Share an auth session between multiple dialogs/regc

[jwes]

For Accounts that establish a lot of dialogs it may be beneficial to reuse a already established Authorization.
To achieve this, the account was extended to store a shared pjsip_auth_clt_sess and this is set on the relevant dialogs.

This patch adds PJSIP_SHARED_AUTH_SESSION to enable this behavior in the account and to extend the relevant api.

[CLAassistant]

All committers have signed the CLA.

[nanangizz]

No iteration to lookup the matched realm & algorithm_type on parent?
(Or perhaps recursive call to self like in auth_find_cred())

[sauwming]

I like the feature and I prefer a runtime option in pjsua_acc_config rather than a compile-time option (so you can get rid of all those annoying #ifdef).

But don't do any modifications yet, let's hear first what others think about this.

[nanangizz]

I like the feature and I prefer a runtime option in pjsua_acc_config rather than a compile-time option (so you can get rid of all those annoying #ifdef).

But don't do any modifications yet, let's hear first what others think about this.

Sounds like a good idea!

[jwes]

I like the feature and I prefer a runtime option in pjsua_acc_config rather than a compile-time option (so you can get rid of all those annoying #ifdef).

But don't do any modifications yet, let's hear first what others think about this.

yeah, that sounds good. I wasn't sure if that feature should be available without compile option, so i used a conservative approach

[jwes]

is there something i need to do regarding the failed checks?

[sauwming]

I'm currently working on the fix on #4263.
Just waiting for the CI test there to complete and then I'll merge to master.

[sauwming]

You can merge the master branch to fix the failed tests.

[jwes]

i just wanted to switch to an config parameter.
If i move it to the account config, it seems, that i need to set it up on acc_modify.

Is it safe to call pjsip_auth_ctl_deinit in acc_modify, since it releases a pool, that it did not create itself?

[sauwming]

I don't understand the purpose of doing so, but I don't think you should call auth_clt_deinit() in acc_modify().
But anyway, you can proceed with what you think is best and we'll review it later.

[nanangizz]

Generally looks okay to me, perhaps a few touch-ups may improve it a bit, for example:

• for efficiency, only parent auth sess needs lock, alternative approach from top of my head:
  • configurable via option param of auth_sess_init()
  • make a new API such as auth_sess_set_parent(), this way the lock can be created for parent only & app does not need to do the locking.
• improve docs, e.g: May need to have PJSIP_AUTH_AUTO_SEND_NEXT, shouldn't it be required as it is the main purpose of this feature? As otherwise it will always wait for 401/407.
• somehow lock/unlock return code check seems to reduce readibility a bit, unless expecting issues (e.g: race between destroy & lock/unlock), we don't usually check it :)
• column width limit (80 chars).

If you want, we can do the above directly in the PR branch.

[sauwming]

The CI tests, despite being restarted several times, seem to consistently fail at the same test. Not sure if this is caused by this change, though

[jwes]

merged the master again, maybe that fixes something?