Changeset 871


Ignore:
Timestamp:
Dec 29, 2006 12:13:10 AM (14 years ago)
Author:
bennylp
Message:

Fixed ticket #25: Authentication loops forever when server keeps rejecting request with stale=true

Location:
pjproject/trunk/pjsip
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • pjproject/trunk/pjsip/include/pjsip/sip_auth.h

    r695 r871  
    114114    pj_bool_t                    is_proxy;  /**< Server type (401/407)      */ 
    115115    pjsip_auth_qop_type          qop_value; /**< qop required by server.    */ 
     116    unsigned                     stale_cnt; /**< Number of stale retry.     */ 
    116117#if PJSIP_AUTH_QOP_SUPPORT 
    117118    pj_uint32_t                  nc;        /**< Nonce count.               */ 
  • pjproject/trunk/pjsip/include/pjsip/sip_config.h

    r862 r871  
    410410 
    411411/** 
     412 * Maximum number of stale retries when server keeps rejecting our request 
     413 * with stale=true. 
     414 */ 
     415#ifndef PJSIP_MAX_STALE_COUNT 
     416#   define PJSIP_MAX_STALE_COUNT            3 
     417#endif 
     418 
     419 
     420/** 
    412421 * @} 
    413422 */ 
  • pjproject/trunk/pjsip/include/pjsip/sip_errno.h

    r861 r871  
    362362 */ 
    363363#define PJSIP_EAUTHINVALIDDIGEST (PJSIP_ERRNO_START_PJSIP+110)  /* 171110 */ 
     364/** 
     365 * @hideinitializer 
     366 * Maximum number of stale retries exceeded. This happens when server  
     367 * keeps rejecting our authorization request with stale=true. 
     368 */ 
     369#define PJSIP_EAUTHSTALECOUNT   (PJSIP_ERRNO_START_PJSIP + 111) /* 171111 */ 
    364370 
    365371 
  • pjproject/trunk/pjsip/src/pjsip/sip_auth_client.c

    r696 r871  
    4444#endif 
    4545 
     46 
    4647/* Transform digest to string. 
    4748 * output must be at least PJSIP_MD5STRLEN+1 bytes. 
     
    600601    auth = sess->cached_auth.next; 
    601602    while (auth != &sess->cached_auth) { 
     603        /* Reset stale counter */ 
     604        auth->stale_cnt = 0; 
     605 
    602606        if (auth->qop_value == PJSIP_AUTH_QOP_NONE) { 
    603607#           if defined(PJSIP_AUTH_HEADER_CACHING) && \ 
     
    708712             * the same credential. 
    709713             */ 
    710             PJ_LOG(4, (THIS_FILE, "Authorization failed for %.*s@%.*s", 
     714            PJ_LOG(4, (THIS_FILE, "Authorization failed for %.*s@%.*s: " 
     715                       "server rejected with stale=false", 
    711716                       sent_auth->credential.digest.username.slen, 
    712717                       sent_auth->credential.digest.username.ptr, 
     
    714719                       sent_auth->credential.digest.realm.ptr)); 
    715720            return PJSIP_EFAILEDCREDENTIAL; 
     721        } 
     722 
     723        cached_auth->stale_cnt++; 
     724        if (cached_auth->stale_cnt >= PJSIP_MAX_STALE_COUNT) { 
     725            /* Our credential is rejected. No point in trying to re-supply 
     726             * the same credential. 
     727             */ 
     728            PJ_LOG(4, (THIS_FILE, "Authorization failed for %.*s@%.*s: " 
     729                       "maximum number of stale retries exceeded", 
     730                       sent_auth->credential.digest.username.slen, 
     731                       sent_auth->credential.digest.username.ptr, 
     732                       sent_auth->credential.digest.realm.slen, 
     733                       sent_auth->credential.digest.realm.ptr)); 
     734            return PJSIP_EAUTHSTALECOUNT; 
    716735        } 
    717736 
  • pjproject/trunk/pjsip/src/pjsip/sip_errno.c

    r861 r871  
    100100    PJ_BUILD_ERR( PJSIP_EAUTHINVALIDREALM, "Invalid authorization realm"), 
    101101    PJ_BUILD_ERR( PJSIP_EAUTHINVALIDDIGEST,"Invalid authorization digest" ), 
     102    PJ_BUILD_ERR( PJSIP_EAUTHSTALECOUNT,   "Maximum number of stale retries exceeded"), 
    102103 
    103104    /* UA/dialog layer. */ 
Note: See TracChangeset for help on using the changeset viewer.