[SR-Users] auth_challenge() and async
Alex Balashov
abalashov at evaristesys.com
Mon Dec 12 21:45:36 CET 2022
Hi,
Is there any good solution for the scenario of an auth_challenge() with two separate transaction suspensions?
To clarify (simplified):
request_route {
...
t_newtran();
if(!is_present_hf("Authorization") && !is_present_hf("Proxy-Authorization")) {
auth_challenge("$fd", "1");
exit;
}
# TM suspend/continue
t_newtran();
async credentials query("RESUME_AUTH");
}
route[RESUME_AUTH] {
# Credentials received into PVs.
if(!pv_auth_check("...")) {
auth_challenge("$fd", "1");
exit;
}
# Create transaction shell if not exists already from auth query.
if(!t_lookup_request())
t_newtran();
# TM suspend/continue
async route query("RESUME_ROUTING");
}
route[RESUME_ROUTING] {
# Unmarshal etc.
t_relay(); # etc.
}
What happens here is that the first auth_challenge() results in a retransmission of its 407 challenge without absorbing the negative ACK. This is despite the ostensibly stateful behaviour of auth_challenge() without "force_stateless_reply" enabled.
In this case, it eclipses the second, unrelated 407 challenge from the subsequent routing query (407 challenge with +1 CSeq):

-- Alex
--
Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20221212/ee463dfe/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2022-12-12 at 3.44.15 PM.jpeg
Type: image/jpeg
Size: 68840 bytes
Desc: not available
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20221212/ee463dfe/attachment.jpeg>
More information about the sr-users
mailing list