[Serusers] Noisy feedback tells & radius_authorize_sterman(): Failure - sr-users

25 Nov 2005


      Hi all
I am using SER-0.9.3 with radiusclient-ng-0.5.1 but
unable to get thrrough radius Digest Authentication i
am getting Noisy feedback tells and no request to
Radius
----------------------------------------------------
192.168.0.1:10411 -> 192.168.0.3:5060
  REGISTER sip:192.168.0.3 SIP/2.0..To:
2000sip:2000@192.168.0.3..From: 2000<sip:2000@212.
  36.71.78>;tag=68a232bb..Via: SIP/2.0/UDP
192.168.1.236:10411;branch=z9hG4bK-d87543-788469354
  -1--d87543-;rport..Call-ID: 726b328158a24912..CSeq:
2 REGISTER..Contact: <sip:2000@192.168.1
  .236:10411>..Expires: 60..Max-Forwards: 70..Allow:
INVITE, ACK, CANCEL, OPTIONS, BYE, REFER,
   NOTIFY, MESSAGE, SUBSCRIBE, INFO..User-Agent:
eyeBeam release 3005x stamp 17288..Authorizat
  ion: Digest
username="2000",realm="192.168.0.3",nonce="438142b95bb202f9f7b35267264fa3cdf240
c34c",uri="sip:192.168.0.3",response="587553ab1fdd8979c16dd5619ea1f3f1",algorithm=MD5..Cont
  ent-Length: 0....
#
U 192.168.0.3:5060 -> 192.168.0.1:10411
  SIP/2.0 100 Trying..To:
2000sip:2000@192.168.0.3..From:
2000sip:2000@192.168.0.3;tag=6
  8a232bb..Via: SIP/2.0/UDP
192.168.1.236:10411;branch=z9hG4bK-d87543-788469354-1--d87543-;rpo
  rt=10411;received=192.168.0.1..Call-ID:
726b328158a24912..CSeq: 2 REGISTER..Server: OpenSer
   (0.9.5 (i386/linux))..Content-Length: 0..Warning:
392 192.168.0.3:5060 "Noisy feedback tel
  ls:  pid=27853 req_src_ip=192.168.0.1
req_src_port=10411 in_uri=sip:192.168.0.3 out_uri=si
  p:192.168.0.3 via_cnt==1"....
#
U 192.168.0.3:5060 -> 192.168.0.1:10411
  SIP/2.0 401 Unauthorized..To:
2000sip:2000@192.168.0.3;tag=236419814c1d6cbca250c821be3316
  c3.97c8..From:
2000sip:2000@192.168.0.3;tag=68a232bb..Via:
SIP/2.0/UDP 192.168.1.236:1041
1;branch=z9hG4bK-d87543-788469354-1--d87543-;rport=10411;received=192.168.0.1..Call-ID:
726
  b328158a24912..CSeq: 2 REGISTER..WWW-Authenticate:
Digest realm="192.168.0.3",
nonce="7264fa3cdf240c34c"..Server: OpenSer (0.9.5
(i386/linux))..Content-Length:
  0..Warning: 392 192.168.0.3:5060 "Noisy feedback
tells:  pid=27853 req_src_ip=192.168.0.1
  req_src_port=10411 in_uri=sip:192.168.0.3
out_uri=sip:192.168.0.3 via_cnt==1"....
------------------------------------------------------------------------
why i am getting these
-------------------------------------------------------
 0(27853) radius_authorize_sterman(): Failure
 0(27853) build_auth_hf(): 'WWW-Authenticate: Digest
realm="192.168.0.3,
nonce="43814271015d7812e9f068467d0c352ceb679d70"
'
 0(27853) parse_headers: flags=-1
 0(27853) check_via_address(192.168.0.1, 192.168.0.1,
0)
 0(27853) DEBUG:destroy_avp_list: destroying list
0x4043dee0
 0(27853) receive_msg: cleaning up
ser.cfg
-----------------------
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/local/lib/ser/modules/auth.so"
modparam("usrloc", "db_mode",   0)
modparam("auth_radius","radius_config","/usr/local/etc/radiusclient-ng/radiusclient.conf")
modparam("auth_radius","service_type",15)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
#modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which
true in this config),
# uncomment also the following parameter)
#
#modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "rtpproxy_sock",
"unix:/var/run/rtpproxy.sock")
#modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
#############################################################################
modparam("tm", "fr_timer", 40)
modparam("tm", "fr_inv_timer", 35)
modparam("tm", "wt_timer", 5)
modparam("tm", "fr_inv_timer_avp", "inv_timeout")
###########################################################################
# -------------------------  request routing logic
-------------------
# main routing logic
route{
# max_forwards==0, or excessively long
requests
        if (!mf_process_maxfwd_header("10")) {
                sl_send_reply("483","Too Many Hops");
                break;
        };
        if (msg:len >=  max_len ) {
                sl_send_reply("513", "Message too
big");
                break;
        };
if (!method=="REGISTER") {
                record_route();
        }
if (loose_route()) {
                # mark routing logic in request
                append_hf("P-hint: rr-enforced\r\n");
                route(1);
                break;
        };
if (!uri==myself) {
                # mark routing logic in request
                append_hf("P-hint: outbound\r\n");
                route(1);
                break;
};
if (method=="BYE" || method=="CANCEL") {
                unforce_rtp_proxy();
        }
if (loose_route()) {
if (has_totag() && (method=="INVITE"
|| method=="ACK")) {
                        if (nat_uac_test("19")) {
                                setflag(6);
force_rport();
                                fix_nated_contact();
                        };
#                    force_rtp_proxy("l");
                        force_rtp_proxy();
                };
                route(1);
                break;
        };
# if the request is for other domain use
UsrLoc
        # (in case, it does not work, use the
following command
        if (uri==myself) {
                if (method=="INVITE") {
                        route(3);
                        break;
                };
        };
        append_hf("P-hint: usrloc applied\r\n");
        route(1);
}
route[1]
{
        #
-----------------------------------------------------------------
        # Default Message Handler
        #
-----------------------------------------------------------------
t_on_reply("1");
if (!t_relay()) {
                if (method=="INVITE" && isflagset(6))
{
                  unforce_rtp_proxy();
                };
                sl_reply_error();
        };
}
route[2] {
        #
-----------------------------------------------------------------
        # REGISTER Message Handler
        #
----------------------------------------------------------------
if (!search("^Contact:\ +*") &&
nat_uac_test("19")) {
                setflag(6);
                fix_nated_register();
                force_rport();
        };
sl_send_reply("100", "Trying");
if (!radius_www_authorize("")) {
                www_challenge("","0");
                break;
        };
consume_credentials();
if (!save("location")) {
                sl_reply_error();
        };
}
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com