%docentities; ] >
Functions
<function>auth_date_proc()</function> Note: this function is for authorizer service. If a message, the auth service should authorize, contains Date header then this function checks whether it falls in message timeout (set by msg_timeout parameter). If there is not any Date header then the module adds one. This function also checks whether the certificate of the authentication service (set by certificate_path parameter) has been expired.
Dependencies No dependencies
<function>auth_add_identity()</function> Note: this function is for authorizer service. Assembles digest-string from the message, calculates its SHA1 hash, encrypts it with the private key (set by privatekey_path parameter) of the authorizer service, base64 encodes it and adds to the outgoing message as the value of Identity header. This function also adds Identity-Info header which contains an URI (set by certificate_url parameter) from which the certificate of auth service can be acquired. Note: this function needs the final outgoing message for authorization, so no module may modify any digest string related headers (From, To, Call-ID, CSeq, Date, Contact) and body after auth_add_identity()'s been called
Dependencies auth_date_proc() must be called before
<function>vrfy_check_date()</function> Note: this function is for verifier service. Checks Date header of the incoming message whether falls in validity time (set by auth_validity_time parameter)
Dependencies No dependencies
<function>vrfy_get_certificate()</function> Note: this function is for verifier service. Tries to get certificate defined by the value of Identity-info header from certificate table (which size is set by certificate_cache_limit parameter). If the required certificate is not found there then this function downloads it.
Dependencies No dependencies
<function>vrfy_check_certificate()</function> Note: this function is for verifier service. Checks whether the downloaded certificate is valid (is not expired, its subject and the domain part of the URL are the same) and adds it to certificate table.
Dependencies vrfy_get_certificate() must be called before
<function>vrfy_check_msgvalidity()</function> Note: this function is for verifier service. Assembles digest-string from the message, create SHA1 hash and compares it with the decrypted value of Identity header.
Dependencies vrfy_get_certificate() must be called before and vrfy_check_certificate() should be called before
<function>vrfy_check_callid()</function> Note: this function is for verifier service. Checks whether the current call's been already processed in validity time (set by auth_validity_time) to recognize call replay attacks. If this call (identified by Call-id, Cseq, and tag of From header triple) has not been replayed then adds it to callid table (which size is set by callid_cache_limit parameter).
Dependencies This function should be called for the last time.