here is the output from the log file of the test user:
2(2744) DEBUG: db_postgres [km_dbase.c:224]: sending query ok: 10046f6d0 (7) - [select password from subscriber where username='test' AND domain='akanvoice.com'] 2(2744) DEBUG: <core> [db_res.c:118]: allocate 48 bytes for result set at 10049a018 2(2744) DEBUG: db_postgres [km_dbase.c:521]: 10046f6d0 PQresultStatus(PGRES_TUPLES_OK) PQgetResult(1008b7e50) 2(2744) DEBUG: db_postgres [km_res.c:108]: 1 columns returned from the query 2(2744) DEBUG: <core> [db_res.c:155]: allocate 8 bytes for result names at 100499f28 2(2744) DEBUG: <core> [db_res.c:165]: allocate 4 bytes for result types at 100499f40 2(2744) DEBUG: db_postgres [km_res.c:126]: allocate 16 bytes for RES_NAMES[0] at 100499f58 2(2744) DEBUG: db_postgres [km_res.c:133]: RES_NAMES(100499f58)[0]=[password] 2(2744) DEBUG: db_postgres [km_res.c:166]: use DB1_STRING result type 2(2744) DEBUG: db_postgres [km_res.c:222]: allocate for 1 columns 8 bytes in row buffer at 100499f78 2(2744) DEBUG: <core> [db_res.c:184]: allocate 16 bytes for rows at 100499f90 2(2744) DEBUG: db_postgres [km_res.c:243]: PQgetvalue(10046f6d0,0,0)=[test1234] 2(2744) DEBUG: db_postgres [km_res.c:252]: [0][0] Column[password]=[test1234] 2(2744) DEBUG: <core> [db_row.c:119]: allocate 32 bytes for row values at 100499fb0 2(2744) DEBUG: <core> [db_val.c:117]: converting STRING [test1234] 2(2744) DEBUG: <core> [db_val.c:127]: allocate 9 bytes memory for STRING at 100499fe0 2(2744) DEBUG: db_postgres [km_res.c:267]: freeing row buffer at 100499f78 2(2744) DEBUG: db_postgres [km_dbase.c:393]: PQclear(1008b7e50) result set 2(2744) DEBUG: auth [api.c:211]: check_response: Our result = '1793af7ca4c2a2feb31410fb6c113695' 2(2744) DEBUG: auth [api.c:221]: check_response: Authorization failed 2(2744) DEBUG: <core> [db_res.c:81]: freeing 1 columns 2(2744) DEBUG: <core> [db_res.c:85]: freeing RES_NAMES[0] at 100499f58 2(2744) DEBUG: <core> [db_res.c:94]: freeing result names at 100499f28 2(2744) DEBUG: <core> [db_res.c:99]: freeing result types at 100499f40 2(2744) DEBUG: <core> [db_res.c:54]: freeing 1 rows 2(2744) DEBUG: <core> [db_row.c:68]: free VAL_STRING[0] 'test1234' at 100499fe0 2(2744) DEBUG: <core> [db_row.c:97]: freeing row values at 100499fb0 2(2744) DEBUG: <core> [db_res.c:62]: freeing rows at 100499f90 2(2744) DEBUG: <core> [db_res.c:136]: freeing result set at 10049a018 2(2744) ERROR: *** cfgtrace: c=[/opt/kamailio-3.3/etc/kamailio/kamailio.cfg] l=730 a=27 n=auth_challenge 2(2744) DEBUG: auth [challenge.c:128]: build_challenge_hf: realm='akanvoice.com' 2(2744) DEBUG: auth [challenge.c:270]: auth: 'WWW-Authenticate: Digest realm="akanvoice.com", nonce="UFzRV1Bc0CunOjSLvAkebJwYzCBSBRYH"
Thanks
Nathaniel On 9/21/12 8:15 AM, Daniel-Constantin Mierla wrote:
Hello,
On 9/21/12 2:43 PM, Nathaniel L Keeling III wrote:
Yes, the password column of the subscriber's table contains the plain text password. Should the calculated HA1 string match the HA1 value in the database?
no, if clear text password is used, the ha1 column is not important at all.
If you work with default config, it's really strange, I tested and all goes fine. Can you add a temporary account with a simple username/password to be sure no typo can happen and test again?
Cheers, Daniel
Thanks
Nathaniel
On 9/21/12 2:21 AM, Daniel-Constantin Mierla wrote:
Hello,
this requires the plain text password to be in the column 'password' of the subscriber table, do you have it? I am asking because many people keep only ha1/ha1b.
Cheers, Daniel
On 9/21/12 2:35 AM, Nathaniel L Keeling III wrote:
Here is the parameters for auth_db:
modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", MULTIDOMAIN)
This is the default config file with just setting the DBURL, IP address, port and the defines.
Thanks
Nathaniel
On 9/19/12 1:45 AM, Daniel-Constantin Mierla wrote:
Hello,
can you paste the module parameters for auth and auth_db module? Or check the combination of password column and calculate_ha1 are ok.
I guess you are using your custom configuration file, maybe you can give a quick test with default configuration just to see if the passwords match.
Cheers, Daniel
On 9/18/12 4:58 PM, Nathaniel L Keeling III wrote:
Hello,
we are testing the new version of Kamailio, 3.3 and are getting authentication error when trying to register a sip account. We have a db backend in which we used kamctl to add the user to the db. We are using the kamailio.cfg script created during the install with changes for our environment. Is there some other changes required besides the normal. I can see in the logs where everything looks ok except for when it compares the calculated values. I have doubled check the subscriber table and password but to no avail.
11(28548) DEBUG: db_postgres [km_dbase.c:393]: PQclear(1008b8560) result set 11(28548) DEBUG: auth_db [authorize.c:124]: HA1 string calculated: e13d569284e76a33ca63e4d6203f844a 11(28548) DEBUG: auth [api.c:211]: check_response: Our result = '18210b5da2b3d27e6ba50977072599ea' 11(28548) DEBUG: auth [api.c:221]: check_response: Authorization failed
Thanks
Nathaniel
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users