Why not just authenticate on Kamailio in that case?Also, be aware that the Authorization Username ($au) is included in SIP digest authentication. $au and $fu aren't necessarily the same, but on most end points the default is to use the same value for both. If you manipulate $fu or $au it may cause auth issues.On Thu, Mar 31, 2016 at 9:49 AM, Alberto Sagredo <alberto.sagredo@avanzada7.com> wrote:Hi Marrold. I want to authenticate user on Kamailio but want Asterisk to see them registered with kamailio ip as contact.I making also some manipulations in $fu as users are different (emp_xxx_ext) in kamailio than in Asterisk xxx_extThanks2016-03-31 10:48 GMT+02:00 Marrold <kamailio@marrold.co.uk>:Why not just relay the registration messages to Asterisk itself? What's the use case?CheersOn Thu, Mar 31, 2016 at 9:34 AM, Alberto Sagredo <alberto.sagredo@avanzada7.com> wrote:_______________________________________________HiIm trying to modify example for Asterisk/Kamailio integration that miconda did, and trying to handle Forwarded register to Asterisk in an authenticated way instead removing secret in asterisk.I have made this changesroute[REGFWD] {
if(!is_method("REGISTER"))
{
return;
}
$var(rip) = $var(astip);
$uac_req(method)="REGISTER";
$uac_req(ruri)="sip:" + $var(rip) + ":" + $var(astport);
$uac_req(furi)="sip:" + $(au{s.substr,8,0}) + "@" + $var(rip);
$uac_req(turi)="sip:" + $(au{s.substr,8,0}) + "@" + $var(rip);
$uac_req(hdrs)="Contact: <sip:" + $au + "@"
+ $sel(cfg_get.kamailio.bindip)
+ ":" + $sel(cfg_get.kamailio.bindport) + ">\r\n";
if($sel(contact.expires) != $null)
$uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $sel(contact.expires) + "\r\n";
else
$uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $hdr(Expires) + "\r\n";
xlog("Dentro de REGFWD");
t_on_failure("REG_AST");
uac_req_send();
}
failure_route[REG_AST] {
if (t_is_canceled()) {
exit;
}
xlog("Dentro de REG AST");
if(t_check_status("401|407")) {
xlog("Dentro de 401");
$avp(auser) = "test";
$avp(apass) = "test";
uac_auth();
t_relay();
exit;
}
}
What i see on traces:
U x.x.x..240:5060 -> x.x.x..56:5060
REGISTER sip:x.x.x.56:5060 SIP/2.0.
Via: SIP/2.0/UDP x.x.x.240;branch=z9hG4bKfb46.a47535d4000000000000000000000000.0.
To: <sip:200@x.x.x.56>.
From: <sip:200@x.x.x.56>;tag=533cb9e91f4b999cf76861cbb9ed54ed-6a4f.
CSeq: 10 REGISTER.
Call-ID: 09dc120d65932ed7-16044@127.0.0.1.
Max-Forwards: 70.
Content-Length: 0.
User-Agent: ANY.
Contact: <sip:emp_001_200@x.x.x.240:5060>.
Expires: 3600.
.
#
U x.x.x.56:5060 -> x.x.x..240:5060
SIP/2.0 401 Unauthorized.
Via: SIP/2.0/UDP x.x.x..240;branch=z9hG4bKfb46.a47535d4000000000000000000000000.0;received=x.x.x..240;rport=5060.
From: <sip:200@x.x.x.56>;tag=533cb9e91f4b999cf76861cbb9ed54ed-6a4f.
To: <sip:200@x.x.x.56>;tag=as62b47138.
Call-ID: 09dc120d65932ed7-16044@127.0.0.1.
CSeq: 10 REGISTER.
Server: FPBX-2.11.0(11.17.1).
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE.
Supported: replaces, timer.
WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="59e39692".
Content-Length: 0.
.
But Kamailio is not sending authentication .Any idea what could be wrong? Or any tip to do what i try.The idea is that a sip endpoint register with authentication on kamailio and it sends register with authentication to asterisk.Thanks in advance
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users