Apologies for the incorrect subject: in the last message! James. On 3 September 2014 11:40, James Coleman <[email protected] > wrote:
> Can sprout Authentication Vector expiry time be configured? > > REGISTERS are working for me but always doing: > REGISTER(old nonce), 401(new nonce), REG(new nonce), 200 > Better if the REGISTER with old nonce received 200 ok. > > Client register expiry time is 300secs and I expect re-register in about > half that time 150secs. > Actually I see it done usually at 120secs.. > > When sprout stores AV it sets expiry time of 40 secs. > Is there a way to make this configurable ? > > Related to this issue: > https://github.com/Metaswitch/sprout/issues/631 > Interaction between retries and lifetime of authentication vectors #631 > > I'm using clearwater core very latest version of sprout. > > > REGISTER: > > av lookup fails, new nonce generated and sent in 401 > > sas log: > > Sending set request to memcached for key > av\\[email protected]\4004d09d384c1db8 > with CAS 0, due to expire in 40 seconds > Authentication vector store operation "SET" succeeded for private ID: " > [email protected]" > > sprout log storing av: > > 03-09-2014 09:32:05.332 Debug avstore.cpp:66: Set AV for +353868048905 > @openims.test\4004d09d384c1db8 > > {"branch":"z9hG4bKPjLygX0lknmf9QgMJrhhSh.ixyrvIsXISm","digest":{"ha1":"15e8b7d22896cca7eee4ccee1b54fafb","qop":"auth","realm":"openims.test"}} > > 03-09-2014 09:32:05.332 Debug memcachedstore.cpp:449: Writing 143 bytes to > table av key [email protected]\4004d09d384c1db8, CAS = 0, expiry > = 40 > 03-09-2014 09:32:05.332 Debug memcachedstore.cpp:260: Key av\\ > [email protected]\4004d09d384c1db8 hashes to vbucket 121 via > hash 0x8cb74a79 > 03-09-2014 09:32:05.332 Debug memcachedstore.cpp:468: 1 write replicas for > key av\\[email protected]\4004d09d384c1db8 > 03-09-2014 09:32:05.332 Debug memcachedstore.cpp:506: Attempt conditional > write to replica 0 (connection 0x7f5eb0005070), CAS = 0 > 03-09-2014 09:32:05.332 Debug memcachedstore.cpp:537: Conditional write > succeeded to replica 0 > 03-09-2014 09:32:05.333 Debug authentication.cpp:400: Sending {"impi": " > [email protected]", "impu": "sip:[email protected]", > "nonce": "4004d09d384c1db8"} to Chronos to set AV timer > > REGISTER 401 (with that nonce) > > REGISTER (with that nonce) > > Authorization: Digest username="[email protected]", > realm="openims.test", nonce="4004d09d384c1db8", uri="sip:openims.test", > response="0ba4c065381e956e27a9905f792fe115", algorithm=MD5, > cnonce="45FJbw8WAicWcQZYYw.kd6hA16u2Y3d8", opaque="0f1b63cc0cf9b299", > qop=auth, nc=00000001 > > > sprout log showing av read, and av written again > > 03-09-2014 09:32:05.448 Debug pjsip: sip_endpoint.c Distributing rdata to > modules: Request msg REGISTER/cseq=27433 (rdata0x7f5ebca51038) > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:260: Key av\\ > [email protected]\4004d09d384c1db8 hashes to vbucket 121 via > hash 0x8cb74a79 > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:304: 1 read replicas for > key av\\[email protected]\4004d09d384c1db8 > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:337: Attempt to read from > replica 0 (connection 0x7f5e9c2b1450) > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:343: Fetch result > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:351: Found record on > replica 0 > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:400: Read 143 bytes from > table av key [email protected]\4004d09d384c1db8, CAS = 52640 > 03-09-2014 09:32:05.448 Debug avstore.cpp:105: Retrieved AV for > [email protected]\4004d09d384c1db8 > > {"branch":"z9hG4bKPjLygX0lknmf9QgMJrhhSh.ixyrvIsXISm","digest":{"ha1":"15e8b7d22896cca7eee4ccee1b54fafb","qop":"auth","realm":"openims.test"}} > > 03-09-2014 09:32:05.448 Debug authentication.cpp:531: Verify > authentication information in request > 03-09-2014 09:32:05.448 Debug authentication.cpp:147: Digest specified > 03-09-2014 09:32:05.448 Debug authentication.cpp:247: Found Digest HA1 = > 15e8b7d22896cca7eee4ccee1b54fafb > 03-09-2014 09:32:05.448 Debug authentication.cpp:537: Request > authenticated successfully > 03-09-2014 09:32:05.448 Debug avstore.cpp:66: Set AV for > [email protected]\4004d09d384c1db8 > > {"branch":"z9hG4bKPjLygX0lknmf9QgMJrhhSh.ixyrvIsXISm","digest":{"ha1":"15e8b7d22896cca7eee4ccee1b54fafb","qop":"auth","realm":"openims.test"},"tombstone":"true"} > > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:449: Writing 162 bytes to > table av key [email protected]\4004d09d384c1db8, CAS = 52640, > expiry = 40 > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:260: Key > av\\[email protected]\4004d09d384c1db8 hashes to vbucket 121 via > hash 0x8cb74a79 > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:468: 1 write replicas for > key av\\[email protected]\4004d09d384c1db8 > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:506: Attempt conditional > write to replica 0 (connection 0x7f5e9c2b1450), CAS = 52640 > 03-09-2014 09:32:05.448 Debug memcachedstore.cpp:537: Conditional write > succeeded to replica 0 > > > 30 secs later: the 40?30 sec timer expires > > 03-09-2014 09:32:35.348 Verbose httpstack.cpp:258: Process request for URL > /authentication-timeout, args (null) > 03-09-2014 09:32:35.348 Debug memcachedstore.cpp:260: Key > av\\[email protected]\4004d09d384c1db8 hashes to vbucket 121 via > hash 0x8cb74a79 > 03-09-2014 09:32:35.348 Debug memcachedstore.cpp:304: 1 read replicas for > key av\\[email protected]\4004d09d384c1db8 > 03-09-2014 09:32:35.348 Debug memcachedstore.cpp:337: Attempt to read from > replica 0 (connection 0x7f5ec4010ae0) > 03-09-2014 09:32:35.348 Debug memcachedstore.cpp:343: Fetch result > 03-09-2014 09:32:35.349 Debug memcachedstore.cpp:351: Found record on > replica 0 > 03-09-2014 09:32:35.349 Debug memcachedstore.cpp:400: Read 162 bytes from > table av key [email protected]\4004d09d384c1db8, CAS = 52641 > 03-09-2014 09:32:35.349 Debug avstore.cpp:105: Retrieved AV for > [email protected]\4004d09d384c1db8 > > {"branch":"z9hG4bKPjLygX0lknmf9QgMJrhhSh.ixyrvIsXISm","digest":{"ha1":"15e8b7d22896cca7eee4ccee1b54fafb","qop":"auth","realm":"openims.test"},"tombstone":"true"} > > > 120 secs later REGISTER (with that old nonce): and av not found > > 03-09-2014 09:34:35.596 Debug pjsip: sip_endpoint.c Distributing rdata to > modules: Request msg REGISTER/cseq=27434 (rdata0x7f5ebca51038) > 03-09-2014 09:34:35.596 Debug memcachedstore.cpp:260: Key > av\\[email protected]\4004d09d384c1db8 hashes to vbucket 121 via > hash 0x8cb74a79 > 03-09-2014 09:34:35.596 Debug memcachedstore.cpp:304: 1 read replicas for > key av\\[email protected]\4004d09d384c1db8 > 03-09-2014 09:34:35.596 Debug memcachedstore.cpp:337: Attempt to read from > replica 0 (connection 0x7f5f0408be40) > 03-09-2014 09:34:35.596 Debug memcachedstore.cpp:343: Fetch result > 03-09-2014 09:34:35.596 Debug memcachedstore.cpp:373: Read for > av\\[email protected]\4004d09d384c1db8 on replica 0 returned > NOTFOUND > 03-09-2014 09:34:35.596 Debug memcachedstore.cpp:413: At least one replica > returned not found, so return NOT_FOUND > 03-09-2014 09:34:35.596 Debug authentication.cpp:531: Verify > authentication information in request > 03-09-2014 09:34:35.596 Warning authentication.cpp:205: Received an > authentication request for [email protected] with nonce > 4004d09d384c1db8, but no matching AV found > 03-09-2014 09:34:35.596 Debug acr.cpp:48: Created ACR (0x7f5f043306f0) > 03-09-2014 09:34:35.596 Debug authentication.cpp:650: No authentication > information in request or stale nonce, so reject with challenge > > > sas log: > > Authorization: Digest username="[email protected]", > realm="openims.test", nonce="4004d09d384c1db8", uri="sip:openims.test", > response="c81a61682f82b938ffa2d0e1d2171335", algorithm=MD5, > cnonce="45FJbw8WAicWcQZYYw.kd6hA16u2Y3d8", opaque="0f1b63cc0cf9b299", > qop=auth, nc=00000002 > > Sending get request to memcached for key > av\\[email protected]\4004d09d384c1db8 > with CAS Liquid error: StandardError > Memcached get request found no data for key av\\[email protected] > \195ecbba1e9bd612 > > > -- <http://www.golgi.io/> <https://www.linkedin.com/company/openmind-networks?trk=fc_badge> <https://twitter.com/Openmind_Ntwks> <http://openmindnetworks.com> _______________________________________________ Clearwater mailing list [email protected] http://lists.projectclearwater.org/listinfo/clearwater
