[Serusers]: Problems with authentication
steve
sgsubs at intechnology.co.uk
Thu May 13 14:54:56 CEST 2004
I've just done a CVS download for sems as a cvs "newbie"
I did the following to get sems from the cvs tree at berlios
CVSROOT=:pserver:anonymous at cvs.berlios.de:/cvsroot/sems
export CVSROOT
cvs login
cvs co answer_machine
This then downloaded the stuff into the dir I was in, so I should now be
able to run make and off we go..
So I think you just need to change you stuff to
CVSROOT=:pserver:anonymous at cvs.berlios.de:/cvsroot/ser
export CVSROOT
cvs login
cvs co sip_router
________________________________
From: serusers-bounces at iptel.org [mailto:serusers-bounces at lists.iptel.org]
On Behalf Of Sara Allton
Sent: Thursday 13 May 2004 13:24
To: Klaus Darilion
Cc: serusers at lists.iptel.org
Subject: Re: [Serusers]: Problems with authentication
Thanks - I'm trying to download CVS versions as instructed in
"direct CVS Access" - however i'm getting a 'BAD CVSROOT' error. I've also
tried using the cvs -d option to specify the CVSROOT however it seems i'm
not getting anywhere.
would appreciate further help on this as this is all new to me.
TIA
S
----- Original Message -----
From: Klaus Darilion
Date: Thu, 13 May 2004 12:34:01 +0200
To: Sara Allton
Subject: Re: [Serusers]: Problems with authentication
> I suggest you to never mix ser rpms and source code installations.
>
> If you need accounting, remove all ser rpms from your system and
use CVS
> versions only.
>
> Klaus
>
> Sara Allton wrote:
>
> > Thanks - it worked.
> >
> > One other question please.
> >
> > I've had to recompile ser from source since I need to log CDRs
to Mysql
> > rather than to syslog. However when i try to re-intsall the
ser-mysl RPM
> > package, I get a failed dependencies error. Its as if ser is not
> > installed at all. Is there something I'm missing out?
> >
> > Thanks
> >
> > Sar a
> >
> > ----- Original Message -----
> > From: Jan Janak
> > Date: Sun, 9 May 2004 19:03:10 +0200
> > To: Sara Allton
> > Subject: Re: [Serusers]: Problems with authentication
> >
> > > Change realm (the first parameter of www_authorize and
www_challenge in
> > > the configuration file) from localdomain.com to 192.168.2.16.
That's
> > > what you have configured in the subscriber table.
> > >
> > > Jan.
> > >
> > > On 08-05 12:29, Sara Allton wrote:
> > > >
> > > > Hi,
> > > >
> > > > I've installed SER on Redhat 9 but am having problems with
getting a
> > > > Cisco ATA registered. The server replies with message "401
> > > > Unauthorized". Below is the ser.cfg file, together with
ngrep output
> > > > and mysql subscriber table.
> > > >
> > > > What could the problem be? i've tried modifying the ser.cfg
file in
> > > > order to try and get this to work but without luck. I'm not
too sure
> > > > regarding the "realm" parameter being passed int the
www-authenticate
> > > > message.
> > > >
> > > > TIA
> > > >
> > > > Sara
> > > >
> > > >
> > > > U 192.168.2.100:5060 -> 192.168.2.16:5060
> > > >
> > > > REGISTER sip:192.168.2.16 SIP/2.0..Via: SIP/2.0/UDP
> > > > 192.168.2.100:5060..From: sip:ciscoata at 192.168.2.16..To:
> > > > sip:ciscoata at 192.168.2.16..Call-ID:
> > > >
> > > > 3435349313 at 192.168.2.100..CSeq: 2 REGISTER..Contact:
> > > > ;expires=3500..User-Age
> > > ; > nt: Cisco ATA v2.15 a
> > > >
> > > > ta18x (020927a)..Authorization: Digest
> > > >
username="ciscoata",realm="localdomain.com",nonce="409e41b0801685a46a7
> > > >
9d41e81d85c5adc6bca39",uri="sip:192.168.2.16",response="b878eb13908b9a
> > > > 8251571111eb001acf"..Content-Length: 0.... < BR>> >
> > > > #
> > > >
> > > > U 192.168.2.16:5060 -> 192.168.2.100:5060
> > > >
> > > > SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP
192.168.2.100:5060..From:
> > > > sipciscoata at 192.168.2.16..To:
> > > > sip:ciscoata at 192.168.2.16;tag=b27e1a1d33761e
> > > >
> > > > 85846fc98f5f3a7e58.8272..Call-ID:
3435349313 at 192.168.2.100..CSeq: 2
> > > > REGISTER..WWW-Authenticate: Digest realm="localdomain.com",
> > > > nonce="409e4 1b1bc69e5210563de14a3dbfbb25941602e"..Server:
Sip EXpress
> > > > router (0.8.12 (i386/linux)
> > > >
> > > > )..Content-Length: 0..Warning: 392 192.168.2.16:5060 "Noisy
feedback
> > > > tells:pid=1631 req_src_ip=192.168.2.100 req_src_port=5060
> > > > in_uri=sip:192.168.2.16 out_uri=sip:192.168.2.16
via_cnt==1"....
> > > >
> > > >
> > > > mysql> select * from subscriber;
> > > >
> > > > +----------------------------------+-
> > ------------+--------------+-----
> > > >
-----+------------+-----------+-------+-------------------------------
> > > >
--+---------------------+---------------------+-----------------------
> > > >
-------------------+------+------------------+----------+-------------
> > > > ---------------------+------------------
----------------+-------+-----
> > > > -------+----------+
> > > >
> > > > | phplib_id | username | domain |
> > > > password | first_name | last_name | phone |
> > > > email_address | datetime_created |
> > > > datetime_modified | confirmation & nbsp; |
> > > > flag | sendnotification | greeting | ha1
> > > > | ha1b | perms | allow_find | timezone |
> > > >
> > > >
+----------------------------------+-------------+--------------+-----
> > > >
-----+------------+-----------+-------+-------------------------------
> > > > --+---------------------+------------------
> > ---+-----------------------
> > > >
-------------------+------+------------------+----------+-------------
> > > >
---------------------+----------------------------------+---- ---+-----
> > > > -------+----------+
> > > >
> > > > | 65e397cda0aa8e3202ea22cbd350e4e9 | admin | 192.168.2.16 |
> > > > heslo | Initial | Admin | 123 |
> > > > root at localhost | 2002-09-04 19:37:45 | 0000-00-00
> > > > 00:00:00 | 57DaSIPuCm52UNe54 LF545750cfdL48OMZfroM53 | o
> > > >
> > > > | | | 2ff35d1f6572c03ae736bd567a46a30b |
> > > > b4c79738fe441c8c26ebc11545423d23 | admin | 0
> > > >
> > > > | NULL |
> > > >
> > > > | NULL |
> > > >
> > > > | 1fb8e96684801eb7bc53e44d68a18cca | ser | 192.168.2.16 |
> > > > heslo | | | | ser at localhost |
> > > > 2004-05-05 07:47:30 | 0000-00-00 00:00:00 | &
> > > > nbsp; | o
> > > >
> > > > | | | 1fb8e96684801eb7bc53e4 4d68a18cca |
> > > > 5023bfc28eff0b9fc0f48e22b14f5e2b | admin | 0
> > > >
> > > > | NULL |
> > > >
> > > >
> > > > | f3dbccc505c3611dd538857bbfa8a2b2 | test123 | 192.168.2.16
|
> > > > test | | | |
> > > > test123 at 192.168.2.16 | 2004-05-05 09:40:50 | 0000-00-00
> > > > 00:00:00 | &nbs p; | o
> > > >
> > > > | | | f3dbccc505c3611dd538857bbfa8a2b2 |
> > > > 39e3709b96459dd7f5090277aaf988f4 | NULL | 0
> > > >
> > > > | NULL |
> > > >
> > > >
> > > > | b800b1c879ccf7bccfa1d0fffd6ac28a | ciscoata | 192.168.2.16
|
> > > > qwerty | | | | ciscoata at mail.com |
> > > > 2004-05-09 12:22:22 | 0000-00-00 00:00:00 |
> > > > | o
> > > >
> > > & gt; | | | b800b1c879ccf7bccfa1d0fffd6ac28a |
> > > > bd81df065d2931e0048989a9fa94e6d5 | NULL | 0
> > > >
> > > > | NULL |
> > > >
> > > >
+----------------------------------+-------------+--------------
> > +-----
> > > >
-----+------------+-----------+-------+-------------------------------
> > > >
--+---------------------+---------------------+-----------------------
> > > >
-------------------+------+------------------+----------+-------------
> > > >
---------------------+----------------------------------+-------+-----
> > > > -------+----------+
> > > >
> > > > 4 rows in set (0.00 sec)
> > > >
> > > >
> > > > #
> > > >
> > > > # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
> ; > > >
> > > > #
> > > >
> > > > # simple quick-start config script
> > > >
> > > > #
> > > >
> > > >
> > > >
> > > > # ----------- global configuration parameters
------------------------
> > > >
> > > >
> > > >
> > > > #debug=3 # debug level (cmd line: -dddddddddd)
> > > >
> > > > #fork=yes
> > > >
> > > > #log_ stderror=no # (cmd line: -E)
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > /* Uncomment these lines to enter debugging mode
> > > >
> > > > debug=7
> > > >
> > > > fork=no
> > > >
> > > > log_stderror=yes
> > > >
> > > > */
> > > >
> > > > check_via=no # (cmd. line: -v)
> > > >
> > > > dns=no # (cmd. line: -r)
> > > >
> > > > rev_dns=no # (cmd. line: -R)
> > > >
> > > > #port=5060
> > > >
> > > > #children=4
> > > >
> > > > fifo="/tmp/ser_fifo"
> > > >
> > > >
> > > > # ------------------ module loading
----------------------------------
> > > >
> > > >
> > > >
> > > > # Uncomment this if you want to use SQL database
> > > >
> > > > loadmodule "/usr/lib/ser/modules/mysql.so"
> > > >
> > > >
> > > >
> > > > loadmodul e "/usr/lib/ser/modules/sl.so"
> > > >
> > > > loadmodule "/usr/lib/ser/modules/tm.so"
> > > >
> > > > loadmodule "/usr/lib/ser/modules/rr.so"
> > > >
> > > > loadmodule "/usr/lib/ser/modules/maxfwd.so"
> > > >
> > > > loadmodule "/usr/lib/ser/modules/usrloc.so"
> > > >
> > > > loadmodule "/usr/lib/ser/modules/registrar.so"
> > > >
> > > >
> > > >
> > > > # Uncomment this if you want digest authentication
> > > >
> > > > # mysql.so must be loaded !
> > > >
> > > > loadmodule "/usr/lib/ser/modules/auth.so"
> > > >
> > > > loadmodule "/usr/lib/ser/modules/auth_db.so"
> > > >
> > > > # ----------------- setting m odule-specific parameters
---------------
> > > >
> > > >
> > > >
> > > > # -- usrloc params --
> > > >
> > > > modparam("usrloc", "db_url",
"sql://ser:heslo@192.168.2.16/ser")
> > > >
> > > >
> > > >
> > > > #modparam("usrloc", "db_mode", 0)
> > > >
> > > >
> > > >
> > > > # Uncomment this if you want to use SQL database
> > > >
> > > > # for persistent storage and comment the previous line
> > > >
> > > > modparam("usrloc", "db_mode", 2)
> > > >
> > > >
> > > >
> > > > # -- auth params --
> > > >
> > > > modparam("auth_db", "db_url",
"sql://ser:heslo@192.168.2.16/ser")
> > > >
> > > > # Uncomment if you are using auth module
> > > >
> > > > #
> > > >
> > > > modparam("auth_db", "calculate_ha1", yes)
> > > >
> > > > #
> > > >
> > > > # If you set "calculate_ha1" parameter to yes (which true in
this
> > > > config),
> > > >
> > > > # uncomment also the following parameter)
> > > >
> > > > #
> > > >
> > > > modparam("auth_db", "password_column", "password")
> > > > ;
> > > >
> > > >
> > > > # -- rr params --
> > > >
> > > > # add value to ;lr param to make some broken UAs happy
> > > >
> > > > modparam("rr", "enable_full_lr", 1)
> > > >
> > > >
> > > >
> > > > # ------------------------- request routing logic
-------------------
> > > >
> > > >
> > > >
> > > > # main routing logic
> > > >
> > > >
> > > >
> > > > route{
> > > >
> > > >
> > > >
> > > > # initial sanity checks -- messages with
> > > >
> > > > # max_forwards==0, or excessively long requests
> > > >
> > > > if (!mf_process_maxfwd_header("10")) {
> > > >
> > > > sl_send_reply("483","Too Many Hops");
> > > >
> > > > break;
> > > >
> > > > };
> > > >
> > > > if ( msg:len > max_len ) {
> > > >
> > > > sl_send_reply ("513", "Message too big");
> > > > < BR>> > break;
> > > >
> > > > };
> > > >
> > > >
> > > >
> > > > # we record-route all messages -- to make sure that
> > > >
> > > > # subsequent messages will go through our proxy; that's
> > > >
> > > > # particularly good if upstream and downstream entities
> > > >
> > > > # use different transport protocol
> > > >
> > > > record_route();
> > > >
> > > > # loose-route processing
> > > >
> > > > if (loose_route()) {
> > > >
> > > > t_relay();
> > > >
> > > > break;
> > > >
> > > > };
> > > >
> > > >
> > > >
> > > > # if the request is for other domain use UsrLoc
> > > >
> > > > # (in case, it does not work, use the following command
> > > >
> > > > # with proper names and addresses in it)
> > > >
> > > > # if (uri==myself) {
> > > >
> > > > if (uri=~"^sip :(.+@)?(192\.168\.2\.16)([:;\?].*)?$") {
> > > >
> > > >
> > > >
> > > > if (method=="REGISTER") {
> > > >
> > > >
> > > >
> > > > # Uncomment this if you want to use digest authentication
> > > >
> > > > if (!www_authorize("", "subscriber")) {
> > > >
> > > > www_challenge("", "0");
> > > >
> > > > break;
> > > >
> > ; > > };
> > > >
> > > >
> > > >
> > > > save("location");
> > > >
> > > > break;
> > > >
> > > > };
> > > >
> > > >
> > > >
> > > > # native SIP destinations are handled using our USRLOC
> > > > DB
> > > >
> > > > if (!lookup("location")) {
> > > >
> > > > sl_send_reply("404", "Not Found");
> > > >
> > > > break;
> > > >
> > > > };
> > > >
> > > > };
> > > >
> > > > # forward to current uri now; use stateful forwarding; that
> > > >
> > > > # works reliably even if we forward from TCP to UDP
> > > >
> > > > if (! t_relay()) {
> > > >
> > > > sl_reply_error();
> > > >
> > > > };
> > > >
> > > >
> > > >
> > > > }
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > >
> > > > ___________________________________________________________
> > > > Sign-up for Ads Free at Mail.com
> > > > [1]http://www.mail.com/?sr=signup
> > > >
> > > > References
> > > >
> > > > 1.
> >
http://mail01.mail.com/scripts/payment/adtracking.cgi?bannercode=adsfreejump
01
> >
> > >
> > > > _______________________________________________
> > > > Serusers mailing list
> > > > Serusers at ipte l.org
> > > > http://lists.iptel.org/mailman/listinfo/serusers
> > >
> >
> >
> > --
> >
> > ___________________________________________________________
> > Sign-up for Ads Free at Mail.com
> > http://www.mail.com/?sr=signup
> >
> >
> >
> >
------------------------------------------------------------------------
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
--
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://www.mail.com/?sr=signup
<http://mail01.mail.com/scripts/payment/adtracking.cgi?bannercode=adsfreejum
p01>
More information about the sr-users
mailing list