Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Share an auth session between multiple dialogs/regc #4262

Merged
merged 9 commits into from
Feb 3, 2025
Merged

Share an auth session between multiple dialogs/regc #4262

merged 9 commits into from
Feb 3, 2025
+186 −6

Conversation

jwes
Copy link
Contributor

@jwes jwes commented Jan 22, 2025

For Accounts that establish a lot of dialogs it may be beneficial to reuse a already established Authorization.
To achieve this, the account was extended to store a shared pjsip_auth_clt_sess and this is set on the relevant dialogs.

This patch adds PJSIP_SHARED_AUTH_SESSION to enable this behavior in the account and to extend the relevant api.

jwes added 2 commits January 21, 2025 09:23
@jwes
Use shared pjsip_auth_clt_sess to reuse headers in multipe dialogs

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode
248a272 
To reduce the network load in scenarios where multiple SUBSCRIBE dialogs are used,
one can enable PJSIP_SHARED_AUTH_SESSION to allow setting a pjsip_auth_clt_sess for the dialogs.

This session will then be in charge of handling all auth requests.
@jwes
use shared auth session for pjsua_account
Loading
Loading status checks…
f696171 
when PJSIP_SHARED_AUTH_SESSION is enabled, the account will try to reuse authorization
headers.
@CLAassistant
Copy link

CLAassistant commented Jan 22, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

@sauwming sauwming requested a review from nanangizz January 23, 2025 03:13
@sauwming
Copy link
Member

I like the feature and I prefer a runtime option in pjsua_acc_config rather than a compile-time option (so you can get rid of all those annoying #ifdef).

But don't do any modifications yet, let's hear first what others think about this.

@sauwming sauwming self-requested a review January 23, 2025 07:58
@nanangizz
Copy link
Member

I like the feature and I prefer a runtime option in pjsua_acc_config rather than a compile-time option (so you can get rid of all those annoying #ifdef).

But don't do any modifications yet, let's hear first what others think about this.

Sounds like a good idea!

@jwes
Copy link
Contributor Author

jwes commented Jan 23, 2025

I like the feature and I prefer a runtime option in pjsua_acc_config rather than a compile-time option (so you can get rid of all those annoying #ifdef).

But don't do any modifications yet, let's hear first what others think about this.

yeah, that sounds good. I wasn't sure if that feature should be available without compile option, so i used a conservative approach

@jwes
Copy link
Contributor Author

jwes commented Jan 23, 2025

is there something i need to do regarding the failed checks?

@sauwming
Copy link
Member

I'm currently working on the fix on #4263.
Just waiting for the CI test there to complete and then I'll merge to master.

@sauwming
Copy link
Member

You can merge the master branch to fix the failed tests.

@jwes
Copy link
Contributor Author

jwes commented Jan 24, 2025
edited
Loading

i just wanted to switch to an config parameter.
If i move it to the account config, it seems, that i need to set it up on acc_modify.

Is it safe to call pjsip_auth_ctl_deinit in acc_modify, since it releases a pool, that it did not create itself?

@sauwming
Copy link
Member

I don't understand the purpose of doing so, but I don't think you should call auth_clt_deinit() in acc_modify().
But anyway, you can proceed with what you think is best and we'll review it later.

jwes added 2 commits January 24, 2025 08:36
@jwes
applied review remarks
b3b847e 
* use lock of parent instead of lock child lock.
* recusively call parent in auth_find_cred
@jwes
remove ifdef, instead add account config parameter
Loading
Loading status checks…
6c1406f 
Instead of an compile time option to share the authorization headers, the pjsua acc can be
configured to reuse the headers.
@nanangizz
Copy link
Member

Generally looks okay to me, perhaps a few touch-ups may improve it a bit, for example:

  • for efficiency, only parent auth sess needs lock, alternative approach from top of my head:
    • configurable via option param of auth_sess_init()
    • make a new API such as auth_sess_set_parent(), this way the lock can be created for parent only & app does not need to do the locking.
  • improve docs, e.g: May need to have PJSIP_AUTH_AUTO_SEND_NEXT, shouldn't it be required as it is the main purpose of this feature? As otherwise it will always wait for 401/407.
  • somehow lock/unlock return code check seems to reduce readibility a bit, unless expecting issues (e.g: race between destroy & lock/unlock), we don't usually check it :)
  • column width limit (80 chars).

If you want, we can do the above directly in the PR branch.

@jwes
review remarks
Loading
Loading status checks…
39c454d 
* improved comments
* line width
* create lock only in parent
* removed lock/unlock status tests
sauwming
sauwming reviewed Jan 29, 2025
View reviewed changes
jwes added 2 commits January 29, 2025 06:31
@jwes
renamed shared_auth to use_shared_auth
Loading
Loading status checks…
32679a9 
in pjsua2 it is now called useSharedAuth

also: improved some comments
@jwes
reverted out of scope correction
Loading
Loading status checks…
1459cdf
@sauwming
Copy link
Member

The CI tests, despite being restarted several times, seem to consistently fail at the same test. Not sure if this is caused by this change, though

@jwes
Copy link
Contributor Author

jwes commented Jan 31, 2025

merged the master again, maybe that fixes something?

@sauwming sauwming added this to the release-2.16 milestone Feb 3, 2025
@sauwming sauwming merged commit 986fc78 into pjsip:master Feb 3, 2025
34 of 41 checks passed
trengginas added a commit that referenced this pull request Feb 13, 2025
@trengginas
Squashed commit of the following:
Loading
Loading status checks…
da00a83 
commit 1e2f121
Author: sauwming <[email protected]>
Date:   Thu Feb 13 10:30:58 2025 +0800

    Fixed CI Mac failure (#4304)

commit 10b4d30
Author: sauwming <[email protected]>
Date:   Thu Feb 13 09:06:54 2025 +0800

    Audio and video stream refactoring (#4300)

commit 6cbf0e6
Author: Riza Sulistyo <[email protected]>
Date:   Wed Feb 12 15:23:37 2025 +0700

    Check if ice strans is valid before using it to send (#4301)

commit fdd4041
Author: Maciej Lisowski <[email protected]>
Date:   Tue Feb 11 12:48:17 2025 +0100

    Add missing OnTimerParam import in Android Example (#4299)

commit 4ded10f
Author: sauwming <[email protected]>
Date:   Fri Feb 7 13:27:00 2025 +0800

    Fixed msg_data assertion in pjsua_acc_send_request() API (#4298)

commit 65c4bc9
Author: sauwming <[email protected]>
Date:   Fri Feb 7 07:18:22 2025 +0800

    Fix pjsua sample app user agent (#4296)

commit c53ace9
Author: sauwming <[email protected]>
Date:   Fri Feb 7 07:18:09 2025 +0800

    Fixed Java make clean error (#4297)

commit e6196ad
Author: LeonidGoltsblat <[email protected]>
Date:   Fri Feb 7 02:15:10 2025 +0300

    Aligned memory allocation (#4277)

    * aligned memory allocaion

    * Fix alt API implementations (PJ_HAS_POOL_ALT_API)

    * pool test: add testing for bug in pj_pool_allocate_find with big alignment, and refactor to use unit test API

    * misc fixes on code review

    * pool_dbg alignment support + incompatible tests disabled for PJ_HAS_POOL_ALT_API

    ---------

    Co-authored-by: bennylp <[email protected]>

commit 2fff775
Author: sauwming <[email protected]>
Date:   Thu Feb 6 13:11:01 2025 +0800

    Add API to register custom SDP comparison callback (#4286)

commit 99b4d1e
Author: sauwming <[email protected]>
Date:   Thu Feb 6 13:10:38 2025 +0800

    Fixed issue with SDP version when reoffer is rejected (#4289)

commit 0252152
Author: Benny Prijono <[email protected]>
Date:   Thu Feb 6 11:09:20 2025 +0700

    Use cirunner to capture and analyze GitHub action CI crash (#4288)

    * Windows runner implementation

    * Set timeout

    * Remove initial implementation of ci-runner here (it is on separate repo now)

    * Remove crash handling (-n) in main.c of unit tests

    * Install cirunner to CI workflows

    * Adding crash to timestamp test

    * Fix missing cirunner in one of the job

    * Reinstall core_pattern on Linux

    * Removed intentional crash in timestamp_test()

    * Upload program and core dump on crash

    * Add crash code in uri_test.c

    * Removed injected crash in uri_test. Disable stdout/stderr buffering for unit tests

    * Minor: remove space left out by previous clean up

commit 3fcce51
Author: sauwming <[email protected]>
Date:   Wed Feb 5 11:43:27 2025 +0800

    Fixed OpenSSL log error reading cert (#4291)

commit cbfbbc4
Author: jimying <[email protected]>
Date:   Wed Feb 5 11:03:53 2025 +0800

    iocp: fix crash, GetQueuedCompletionStatus() write freed WSAOVERLAPPED memory (#4136)

commit 205baf0
Author: sauwming <[email protected]>
Date:   Tue Feb 4 17:04:25 2025 +0800

    Fixed warnings in sip auth client (#4287)

commit abffe0d
Author: sauwming <[email protected]>
Date:   Tue Feb 4 08:38:55 2025 +0800

    Fixed CI test failure (#4284)

commit 986fc78
Author: Johannes <[email protected]>
Date:   Mon Feb 3 08:31:28 2025 +0100

    Share an auth session between multiple dialogs/regc (#4262)

commit 46111c4
Author: Nanang Izzuddin <[email protected]>
Date:   Mon Feb 3 11:36:54 2025 +0700

    Best effort avoid crash when media transport adapter not using group lock (#4281)

commit f986ad8
Author: Benny Prijono <[email protected]>
Date:   Fri Jan 31 09:45:19 2025 +0700

    Add link to coding style documentation (#4280)

commit 727ee32
Author: Nanang Izzuddin <[email protected]>
Date:   Fri Jan 31 09:08:02 2025 +0700

    Fix build error when PJ_LOG_MAX_LEVEL is zero (#4279)

    The `pj_log_get_log_func()` is not defined when PJ_LOG_MAX_LEVEL is set to zero.

    Thanks to Giorgio Alfarano for the report.

commit dae52f6
Author: Perry Ismangil <[email protected]>
Date:   Thu Jan 30 08:43:54 2025 +0000

    Fixing typo (#4274)

    Acoustic

commit 1a4cd67
Author: sauwming <[email protected]>
Date:   Thu Jan 30 15:21:49 2025 +0800

    Modify iOS sample apps dev team ID (#4278)

commit dfcfa13
Author: Tarteszeus <[email protected]>
Date:   Thu Jan 30 02:42:36 2025 +0100

    Add queried names to server address record, and add the address record in parameter for on_verify_cb callback (#4256)

commit f9e56d8
Author: Jan Tojnar <[email protected]>
Date:   Wed Jan 29 07:42:18 2025 +0100

    Fix duplicate function name in 100rel docs (#4275)

commit 960597e
Author: Nanang Izzuddin <[email protected]>
Date:   Wed Jan 29 13:36:34 2025 +0700

    Various works on SWIG Java (#4273)

    * Various works on SWIG Java

    1. Fix type mapping (SWIGTYPE_*):
       a. Map C "void*" & "void**" to Java long (was SWIGTYPE_p_void & SWIGTYPE_p_p_void which are not really usable), this should fix #4242.
       b. Map pjmedia_aud_dev_index to int.
       c. Map unsigned char[20] for SslCertInfo.serialNo to Java "short array"

       This also updates pjsua.i, e.g: tab->space, reorder things.

    2. Update swig_java_pjsua2.vcxproj:
       a. Rename config "Debug" & "Release" to "Debug-Dynamic" & "Release-Dynamic" in , as the project actually builds dynamic libs. Also fix the property sheet dependencies from *-static to *-dynamic.
       b. Update other settings, e.g: built tool version from 140 to 143.

    3. Update symbols.lst: added missing new types, tab->space, reorder alphabetically.

    * Update ci-win.yml
    * Add sample code for passing user data using utilTimerSchedule()
    * Add sample for cancelling timer

commit c36ed2c
Author: Benny Prijono <[email protected]>
Date:   Tue Jan 28 16:58:55 2025 +0700

    Minor modifications to Android build and samples to match new documentation (#4271)

    * To streamline the command, also clean swig and pjsua jni output directories when make distclean and realclean is called

    * Kotlin sample: add account, modify video size and bandwidth, and audio codec priorities to use AMR-WB

    * Android CLI app: fix armeabi hardcoded arch and also copy stdc++.so

commit bab33d6
Author: Noel Morgan <[email protected]>
Date:   Tue Jan 28 01:51:50 2025 -0600

    Added support for updated RFC7866 content-type sub type with XML extension (#4270)

commit a89917e
Author: sauwming <[email protected]>
Date:   Fri Jan 24 14:49:59 2025 +0800

    OpenSSL: Set ciphersuites only if not using BoringSSL (#4269)

commit 377a80c
Author: Nanang Izzuddin <[email protected]>
Date:   Fri Jan 24 13:48:31 2025 +0700

    Fix various compile errors & warnings in MSVC2005 (#4268)

commit de3f2e1
Author: sauwming <[email protected]>
Date:   Fri Jan 24 10:20:28 2025 +0800

    Set CI vars in GH workflow file (#4263)

commit cdb1294
Author: sauwming <[email protected]>
Date:   Thu Jan 23 11:01:27 2025 +0800

    Various fixes for Apple SSL backend (#4257)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sauwming sauwming

@nanangizz nanangizz

Assignees
No one assigned
Labels
component: pjsip type: enhancement
Projects
None yet
Milestone
release-2.16
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@jwes @CLAassistant @sauwming @nanangizz