On Thursday 01 July 2010, Ján ONDREJ (SAL) wrote:
ok, i'll change it in the code.
Thank you.
Hello Jan,
Even if it's better, it still don't work for me.
Here is what is logged in log:
0(1515) DEBUG: uac [auth_hdr.c:409]: hdr is <Authorization: Digest username="xxxx07500", realm="BroadWorks", nonce="BroadWorksXgb3lz7xdT18h03wBW", uri="sip:09xxxxxxxx@as.vvn.xxxxxx;user=phone", qop=auth, nc=00000001, cnonce="629288560", response="96cc89eca0eb44624e6572e6f6545dcc", algorithm=MD5
But I con't find any response in ACK packet send to our provider:
the response should be included in the second INVITE (or the message that was challenged).
U xxx.xxx.137.250:5060 -> xxx.xxx.xxx.20:5060 SIP/2.0 401 Unauthorized. Via: SIP/2.0/UDP xxx.xxx.xxx.20;branch=z9hG4bK2e5.758ec977.0. Via: SIP/2.0/UDP xxx.xxx.10.10;branch=z9hG4bK9270d540C0C4209D. From: "Ondrej Jan" sip:xxxxxxx@as.vvn.xxxxxxx;tag=56FAB897-DD2E3AD2. To: sip:09xxxxxxxxx@as.vvn.xxxxxx;user=phone;tag=860899010-1277989544929. CSeq: 2 INVITE. Call-ID: 754f437b-41f09f61-7b255ff4@xxx.xxx.10.10. WWW-Authenticate: DIGEST realm="BroadWorks",qop="auth",algorithm=MD5,nonce="BroadWorksXgb3lz7xdT18h0 3wBW". Content-Length: 0. .
# U xxx.xxx.xxx.20:5060 -> xxx.xxx.137.250:5060 ACK sip:09xxxxxxxx@as.vvn.xxxxxxx;user=phone SIP/2.0. Via: SIP/2.0/UDP xxx.xxx.xxx.20;branch=z9hG4bK2e5.758ec977.0. From: "Ondrej Jan" sip:xxxxxx505@as.vvn.xxxxxx;tag=56FAB897-DD2E3AD2. To: sip:09xxxxxxxx@as.vvn.xxxxx;user=phone;tag=860899010-1277989544929. CSeq: 2 ACK. Call-ID: 754f437b-41f09f61-7b255ff4@xxx.xxx.10.10. Max-Forwards: 68. Content-Length: 0. .
Is something wrong in my configuration? How these authenticate packets should look?
I never used uac_auth() so far, but normally you send a request like an INVITE to the host, its then challenged with e.g. a 401 including a nonce and some other parameters, you ACK it, and then you re-send the request with the added credentials.
May be problem is, that I need to subst some strings in routed packets, because they need special username and they require to send their domain in From and To headers. Is this my problem? What should I search for in my logs?
Maybe the target do some comparisons on the credentials (like username, realm) and the From header? Are you able to login with a normal user agent (e.g. softphone) on the target if you just route the request through your proxy and do the same header modifications?
Regards,
Henning