Daniel-Constantin Mierla said:
On 7/10/12 11:50 AM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
t_relay() is one of the functions to sent the request further.
I mean how set next hop not to final destination, but to auth_proxy?
I've tried to use uacreg sql table and uac_reg_request_to, but there was some problems:
- in uac_reg_request_to with mode 1 mistake (it found credentials only
if l_uuid==l_username) i've opened ticket on bugtracker http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139... 2) uac_reg_request_to changes uri in request and instead INVITE sip:B@othersip.com makes INVITE sip:AA@hisserver.com if comment out snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", reg->r_username.len, reg->r_username.s, reg->r_domain.len, reg->r_domain.s); and so on seems working, but I'm don't sure that such modification don't break something else (pretty sure that breaks, but don't know where exactly :) 3)uacreg table loaded on startup, and AFAIK there is no way to modify it dynamically, so if you change something in this table you MUST restart kamailio (not convinient) I've tried to make RPC for adding new record in htable (using reg_ht_add()), but it returns error and in log I can see ERROR: uac [uac_reg.c:313]: no more shm
If you have a lot of records, you need to allocate more shared memory, via -m command line parameter.
19 records in table -OK 1 record in table and try to add using RPC (self modified uac_reg.c) - no more shm. I think than there is not shortage of shared memory, but something forgotten in function for RPC. Here is src
static void rpc_uac_reg_add(rpc_t* rpc, void* ctx) { reg_uac_t reg ; str l_uuid, l_username, l_domain, r_username, r_domain, realm, auth_username, auth_password, auth_proxy; int expire;
if(_reg_htable==NULL) { rpc->fault(ctx, 500, "Not enabled"); return; }
if (rpc->scan(ctx, "SSSSSSSSSd", &l_uuid, &l_username, &l_domain, &r_username, &r_domain, &realm, &auth_username, &auth_password, &auth_proxy, &expire) < 0) { return; } memset(®, 0, sizeof(reg_uac_t));; /* check for NULL values ?!?! */ reg.l_uuid=l_uuid; reg.l_username=l_username; reg.l_domain=l_domain; reg.r_username=r_username; reg.r_domain=r_domain; reg.realm=realm; reg.auth_username=auth_username; reg.auth_password=auth_password; reg.auth_proxy=auth_proxy; reg.expires = expire;
if(reg_ht_add(®)<0) { rpc->fault(ctx, 500, "Error adding reg to htable"); return; }
}
uacreg is to register for incoming calls, it is not used for authentication of outgoing calls. Use uac_auth() instead, as I said in previous email.
I'll try.
Cheers, Daniel
-- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw