From 520c6bbc5466a2d57200b7ed08f3525f0922b5dc Mon Sep 17 00:00:00 2001
From: lazedo <luis.azedo@factorlusitano.com>
Date: Tue, 19 Mar 2019 20:01:36 +0000
Subject: [PATCH] less restrictive auth

---
 kamailio/registrar-role.cfg | 26 +++++++++++---------------
 1 file changed, 11 insertions(+), 15 deletions(-)

diff --git a/kamailio/registrar-role.cfg b/kamailio/registrar-role.cfg
index 4876acc..d79e36f 100644
--- a/kamailio/registrar-role.cfg
+++ b/kamailio/registrar-role.cfg
@@ -49,10 +49,6 @@ modparam("htable", "htable", "auth_cache=>size=16;autoexpire=7200;REGISTRAR_S_WA
 
 ####### Authentication Interface module ##########
 loadmodule "auth.so"
-modparam("auth", "auth_checks_register", 11)
-modparam("auth", "qop", "auth")
-modparam("auth", "nonce_expire", 90)
-
 
 ####### User Location Implementation module ##########
 loadmodule "usrloc.so"
@@ -198,7 +194,7 @@ route[HANDLE_REGISTER]
             route(ANITFLOOD_FAILED_AUTH);
             #!endif
             update_stat("registrar:challenge", "+1");
-            auth_challenge("$fd", "5");
+            auth_challenge("$fd", "4");
             exit;
         } else if($sht(auth_cache=>$Au) != $null) {
             $xavp(regcfg=>match_received) = $su;
@@ -220,17 +216,11 @@ route[HANDLE_REGISTER]
         drop;
     }
 
-    if (!t_newtran()) {
-        xlog("L_ERROR", "$ci|log|failed to create transaction to query for authentication credentials for $Au $si:$sp\n");
-        update_stat("registrar:new_tran", "+1");        
-        drop;
-    }
-
     if($sel(cfg_get.kazoo.registrar_check_amqp_availability) == 1) {
         if($xavp(amqpc=>default::MY_AMQP_ZONE) == 0) {
             xlog("L_WARNING", "$ci|end|register|no amqp connection available for default worker in zone MY_AMQP_ZONE\n");
             update_stat("registrar:amqp_not_available", "+1");
-            t_drop();
+            drop;
         }
     }
 
@@ -239,15 +229,21 @@ route[HANDLE_REGISTER]
     $var(auth) = pv_auth_check("$fd", "$uuid(g)", "0", "0");
     if($var(auth) != -2) {
         xlog("L_INFO", "$ci|end|challenging $Au $si:$sp\n");
-        $var(auth) = auth_challenge("$fd", "21");
+        $var(auth) = auth_challenge("$fd", "4");
         update_stat("registrar:challenge", "+1");
         if($var(auth) != 1) {
             xlog("L_ERROR", "$ci|register|error creating or sending challenge to registration attempt for $fu from $si:$sp\n");
-            t_drop();
+            drop;
         }
         exit;
     }
 
+    if (!t_newtran()) {
+        xlog("L_ERROR", "$ci|log|failed to create transaction to query for authentication credentials for $Au $si:$sp\n");
+        update_stat("registrar:new_tran", "+1");        
+        drop;
+    }
+
     if($sel(cfg_get.kazoo.registrar_send_100) == 1) {
         sl_send_reply("100", "checking your credentials");
     }
@@ -295,7 +291,7 @@ onreply_route[KZ_AUTHORIZATION_REPLY]
        route(ANITFLOOD_FAILED_AUTH);
        #!endif
        update_stat("registrar:challenge", "+1");
-       auth_challenge("$fd", "5");
+       auth_challenge("$fd", "4");
        xlog("L_INFO", "$ci|end|challenging $Au $si:$sp via $(kzR{kz.json,App-Name})-$(kzR{kz.json,App-Version}) response\n");
        exit;
     } else if( $(kzR{kz.json,Event-Name}) == "authn_resp" ) {