[SR-Users] auth_ephemeral too noisy
Juha Heinanen
jh at tutpro.com
Wed Feb 27 07:30:29 CET 2019
Henning Westerholt writes:
> > I did some tests with auth_ephemeral. When timestamp has expired, I get
> > to syslog
> >
> > Feb 23 03:53:05 char /usr/bin/sip-proxy[31758]: WARNING: auth_ephemeral
> > [authorize.c:205]: autheph_verify_timestamp(): username has expired Feb 23
> > 03:53:05 char /usr/bin/sip-proxy[31758]: ERROR: auth_ephemeral
> > [authorize.c:260]: digest_authenticate(): invalid timestamp in username
> >
> > In my opinion, the WARNING is enough and the ERROR message should be
> > removed. ERROR is when an error happens. There is no error here, just
> > an expired timestamp.
>
> Hi Juha,
>
> sounds indeed too noisy, should be changed in the code.
I looked at the code and in addition to removing the above error
message, it would be appropriate to define in api.h a new
auth_cfg_result constant similar to AUTH_STALE_NONCE, such as
AUTH_EXPIRED, and return it instead of AUTH_ERROR when the timestamp has
expired.
-- Juha
More information about the sr-users
mailing list