From efce16caf238c239a11090f30ba53f7af1bafb27 Mon Sep 17 00:00:00 2001 From: Stefan Becker Date: Wed, 7 Dec 2011 16:55:38 +0200 Subject: [PATCH] tlsdsk: clean up user/login name usage Inside WSDL requests and the certificate we have to use the user name, e.g. first.last@domain.com or sip:first.last@domain.com. For the HTTP authentication handshake in the WinNegotiate authentication we need to use the standard domain/login user combination, i.e. DOMAIN\login. If the login user is empty, we use the user name as usual, e.g. DOMAIN\first.last@domain.com. --- src/core/sip-transport.c | 1 - src/core/sipe-certificate.c | 11 +---------- src/core/sipe-certificate.h | 2 -- src/core/sipe-svc.c | 10 ++++------ src/core/sipe-svc.h | 5 ----- 5 files changed, 5 insertions(+), 24 deletions(-) diff --git a/src/core/sip-transport.c b/src/core/sip-transport.c index 91b0e59f..c92bba3d 100644 --- a/src/core/sip-transport.c +++ b/src/core/sip-transport.c @@ -250,7 +250,6 @@ static gchar *initialize_auth_context(struct sipe_core_private *sipe_private, auth->sts_uri); if (!sipe_certificate_tls_dsk_generate(sipe_private, auth->target, - authuser, auth->sts_uri)) { gchar *tmp = g_strdup_printf(_("Can't request certificate from %s"), auth->sts_uri); diff --git a/src/core/sipe-certificate.c b/src/core/sipe-certificate.c index 0f0ad220..1e35b3d2 100644 --- a/src/core/sipe-certificate.c +++ b/src/core/sipe-certificate.c @@ -162,7 +162,6 @@ gpointer sipe_certificate_tls_dsk_find(struct sipe_core_private *sipe_private, struct certificate_callback_data { gchar *target; - gchar *authuser; gchar *webticket_negotiate_uri; gchar *webticket_fedbearer_uri; gchar *certprov_uri; @@ -177,7 +176,6 @@ static void callback_data_free(struct certificate_callback_data *ccd) { if (ccd) { g_free(ccd->target); - g_free(ccd->authuser); g_free(ccd->webticket_negotiate_uri); g_free(ccd->webticket_fedbearer_uri); g_free(ccd->certprov_uri); @@ -450,7 +448,7 @@ static void webticket_token(struct sipe_core_private *sipe_private, if (wsse_security) { gchar *certreq_base64 = create_certreq(sipe_private, - ccd->authuser); + sipe_private->username); SIPE_DEBUG_INFO("webticket_token: received valid SOAP message from service %s", uri); @@ -461,7 +459,6 @@ static void webticket_token(struct sipe_core_private *sipe_private, success = sipe_svc_get_and_publish_cert(sipe_private, ccd->certprov_uri, - ccd->authuser, wsse_security, certreq_base64, get_and_publish_cert, @@ -486,7 +483,6 @@ static void webticket_token(struct sipe_core_private *sipe_private, success = sipe_svc_webticket(sipe_private, ccd->webticket_fedbearer_uri, - ccd->authuser, wsse_security, ccd->certprov_uri, &ccd->entropy, @@ -511,7 +507,6 @@ static void webticket_token(struct sipe_core_private *sipe_private, ccd->tried_fedbearer = TRUE; success = sipe_svc_webticket_lmc(sipe_private, - ccd->authuser, ccd->webticket_fedbearer_uri, webticket_token, ccd); @@ -582,7 +577,6 @@ static void webticket_metadata(struct sipe_core_private *sipe_private, success = sipe_svc_webticket(sipe_private, ccd->webticket_negotiate_uri, - ccd->authuser, NULL, ccd->certprov_uri, &ccd->entropy, @@ -592,7 +586,6 @@ static void webticket_metadata(struct sipe_core_private *sipe_private, } else { ccd->tried_fedbearer = TRUE; success = sipe_svc_webticket_lmc(sipe_private, - ccd->authuser, ccd->webticket_fedbearer_uri, webticket_token, ccd); @@ -722,14 +715,12 @@ static void certprov_metadata(struct sipe_core_private *sipe_private, gboolean sipe_certificate_tls_dsk_generate(struct sipe_core_private *sipe_private, const gchar *target, - const gchar *authuser, const gchar *uri) { struct certificate_callback_data *ccd = g_new0(struct certificate_callback_data, 1); gboolean ret; ccd->target = g_strdup(target); - ccd->authuser = g_strdup(authuser); ret = sipe_svc_metadata(sipe_private, uri, certprov_metadata, ccd); if (!ret) diff --git a/src/core/sipe-certificate.h b/src/core/sipe-certificate.h index e4bfc404..e686e8b2 100644 --- a/src/core/sipe-certificate.h +++ b/src/core/sipe-certificate.h @@ -48,13 +48,11 @@ gpointer sipe_certificate_tls_dsk_find(struct sipe_core_private *sipe_private, * * @param sipe_private SIPE core private data * @param target target name from authentication header - * @param authuser authentication user name * @param uri URI for the Certificate Provisioning Service * @return @c TRUE if certificate generation was triggered */ gboolean sipe_certificate_tls_dsk_generate(struct sipe_core_private *sipe_private, const gchar *target, - const gchar *authuser, const gchar *uri); /** diff --git a/src/core/sipe-svc.c b/src/core/sipe-svc.c index 7d01465a..3cdbf8ae 100644 --- a/src/core/sipe-svc.c +++ b/src/core/sipe-svc.c @@ -283,7 +283,6 @@ static void sipe_svc_wsdl_response(struct svc_request *data, gboolean sipe_svc_get_and_publish_cert(struct sipe_core_private *sipe_private, const gchar *uri, - const gchar *authuser, const gchar *wsse_security, const gchar *certreq, sipe_svc_callback *callback, @@ -321,7 +320,7 @@ gboolean sipe_svc_get_and_publish_cert(struct sipe_core_private *sipe_private, " " "", uuid, - authuser, + sipe_private->username, certreq, id_uuid); g_free(id_uuid); @@ -349,7 +348,6 @@ gboolean sipe_svc_get_and_publish_cert(struct sipe_core_private *sipe_private, * I guess we'll have to see what happens in real life... */ gboolean sipe_svc_webticket_lmc(struct sipe_core_private *sipe_private, - const gchar *authuser, const gchar *service_uri, sipe_svc_callback *callback, gpointer callback_data) @@ -360,7 +358,8 @@ gboolean sipe_svc_webticket_lmc(struct sipe_core_private *sipe_private, " %s" " %s" "", - authuser, sip->password); + sipe_private->username, + sip->password); gchar *soap_body = g_strdup_printf("" " " @@ -393,7 +392,6 @@ gboolean sipe_svc_webticket_lmc(struct sipe_core_private *sipe_private, gboolean sipe_svc_webticket(struct sipe_core_private *sipe_private, const gchar *uri, - const gchar *authuser, const gchar *wsse_security, const gchar *service_uri, const struct sipe_tls_random *entropy, @@ -423,7 +421,7 @@ gboolean sipe_svc_webticket(struct sipe_core_private *sipe_private, "", uuid, service_uri, - authuser, + sipe_private->username, secret); gboolean ret = new_soap_req(sipe_private, diff --git a/src/core/sipe-svc.h b/src/core/sipe-svc.h index a28dbef8..8f1af4b8 100644 --- a/src/core/sipe-svc.h +++ b/src/core/sipe-svc.h @@ -60,7 +60,6 @@ typedef void (sipe_svc_callback)(struct sipe_core_private *sipe_private, */ gboolean sipe_svc_get_and_publish_cert(struct sipe_core_private *sipe_private, const gchar *uri, - const gchar *authuser, const gchar *wsse_security, const gchar *certreq, sipe_svc_callback *callback, @@ -71,7 +70,6 @@ gboolean sipe_svc_get_and_publish_cert(struct sipe_core_private *sipe_private, * * @param sipe_private SIPE core private data * @param uri service URI - * @param authuser user name for authentication * @param wsse_security predefined authentication token. May be @c NULL * @param service_uri request token for this service URI * @param entropy random bytes buffer for entropy @@ -81,7 +79,6 @@ gboolean sipe_svc_get_and_publish_cert(struct sipe_core_private *sipe_private, */ gboolean sipe_svc_webticket(struct sipe_core_private *sipe_private, const gchar *uri, - const gchar *authuser, const gchar *wsse_security, const gchar *service_uri, const struct sipe_tls_random *entropy, @@ -92,14 +89,12 @@ gboolean sipe_svc_webticket(struct sipe_core_private *sipe_private, * Trigger fetch of WebTicket security token from login.microsoftonline.com * * @param sipe_private SIPE core private data - * @param authuser user name for authentication * @param service_uri request token for this service URI * @param callback callback function * @param callback_data callback data * @return @c TRUE if token fetch was triggered */ gboolean sipe_svc_webticket_lmc(struct sipe_core_private *sipe_private, - const gchar *authuser, const gchar *service_uri, sipe_svc_callback *callback, gpointer callback_data); -- 2.11.4.GIT