[SR-Users] during registration nonce expired, after backwards time shift

Vasiliy Ganchev vasiliy.ganchev at wildix.com
Wed Sep 2 16:08:40 CEST 2015 

Hi!

Tested with this part:
+		/* if current time is less than start time, reset the start time 
+            	(e.g., after start, the system clock was set in the past) */ 
+        	t=time(0); 
+        	if (t < up_since) 
+			up_since = t;
+		return 4; 

Works as is expected (one iteration return nonce expired, and after start OK
working).

One more point:
the output of /kamcmd core.uptime / always return time up_since in future.

kamcmd core.uptime
/{
	now: Wed Sep  2 16:04:18 2015

	up_since: Wed Sep  2 18:00:08 2015

	uptime: -6950
}/


Do not understand how (mostly even why) to use this:
/ since >= t and don't 'return 4' in that case. /
Such check is part of next step in the nonce.c

cheers


Daniel-Constantin Mierla-6 wrote
> Hello,
> 
> good that you revived the thread, it got out of my sight being
> distracted by other stuff.
> 
> I think that check has to be kept there, because it covers some
> situations that can appear after restart, so removing it completely
> won't be safe.
> 
> It can be a solution to reset up_since in this case, if time(0) is lower
> than up_since, like:
> 
>     if (unlikely(since < up_since)) {
>         /* if valid_since time is time pointing before ser was started
>          * then we consider nonce as stalled.
>            It may be the nonce generated by previous ser instance having
>            different length (for example because of different auth.
>            checks)..  Therefore we force credentials to be rebuilt by UAC
>            without prompting for password */
> 
>         /* if current time is less than start time, reset the start time
>             (e.g., after start, the system clock was set in the past) */
>         t=time(0);
>         if(t<up_since) up_since=t;
> 
>         return 4;
>     }
> 
> Can you test with this change and see if it works as expected for you?
> 
> There will be a failed iteration, but then it should recover for that
> process. it may actually be even better to test if since >= t and don't
> 'return 4' in that case.
> 
> Cheers,
> Daniel
> On 01/09/15 16:49, Vasiliy Ganchev wrote:
>> Hi Daniel!
>>
>> Any comments/idea about my last answer?
>>
>> cheers
>>
>>
>>
>> --
>> View this message in context:
>> http://sip-router.1086192.n5.nabble.com/during-registration-nonce-expired-after-backwards-time-shift-tp140536p140945.html
>> Sent from the Users mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> 

> sr-users at .sip-router

>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> 
> -- 
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
> Book: SIP Routing With Kamailio - http://www.asipto.com
> 
> 
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list

> sr-users at .sip-router

> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users





--
View this message in context: http://sip-router.1086192.n5.nabble.com/during-registration-nonce-expired-after-backwards-time-shift-tp140536p140969.html
Sent from the Users mailing list archive at Nabble.com.

More information about the sr-users mailing list