GREAT
that's exactly was I was thinking at (shame on me for not having searched the tracker nor the online doc which IS updated for devel section)
Tnx for help
Regards
Anatoly Pidruchny ha scritto:
Please take a look at this patch: http://sourceforge.net/tracker/index.php?func=detail&aid=1693132&gro...
This patch was uploaded into the trunk. This patch allows to check the reason why the www/proxy_authorize function fails. It now returns the following negative codes:
-1 - non existent user; -2 - invalid passwd -3 - stale nonce -4 - no credentials -5 - error
You can use "switch" and "$retval" to test the return code in your script.
It does not look like the documentation was updated though to include this information.
Anatoly.
Ok, that's how I did
if (!proxy_authorize("exorsa", "openser_view")) { if(search("Proxy-Authorization")) { xlog("L_ERR", "REGISTER: Auth error from - $au"); } proxy_challenge("exorsa", "0"); exit; }
so, if the packet contains credentials but they're wrong the attempt is logged
Now I'm facing the following problem... When the nonce axpires and the client reREGISTER the packet will contain wrong credential and the UA is challenged again.
This way that's logged as a bad authentication
I also tried to do
if(search("Proxy-Authorization")) { if(!registered("location")) { xlog("L_ERR", "REGISTER: Auth error from - $au"); } }
...but without good results....
Any idea ?
Tnx in advance
Edoardo
Iñaki Baz Castillo ha scritto:
El Monday 13 August 2007 22:11:34 Edoardo Serra escribió:
Hi all, I'd like to log failed SIP REGISTER attempt either with xlog or with sip_trace() but I cannot understand where to put related code to catch the authentication error
With XLOG is easy :)
Here is the part of my opensr.cfg dedicated to REGISTER handling
if (method=="REGISTER") { if (!proxy_authorize("exorsa", "openser_view")) {
xlog("L_INFO", "REGISTER: auth required\n");
proxy_challenge("exorsa", "0"); exit; } if (!check_to()) {
xlog("L_WARN", "REGISTER: !check_to()\n");
sl_send_reply("403", "Digest username and URI username
do NOT match! Stay away!"); exit; }
xlog("L_INFO", "REGISTER: authorized\n");
save("location"); exit;
};
Regards.
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users