Hi

Still searching on that one. My guess now is that I am receiving another 401 because the CSEQ does not get incremented.

INVITE cseq 102--->
<---- 401 (with nonce) cseq 102
ACK cseq 102 --->

INVITE ---> with correct nonce & response, I've recalculated the response, it is ok -- cseq 102
<--- 401 (with new nonce) cseq 102
ACK -->cseq 102

I think the 2nd exchange should have a cseq of 103 or higher. 

How can I increase it ?

J.

// Here is the section  generating the reply with the wrong cseq

if(t_check_status("401|407")) {
        $avp(auser) = "test";
        $avp(apass) = "test";
        uac_auth();
        t_relay();
        exit;
}





On Tue, Sep 26, 2017 at 11:02 AM, Jean Cérien <cerien.jean@gmail.com> wrote:

Thanks - I've done some progress - I've hard coded temporarily the user, pass & realm, and authentication goes out now.

However, the provider is answering with a 401 & a new nonce.

here is what I have 

INVITE --->
<---- 401 (with nonce)
ACK --->
INVITE ---> with correct nonce & response, I've recalculated the response, it is ok
<--- 401 (with new nonce)
ACK -->

When I configure another box with a plain asterisk and same credentials, the call goes through fine - so it is not because my ip is wrong or not whitelisted. 

Why would the remote send me a 401 ??? I've tried to contact them but no answer

J.


On Tue, Sep 26, 2017 at 10:03 AM, Daniel Tryba <d.tryba@pocos.nl> wrote:
On Tue, Sep 26, 2017 at 09:36:19AM -0400, Jean Cérien wrote:
> I've inserted the following block on the failure route:
>         if (t_check_status("401|407")) {
>                 xlog("L_INFO","failure_route(ROUTEFAIL) @@ call to
> uac_auth()\n");
>                 uac_auth();
>                 t_relay();
>                 exit;
>         }

Unlike when calling uac_reg_request_to, you'll have to fill the
auth_*_avp pvs yourself. So in the example you have to fill $avp(auser)
and $avp(apass).

modparam("uac","auth_username_avp","$avp(auser)")
modparam("uac","auth_password_avp","$avp(apass)")
modparam("uac","auth_realm_avp","$avp(arealm)")

...

if(t_check_status("401|407")) {
        $avp(auser) = "test";
        $avp(apass) = "test";
        uac_auth();
        t_relay();
        exit;
}

So next problem is how to get those credentials. You already know the
user making the call. So either have a custom query to a custom table
(sqlops/avpops) to retrieve the external user/pass for current user, or
try to store that information with the subscriber data (saw some
suggestions for this a while back on the list).



_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users