From 4261e277e3dedc0e454e70e4ce7d88d235406b3d Mon Sep 17 00:00:00 2001 From: lazedo Date: Tue, 19 Mar 2019 01:47:32 +0000 Subject: [PATCH] add registrar perm error condition & macros & defaults --- kamailio/registrar-role.cfg | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/kamailio/registrar-role.cfg b/kamailio/registrar-role.cfg index 913ad8c..e2c7c43 100644 --- a/kamailio/registrar-role.cfg +++ b/kamailio/registrar-role.cfg @@ -30,11 +30,13 @@ #!trydef REGISTRAR_AMQP_FLAGS 0 #!trydef REGISTRAR_AMQP_RK_PREFIX authn.req. #!trydef REGISTRAR_SEND_100 1 -#!trydef REGISTRAR_DB_MODE 3 +#!trydef REGISTRAR_DB_MODE 2 #!trydef REGISTRAR_DB_TIMER_CLEANUP 0 #!trydef REGISTRAR_HANDLE_LOST_TCP 0 -#!trydef REGISTRAR_DB_TIMER_CLEANUP 0 -#!trydef REGISTRAR_DB_REMOVE_EXPIRED_DELAY 30 +#!trydef REGISTRAR_DB_REMOVE_EXPIRED_DELAY 0 +#!trydef REGISTRAR_SYNC_TIMER_INTERVAL 5 +#!trydef REGISTRAR_SYNC_TIMER_PROCS 1 + #!ifdef REGISTRAR_WARM_CACHE #!substdef "!REGISTRAR_S_WARM_CACHE!dbtable=auth_cache;dbmode=1;!g" @@ -70,8 +72,9 @@ modparam("usrloc", "db_ops_ruid", 1) modparam("usrloc", "xavp_contact", "ulattrs") -modparam("usrloc", "timer_interval", 5) -modparam("usrloc", "timer_procs", 1) +modparam("usrloc", "timer_interval", REGISTRAR_SYNC_TIMER_INTERVAL) +modparam("usrloc", "timer_procs", REGISTRAR_SYNC_TIMER_PROCS) + modparam("usrloc", "fetch_rows", 400) modparam("usrloc", "handle_lost_tcp", REGISTRAR_HANDLE_LOST_TCP) modparam("usrloc", "close_expired_tcp", REGISTRAR_CLOSE_EXPIRED_TCP) @@ -121,6 +124,7 @@ modparam("statistics","variable", "registrar:amqp_async_error") modparam("statistics","variable", "registrar:amqp_returned") modparam("statistics","variable", "registrar:amqp_timeout") modparam("statistics","variable", "registrar:drops") +modparam("statistics","variable", "registrar:authn_perm_err") modparam("statistics","variable", "registrar:authn_err") modparam("statistics","variable", "registrar:authn_resp") modparam("statistics","variable", "registrar:authn_unknown") @@ -187,10 +191,15 @@ route[HANDLE_REGISTER] } if($sel(cfg_get.kazoo.registrar_force_query) == 0) { - if($sht(auth_cache=>$Au) == "authn_err") { - xlog("L_WARNING", "$ci|end|issuing auth challenge to cached failed registration attempt for $Au from IP $si:$sp\n"); + if($sht(auth_cache=>$Au) == "authn_perm_err") { + xlog("L_INFO", "$ci|end|issuing auth challenge to cached permanent failed registration attempt for $Au from IP $si:$sp\n"); + update_stat("registrar:authn_perm_err", "+1"); + #!ifdef ANTIFLOOD_ROLE + route(ANITFLOOD_FAILED_AUTH); + #!endif update_stat("registrar:challenge", "+1"); auth_challenge("$fd", "5"); + exit; } else if($sht(auth_cache=>$Au) != $null) { $xavp(regcfg=>match_received) = $su; if(registered("location", "$rz:$Au", 2, 1) == 1) { @@ -278,7 +287,9 @@ onreply_route[KZ_AUTHORIZATION_REPLY] $var(password) = $(kzR{kz.json,Auth-Password}); $var(nonce) = $adn; if( $(kzR{kz.json,Event-Name}) == "authn_err" ) { - $sht(auth_cache=>$Au) = "authn_err"; + if($(kzR{kz.json,Permanent-Error}) == "true") { + $sht(auth_cache=>$Au) = "authn_perm_err"; + } update_stat("registrar:authn_err", "+1"); #!ifdef ANTIFLOOD_ROLE route(ANITFLOOD_FAILED_AUTH); @@ -288,19 +299,17 @@ onreply_route[KZ_AUTHORIZATION_REPLY] xlog("L_INFO", "$ci|end|challenging $Au $si:$sp via $(kzR{kz.json,App-Name})-$(kzR{kz.json,App-Version}) response\n"); exit; } else if( $(kzR{kz.json,Event-Name}) == "authn_resp" ) { - update_stat("registrar:authn_resp", "+1"); + update_stat("registrar:authn_resp", "+1"); xlog("L_INFO", "$ci|log|authenticating $Au via $(kzR{kz.json,App-Name})-$(kzR{kz.json,App-Version}) response\n"); route(CHECK_AUTHORIZATION); } else { update_stat("registrar:authn_unknown", "+1"); - update_stat("registrar:drops", "+1"); + update_stat("registrar:drops", "+1"); xlog("L_INFO", "$ci|log|unhandle response from directory $Au via $(kzR{kz.json,App-Name})-$(kzR{kz.json,App-Version})\n"); t_drop(); } } - - route[CHECK_AUTHORIZATION] {