[asterisk-dev] [Code Review] 2431: Add outbound authentication for outbound registrations

[Mark Michelson]

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2431/
-----------------------------------------------------------

Review request for Asterisk Developers and Joshua Colp.


Repository: Asterisk


Description
-------

Outbound registration and outbound auth were completed in parallel, but now the two have intersected. This adds outbound authentication support to the outbound registration module. It works by having the registration configuration point to an authentication section in order to determine credentials, exactly like an endpoint does.

One problem I encountered was that outbound authentication code relied on being given an endpoint in order to look up auth credentials. In actuality, there is no need for this since the only piece of information it was using from the endpoint was the names of the auth sections to find in sorcery. I have changed the outbound authenticator API to no longer take an endpoint and instead take an array of auth sorcery IDs and the number of IDs in the array.

The actual changes to res_sip_outbound_registration are not that much. It just reads the configuration and then uses it if a 401 or 407 response arrives for a registration.

There is a some duplication of code between sip_configuration.c and res_sip_outbound_registration.c since both read a list of authentication IDs from configuration. For now, I'm more interested in the approach taken in this review. If this is approved, I'll remove the duplicated auth parsing code from res_sip_outbound_registration.c and put it in a place accessible by all.


Diffs
-----

  /team/group/pimp_my_sip/res/res_sip_outbound_registration.c 384967 
  /team/group/pimp_my_sip/res/res_sip_outbound_authenticator_digest.c 384967 
  /team/group/pimp_my_sip/res/res_sip/sip_outbound_auth.c 384967 
  /team/group/pimp_my_sip/res/res_sip.exports.in 384967 
  /team/group/pimp_my_sip/res/res_sip.c 384967 
  /team/group/pimp_my_sip/include/asterisk/res_sip.h 384967 

Diff: https://reviewboard.asterisk.org/r/2431/diff/


Testing
-------

Tested with outbound authentication configured and not configured. With no outbound authentication configured, a 401/407 results in a failed registration. I do not treat this as a temporal failure, but as a permanent one. With outbound authentication configured, a 401/407 results in an auth request being sent properly.


Thanks,

Mark Michelson

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130408/98008a78/attachment.htm>