Daniel-Constantin Mierla said:
On 7/10/12 12:14 PM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
On 7/10/12 11:50 AM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
*http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
t_relay() is one of the functions to sent the request further.
I mean how set next hop not to final destination, but to auth_proxy?
I've tried to use uacreg sql table and uac_reg_request_to, but there was some problems:
- in uac_reg_request_to with mode 1 mistake (it found credentials
only if l_uuid==l_username) i've opened ticket on bugtracker http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139... 2) uac_reg_request_to changes uri in request and instead INVITE sip:B@othersip.com makes INVITE sip:AA@hisserver.com if comment out snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", reg->r_username.len, reg->r_username.s, reg->r_domain.len, reg->r_domain.s); and so on seems working, but I'm don't sure that such modification don't break something else (pretty sure that breaks, but don't know where exactly :) 3)uacreg table loaded on startup, and AFAIK there is no way to modify it dynamically, so if you change something in this table you MUST restart kamailio (not convinient) I've tried to make RPC for adding new record in htable (using reg_ht_add()), but it returns error and in log I can see ERROR: uac [uac_reg.c:313]: no more shm
If you have a lot of records, you need to allocate more shared memory, via -m command line parameter.
19 records in table -OK 1 record in table and try to add using RPC (self modified uac_reg.c) - no more shm.
can you set debug=3 in you config file, try again and send all log messages of the operation here?
debug=4
kamctl sercmd uac.reg_add 1 2 3 4 5 6 7 8 sip:85.132.76.182:36999 100 database engine 'DB_BERKELEY' loaded Control engine 'FIFO' loaded entering ser_cmd uac.reg_add 1 2 3 4 5 6 7 8 sip:85.132.76.182:36999 100 error: 500 - Error adding reg to htable
in log:
Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [../../io_wait.h:390]: DBG: io_watch_add(0x7fc0e9310680, 15, 3, 0x2066670), fd_no=1 Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [io_listener.c:453]: handle_stream read: new connection (1) on /tmp/kamailio_ctl Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: ERROR: uac [uac_reg.c:313]: no more shm Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [io_listener.c:506]: handle_stream read: eof on /tmp/kamailio_ctl Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [../../io_wait.h:617]: DBG: io_watch_del (0x7fc0e9310680, 15, -1, 0x10) fd_no=2 called
uac_reg.c is modified, so line 313 in it is not exist in distribution sources. there is
nr = (reg_uac_t*)shm_malloc(sizeof(reg_uac_t) + len); if(nr==NULL) { LM_ERR("no more shm\n");// 313 is here! return -1; }
the full source of function in previous message.
Cheers, DAniel
-- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw