add registrar perm error condition & macros & defaults

kamailio/registrar-role.cfg

@@ -30,11 +30,13 @@
 #!trydef REGISTRAR_AMQP_FLAGS 0
 #!trydef REGISTRAR_AMQP_RK_PREFIX authn.req.
 #!trydef REGISTRAR_SEND_100 1
-#!trydef REGISTRAR_DB_MODE 3
+#!trydef REGISTRAR_DB_MODE 2
 #!trydef REGISTRAR_DB_TIMER_CLEANUP 0
 #!trydef REGISTRAR_HANDLE_LOST_TCP 0
-#!trydef REGISTRAR_DB_TIMER_CLEANUP 0
-#!trydef REGISTRAR_DB_REMOVE_EXPIRED_DELAY 30
+#!trydef REGISTRAR_DB_REMOVE_EXPIRED_DELAY 0
+#!trydef REGISTRAR_SYNC_TIMER_INTERVAL 5
+#!trydef REGISTRAR_SYNC_TIMER_PROCS 1
+
 
 #!ifdef REGISTRAR_WARM_CACHE
 #!substdef "!REGISTRAR_S_WARM_CACHE!dbtable=auth_cache;dbmode=1;!g"
@@ -70,8 +72,9 @@ modparam("usrloc", "db_ops_ruid", 1)
 
 
 modparam("usrloc", "xavp_contact", "ulattrs")
-modparam("usrloc", "timer_interval", 5)
-modparam("usrloc", "timer_procs", 1)
+modparam("usrloc", "timer_interval", REGISTRAR_SYNC_TIMER_INTERVAL)
+modparam("usrloc", "timer_procs", REGISTRAR_SYNC_TIMER_PROCS)
+
 modparam("usrloc", "fetch_rows", 400)
 modparam("usrloc", "handle_lost_tcp", REGISTRAR_HANDLE_LOST_TCP)
 modparam("usrloc", "close_expired_tcp", REGISTRAR_CLOSE_EXPIRED_TCP)
@@ -121,6 +124,7 @@ modparam("statistics","variable", "registrar:amqp_async_error")
 modparam("statistics","variable", "registrar:amqp_returned")
 modparam("statistics","variable", "registrar:amqp_timeout")
 modparam("statistics","variable", "registrar:drops")
+modparam("statistics","variable", "registrar:authn_perm_err")
 modparam("statistics","variable", "registrar:authn_err")
 modparam("statistics","variable", "registrar:authn_resp")
 modparam("statistics","variable", "registrar:authn_unknown")
@@ -187,10 +191,15 @@ route[HANDLE_REGISTER]
     }
 
     if($sel(cfg_get.kazoo.registrar_force_query) == 0) {
-        if($sht(auth_cache=>$Au) == "authn_err") {
-            xlog("L_WARNING", "$ci|end|issuing auth challenge to cached failed registration attempt for $Au from IP $si:$sp\n");
+        if($sht(auth_cache=>$Au) == "authn_perm_err") {
+            xlog("L_INFO", "$ci|end|issuing auth challenge to cached permanent failed registration attempt for $Au from IP $si:$sp\n");
+            update_stat("registrar:authn_perm_err", "+1");
+            #!ifdef ANTIFLOOD_ROLE
+            route(ANITFLOOD_FAILED_AUTH);
+            #!endif
             update_stat("registrar:challenge", "+1");
             auth_challenge("$fd", "5");
+            exit;
         } else if($sht(auth_cache=>$Au) != $null) {
             $xavp(regcfg=>match_received) = $su;
             if(registered("location", "$rz:$Au", 2, 1) == 1) {
@@ -278,7 +287,9 @@ onreply_route[KZ_AUTHORIZATION_REPLY]
     $var(password) = $(kzR{kz.json,Auth-Password});
     $var(nonce) = $adn;
     if( $(kzR{kz.json,Event-Name}) == "authn_err" ) {
-       $sht(auth_cache=>$Au) = "authn_err";   
+       if($(kzR{kz.json,Permanent-Error}) == "true") {
+           $sht(auth_cache=>$Au) = "authn_perm_err";
+       }
        update_stat("registrar:authn_err", "+1");
        #!ifdef ANTIFLOOD_ROLE
        route(ANITFLOOD_FAILED_AUTH);
@@ -288,19 +299,17 @@ onreply_route[KZ_AUTHORIZATION_REPLY]
        xlog("L_INFO", "$ci|end|challenging $Au $si:$sp via $(kzR{kz.json,App-Name})-$(kzR{kz.json,App-Version}) response\n");
        exit;
     } else if( $(kzR{kz.json,Event-Name}) == "authn_resp" ) {
-       update_stat("registrar:authn_resp", "+1");    
+       update_stat("registrar:authn_resp", "+1");
        xlog("L_INFO", "$ci|log|authenticating $Au via $(kzR{kz.json,App-Name})-$(kzR{kz.json,App-Version}) response\n");
        route(CHECK_AUTHORIZATION);
     } else {
        update_stat("registrar:authn_unknown", "+1");
-       update_stat("registrar:drops", "+1");        
+       update_stat("registrar:drops", "+1");
        xlog("L_INFO", "$ci|log|unhandle response from directory $Au via $(kzR{kz.json,App-Name})-$(kzR{kz.json,App-Version})\n");
        t_drop();
     }
 }
 
-
-
 route[CHECK_AUTHORIZATION]
 {