[Users] Problems with digest authentication

Bogdan-Andrei Iancu bogdan at voice-system.ro
Tue Aug 2 14:15:03 CEST 2005


Hi Aimable,

have you tried with
   www_authorize("talk.artel.rw","subscriber")
in the REGISTER block? just asking because I don't see this in your cfg.

if your did, but still doesn't work, please send the net traffic capture 
and the OpenSER log (in full debug mode) for the failed REGISTER. For 
sure, there is a config problem somewhere....

regards,
bogdan



aimable wrote:

>I tried both of these configurations and none of them worked .
>Here below is my configuration
>
>debug=7
>fork=yes
>log_stderror=yes
>listen=193.XXX.XX4.XXX
>port=5060
>children=4
> 
>alias=193.XXX.XX4.XXX
>alias=sip.mydomain.tld
> 
>dns=yes
>rev_dns=no
> 
>fifo="/tmp/openser_fifo"
>fifo_db_url="mysql://USER:PASSWORD@localhost/openser"
> 
>loadmodule "/usr/local/lib/openser/modules/mysql.so"
>loadmodule "/usr/local/lib/openser/modules/sl.so"
>loadmodule "/usr/local/lib/openser/modules/tm.so"
>loadmodule "/usr/local/lib/openser/modules/rr.so"
>loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
>loadmodule "/usr/local/lib/openser/modules/usrloc.so"
>loadmodule "/usr/local/lib/openser/modules/registrar.so"
>loadmodule "/usr/local/lib/openser/modules/auth.so"
>loadmodule "/usr/local/lib/openser/modules/auth_db.so"
>loadmodule "/usr/local/lib/openser/modules/uri.so"
>loadmodule "/usr/local/lib/openser/modules/uri_db.so"
>loadmodule "/usr/local/lib/openser/modules/mediaproxy.so"
>loadmodule "/usr/local/lib/openser/modules/nathelper.so"
>loadmodule "/usr/local/lib/openser/modules/textops.so"
>loadmodule "/usr/local/lib/openser/modules/domain.so"
>loadmodule "/usr/local/lib/openser/modules/acc.so"
> 
>modparam("auth_db", "calculate_ha1", 1)
>modparam("auth_db", "password_column", "password")
>modparam("auth_db", "use_domain", 1)
> 
>modparam("domain", "db_mode", 1)
> 
>modparam("nathelper", "rtpproxy_disable", 1)
>modparam("nathelper", "natping_interval", 180)
> 
>modparam("mediaproxy","natping_interval", 30)
>modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock")
>modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/openser/sip-asymmetr
>ic-clients")
>modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/openser/rtp-asymmetr
>ic-clients")
> 
>modparam("usrloc", "db_mode", 2)
>modparam("usrloc", "use_domain", 1)
> 
>modparam("registrar", "default_expires", 60)
>modparam("registrar", "min_expires", 30)
>modparam("registrar", "nat_flag", 6)
>modparam("registrar", "use_domain", 1)
> 
>modparam("rr", "enable_full_lr", 1)
> 
>modparam("auth_db|uri_db|usrloc", "db_url",
>"mysql://USER:PASSWORD@localhost/openser")
>modparam("acc", "db_url", "mysql://USER:PASSWORD@localhost/openser")
>modparam("acc", "failed_transactions", 1)
>modparam("acc", "log_level", 1)
>modparam("acc", "log_flag", 1)
>modparam("acc", "db_flag", 1)
> 
>route {
> 
>        # -----------------------------------------------------------------
>        # Sanity Check Section
>        # -----------------------------------------------------------------
>        if (!mf_process_maxfwd_header("10")) {
>                sl_send_reply("483", "Too Many Hops");
>                break;
>        };
> 
>        if (msg:len > max_len) {
>                sl_send_reply("513", "Message Overflow");
>                break;
>        };
> 
>        # -----------------------------------------------------------------
>        # Record Route Section and Acc section
>        # -----------------------------------------------------------------
>        if (method=="INVITE" && client_nat_test("3")) {
>                record_route_preset("193.XXX.XX4.XXX:5060;nat=yes");
>        } else if (method!="REGISTER") {
>        if!(uri=~"^sip:833[0-9]*@") {
>                record_route();
>                setflag(1);
>            }
>        };
> 
>        # -----------------------------------------------------------------
>        # Call Tear Down Section
>        # -----------------------------------------------------------------
>        if (method=="BYE" || method=="CANCEL") {
>                end_media_session();
>        };
> 
>        # -----------------------------------------------------------------
>        # Loose Route Section
>        # -----------------------------------------------------------------
>        if (loose_route()) {
> 
>                if (has_totag() && (method=="INVITE" || method=="ACK")) {
> 
>                        if (client_nat_test("3") ||
>search("^Route:.*;nat=yes")) {
>                                setflag(6);
>                                use_media_proxy();
>                        };
>                };
> 
>                route(1);
>                break;
>        };
> 
>        # -----------------------------------------------------------------
>        # Call Type Processing Section
>        # -----------------------------------------------------------------
> 
>        if (uri!=myself) {
>                route(1);
>                break;
>        };
> 
>        if (uri==myself) {
> 
>                if (method=="CANCEL") {
>                        route(3);
>                        break;
>                } else if (method=="INVITE") {
>                        route(3);
>                        break;
>                } else  if (method=="REGISTER") {
>                        route(2);
>                        break;
>                };
> 
>                lookup("aliases");
>                if (uri!=myself) {
>                        route(1);
>                        break;
>                };
> 
>                if (!lookup("location")) {
>                        sl_send_reply("404", "User Not Found");
>                        break;
>                };
>        };
> 
>        route(1);
>}
> 
>route[1] {
> 
>        # -----------------------------------------------------------------
>        # Default Message Handler
>        # -----------------------------------------------------------------
> 
>        t_on_reply("1");
> 
>        if (!t_relay()) {
> 
>                if (method=="INVITE" || method=="ACK") {
>                        end_media_session();
>                };
> 
>                sl_reply_error();
>        };
>}
> 
>route[2] {
> 
>        # -----------------------------------------------------------------
>        # REGISTER Message Handler
>        # ----------------------------------------------------------------
> 
>        if (!search("^Contact:\ +\*") && client_nat_test("7")) {
>                setflag(6);
>                fix_nated_register();
>                force_rport();
>        };
> 
>        sl_send_reply("100", "Trying");
> 
>        if (!www_authorize("","subscriber")) {
>                www_challenge("","0");
>                break;
>        };
> 
>        if (!check_to()) {
>                sl_send_reply("401", "Unauthorized");
>                break;
>        };
> 
>        consume_credentials();
> 
>        if (!save("location")) {
>                sl_reply_error();
>        };
>}
> 
>route[3] {
> 
>        # -----------------------------------------------------------------
>        # CANCEL and INVITE Message Handler
>        # -----------------------------------------------------------------
> 
>        if (client_nat_test("3")) {
>                setflag(7);
>                force_rport();
>                fix_nated_contact();
>        };
> 
>        lookup("aliases");
>        if (uri!=myself) {
>                route(1);
>                break;
>        };
> 
> 
>        if (!lookup("location")) {
>                sl_send_reply("404", "User Not Found");
>                break;
>        };
> 
>        if (method=="CANCEL") {
>                route(1);
>                break;
>        };
> 
>        if (!proxy_authorize("","subscriber")) {
>                proxy_challenge("","0");
>                break;
>        } else if (!check_from()) {
>                sl_send_reply("403", "Use From=ID");
>                break;
>        };
> 
>        consume_credentials();
> 
>        if (isflagset(6) || isflagset(7)) {
>                use_media_proxy();
>        };
> 
>        route(1);
>}
> 
>onreply_route[1] {
> 
>        if ((isflagset(6) || isflagset(7)) &&
>(status=~"(180)|(183)|2[0-9][0-9]")) {
> 
>                if (!search("^Content-Length:\ +0")) {
>                        use_media_proxy();
>                };
>        };
> 
>        if (client_nat_test("1")) {
>                fix_nated_contact();
>        };
>}
>
>  
>





More information about the sr-users mailing list