Salut,
sorry for getting lazy now. In the config snipped
| append_to_reply("%$digest_challenge");
what is the point of the per-cent sign in front of the attribute name?
Thanks, Martin, who though he had figured all this out. Apparently not.
Hi,
append_to_reply uses the same formatting as xlog does, so that's the reason for putting the % sign.
Michal
On Sun, 2007-09-09 at 12:41 +0200, Martin Hoffmann wrote:
Salut,
sorry for getting lazy now. In the config snipped
| append_to_reply("%$digest_challenge");
what is the point of the per-cent sign in front of the attribute name?
Thanks, Martin, who though he had figured all this out. Apparently not. _______________________________________________ Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Michal Matyska wrote:
append_to_reply uses the same formatting as xlog does, so that's the reason for putting the % sign.
Appart from the fact that I don't see the point in having double prefixes (the $ in itself should be enough), does that mean I can do
append_to_reply ("P-Asserted-Identity: %$actual_identity")
Now a possibly stupid question: Is there some documentation for this? Can I embedd an attribute or select into the middle of the string? If so, how?
Oh, and isn't pretty much all of the stuff in xlog obsolete since we are having selects for all of it now?
Regards, Martin
On Mon, 2007-09-10 at 17:10 +0200, Martin Hoffmann wrote:
Michal Matyska wrote:
append_to_reply uses the same formatting as xlog does, so that's the reason for putting the % sign.
Appart from the fact that I don't see the point in having double prefixes (the $ in itself should be enough), does that mean I can do
well due to the fact xlog was using % to prefix it's entities and %$ has evolved from %{avp_name} when selects were introduced %@ (what surprise), the strange dual prefix was left.
append_to_reply ("P-Asserted-Identity: %$actual_identity")
yes
Now a possibly stupid question: Is there some documentation for this?
Stupid answer - in the docs which does not exist. Yes trying to keep uptodate docs on wiki might help us to get it in pace with the code.
OK, I know README still shows %{avp_name}.
Can I embedd an attribute or select into the middle of the string? If so, how?
%| or %<single space char> can do the end of select/avp name mark. e.g. append_to_reply("X-hdr: xxx%@contact.uri.user%|yyy@%@contact.uri.host");
Contact: abc@1.2.3.4 -> X-hdr: xxxabcyyy@1.2.3.4
Oh, and isn't pretty much all of the stuff in xlog obsolete since we are having selects for all of it now?
Yes... the idea was to allow using the $ and @ inside-string formating whenever you can use string. Was not done in time as it is more complex, and there is code-freeze now (for quite a long time) to let ser 2.0 get out into the masses. So maybe 2.1, maybe 3.0 (as it will change the ser.cfg's again).
Michal
Michal Matyska wrote:
... things that explain a lot.
Thanks for that. Of course, I can't really leave it at that ;-)
OK, I know README still shows %{avp_name}.
I stopped believing what they say for 2.0.
Oh, and isn't pretty much all of the stuff in xlog obsolete since we are having selects for all of it now?
Yes... the idea was to allow using the $ and @ inside-string formating whenever you can use string. Was not done in time as it is more complex, and there is code-freeze now (for quite a long time) to let ser 2.0 get out into the masses. So maybe 2.1, maybe 3.0 (as it will change the ser.cfg's again).
I'd vote to add it to 2.1. Keep the % syntax but also allow direct $ and @. Possibly provide a mechanism that can be used by all modules through the function parameter fixups.
As for the ending of an attribute or select expression, following Bourne Shell syntax might be a good idea: It ends with a character not allowed in an identifier or by explicitely enclosing in braces (${foo} or @{foo}). This may make parsing the string somewhat more difficult, but since it happens at startup only, who cares. Maybe use Bison.
Regards, Martin
if (registered("location")) { ... }
M.
On Thu, 2007-09-13 at 00:12 +0700, Tung Tran wrote:
Hi all,
Should anyone please help how to check the from user in INVITE request is already registered?
Thanks you very much.
Tung
Hello,
I also want to do the same thing as Tung -- I want to know if the caller URI is registered.
My current ser.cfg (based on the SER 2.0 RC1 sample ser.cfg), calls a proxy_authenticate for every message. This means the every message (other than register) is sent twice, once without auth headers and a 2nd time with auth headers.
An easier approach would be send the auth challenge during a register message and simply check if the caller is registered in subsequent messages. If the caller did not re-register within the expiration interval, their request would be rejected.
Is there a method to check of the caller (from) URI is registered?
Thanks,
- Ravin
_____
From: serusers-bounces@lists.iptel.org [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Tung Tran Sent: Thursday, September 13, 2007 1:24 AM To: Michal Matyska Cc: serusers@lists.iptel.org Subject: Re: [Serusers] How to check the username if it is registered or not
Hi,
I got this in iptel doc:
registered(domain) The function returns true if the AOR in the Request-URI is registered, false otherwise. The function does not modify the message being process, it neither rewrites the Request-URI if a contact is found not append branches.
But I want to check the from user if it is registered or not, any command can do this?
Thank you Tung
if (registered("location")) { .. }
M.
On Thu, 2007-09-13 at 00:12 +0700, Tung Tran wrote:
Hi all,
Should anyone please help how to check the from user in INVITE request is already registered?
Thanks you very much.
Tung
Hi all,
I am trying to do radius_proxy_authenticate for INVITE message, but I got new trouble: - Radius server reply with Access-Accept. - But SER always understands the authentication is false and do proxy_challeng all the time (althrough all the debug I see on the debug >>radius_authorize_sterman(): Success..)
Please tell me what I am wrong ( I am using SER 0.8).
Thanks in advance, Tung
Here is my conf for radius_proxy_authenticate. if (method == "INVITE" && (uri=~"^sip:00")) {
if (!radius_proxy_authorize("")) { xlog("L_INFO", "Radius proxy authorized false, Challenging .. \n"); proxy_challenge("", "0"); break; };
xlog("L_INFO", "Radius proxy authorized OK, process call routing .. \n"); consume_credentials(); log (1, "************* PC2Phone Using AsteriskB2UBA, Rewriting the host:port **************"); rewritehostport ("x.x.x.x:5071"); use_media_proxy(); t_on_reply("1"); .............
}
And here is the debug on SER
0(2828) method: <INVITE> 0(2828) uri: sip:0012127773456@sip3.thequocte.com:5060 0(2828) version: <SIP/2.0> 0(2828) parse_headers: flags=1 0(2828) Found param type 235, <rport> = <n/a>; state=6 0(2828) Found param type 232, <branch> = <z9hG4bKPjdc616205bf324ab996179b219e5986b9>; state=16 0(2828) end of header reached, state=5 0(2828) parse_headers: Via found, flags=1 0(2828) parse_headers: this is the first via 0(2828) After parse_msg... 0(2828) preparing to run routing scripts... 0(2828) DEBUG : is_maxfwd_present: searching for max_forwards header 0(2828) parse_headers: flags=128 0(2828) DEBUG: is_maxfwd_present: value = 70 0(2828) parse_headers: flags=8 0(2828) DEBUG: add_param: tag=e9d3c1dcadf44089b4bd19407187c6dc 0(2828) end of header reached, state=29 0(2828) parse_headers: flags=256 0(2828) end of header reached, state=8 0(2828) DEBUG: get_hdr_field: <To> [38]; uri=[sip:0012127773456@sip3.xxxxx.com] 0(2828) DEBUG: to body [sip:0012127773456@sip3.xxxxx.com ] 0(2828) get_hdr_field: cseq <CSeq>: <2> <INVITE> 0(2828) DEBUG: get_hdr_body : content_length=405 0(2828) found end of header 0(2828) find_first_route(): No Route headers found 0(2828) loose_route(): There is no Route HF 0(2828) parse_headers: flags=64 0(2828) parse_headers: flags=64 0(2828) parse_headers: flags=33554432 0(2828) check_nonce(): comparing [46e97a6ac3463940efca3302e91c79bea2a80448] and [46e97a6ac3463940efca3302e91c79bea2a80448] 0(2828) to: 0012127773456 0(2828) radius_authorize_sterman(): Success 0(2828) XLOG: xl_print_log: final buffer length 47 0(2828) Radius proxy authorized false, Challenging .. 0(2828) build_auth_hf(): 'Proxy-Authenticate: Digest realm="xxxxxxx", nonce="46e97a6ac3463940efca3302e91c79bea2a80448"
Hello,
I also want to do the same thing as Tung -- I want to know if the caller URI is registered.
My current ser.cfg (based on the SER 2.0 RC1 sample ser.cfg), calls a proxy_authenticate for every message. This means the every message (other than register) is sent twice, once without auth headers and a 2nd time with auth headers.
An easier approach would be send the auth challenge during a register message and simply check if the caller is registered in subsequent messages. If the caller did not re-register within the expiration interval, their request would be rejected.
Is there a method to check of the caller (from) URI is registered?
Thanks,
- Ravin
From: serusers-bounces@lists.iptel.org [mailto:serusers- bounces@lists.iptel.org] On Behalf Of Tung Tran Sent: Thursday, September 13, 2007 1:24 AM To: Michal Matyska Cc: serusers@lists.iptel.org Subject: Re: [Serusers] How to check the username if it is registered or not
Hi,
I got this in iptel doc:
registered(domain) The function returns true if the AOR in the Request-URI is registered, false otherwise. The function does not modify the message being process, it neither rewrites the Request-URI if a contact is found not append branches.
But I want to check the from user if it is registered or not, any command can do this?
Thank you Tung
if (registered("location")) { .. }
M.
On Thu, 2007-09-13 at 00:12 +0700, Tung Tran wrote:
Hi all,
Should anyone please help how to check the from user in INVITE request is already registered?
Thanks you very much.
Tung
ok, in SER 2.0 you can use: if (registered("location",@from.uri)) { ... } Michal
On Thu, 2007-09-13 at 12:23 +0700, Tung Tran wrote:
Hi,
I got this in iptel doc:
registered(domain) The function returns true if the AOR in the Request-URI is registered, false otherwise. The function does not modify the message being process, it neither rewrites the Request-URI if a contact is found not append branches.
But I want to check the from user if it is registered or not, any command can do this?
Thank you Tung
if (registered("location")) { .. }
M.
On Thu, 2007-09-13 at 00:12 +0700, Tung Tran wrote:
Hi all,
Should anyone please help how to check the from user in INVITE request is already registered?
Thanks you very much.
Tung
I am using SER 0.8 and not easy to imgration to 2.0 soon, so is there possible to use this on old version....
Thanks in advanced
Tung
I'm sorry, there is no way to check that in SER 0.8 neither 0.9.x Michal
On Fri, 2007-09-14 at 09:40 +0700, Tung Tran wrote:
I am using SER 0.8 and not easy to imgration to 2.0 soon, so is there possible to use this on old version....
Thanks in advanced
Tung
Hi all,
I am trying to do workaorund of my issue with how to check the FROM user in INVITE message, I am doing radius_proxy_authenticate for INVITE message, but I got new trouble: - Radius server reply with Access-Accept. - But SER always understands the authentication is false and do proxy_challeng again and again (althrough all the debug I see on the debug >>radius_authorize_sterman(): Success..)
Please tell me what I am wrong ( I am using SER 0.8).
Thanks in advance, Tung
Here is my conf for radius_proxy_authenticate. if (method == "INVITE" && (uri=~"^sip:00")) {
if (!radius_proxy_authorize("")) { xlog("L_INFO", "Radius proxy authorized false, Challenging .. \n"); proxy_challenge("", "0"); break; };
xlog("L_INFO", "Radius proxy authorized OK, process call routing .. \n"); consume_credentials();
log (1, "************* PC2Phone Using AsteriskB2UBA, Rewriting the host:port **************"); rewritehostport ("x.x.x.x:5071"); use_media_proxy(); t_on_reply("1"); .............
}
And here is the debug on SER
0(2828) method: <INVITE> 0(2828) uri: sip:0012127773456@sip3.thequocte.com:5060 0(2828) version: <SIP/2.0> 0(2828) parse_headers: flags=1 0(2828) Found param type 235, <rport> = <n/a>; state=6 0(2828) Found param type 232, <branch> = <z9hG4bKPjdc616205bf324ab996179b219e5986b9>; state=16 0(2828) end of header reached, state=5 0(2828) parse_headers: Via found, flags=1 0(2828) parse_headers: this is the first via 0(2828) After parse_msg... 0(2828) preparing to run routing scripts... 0(2828) DEBUG : is_maxfwd_present: searching for max_forwards header 0(2828) parse_headers: flags=128 0(2828) DEBUG: is_maxfwd_present: value = 70 0(2828) parse_headers: flags=8 0(2828) DEBUG: add_param: tag=e9d3c1dcadf44089b4bd19407187c6dc 0(2828) end of header reached, state=29 0(2828) parse_headers: flags=256 0(2828) end of header reached, state=8 0(2828) DEBUG: get_hdr_field: <To> [38]; uri=[sip:0012127773456@sip3.xxxxx.com] 0(2828) DEBUG: to body [sip:0012127773456@sip3.xxxxx.com ] 0(2828) get_hdr_field: cseq <CSeq>: <2> <INVITE> 0(2828) DEBUG: get_hdr_body : content_length=405 0(2828) found end of header 0(2828) find_first_route(): No Route headers found 0(2828) loose_route(): There is no Route HF 0(2828) parse_headers: flags=64 0(2828) parse_headers: flags=64 0(2828) parse_headers: flags=33554432 0(2828) check_nonce(): comparing [46e97a6ac3463940efca3302e91c79bea2a80448] and [46e97a6ac3463940efca3302e91c79bea2a80448] 0(2828) to: 0012127773456 0(2828) radius_authorize_sterman(): Success 0(2828) XLOG: xl_print_log: final buffer length 47 0(2828) Radius proxy authorized false, Challenging .. 0(2828) build_auth_hf(): 'Proxy-Authenticate: Digest realm="xxxxxxx", nonce="46e97a6ac3463940efca3302e91c79bea2a80448"
Anyone please help me, I dont know which is wrong with my config.
Thanks in advance Tung
Hi all,
I am trying to do workaorund of my issue with how to check the FROM user in INVITE message, I am doing radius_proxy_authenticate for INVITE message, but I got new trouble:
- Radius server reply with Access-Accept.
- But SER always understands the authentication is false and do
proxy_challeng again and again (althrough all the debug I see on the debug >>radius_authorize_sterman(): Success..)
Please tell me what I am wrong ( I am using SER 0.8).
Thanks in advance, Tung
Here is my conf for radius_proxy_authenticate. if (method == "INVITE" && (uri=~"^sip:00")) {
if (!radius_proxy_authorize("")) { xlog("L_INFO", "Radius proxy authorized false, Challenging .. \n"); proxy_challenge("", "0"); break; };
xlog("L_INFO", "Radius proxy authorized OK, process call routing .. \n"); consume_credentials();
log (1, "************* PC2Phone Using AsteriskB2UBA, Rewriting the host:port **************"); rewritehostport ("x.x.x.x:5071"); use_media_proxy(); t_on_reply("1"); .............
}
And here is the debug on SER
0(2828) method: 0(2828) uri: 0(2828) version: 0(2828) parse_headers: flags=1 0(2828) Found param type 235, = ; state=6 0(2828) Found param type 232, = ; state=16 0(2828) end of header reached, state=5 0(2828) parse_headers: Via found, flags=1 0(2828) parse_headers: this is the first via 0(2828) After parse_msg... 0(2828) preparing to run routing scripts... 0(2828) DEBUG : is_maxfwd_present: searching for max_forwards header 0(2828) parse_headers: flags=128 0(2828) DEBUG: is_maxfwd_present: value = 70 0(2828) parse_headers: flags=8 0(2828) DEBUG: add_param: tag=e9d3c1dcadf44089b4bd19407187c6dc 0(2828) end of header reached, state=29 0(2828) parse_headers: flags=256 0(2828) end of header reached, state=8 0(2828) DEBUG: get_hdr_field: [38]; uri=[sip:0012127773456@sip3.xxxxx.com] 0(2828) DEBUG: to body [sip:0012127773456@sip3.xxxxx.com ] 0(2828) get_hdr_field: cseq : 0(2828) DEBUG: get_hdr_body : content_length=405 0(2828) found end of header 0(2828) find_first_route(): No Route headers found 0(2828) loose_route(): There is no Route HF 0(2828) parse_headers: flags=64 0(2828) parse_headers: flags=64 0(2828) parse_headers: flags=33554432 0(2828) check_nonce(): comparing [46e97a6ac3463940efca3302e91c79bea2a80448] and [46e97a6ac3463940efca3302e91c79bea2a80448] 0(2828) to: 0012127773456 0(2828) radius_authorize_sterman(): Success 0(2828) XLOG: xl_print_log: final buffer length 47 0(2828) Radius proxy authorized false, Challenging .. 0(2828) build_auth_hf(): 'Proxy-Authenticate: Digest realm="xxxxxxx", nonce="46e97a6ac3463940efca3302e91c79bea2a80448"
Michal's solution worked for me. His code needed a small change. The following worked:
lookup_user("$fu.uid", "@from.uri");
$tu.uid=$f.uid;
xlog("L_INFO", "Register check for: tu.uid=%$tu.uid\n");
if (!registered("location")) { xlog("L_INFO", "Unregistered request[%rm]: From: %$tu.uid\n"); sl_reply("401", "Unauthorized"); drop; } del_attr("$tu.uid");
This helped me avoid repeated proxy auth in every request subsequent to a successful register.
Michal, Thank you very much!
- Ravin
-----Original Message----- From: serusers-bounces@lists.iptel.org [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Michal Matyska Sent: Thursday, September 13, 2007 11:05 PM To: Tung Tran Cc: serusers@lists.iptel.org Subject: Re: [Serusers] How to check the username if it is registered or not
I'm sorry, there is no way to check that in SER 0.8 neither 0.9.x Michal
On Fri, 2007-09-14 at 09:40 +0700, Tung Tran wrote:
I am using SER 0.8 and not easy to imgration to 2.0 soon,
so is there possible to use this on old version....
Thanks in advanced
Tung
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Mr. Ravin,
Which version of SER are you using now? Thanks and regards,
Tung
Michal's solution worked for me. His code needed a small change. The following worked:
lookup_user("$fu.uid", "@from.uri");
$tu.uid=$f.uid;
xlog("L_INFO", "Register check for: tu.uid=%$tu.uid\n");
if (!registered("location")) { xlog("L_INFO", "Unregistered request[%rm]: From: %$tu.uid\n"); sl_reply("401", "Unauthorized"); drop; } del_attr("$tu.uid");
This helped me avoid repeated proxy auth in every request subsequent to a successful register.
Michal, Thank you very much!
- Ravin
-----Original Message----- From: serusers-bounces@lists.iptel.org [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Michal Matyska Sent: Thursday, September 13, 2007 11:05 PM To: Tung Tran Cc: serusers@lists.iptel.org Subject: Re: [Serusers] How to check the username if it is registered or not
I'm sorry, there is no way to check that in SER 0.8 neither 0.9.x Michal
On Fri, 2007-09-14 at 09:40 +0700, Tung Tran wrote:
I am using SER 0.8 and not easy to imgration to 2.0 soon,
so is there possible to use this on old version....
Thanks in advanced
Tung
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
I am using SER 2.0 RC1
- Ravin
-----Original Message----- From: Tung Tran [mailto:tr.tung@gmail.com] Sent: Saturday, September 15, 2007 12:36 AM To: Ravin Suri; 'Michal Matyska' Cc: serusers@lists.iptel.org Subject: RE: [Serusers] How to check the username if it is registered or not
Mr. Ravin,
Which version of SER are you using now? Thanks and regards,
Tung
Michal's solution worked for me. His code needed a small change. The following worked:
lookup_user("$fu.uid", "@from.uri");
$tu.uid=$f.uid;
xlog("L_INFO", "Register check for: tu.uid=%$tu.uid\n");
if (!registered("location")) { xlog("L_INFO", "Unregistered request[%rm]: From: %$tu.uid\n"); sl_reply("401", "Unauthorized"); drop; } del_attr("$tu.uid");
This helped me avoid repeated proxy auth in every request
subsequent
to a successful register.
Michal, Thank you very much!
- Ravin
-----Original Message----- From: serusers-bounces@lists.iptel.org [mailto:serusers-bounces@lists.iptel.org] On Behalf Of
Michal Matyska
Sent: Thursday, September 13, 2007 11:05 PM To: Tung Tran Cc: serusers@lists.iptel.org Subject: Re: [Serusers] How to check the username if it is
registered
or not
I'm sorry, there is no way to check that in SER 0.8 neither 0.9.x Michal
On Fri, 2007-09-14 at 09:40 +0700, Tung Tran wrote:
I am using SER 0.8 and not easy to imgration to 2.0 soon,
so is there possible to use this on old version....
Thanks in advanced
Tung
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
I'm sorry typing faster than thinking.... registered checks whether AVP with name UID exists for TO user, if not lookups based on request uri. The workaround is to put the uid of the FROM user to get the correct result.
to know whether FROM user is registered you should use following code (SER 2.0 and higher):
lookup_user("$fu",@from.uri); $tu.uid=$f.uid; if (registered("location")) { ... del_attr("$tu.uid"); } del_attr("$tu.uid");
Michal
On Thu, 2007-09-13 at 12:23 +0700, Tung Tran wrote:
Hi,
I got this in iptel doc:
registered(domain) The function returns true if the AOR in the Request-URI is registered, false otherwise. The function does not modify the message being process, it neither rewrites the Request-URI if a contact is found not append branches.
But I want to check the from user if it is registered or not, any command can do this?
Thank you Tung
if (registered("location")) { .. }
M.
On Thu, 2007-09-13 at 00:12 +0700, Tung Tran wrote:
Hi all,
Should anyone please help how to check the from user in INVITE request is already registered?
Thanks you very much.
Tung
-
Martin Hoffmann -
Michal Matyska -
Ravin Suri -
Tung Tran