[Asterisk-Users] sip registration problems

Mark Spencer markster at digium.com
Sat Apr 12 08:36:39 MST 2003 

> as you see, 401 doesn't contain a username, only the realm.  asterisk
> needs to know which username to use for that realm and insert it into
> the username field of the authorization header in the next attempt.  now
> it puts the uri username field there:

True enough.  How disappointing.

> uri-to-be registered:authorization-username:password/contact

Hrm, I'm not sold on this syntax because it breaks backwards compatibility
*and* prevents the ability to add a port number to the end of the
registration URL.  Instead, I sugest implementing it this way:

start-of-uri[:password[:authusername]]@host[/contact]

with the []'s being used solely to indicate optional fields.

This retains backwards compatibility and still leaves the ability to add a
host.  Is it acceptable?

> 1) request uri should also contain the domain name (sip.song.fi), not
>    the ip address (62.236.249.50).

If we're doing to/from that way, then agreed.  In CVS.  By the way, the
logic of using IP's was to reduce the number of gethostbyname()'s required
at the other side.  All examples in 3261 seem to use hostnames, but is
this a requirement, or even desirable?  Changing this throughout SIP and
not just in the REGISTER would also be extremely difficult.

> 2) to tag should not be included

Agreed.  In CVS.

> 3) uri field in the authorization header should contain the request uri,
>    not the uri to be registered, i.e., sip:sip.song.fi in the above
>    example.

You're right, but what a PITA to have to change.  Anyway done and in CVS.

> 4) when asterisk gets another 401 back, it keeps on trying forever and
>    thus causing big stress to the network and the proxy.  if
>    registration fails, asterisk should wait for a while before trying
>    again.

It only retries immediately if again it is given authentication info.  It
will retry then again, 10 seconds following.  Anyway I've modified it to
(hopefully) only attempt up to two immediate re-auths, and then also
increased the retransmission time in case of a failed auth to 20 seconds.
(commited to CVS)  Sound reasonable?

Mark

More information about the asterisk-users mailing list