Opensips系列之使用自己的账号系统过滤非法请求配置修改代码修改

100 阅读 0 评论 66 点赞

我是靠谱客的博主开心服饰，这篇文章主要介绍Opensips系列之使用自己的账号系统过滤非法请求配置修改代码修改，现在分享给大家，希望可以做个参考。

配置修改

修改opensips.cfg，判断sip的from header的user在不在指定sip_register_table里面

复制代码

1
2
3
4
5
6
7
8
9
10
11
12
    else if (is_method("REGISTER")) 
    {
        #  auth_db模块中配置的数据库中的用户表
        $var(auth_code) = fs_authorize("$fU", "sip_register_table");
        if ( $var(auth_code) <= 0)
        {
            xlog("Authentication failed for $fU@$fd from $si cause $var(auth_code)");
            exit;
        }
                
        xlog( "User $fU Registered/Unregisterd Successfully From IP:$si");
    }

代码修改

修改authdb_mod.c,增加fs_authorize函数：判断sip的from header的user在不在指定_table里面。

如果不在，返回USER_UNKOWN。

复制代码

1
2
3
4
5
6
7
static cmd_export_t cmds[] = {
    {"www_authorize", (cmd_function)www_authorize,   2, auth_fixup, 0, REQUEST_ROUTE},
    {"fs_authorize", (cmd_function)fs_authorize, 2, auth_fixup, 0, REQUEST_ROUTE},
    {"proxy_authorize", (cmd_function)proxy_authorize, 2, auth_fixup, 0, REQUEST_ROUTE},
    {0, 0, 0, 0, 0, 0}
};

复制代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
int fs_authorize(struct sip_msg *_m, char *_fU, char *_table)
{
	int res;
	str table;
	db_res_t *result = NULL;
	struct username _username;

	if (fixup_get_svalue(_m, (gparam_t *)_fU, &_username.user) != 0) {
		LM_ERR("cannot get the usernamen");
		return -1;
	}

	if (!_table) {
		LM_ERR("invalid table parametern");
		return -1;
	}

	table.s = _table;
	table.len = strlen(_table);

	res = get_userinfo(&_username, &table, &result);
	if (res < 0) {
		/* Error while accessing the database */
		if (sigb.reply(_m, 500, &auth_500_err, NULL) == -1) {
			LM_ERR("failed to send 500 replyn");
		}
		return ERROR;
	}
	if (res > 0) {
		/* Username not found in the database */
		auth_dbf.free_result(auth_db_handle, result);
		return USER_UNKNOWN;
	}

	auth_dbf.free_result(auth_db_handle, result);
	return AUTHORIZED;
}

复制代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
/**
 * select pass_column from _table where user_column = _username;
*/
static inline int get_userinfo(struct username *_username, const str *_table, db_res_t **res)
{
    db_key_t keys[1];
    db_val_t vals[1];
	db_key_t col = &pass_column;

	if (auth_dbf.use_table(auth_db_handle, _table) < 0) {
		LM_ERR("failed to use_tablen");
		return -1;
	}

    keys[0] = &user_column;

	VAL_TYPE(vals) = DB_STR;
	VAL_NULL(vals) = 0;

	VAL_STR(vals).s = _username->user.s;
	VAL_STR(vals).len = _username->user.len;

	if (auth_dbf.query(auth_db_handle, keys, 0, vals, &col, 1, 1, 0, res) < 0) {
		LM_ERR("failed to query databasen");
		return -1;
	}

	if (RES_ROW_N(*res) == 0) {
		LM_ERR("no result for user %.*s@%.*s,key_col:%s,value_col:%sn", 
			   _username->user.len, ZSW(_username->user.s),
			   _table->len, ZSW(_table->s), user_column.s, pass_column.s);
		return 1;
	}

	return 0;
}