SIP Autentication Failed

List overview All Threads
Download

newer

older

kamailio print log message

how to generate kamailio user...

Bruno Henrique Gomes Gouvêa

4 Mar 2016 4 Mar '16

10:17 p.m.

Hello, First excuse any mistakes in English. I'm working on a platform that makes use of integrated Kamailio with asterisk (Elastix mt). This platform allows the login of my SIP clients via the extension number and the client's domain, where the kamailio after authentication change the username to sip EXTENSION + _ + DOMAIN (expected by Asterisk) and sends to the asterisk. I need the client can also send the sip user in standard EXTENSION + _ + DOMAIN, for it changed the view subscriber to also return a username record in the format that the softphone is sending, but the platform still seems not authenticate the REGISTER using new way functions in auth_check ("$ FD", "subscriber", "0") and auth_challenge ("$ FD", "0"). Thus works: Login: 101 Domain/server: pabx999999.ligou.me Password: PASSWORD_PLAIN This way does not work: Login: 101_pabx999999.ligou.me Domain/server: pabx999999.ligou.me Password: PASSWORD_PLAIN Already got a good look at the documentation and could not find the problem, could give me some help? Kamailio.cfg: http://pasted.co/db8fb3a2 Execution debug log: http://pasted.co/49bfe5bf Contents view subscriber: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1 | ha1b | +-----------------------------+---------------------+---------------+------+ | admin | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | adminIM | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 101 | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 103 | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 103IM | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | admin_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | adminIM_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 101_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 103_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 103IM_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | -------------------------------------------- Bruno H. G. Gouvêa ---

Attachments:

attachment.html (text/html — 3.8 KB)

Show replies by date

Daniel-Constantin Mierla

7 Mar 7 Mar

7:52 a.m.

Hello, run kamailio with debug=3 in kamailio.cfg and you should see more log messages that should give you more hints about what happens there. If you can't sort them out, send the log messages during the processing of the register to the mailing list and we will look at them and provide guidelines. Cheers, Daniel On 04/03/16 22:17, Bruno Henrique Gomes Gouvêa wrote:

...

Hello, First excuse any mistakes in English. I'm working on a platform that makes use of integrated Kamailio with asterisk (Elastix mt). This platform allows the login of my SIP clients via the extension number and the client's domain, where the kamailio after authentication change the username to sip EXTENSION + _ + DOMAIN (expected by Asterisk) and sends to the asterisk. I need the client can also send the sip user in standard EXTENSION + _ + DOMAIN, for it changed the view subscriber to also return a username record in the format that the softphone is sending, but the platform still seems not authenticate the REGISTER using new way functions in auth_check ("$ FD", "subscriber", "0") and auth_challenge ("$ FD", "0"). Thus works: Login: 101 Domain/server: pabx999999.ligou.me <http://pabx999999.ligou.me> Password: PASSWORD_PLAIN This way does not work: Login: 101_pabx999999.ligou.me <http://101_pabx999999.ligou.me> Domain/server: pabx999999.ligou.me <http://pabx999999.ligou.me> Password: PASSWORD_PLAIN Already got a good look at the documentation and could not find the problem, could give me some help? Kamailio.cfg: http://pasted.co/db8fb3a2 Execution debug log: http://pasted.co/49bfe5bf Contents view subscriber: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1 | ha1b | +-----------------------------+---------------------+---------------+------+ | admin | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | adminIM | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 101 | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103 | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103IM | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | admin_pabx999999.ligou.me <http://admin_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | adminIM_pabx999999.ligou.me <http://adminIM_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 101_pabx999999.ligou.me <http://101_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103_pabx999999.ligou.me <http://103_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103IM_pabx999999.ligou.me <http://103IM_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | -------------------------------------------- Bruno H. G. Gouvêa --- _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users(a)lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, March 7-9, 2016 - http://www.asipto.com

Bruno Henrique Gomes Gouvêa

5:10 p.m.

Hello, Thanks for the reply. Debug log: http://pasted.co/63d576ae -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br http://ligou.me --- Bruno H. G. Gouvêa Tel.: (31)99554646 --- 2016-03-04 18:17 GMT-03:00 Bruno Henrique Gomes Gouvêa < brunohenriquebh(a)gmail.com>gt;:

...

Daniel-Constantin Mierla

8:42 p.m.

Hello, can you look at the SIP traffic and see if the realm parameter for authrozation is matching what you have in the config. The logs messages show: Mar 7 10:59:13 p /usr/sbin/kamailio[29558]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=27 n=auth_check Mar 7 10:59:13 p /usr/sbin/kamailio[29558]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me] table [subscriber] flags [0] Mar 7 10:59:13 p /usr/sbin/kamailio[29558]: DEBUG: auth [api.c:86]: pre_auth(): auth:pre_auth: Credentials with realm 'pabx999999.ligou.me' not found Mar 7 10:59:13 p /usr/sbin/kamailio[29558]: DEBUG: auth_db [authorize.c:252]: digest_authenticate_hdr(): no credentials Meaning that headers with expected realm were not found. You can eventually make available the output of ngrep for a registration exposing the issue. Cheers, Daniel On 07/03/16 17:10, Bruno Henrique Gomes Gouvêa wrote:

...

Hello, Thanks for the reply. Debug log: http://pasted.co/63d576ae -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br <http://cibercloud.com.br/> http://ligou.me <http://ligou.me/> --- Bruno H. G. Gouvêa Tel.: (31)99554646 <tel:%2831%2999554646> --- 2016-03-04 18:17 GMT-03:00 Bruno Henrique Gomes Gouvêa <brunohenriquebh(a)gmail.com <mailto:brunohenriquebh@gmail.com>>: Hello, First excuse any mistakes in English. I'm working on a platform that makes use of integrated Kamailio with asterisk (Elastix mt). This platform allows the login of my SIP clients via the extension number and the client's domain, where the kamailio after authentication change the username to sip EXTENSION + _ + DOMAIN (expected by Asterisk) and sends to the asterisk. I need the client can also send the sip user in standard EXTENSION + _ + DOMAIN, for it changed the view subscriber to also return a username record in the format that the softphone is sending, but the platform still seems not authenticate the REGISTER using new way functions in auth_check ("$ FD", "subscriber", "0") and auth_challenge ("$ FD", "0"). Thus works: Login: 101 Domain/server: pabx999999.ligou.me <http://pabx999999.ligou.me> Password: PASSWORD_PLAIN This way does not work: Login: 101_pabx999999.ligou.me <http://101_pabx999999.ligou.me> Domain/server: pabx999999.ligou.me <http://pabx999999.ligou.me> Password: PASSWORD_PLAIN Already got a good look at the documentation and could not find the problem, could give me some help? Kamailio.cfg: http://pasted.co/db8fb3a2 Execution debug log: http://pasted.co/49bfe5bf Contents view subscriber: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1 | ha1b | +-----------------------------+---------------------+---------------+------+ | admin | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | adminIM | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 101 | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103 | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103IM | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | admin_pabx999999.ligou.me <http://admin_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | adminIM_pabx999999.ligou.me <http://adminIM_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 101_pabx999999.ligou.me <http://101_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103_pabx999999.ligou.me <http://103_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103IM_pabx999999.ligou.me <http://103IM_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | -------------------------------------------- Bruno H. G. Gouvêa --- _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users(a)lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, March 7-9, 2016 - http://www.asipto.com

Bruno Henrique Gomes Gouvêa

9:08 p.m.

...

_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing listsr-users@lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, March 7-9, 2016 - http://www.asipto.com _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users(a)lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

Daniel-Constantin Mierla

9:27 p.m.

...

Hello, I did a tcpdump as directed, the softphone I use to test (Zoiper) tries to send a register without authorization header when receiving sip 401, it sends a new register with the authorization headers. This second attempt to register is in the log and still does not allow the correct authentication. I took a look at the packet that kamailio is receiving and still could not find the problem, someone has idea? REGISTER sip: pabx999999.ligou.me <http://pabx999999.ligou.me>; transport = UDP SIP / 2.0 Via: SIP / 2.0 / UDP 189.13.125.28:49288;branch=z9hG4bK-d8754z-f96a8271ea34f240-1---d8754z- Max-Forwards: 70 Contact: <sip: 101_pabx999999.ligou.me(a)189.13.125.28 <mailto:101_pabx999999.ligou.me@189.13.125.28>: 49288; rinstance = 98fe0089b166bd85; transport = UDP> To: <sip: 101_pabx999999.ligou.me(a)pabx999999.ligou.me <mailto:101_pabx999999.ligou.me@pabx999999.ligou.me>; transport = UDP> From: <sip: 101_pabx999999.ligou.me(a)pabx999999.ligou.me <mailto:101_pabx999999.ligou.me@pabx999999.ligou.me>; transport = UDP>; tag = 9d3ef068 Call-ID: YWQ5YzU4ZTc4MGU5NWE3OGI3Y2U2YjdmZDA0YTFmZmE. CSeq: 3 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE Supported: replaces, norefersub, extended-refer, timer, X-cisco-serviceuri User-Agent: Z 3.6.25251 r25476 Authorization: Digest username="101_pabx999999.ligou.me <http://101_pabx999999.ligou.me>",realm="pabx999999.ligou.me <http://pabx999999.ligou.me>",nonce="Vt3evVbd3ZGT5CKFEKVFXx3NZHKisGcp",uri="sip:pabx999999.ligou.me <http://pabx999999.ligou.me>;transport=UDP",response="6b3a6709fa3ec3ad313811a704ffb6d9",algorithm=MD5 Allow-Events: presence, KPML Content-Length: 0 Thank you! -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br <http://cibercloud.com.br/> http://ligou.me <http://ligou.me/> --- Bruno H. G. Gouvêa Tel.: (31)99554646 <tel:%2831%2999554646> --- 2016-03-07 16:42 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com <mailto:miconda@gmail.com>>: Hello, can you look at the SIP traffic and see if the realm parameter for authrozation is matching what you have in the config. The logs messages show: Mar 7 10:59:13 p /usr/sbin/kamailio[29558]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=27 n=auth_check Mar 7 10:59:13 p /usr/sbin/kamailio[29558]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me <http://pabx999999.ligou.me>] table [subscriber] flags [0] Mar 7 10:59:13 p /usr/sbin/kamailio[29558]: DEBUG: auth [api.c:86]: pre_auth(): auth:pre_auth: Credentials with realm 'pabx999999.ligou.me <http://pabx999999.ligou.me>' not found Mar 7 10:59:13 p /usr/sbin/kamailio[29558]: DEBUG: auth_db [authorize.c:252]: digest_authenticate_hdr(): no credentials Meaning that headers with expected realm were not found. You can eventually make available the output of ngrep for a registration exposing the issue. Cheers, Daniel On 07/03/16 17:10, Bruno Henrique Gomes Gouvêa wrote:

Hello, Thanks for the reply. Debug log: http://pasted.co/63d576ae -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br <http://cibercloud.com.br/> http://ligou.me <http://ligou.me/> --- Bruno H. G. Gouvêa Tel.: (31)99554646 <tel:%2831%2999554646> --- 2016-03-04 18:17 GMT-03:00 Bruno Henrique Gomes Gouvêa <brunohenriquebh(a)gmail.com <mailto:brunohenriquebh@gmail.com>>: Hello, First excuse any mistakes in English. I'm working on a platform that makes use of integrated Kamailio with asterisk (Elastix mt). This platform allows the login of my SIP clients via the extension number and the client's domain, where the kamailio after authentication change the username to sip EXTENSION + _ + DOMAIN (expected by Asterisk) and sends to the asterisk. I need the client can also send the sip user in standard EXTENSION + _ + DOMAIN, for it changed the view subscriber to also return a username record in the format that the softphone is sending, but the platform still seems not authenticate the REGISTER using new way functions in auth_check ("$ FD", "subscriber", "0") and auth_challenge ("$ FD", "0"). Thus works: Login: 101 Domain/server: pabx999999.ligou.me <http://pabx999999.ligou.me> Password: PASSWORD_PLAIN This way does not work: Login: 101_pabx999999.ligou.me <http://101_pabx999999.ligou.me> Domain/server: pabx999999.ligou.me <http://pabx999999.ligou.me> Password: PASSWORD_PLAIN Already got a good look at the documentation and could not find the problem, could give me some help? Kamailio.cfg: http://pasted.co/db8fb3a2 Execution debug log: http://pasted.co/49bfe5bf Contents view subscriber: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1 | ha1b | +-----------------------------+---------------------+---------------+------+ | admin | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | adminIM | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 101 | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103 | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103IM | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | admin_pabx999999.ligou.me <http://admin_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | adminIM_pabx999999.ligou.me <http://adminIM_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 101_pabx999999.ligou.me <http://101_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103_pabx999999.ligou.me <http://103_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | | 103IM_pabx999999.ligou.me <http://103IM_pabx999999.ligou.me> | pabx999999.ligou.me <http://pabx999999.ligou.me> | PASSWORD_PLAIN| NULL | -------------------------------------------- Bruno H. G. Gouvêa --- _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users(a)lists.sip-router.org <mailto:sr-users@lists.sip-router.org> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- Daniel-Constantin Mierla http://twitter.com/#!/miconda <http://twitter.com/#%21/miconda> - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, March 7-9, 2016 - http://www.asipto.com _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users(a)lists.sip-router.org <mailto:sr-users@lists.sip-router.org> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, March 7-9, 2016 - http://www.asipto.com

Bruno Henrique Gomes Gouvêa

9:30 p.m.

Sorry, my mail client change text, correct is (without blank space): REGISTER sip:pabx999999.ligou.me;transport=UDP SIP/2.0 Via: SIP/2.0/UDP 189.13.125.28:49288 ;branch=z9hG4bK-d8754z-f96a8271ea34f240-1---d8754z- Max-Forwards: 70 Contact: <sip:101_pabx999999.ligou.me@189.13.125.28:49288 ;rinstance=98fe0089b166bd85;transport=UDP> To: <sip:101_pabx999999.ligou.me@pabx999999.ligou.me;transport=UDP> From: <sip:101_pabx999999.ligou.me@pabx999999.ligou.me ;transport=UDP>;tag=9d3ef068 Call-ID: YWQ5YzU4ZTc4MGU5NWE3OGI3Y2U2YjdmZDA0YTFmZmE. CSeq: 3 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE Supported: replaces, norefersub, extended-refer, timer, X-cisco-serviceuri User-Agent: Z 3.6.25251 r25476 Authorization: Digest username="101_pabx999999.ligou.me",realm=" pabx999999.ligou.me",nonce="Vt3evVbd3ZGT5CKFEKVFXx3NZHKisGcp",uri="sip: pabx999999.ligou.me ;transport=UDP",response="6b3a6709fa3ec3ad313811a704ffb6d9",algorithm=MD5 Allow-Events: presence, kpml Content-Length: 0 -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br http://ligou.me --- Bruno H. G. Gouvêa Tel.: (31)99554646 --- 2016-03-07 17:27 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com>om>:

...

Hello, have you mangled the sip message you pasted here? I see a white space in front of username in From/To headers, which can lead in mismatching the authentication username with caller id username. Cheers, Daniel On 07/03/16 21:08, Bruno Henrique Gomes Gouvêa wrote: Hello, I did a tcpdump as directed, the softphone I use to test (Zoiper) tries to send a register without authorization header when receiving sip 401, it sends a new register with the authorization headers. This second attempt to register is in the log and still does not allow the correct authentication. I took a look at the packet that kamailio is receiving and still could not find the problem, someone has idea? REGISTER sip: pabx999999.ligou.me; transport = UDP SIP / 2.0 Via: SIP / 2.0 / UDP 189.13.125.28:49288 ;branch=z9hG4bK-d8754z-f96a8271ea34f240-1---d8754z- Max-Forwards: 70 Contact: <sip: 101_pabx999999.ligou.me(a)189.13.125.28: 49288; rinstance = 98fe0089b166bd85; transport = UDP> To: <sip: 101_pabx999999.ligou.me(a)pabx999999.ligou.me; transport = UDP> From: <sip: 101_pabx999999.ligou.me(a)pabx999999.ligou.me; transport = UDP>; tag = 9d3ef068 Call-ID: YWQ5YzU4ZTc4MGU5NWE3OGI3Y2U2YjdmZDA0YTFmZmE. CSeq: 3 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE Supported: replaces, norefersub, extended-refer, timer, X-cisco-serviceuri User-Agent: Z 3.6.25251 r25476 Authorization: Digest username="101_pabx999999.ligou.me",realm=" pabx999999.ligou.me",nonce="Vt3evVbd3ZGT5CKFEKVFXx3NZHKisGcp",uri="sip: pabx999999.ligou.me ;transport=UDP",response="6b3a6709fa3ec3ad313811a704ffb6d9",algorithm=MD5 Allow-Events: presence, KPML Content-Length: 0 Thank you! -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br http://ligou.me --- Bruno H. G. Gouvêa Tel.: (31)99554646 --- 2016-03-07 16:42 GMT-03:00 Daniel-Constantin Mierla < <miconda(a)gmail.com> miconda(a)gmail.com>gt;:

Hello, First excuse any mistakes in English. I'm working on a platform that makes use of integrated Kamailio with asterisk (Elastix mt). This platform allows the login of my SIP clients via the extension number and the client's domain, where the kamailio after authentication change the username to sip EXTENSION + _ + DOMAIN (expected by Asterisk) and sends to the asterisk. I need the client can also send the sip user in standard EXTENSION + _ + DOMAIN, for it changed the view subscriber to also return a username record in the format that the softphone is sending, but the platform still seems not authenticate the REGISTER using new way functions in auth_check ("$ FD", "subscriber", "0") and auth_challenge ("$ FD", "0"). Thus works: Login: 101 Domain/server: pabx999999.ligou.me Password: PASSWORD_PLAIN This way does not work: Login: 101_pabx999999.ligou.me Domain/server: pabx999999.ligou.me Password: PASSWORD_PLAIN Already got a good look at the documentation and could not find the problem, could give me some help? Kamailio.cfg: <http://pasted.co/db8fb3a2>http://pasted.co/db8fb3a2 Execution debug log: <http://pasted.co/49bfe5bf> http://pasted.co/49bfe5bf Contents view subscriber: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1 | ha1b | +-----------------------------+---------------------+---------------+------+ | admin | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | adminIM | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 101 | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 103 | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 103IM | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | admin_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | adminIM_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 101_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 103_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | | 103IM_pabx999999.ligou.me | pabx999999.ligou.me | PASSWORD_PLAIN| NULL | -------------------------------------------- Bruno H. G. Gouvêa ---

-- Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, March 7-9, 2016 - http://www.asipto.com

Daniel-Constantin Mierla

8 Mar 8 Mar

7:34 a.m.

...

Sorry, my mail client change text, correct is (without blank space): REGISTER sip:pabx999999.ligou.me <http://pabx999999.ligou.me>;transport=UDP SIP/2.0 Via: SIP/2.0/UDP 189.13.125.28:49288;branch=z9hG4bK-d8754z-f96a8271ea34f240-1---d8754z- Max-Forwards: 70 Contact: <sip:101_pabx999999.ligou.me@189.13.125.28:49288;rinstance=98fe0089b166bd85;transport=UDP> To: <sip:101_pabx999999.ligou.me@pabx999999.ligou.me <mailto:sip%3A101_pabx999999.ligou.me@pabx999999.ligou.me>;transport=UDP> From: <sip:101_pabx999999.ligou.me@pabx999999.ligou.me <mailto:sip%3A101_pabx999999.ligou.me@pabx999999.ligou.me>;transport=UDP>;tag=9d3ef068 Call-ID: YWQ5YzU4ZTc4MGU5NWE3OGI3Y2U2YjdmZDA0YTFmZmE. CSeq: 3 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE Supported: replaces, norefersub, extended-refer, timer, X-cisco-serviceuri User-Agent: Z 3.6.25251 r25476 Authorization: Digest username="101_pabx999999.ligou.me <http://101_pabx999999.ligou.me>",realm="pabx999999.ligou.me <http://pabx999999.ligou.me>",nonce="Vt3evVbd3ZGT5CKFEKVFXx3NZHKisGcp",uri="sip:pabx999999.ligou.me <http://pabx999999.ligou.me>;transport=UDP",response="6b3a6709fa3ec3ad313811a704ffb6d9",algorithm=MD5 Allow-Events: presence, kpml Content-Length: 0 -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br <http://cibercloud.com.br/> http://ligou.me <http://ligou.me/> --- Bruno H. G. Gouvêa Tel.: (31)99554646 <tel:%2831%2999554646> --- 2016-03-07 17:27 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com <mailto:miconda@gmail.com>>: Hello, have you mangled the sip message you pasted here? I see a white space in front of username in From/To headers, which can lead in mismatching the authentication username with caller id username. Cheers, Daniel

-- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, March 7-9, 2016 - http://www.asipto.com

Bruno Henrique Gomes Gouvêa

9:27 a.m.

Hello, Here new debug: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=25 n=xlog Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: <script>: ==== handling REGISTER (MmQwNzk0ZGFlNjhkYzRkNWY5ZjNhNTk3MGRjZTk2MzE.) for authorization: Digest username="101_pabx999999.ligou.me",realm="pabx999999.ligou.me ",nonce="Vt6NklbejGavaQRaSAso12UuHhzekp65",uri="sip:pabx999999.ligou.me ;transport=UDP",response="09b0c6dbd9776505fd9592b224234033",algorithm=MD5 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=954 a=16 n=if Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=947 a=27 n=auth_check Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me] table [subscriber] flags [0] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth [api.c:96]: pre_auth(): auth: digest-algo: MD5 parsed value: 1 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:118]: db_new_result(): allocate 56 bytes for result set at 0x7fa80fa86148 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:63]: db_unixodbc_get_columns(): 1 columns returned from the query Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:155]: db_allocate_columns(): allocate 8 bytes for result names at 0x7fa80fa730a0 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:165]: db_allocate_columns(): allocate 4 bytes for result types at 0x7fa80fa72de8 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:80]: db_unixodbc_get_columns(): allocate 16 bytes for RES_NAMES[0] at 0x7fa80fa84400 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:100]: db_unixodbc_get_columns(): RES_NAMES(0x7fa80fa84400)[0]=[ha1] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:139]: db_unixodbc_get_columns(): use DB1_STRING result type Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user ' 101_pabx999999.ligou.me(a)pabx999999.ligou.me' Thank you. -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br http://ligou.me --- Bruno H. G. Gouvêa Tel.: (31)99554646 --- 2016-03-08 3:34 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com>om>:

...

Can you add next line before the execution of auth_check() in your config file: xlog("==== handling $rm ($ci) for authorization: $hdr(Authorization)\n"); Then test and send again the log messages. Cheers, Daniel On 07/03/16 21:30, Bruno Henrique Gomes Gouvêa wrote: Sorry, my mail client change text, correct is (without blank space): REGISTER sip:pabx999999.ligou.me;transport=UDP SIP/2.0 Via: SIP/2.0/UDP 189.13.125.28:49288 ;branch=z9hG4bK-d8754z-f96a8271ea34f240-1---d8754z- Max-Forwards: 70 Contact: <sip:101_pabx999999.ligou.me@189.13.125.28:49288;rinstance=98fe0089b166bd85;transport=UDP> To: <sip:101_pabx999999.ligou.me@pabx999999.ligou.me ;transport=UDP> From: <sip:101_pabx999999.ligou.me@pabx999999.ligou.me ;transport=UDP>;tag=9d3ef068 Call-ID: YWQ5YzU4ZTc4MGU5NWE3OGI3Y2U2YjdmZDA0YTFmZmE. CSeq: 3 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE Supported: replaces, norefersub, extended-refer, timer, X-cisco-serviceuri User-Agent: Z 3.6.25251 r25476 Authorization: Digest username="101_pabx999999.ligou.me",realm=" pabx999999.ligou.me",nonce="Vt3evVbd3ZGT5CKFEKVFXx3NZHKisGcp",uri="sip: pabx999999.ligou.me ;transport=UDP",response="6b3a6709fa3ec3ad313811a704ffb6d9",algorithm=MD5 Allow-Events: presence, kpml Content-Length: 0 -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br http://ligou.me --- Bruno H. G. Gouvêa Tel.: (31)99554646 --- 2016-03-07 17:27 GMT-03:00 Daniel-Constantin Mierla < <miconda(a)gmail.com> miconda(a)gmail.com>gt;:

-- Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, March 7-9, 2016 - http://www.asipto.com

Daniel-Constantin Mierla

4:36 p.m.

Hello, On 08/03/16 09:27, Bruno Henrique Gomes Gouvêa wrote:

...

Hello, Here new debug: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=25 n=xlog Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: <script>: ==== handling REGISTER (MmQwNzk0ZGFlNjhkYzRkNWY5ZjNhNTk3MGRjZTk2MzE.) for authorization: Digest username="101_pabx999999.ligou.me <http://101_pabx999999.ligou.me>",realm="pabx999999.ligou.me <http://pabx999999.ligou.me>",nonce="Vt6NklbejGavaQRaSAso12UuHhzekp65",uri="sip:pabx999999.ligou.me <http://pabx999999.ligou.me>;transport=UDP",response="09b0c6dbd9776505fd9592b224234033",algorithm=MD5 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=954 a=16 n=if Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=947 a=27 n=auth_check Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me <http://pabx999999.ligou.me>] table [subscriber] flags [0] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth [api.c:96]: pre_auth(): auth: digest-algo: MD5 parsed value: 1 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:118]: db_new_result(): allocate 56 bytes for result set at 0x7fa80fa86148 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:63]: db_unixodbc_get_columns(): 1 columns returned from the query Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:155]: db_allocate_columns(): allocate 8 bytes for result names at 0x7fa80fa730a0 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:165]: db_allocate_columns(): allocate 4 bytes for result types at 0x7fa80fa72de8 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:80]: db_unixodbc_get_columns(): allocate 16 bytes for RES_NAMES[0] at 0x7fa80fa84400 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:100]: db_unixodbc_get_columns(): RES_NAMES(0x7fa80fa84400)[0]=[ha1] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:139]: db_unixodbc_get_columns(): use DB1_STRING result type Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user '101_pabx999999.ligou.me(a)pabx999999.ligou.me <mailto:101_pabx999999.ligou.me@pabx999999.ligou.me>'

the last log message is now relevant, respectively: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user '101_pabx999999.ligou.me(a)pabx999999.ligou.me <mailto:101_pabx999999.ligou.me@pabx999999.ligou.me>' Meaning that the record for that user was not found in subscriber table. Can you share the record in subscriber table for this user (replace the password fields with xyz)? Cheers, Daniel -- Daniel-Constantin Mierla http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

Bruno Henrique Gomes Gouvêa

8:33 p.m.

Hello, Record in subscriber table, i cant see any problem: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1| ha1b | +-----------------------------+---------------------+---------------+------+ |101_pabx999999.ligou.me|pabx999999.ligou.me|xyz|NULL| Thank you. -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br http://ligou.me --- Bruno H. G. Gouvêa Tel.: (31)99554646 --- 2016-03-08 12:36 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com>om>:

...

Hello, On 08/03/16 09:27, Bruno Henrique Gomes Gouvêa wrote: Hello, Here new debug: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=25 n=xlog Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: <script>: ==== handling REGISTER (MmQwNzk0ZGFlNjhkYzRkNWY5ZjNhNTk3MGRjZTk2MzE.) for authorization: Digest username="101_pabx999999.ligou.me",realm="pabx999999.ligou.me ",nonce="Vt6NklbejGavaQRaSAso12UuHhzekp65",uri="sip:pabx999999.ligou.me ;transport=UDP",response="09b0c6dbd9776505fd9592b224234033",algorithm=MD5 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=954 a=16 n=if Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=947 a=27 n=auth_check Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me] table [subscriber] flags [0] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth [api.c:96]: pre_auth(): auth: digest-algo: MD5 parsed value: 1 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:118]: db_new_result(): allocate 56 bytes for result set at 0x7fa80fa86148 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:63]: db_unixodbc_get_columns(): 1 columns returned from the query Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:155]: db_allocate_columns(): allocate 8 bytes for result names at 0x7fa80fa730a0 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:165]: db_allocate_columns(): allocate 4 bytes for result types at 0x7fa80fa72de8 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:80]: db_unixodbc_get_columns(): allocate 16 bytes for RES_NAMES[0] at 0x7fa80fa84400 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:100]: db_unixodbc_get_columns(): RES_NAMES(0x7fa80fa84400)[0]=[ha1] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:139]: db_unixodbc_get_columns(): use DB1_STRING result type Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user ' <101_pabx999999.ligou.me(a)pabx999999.ligou.me> 101_pabx999999.ligou.me(a)pabx999999.ligou.me' the last log message is now relevant, respectively: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user ' <101_pabx999999.ligou.me(a)pabx999999.ligou.me> 101_pabx999999.ligou.me(a)pabx999999.ligou.me' Meaning that the record for that user was not found in subscriber table. Can you share the record in subscriber table for this user (replace the password fields with xyz)? Cheers, Daniel -- Daniel-Constantin Mierlahttp://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

Daniel-Constantin Mierla

9 Mar 9 Mar

7:56 a.m.

...

Hello, Record in subscriber table, i cant see any problem: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1| ha1b | +-----------------------------+---------------------+---------------+------+ |101_pabx999999.ligou.me <http://101_pabx999999.ligou.me/>|pabx999999.ligou.me <http://pabx999999.ligou.me/>|xyz|NULL| Thank you. -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br <http://cibercloud.com.br/> http://ligou.me <http://ligou.me/> --- Bruno H. G. Gouvêa Tel.: (31)99554646 <tel:%2831%2999554646> --- 2016-03-08 12:36 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com <mailto:miconda@gmail.com>>: Hello, On 08/03/16 09:27, Bruno Henrique Gomes Gouvêa wrote:

Hello, Here new debug: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=25 n=xlog Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: <script>: ==== handling REGISTER (MmQwNzk0ZGFlNjhkYzRkNWY5ZjNhNTk3MGRjZTk2MzE.) for authorization: Digest username="101_pabx999999.ligou.me <http://101_pabx999999.ligou.me>",realm="pabx999999.ligou.me <http://pabx999999.ligou.me>",nonce="Vt6NklbejGavaQRaSAso12UuHhzekp65",uri="sip:pabx999999.ligou.me <http://pabx999999.ligou.me>;transport=UDP",response="09b0c6dbd9776505fd9592b224234033",algorithm=MD5 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=954 a=16 n=if Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=947 a=27 n=auth_check Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me <http://pabx999999.ligou.me>] table [subscriber] flags [0] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth [api.c:96]: pre_auth(): auth: digest-algo: MD5 parsed value: 1 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:118]: db_new_result(): allocate 56 bytes for result set at 0x7fa80fa86148 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:63]: db_unixodbc_get_columns(): 1 columns returned from the query Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:155]: db_allocate_columns(): allocate 8 bytes for result names at 0x7fa80fa730a0 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:165]: db_allocate_columns(): allocate 4 bytes for result types at 0x7fa80fa72de8 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:80]: db_unixodbc_get_columns(): allocate 16 bytes for RES_NAMES[0] at 0x7fa80fa84400 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:100]: db_unixodbc_get_columns(): RES_NAMES(0x7fa80fa84400)[0]=[ha1] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:139]: db_unixodbc_get_columns(): use DB1_STRING result type Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user '101_pabx999999.ligou.me(a)pabx999999.ligou.me <mailto:101_pabx999999.ligou.me@pabx999999.ligou.me>'

the last log message is now relevant, respectively: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user '101_pabx999999.ligou.me(a)pabx999999.ligou.me <mailto:101_pabx999999.ligou.me@pabx999999.ligou.me>' Meaning that the record for that user was not found in subscriber table. Can you share the record in subscriber table for this user (replace the password fields with xyz)? Cheers, Daniel -- Daniel-Constantin Mierla http://www.asipto.comhttp://twitter.com/#!/miconda <http://twitter.com/#%21/miconda> - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

-- Daniel-Constantin Mierla http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

Bruno Henrique Gomes Gouvêa

9:09 a.m.

Hello, Params here: # ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "load_credentials", "") #!ifdef WITH_ASTERISK # subscriber table is actually a view in DBASTURL modparam("auth_db", "use_domain", 1) modparam("auth_db", "db_url", DBASTURL) modparam("auth_db", "version_table", 0) #!else modparam("auth_db", "db_url", DBURL) modparam("auth_db", "password_column", "password") modparam("auth_db", "use_domain", MULTIDOMAIN) #!endif Call auth function: if (!auth_check("$fd", "subscriber", "0")) { auth_challenge("$fd", "0") Thank you Em 9 de mar de 2016 03:56, "Daniel-Constantin Mierla" <miconda(a)gmail.com> escreveu:

...

Hello, apparently it is ok in database table -- can you send here the modparams for auth_db module and the piece of config how you execute the auth_check() function? Cheers, Daniel On 08/03/16 20:33, Bruno Henrique Gomes Gouvêa wrote: Hello, Record in subscriber table, i cant see any problem: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1| ha1b | +-----------------------------+---------------------+---------------+------+ |101_pabx999999.ligou.me|pabx999999.ligou.me|xyz|NULL| Thank you. -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br http://ligou.me --- Bruno H. G. Gouvêa Tel.: (31)99554646 --- 2016-03-08 12:36 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com>om>:

Hello, On 08/03/16 09:27, Bruno Henrique Gomes Gouvêa wrote: Hello, Here new debug: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=25 n=xlog Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: <script>: ==== handling REGISTER (MmQwNzk0ZGFlNjhkYzRkNWY5ZjNhNTk3MGRjZTk2MzE.) for authorization: Digest username="101_pabx999999.ligou.me",realm=" pabx999999.ligou.me",nonce="Vt6NklbejGavaQRaSAso12UuHhzekp65",uri="sip: pabx999999.ligou.me ;transport=UDP",response="09b0c6dbd9776505fd9592b224234033",algorithm=MD5 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=954 a=16 n=if Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=947 a=27 n=auth_check Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me] table [subscriber] flags [0] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth [api.c:96]: pre_auth(): auth: digest-algo: MD5 parsed value: 1 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:118]: db_new_result(): allocate 56 bytes for result set at 0x7fa80fa86148 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:63]: db_unixodbc_get_columns(): 1 columns returned from the query Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:155]: db_allocate_columns(): allocate 8 bytes for result names at 0x7fa80fa730a0 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:165]: db_allocate_columns(): allocate 4 bytes for result types at 0x7fa80fa72de8 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:80]: db_unixodbc_get_columns(): allocate 16 bytes for RES_NAMES[0] at 0x7fa80fa84400 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:100]: db_unixodbc_get_columns(): RES_NAMES(0x7fa80fa84400)[0]=[ha1] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:139]: db_unixodbc_get_columns(): use DB1_STRING result type Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user ' 101_pabx999999.ligou.me(a)pabx999999.ligou.me' the last log message is now relevant, respectively: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user ' 101_pabx999999.ligou.me(a)pabx999999.ligou.me' Meaning that the record for that user was not found in subscriber table. Can you share the record in subscriber table for this user (replace the password fields with xyz)? Cheers, Daniel -- Daniel-Constantin Mierlahttp://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

-- Daniel-Constantin Mierlahttp://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

Daniel-Constantin Mierla

10:52 a.m.

...

Hello, Record in subscriber table, i cant see any problem: +-----------------------------+---------------------+---------------+------+ | username | domain | ha1| ha1b | +-----------------------------+---------------------+---------------+------+ |101_pabx999999.ligou.me <http://101_pabx999999.ligou.me/>|pabx999999.ligou.me <http://pabx999999.ligou.me/>|xyz|NULL| Thank you. -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br <http://cibercloud.com.br/> http://ligou.me <http://ligou.me/> --- Bruno H. G. Gouvêa Tel.: (31)99554646 <tel:%2831%2999554646> --- 2016-03-08 12:36 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com <mailto:miconda@gmail.com>>: Hello, On 08/03/16 09:27, Bruno Henrique Gomes Gouvêa wrote:

Hello, Here new debug: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=25 n=xlog Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: <script>: ==== handling REGISTER (MmQwNzk0ZGFlNjhkYzRkNWY5ZjNhNTk3MGRjZTk2MzE.) for authorization: Digest username="101_pabx999999.ligou.me <http://101_pabx999999.ligou.me>",realm="pabx999999.ligou.me <http://pabx999999.ligou.me>",nonce="Vt6NklbejGavaQRaSAso12UuHhzekp65",uri="sip:pabx999999.ligou.me <http://pabx999999.ligou.me>;transport=UDP",response="09b0c6dbd9776505fd9592b224234033",algorithm=MD5 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=954 a=16 n=if Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=947 a=27 n=auth_check Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me <http://pabx999999.ligou.me>] table [subscriber] flags [0] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth [api.c:96]: pre_auth(): auth: digest-algo: MD5 parsed value: 1 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:118]: db_new_result(): allocate 56 bytes for result set at 0x7fa80fa86148 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:63]: db_unixodbc_get_columns(): 1 columns returned from the query Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:155]: db_allocate_columns(): allocate 8 bytes for result names at 0x7fa80fa730a0 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:165]: db_allocate_columns(): allocate 4 bytes for result types at 0x7fa80fa72de8 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:80]: db_unixodbc_get_columns(): allocate 16 bytes for RES_NAMES[0] at 0x7fa80fa84400 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:100]: db_unixodbc_get_columns(): RES_NAMES(0x7fa80fa84400)[0]=[ha1] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:139]: db_unixodbc_get_columns(): use DB1_STRING result type Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user '101_pabx999999.ligou.me(a)pabx999999.ligou.me <mailto:101_pabx999999.ligou.me@pabx999999.ligou.me>'

the last log message is now relevant, respectively: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user '101_pabx999999.ligou.me(a)pabx999999.ligou.me <mailto:101_pabx999999.ligou.me@pabx999999.ligou.me>' Meaning that the record for that user was not found in subscriber table. Can you share the record in subscriber table for this user (replace the password fields with xyz)? Cheers, Daniel -- Daniel-Constantin Mierla http://www.asipto.comhttp://twitter.com/#!/miconda <http://twitter.com/#%21/miconda> - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

-- Daniel-Constantin Mierla http://www.asipto.com http://twitter.com/#!/miconda <http://twitter.com/#%21/miconda> - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

-- Daniel-Constantin Mierla http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

Bruno Henrique Gomes Gouvêa

11 Mar 11 Mar

1:46 a.m.

Hello, I'm sorry, it was my fault, there was a view subscriber in kamailio scheme and also in the asterisk scheme. Thank you! -------------------------------------------- Bruno H. G. Gouvêa CEO - CiberCloud LTDA http://cibercloud.com.br http://ligou.me --- Bruno H. G. Gouvêa Tel.: (31)99554646 --- 2016-03-09 6:52 GMT-03:00 Daniel-Constantin Mierla <miconda(a)gmail.com>om>:

...

Hello, do you have WITH_ASTERISK defined? If yes, is the asterisk database having a subscriber table where you keep the usernames and passwords? Cheers, Daniel On 09/03/16 09:09, Bruno Henrique Gomes Gouvêa wrote: Hello, Params here: # ----- auth_db params ----- #!ifdef WITH_AUTH modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "load_credentials", "") #!ifdef WITH_ASTERISK # subscriber table is actually a view in DBASTURL modparam("auth_db", "use_domain", 1) modparam("auth_db", "db_url", DBASTURL) modparam("auth_db", "version_table", 0) #!else modparam("auth_db", "db_url", DBURL) modparam("auth_db", "password_column", "password") modparam("auth_db", "use_domain", MULTIDOMAIN) #!endif Call auth function: if (!auth_check("$fd", "subscriber", "0")) { auth_challenge("$fd", "0") Thank you Em 9 de mar de 2016 03:56, "Daniel-Constantin Mierla" <miconda(a)gmail.com> escreveu:

Hello, On 08/03/16 09:27, Bruno Henrique Gomes Gouvêa wrote: Hello, Here new debug: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=946 a=25 n=xlog Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: <script>: ==== handling REGISTER (MmQwNzk0ZGFlNjhkYzRkNWY5ZjNhNTk3MGRjZTk2MzE.) for authorization: Digest username="101_pabx999999.ligou.me",realm=" pabx999999.ligou.me",nonce="Vt6NklbejGavaQRaSAso12UuHhzekp65",uri="sip: pabx999999.ligou.me ;transport=UDP",response="09b0c6dbd9776505fd9592b224234033",algorithm=MD5 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=954 a=16 n=if Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: ERROR: *** cfgtrace: c=[//etc/kamailio/kamailio.cfg] l=947 a=27 n=auth_check Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:486]: auth_check(): realm [pabx999999.ligou.me] table [subscriber] flags [0] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth [api.c:96]: pre_auth(): auth: digest-algo: MD5 parsed value: 1 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:118]: db_new_result(): allocate 56 bytes for result set at 0x7fa80fa86148 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:63]: db_unixodbc_get_columns(): 1 columns returned from the query Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:155]: db_allocate_columns(): allocate 8 bytes for result names at 0x7fa80fa730a0 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: <core> [db_res.c:165]: db_allocate_columns(): allocate 4 bytes for result types at 0x7fa80fa72de8 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:80]: db_unixodbc_get_columns(): allocate 16 bytes for RES_NAMES[0] at 0x7fa80fa84400 Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:100]: db_unixodbc_get_columns(): RES_NAMES(0x7fa80fa84400)[0]=[ha1] Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: db_unixodbc [res.c:139]: db_unixodbc_get_columns(): use DB1_STRING result type Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user ' 101_pabx999999.ligou.me(a)pabx999999.ligou.me' the last log message is now relevant, respectively: Mar 8 03:25:10 p /usr/sbin/kamailio[1681]: DEBUG: auth_db [authorize.c:184]: get_ha1(): no result for user ' 101_pabx999999.ligou.me(a)pabx999999.ligou.me' Meaning that the record for that user was not found in subscriber table. Can you share the record in subscriber table for this user (replace the password fields with xyz)? Cheers, Daniel -- Daniel-Constantin Mierlahttp://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

-- Daniel-Constantin Mierlahttp://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com

3254

days inactive

3261

days old

sr-users@lists.kamailio.org

Manage subscription

14 comments

2 participants

tags (0)

participants (2)

Bruno Henrique Gomes Gouvêa
Daniel-Constantin Mierla