[OpenSIPS-Devel] New contribution, rich authentication in LCR module
Michael Schloh von Bennewitz
develop2009 at schloh.com
Wed Feb 10 21:56:13 CET 2010
Hello list,
I see from http://www.opensips.org/Development/Development that the
LCR module is 'commonly maintained.' Whoever has commit authority
might like to take a look at the new rich authentication credentials
of the gw table as well as corresponding authentication logic in the
LCR module that we've been using to mitigate problems of the
unmodified LCR and UAC logic.
http://scm.europalab.com/contrib/opensips/
http://scm.europalab.com/contrib/file/tip/opensips/
http://scm.europalab.com/contrib/file/tip/opensips/lcr-auth.txt
http://scm.europalab.com/contrib/file/tip/opensips/lcr-auth.diff
Basically, files (only code, no documentation) in modules/lcr of
SVN trunk revision 6590 were modified to allow the gw table to
provide authentication credentials to a modified LCR module.
LCR in turn prepares a set of three new AVPs for authentication
purposes. In a nutshell, the gw table now has 'user', 'realm',
and 'password' columns. The LCR module reads these when gw_load()
and gw_next() are used, and sets the AVPs avp_user, avp_realm,
and avp_passwd accordingly.
It's hard to recommend that this logic be integrated into the
next OpenSIPS distribution because I know that LCR logic is
to be retired in favour of dynamic routing logic. That's why
I've not completed the opensipsctl, opensipsdbctl, and osipsconsole
modifications to allow entering the new authentication values
from the command line. The XML documentation is incomplete as well.
I'll complete that work if I get the impression that this is
popular enough to be committed to the trunk.
Cheers,
Michael
--
Michael Schloh von Bennewitz
http://michael.schloh.com/
More information about the Devel
mailing list