On Thu, Jul 1, 2010 at 3:30 PM, Juha Heinanen jh@tutpro.com wrote:
Juha Heinanen writes:
i see that this thing in the code builds the challenge (p-a header):
if (ret < 0) { if (auth_api.build_challenge(msg, (cred ? cred->stale : 0), realm, NULL, NULL, hftype) < 0) { ERR("Error while creating challenge\n"); ret = -2; }
is there a way to prevent p-a header from being added to reply in case after proxy_authorize failure i want to reply with "403 Forbidden" instead of "407 Proxy Authentication Required"?
jan,
i was able to figure this out. auth_api.build_challenge stores the header in a variable that defaults to $digest_challenge. however, when i write in config file as you suggested:
if (defined $digest_challenge && $digest_challenge != "") { append_to_reply("%$digest_challenge"); }; send_reply("407", "Proxy Authentication Required");
i get these errors to syslog:
Jul 1 22:24:54 localhost /usr/sbin/sip-proxy[26750]: ERROR: <core> [mod_fix.c:246]: Cannot convert function parameter 1 to0 Jul 1 22:24:54 localhost /usr/sbin/sip-proxy[26750]: ERROR: <core> [route.c:1088]: fixing failed (code=-1) at cfg:/etc/sip-proxy/sip-proxy.cfg:1019 Jul 1 22:24:54 localhost /usr/sbin/sip-proxy[26750]: ERROR: <core> [route.c:1088]: fixing failed (code=-1) at cfg:/etc/sip-proxy/sip-proxy.cfg:1020 Jul 1 22:24:54 localhost /usr/sbin/sip-proxy[26750]: ERROR: <core> [route.c:1088]: fixing failed (code=-1) at cfg:/etc/sip-proxy/sip-proxy.cfg:1023 Jul 1 22:24:54 localhost /usr/sbin/sip-proxy[26750]: ERROR: <core> [route.c:1088]: fixing failed (code=-1) at cfg:/etc/sip-proxy/sip-proxy.cfg:1042
what does % mean in "%$digest_challenge"?
Ohh, that is the syntax used by the xlog module. Behind the scenes, the function append_to_reply calls a function from xlog module to expand variable names in the string to corresponding values and then the resulting string is appended to the reply.
Please load the xlog module and try again. I realize that requiring xlog module for this type of stuff isn't particularly nice, but it is a temporary solution until we have support for real "formatted" strings, i.e., strings where occurrences of variables, PVs and selects will be expanded transparently.
-Jan