[Asterisk-code-review] res pjsip outbound registration.c: Fix 423 response handling. (asterisk[13])

Tue Nov 17 16:41:34 CST 2015

Richard Mudgett has uploaded a new change for review.

  https://gerrit.asterisk.org/1644

Change subject: res_pjsip_outbound_registration.c: Fix 423 response handling.
......................................................................

res_pjsip_outbound_registration.c: Fix 423 response handling.

Receiving a 423 Interval Too Brief response after authentication for an
outbound registration attempt results in assuming that the registrar has
rejected the registration permanently.  If there are no configured retries
for fatal responses then the outbound registration is stopped for that
endpoint.

For registrations, PJSIP/PJPROJECT intercepts the handling of 423
responses and does not include any authentication in the updated
registration request.  When the updated request is challenged then the
Asterisk code assumes that we were challenged again because the peer
rejected the authentication we sent earlier.

* Made try registration challenges up to 3 times in a row before
considering that we have something wrong with the authentication
credentials for the registration round.

Change-Id: I81b4bd36d1be095bab606e34b8b44e6302971b09
---
M res/res_pjsip_outbound_registration.c
1 file changed, 9 insertions(+), 5 deletions(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/44/1644/1

diff --git a/res/res_pjsip_outbound_registration.c b/res/res_pjsip_outbound_registration.c
index 04ff1df..6eda6d1 100644
--- a/res/res_pjsip_outbound_registration.c
+++ b/res/res_pjsip_outbound_registration.c
@@ -215,6 +215,9 @@
 /*! \brief Some thread local storage used to determine if the running thread invoked the callback */
 AST_THREADSTORAGE(register_callback_invoked);
 
+/*! \brief Max attempts to authenticate per registration round. */
+#define MAX_AUTH_ATTEMPTS 3
+
 /*! \brief Amount of buffer time (in seconds) before expiration that we re-register at */
 #define REREGISTER_BUFFER_TIME 10
 
@@ -335,14 +338,14 @@
 	unsigned int auth_rejection_permanent;
 	/*! \brief Determines whether SIP Path support should be advertised */
 	unsigned int support_path;
+	/*! \brief Number of times we have sent a REGISTER with authentication for this round */
+	unsigned int auth_attempted;
 	/*! \brief Serializer for stuff and things */
 	struct ast_taskprocessor *serializer;
 	/*! \brief Configured authentication credentials */
 	struct ast_sip_auth_vector outbound_auths;
 	/*! \brief Registration should be destroyed after completion of transaction */
 	unsigned int destroy:1;
-	/*! \brief Non-zero if we have attempted sending a REGISTER with authentication */
-	unsigned int auth_attempted:1;
 };
 
 /*! \brief Outbound registration state information (persists for lifetime that registration should exist) */
@@ -758,12 +761,13 @@
 	ast_debug(1, "Processing REGISTER response %d from server '%s' for client '%s'\n",
 			response->code, server_uri, client_uri);
 
-	if (!response->client_state->auth_attempted &&
-			(response->code == 401 || response->code == 407)) {
+	if ((response->code == 401 || response->code == 407)
+		&& response->client_state->auth_attempted < MAX_AUTH_ATTEMPTS) {
 		pjsip_tx_data *tdata;
+
 		if (!ast_sip_create_request_with_auth_from_old(&response->client_state->outbound_auths,
 				response->rdata, response->old_request, &tdata)) {
-			response->client_state->auth_attempted = 1;
+			++response->client_state->auth_attempted;
 			ast_debug(1, "Sending authenticated REGISTER to server '%s' from client '%s'\n",
 					server_uri, client_uri);
 			if (registration_client_send(response->client_state, tdata) == PJ_SUCCESS) {

-- 
To view, visit https://gerrit.asterisk.org/1644
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I81b4bd36d1be095bab606e34b8b44e6302971b09
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: Richard Mudgett <rmudgett at digium.com>

