You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Installed new kamailio 5.3, setting the uac module to register trunk.
The trunk has been added to the Mysql with an open password (or use ha1).
When try to register and send authorization data, the provider's server always gives a 403 error.
After the analysis, I found that the kamailio sends an incorrect hash in response header.
(paste your debugging data here)
(paste your log messages here)
Provider send "407 Proxy Authentication Required":
Proxy-Authenticate: Digest nonce="MTU3MTY5Mzg2MTrbrxRPWP0AIkC7fowq+nZn",
opaque="MTU3MTY5Mzg2MTrbrxRPWP0AIkC7fowq+nZn",
algorithm=md5,
realm="BREDBAND",
qop="auth"
Kamailio send new "Register":
Proxy-Authorization: Digest username="79205615793",
realm="BREDBAND",
nonce="MTU3MTY5Mzg2MTrbrxRPWP0AIkC7fowq+nZn",
uri="sip:sbc.megafon.ru",
opaque="MTU3MTY5Mzg2MTrbrx
WP0AIkC7fowq+nZn",
qop=auth,
nc=00000001,
cnonce="3335441185",
response="395830e40a92fd7d4564d82dfab1dac0", algorithm=MD5
If you calculate the hash manually:
Correct response: "2cee0f5a35c0e4831455496ce040eaf4"
Problem with code in auth_alg.c.
He tries to verify that there is an encrypted password, even if it is not set in the database. Next, an uncorrect calculation of the hash for the answer 401 occurs. If you remove the block
if(UAC_FLCRED_HA1 & UAC_FLCRED_HA1) {
memcpy(sess_key, crd->passwd.s, HASHHEXLEN);
sess_key[HASHHEXLEN] = '\0';
if ( auth->flags& AUTHENTICATE_MD5SESS ) {
cvt_bin(sess_key, HA1);
} else {
return;
}
Password registration works.
Maybe there are 2 problems. He constantly tries to calculate the hash for ha1 password (if used open password), and if it is, then the function cvt_bin incorrectly considers it.
kamailio -v kamailio 5.3.0 (x86_64/linux) 4cc67a
Linux refs4 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24) x86_64 GNU/Linux
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.