From 3fff8d01d96ced87a2b2fb051a72e1946217cee6 Mon Sep 17 00:00:00 2001
From: Lukasz Kotasa <lukasz.kotasa@genexis.eu>
Date: Thu, 29 May 2025 10:43:57 +0200
Subject: [PATCH] Disable registrar after 5 failed attempts to register, REF
16825
Field 'deactivated' in struct ast_sip_endpoint introduced.
Commands enhanced:
pjsip show endpoint **XY - added `deactivated` value in a list
pjsip show endpoints - "Tmp disabled" showed in State
---
include/asterisk/res_pjsip.h | 2 ++
res/res_pjsip/pjsip_configuration.c | 6 ++++--
res/res_pjsip/pjsip_distributor.c | 5 +++++
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/include/asterisk/res_pjsip.h b/include/asterisk/res_pjsip.h
index 92b712536b..5a23861d25 100644
--- a/include/asterisk/res_pjsip.h
+++ b/include/asterisk/res_pjsip.h
@@ -1113,6 +1113,8 @@ struct ast_sip_endpoint {
pjsip_auth_clt_sess auth_sess_inv;
ast_mutex_t auth_sess_reg_lock;
ast_mutex_t auth_sess_inv_lock;
+ /* Deactivated endpoint flag */
+ unsigned int deactivated;
};
struct pjsip_register_dest {
diff --git a/res/res_pjsip/pjsip_configuration.c b/res/res_pjsip/pjsip_configuration.c
index e9bba44565..b86359fb75 100644
--- a/res/res_pjsip/pjsip_configuration.c
+++ b/res/res_pjsip/pjsip_configuration.c
@@ -2033,7 +2033,7 @@ static int cli_endpoint_print_body(void *obj, void *arg, int flags)
ast_str_append(&context->output_buffer, 0, "%*s: %-*.*s %-12.12s %d of %.0f\n",
indent, "Endpoint",
flexwidth, flexwidth, print_name ? print_name : id,
- ast_sip_get_device_state(endpoint),
+ endpoint->deactivated == 1 ? "Tmp disabled" : ast_sip_get_device_state(endpoint),
endpoint_snapshot->num_channels,
(double) endpoint->devicestate_busy_at ? endpoint->devicestate_busy_at :
INFINITY
@@ -2094,7 +2094,7 @@ static char *cli_pjsip_reload(struct ast_cli_entry *e, int cmd, struct ast_cli_a
return CLI_FAILURE;
}
- // reload endpoint's call_waiting_enabled value
+ // reload endpoint's `call_waiting_enabled` value and clear `deactivated` value
char *cat = NULL;
struct ast_variable *v;
while ((cat = ast_category_browse(cfg, cat))) {
@@ -2103,6 +2103,7 @@ static char *cli_pjsip_reload(struct ast_cli_entry *e, int cmd, struct ast_cli_a
cat);
return CLI_FAILURE;
}
+ endpoint->deactivated = 0;
v = ast_variable_browse(cfg, cat);
while (v) {
if (!strcasecmp(v->name, "call_waiting_enabled")) {
@@ -2357,6 +2358,7 @@ int ast_res_pjsip_initialize_configuration(void)
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "send_aoc", "no", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, send_aoc));
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "Emergency", "false", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, Emergency));
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "max_sessions", __stringify(DEFAULT_MAX_SESSIONS_PER_CLIENT), OPT_UINT_T, 0, FLDSET(struct ast_sip_endpoint, max_sessions));
+ ast_sorcery_object_field_register(sip_sorcery, "endpoint", "deactivated", "false", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, deactivated));
if (ast_sip_initialize_sorcery_transport()) {
ast_log(LOG_ERROR, "Failed to register SIP transport support with sorcery\n");
diff --git a/res/res_pjsip/pjsip_distributor.c b/res/res_pjsip/pjsip_distributor.c
index 4e9cb4e2be..064be61cc2 100644
--- a/res/res_pjsip/pjsip_distributor.c
+++ b/res/res_pjsip/pjsip_distributor.c
@@ -895,6 +895,10 @@ static pj_bool_t authenticate(pjsip_rx_data *rdata)
return PJ_FALSE;
}
+ /* silently reject registration if endpoint is deactivated */
+ if (endpoint->deactivated)
+ return PJ_TRUE;
+
if (ast_sip_requires_authentication(endpoint, rdata)) {
pjsip_tx_data *tdata;
struct unidentified_request *unid;
@@ -923,6 +927,7 @@ static pj_bool_t authenticate(pjsip_rx_data *rdata)
struct pjsip_status_line status = tdata->msg->line.status;
/* IPX101 */
ast_log_dt(LOG_EVENT_CODE_IPX101, (int) client_uri->user.slen, client_uri->user.ptr, status.code, (int) client_uri->host.slen, client_uri->host.ptr);
+ endpoint->deactivated = 1;
if (pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL) != PJ_SUCCESS) {
pjsip_tx_data_dec_ref(tdata);
}
--
GitLab