputLen);
|
switch_status_t status = switch_md5(digest, input, inputLen);
|
||||||
int x;
|
short i, x;
|
||||||
|
uint8_t b;
|
||||||
|
|
||||||
digest_str[SWITCH_MD5_DIGEST_STRING_SIZE - 1] = '\0';
|
digest_str[SWITCH_MD5_DIGEST_STRING_SIZE - 1] = '\0';
|
||||||
|
|
||||||
for (x = 0; x < SWITCH_MD5_DIGESTSIZE; x++) {
|
for (x = i = 0; x < SWITCH_MD5_DIGESTSIZE; x++) {
|
||||||
switch_snprintf(digest_str + (x * 2), 3, "%02x", digest[x]);
|
b = (digest[x] >> 4) & 15;
|
||||||
|
digest_str[i++] = b + (b > 9 ? 'a' - 10 : '0');
|
||||||
|
b = digest[x] & 15;
|
||||||
|
digest_str[i++] = b + (b > 9 ? 'a' - 10 : '0');
|
||||||
}
|
}
|
||||||
|
digest_str[i] = '\0';
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue