[Serusers] DUV 1000 problems w/ www_authorize

Fri Mar 18 15:06:40 CET 2005

Hi guys,

I have a problem w/ the DUV 1000 ( http://corp.deltathree.com/productsandservices/dialup.html ) 
hardware device. I'm using www_authorize in my ser.cfg on every call forward (pstn) to prevent 
other sip proxies to forwad traffic to me: 

        if (uri=~"^sip:00") {
        log(0, "\n\n************  B2BUA  ***********\n");

        if((!src_ip=="12.34.56.78")||(!src_ip=="1.2.3.4")){
#          if (!proxy_authorize("12.34.56.78", "subscriber")) {
#            proxy_challenge("12.34.56.78", "1");
#          };
                        if (!www_authorize("12.34.56.78", "subscriber")) {
                                www_challenge("12.34.56.78", "1");
                                break;
                        };
        };
strip(0);
       rewritehostport("1.2.3.4:11234");
        append_branch("1.2.3.4");
       t_relay();
       t_relay_to_udp("1.2.3.4", "11234");
        append_hf("P-hint: VoipSwitch GATEWAY\r\n");
        log(0, "********************************************\n\n\n");
        break;
        };

When I try to call 00xxxxxx the DUV device doesn't authorize to the ser and the call fails. The same happens when proxy_authorize is used. 
Here is the sniffer log: 

#
U 34.56.87.12:5060 -> 12.34.56.78:5060
INVITE sip:00359123456 at 12.34.56.78 SIP/2.0.
Via: SIP/2.0/UDP 34.56.87.12:5060.
From: 6789 <sip:6789 at 12.34.56.78>;tag=10311.
To: sip:00359123456 at 12.34.56.78.
Call-ID: 20495 at 34.56.87.12.
Contact: sip:6789 at 34.56.87.12:5060.
CSeq: 8112 INVITE.
Max-Forwards: 70.
Content-Length: 119.
User-Agent: DUV1000 (dlk2.62)6789.
Content-Type: application/sdp.
.
v=0.
o=dlink 4526 9013 IN IP4 34.56.87.12.
s=Session SDP.
c=IN IP4 34.56.87.12.
t=0 0.
m=audio 6868 RTP/AVP 4 4 4.
.

#
U 12.34.56.78:5060 -> 34.56.87.12:5060
SIP/2.0 401 Unauthorized.
Via: SIP/2.0/UDP 34.56.87.12:5060.
From: 6789 <sip:6789 at 12.34.56.78>;tag=10311.
To: sip:00359123456 at 12.34.56.78;tag=89fc68a3caf42d7e2d6038f5511e0f83.d0d2.
Call-ID: 20495 at 34.56.87.12.
CSeq: 8112 INVITE.
WWW-Authenticate: Digest realm="12.34.56.78", nonce="423ab89f16ace6d2361b2f280fbcc0a1e55f06e1", qop="auth".
Server: Sip EXpress router (0.9.0 (i386/linux)).
Content-Length: 0.
Warning: 392 12.34.56.78:5060 "Noisy feedback tells:  pid=29694 req_src_ip=34.56.87.12 req_src_port=5060 in_uri=sip:00359123456 at 12.34.56.78 out_uri=sip:00359123456 at 12.34.56.78 via_cnt==1".
.

#
U 34.56.87.12:5060 -> 12.34.56.78:5060
ACK sip:00359123456 at 12.34.56.78 SIP/2.0.
Via: SIP/2.0/UDP 34.56.87.12:5060.
From: 6789 <sip:6789 at 12.34.56.78>;tag=10311.
To: sip:00359123456 at 12.34.56.78.
Call-ID: 20495 at 34.56.87.12.
Contact: sip:6789 at 34.56.87.12:5060.
CSeq: 8112 ACK.
Max-Forwards: 70.
Content-Length: 0.
User-Agent: DUV1000 (dlk2.62)6789.
.

#
U 34.56.87.12:5060 -> 12.34.56.78:5060
INVITE sip:00359123456 at 12.34.56.78 SIP/2.0.
Via: SIP/2.0/UDP 34.56.87.12:5060.
From: 6789 <sip:6789 at 12.34.56.78>;tag=17031.
To: sip:00359123456 at 12.34.56.78.
Call-ID: 30054 at 34.56.87.12.
Contact: sip:6789 at 34.56.87.12:5060.
CSeq: 8288 INVITE.
Max-Forwards: 70.
Content-Length: 119.
Authorization: Digest username="6789",realm="12.34.56.78",nonce="423ab89f16ace6d2361b2f280fbcc0a1e55f06e1",uri="sip:00359123456 at 12.34.56.78",algorithm=MD5,qop="auth",nc=00000006,cnonce="11367",response="ef6972dc5229d88060a952c10bdb2789".
User-Agent: DUV1000 (dlk2.62)6789.
Content-Type: application/sdp.
.
v=0.
o=dlink 4526 9013 IN IP4 34.56.87.12.
s=Session SDP.
c=IN IP4 34.56.87.12.
t=0 0.
m=audio 7044 RTP/AVP 4 4 4.

It seems that DUV sends authorization information ... but not correct maybe. Without www_autorize and proxy_authorize the device is able to place calls. 

Thanks in advance,
Pavel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20050318/25298487/attachment.htm>