[Serusers] UAC module problem with uac_auth()

Mik mik at ttn.ru
Tue May 10 19:08:09 CEST 2005 

Hello,

I am try uac_auth() client authentication to another SIP server (PSTN 
gateway) entity via Digest authentication. All my attempts failure with 
log messagess:
......
3(98356) DEBUG:uac:uac_auth: picked reply is 0x0, code 401
3(98356) BUG:uac:uac_auth: empty reply on picked branch
......

I use example from http://www.voice-system.ro/docs/uac/ar01s06.html

Give my good advice.
I think, all needed information below.

My SIP server: 213.24.21.2
My UAC: 213.24.21.30
PSTN gateway: 212.53.35.244

SIP messages send/recived with PSTN gateway:
213.24.21.2     ->      212.53.35.244
Session Initiation Protocol
     Request-Line: INVITE sip:70456 at 212.53.35.244:5060 SIP/2.0
         Method: INVITE
         Resent Packet: False
     Message Header
         Record-Route: <sip:213.24.21.2;ftag=ef40b40ea4;lr>
         Via: SIP/2.0/UDP 213.24.21.2;branch=z9hG4bK2102.c205a46.0
         Via: SIP/2.0/UDP 213.24.21.30:5060;branch=z9hG4bKef40b40ea497
         From: <sip:2000 at 213.24.21.2>;tag=ef40b40ea4
         To: <sip:70456 at 213.24.21.2>
         Call-ID: ef2efc40-3cdd-b417-810e-0002a401969c at 213.24.21.30
         CSeq: 97 INVITE
         Supported: timer, replaces
         Min-SE: 1800
         Date: Mon, 19 Jul 2004 20:28:31 GMT
         User-Agent: AddPac SIP Gateway
         Contact: <sip:2000 at 213.24.21.30>
         Accept: application/sdp
         Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, UPDATE, REFER, NOTIFY
         Content-Type: application/sdp
         Content-Length: 249
         Max-Forwards: 16
     Message body
         Session Description Protocol

212.53.35.244     ->      213.24.21.2
Session Initiation Protocol
     Status-Line: SIP/2.0 100 Trying
         Status-Code: 100
         Resent Packet: False
     Message Header
         Via: SIP/2.0/UDP 213.24.21.2:5060;branch=z9hG4bK2102.c205a46.0
         Via: SIP/2.0/UDP 213.24.21.30:5060;branch=z9hG4bKef40b40ea497
         From: <sip:2000 at 213.24.21.2>;tag=ef40b40ea4
         To: <sip:70456 at 213.24.21.2>;tag=3846972144
         Call-ID: ef2efc40-3cdd-b417-810e-0002a401969c at 213.24.21.30
         CSeq: 97 INVITE
         Content-Length: 0

212.53.35.244     ->      213.24.21.2
Session Initiation Protocol
     Status-Line: SIP/2.0 401 Unauthorized
         Status-Code: 401
         Resent Packet: False
     Message Header
         Via: SIP/2.0/UDP 213.24.21.2:5060;branch=z9hG4bK2102.c205a46.0
         Via: SIP/2.0/UDP 213.24.21.30:5060;branch=z9hG4bKef40b40ea497
         From: <sip:2000 at 213.24.21.2>;tag=ef40b40ea4
         To: <sip:70456 at 213.24.21.2>
         Call-ID: ef2efc40-3cdd-b417-810e-0002a401969c at 213.24.21.30
         CSeq: 97 INVITE
         Contact: "SIP-H.323 IWF" 
<sip:TGK4 at 212.53.35.244:50666;transport=tcp>
         Record-Route: <sip:212.53.35.244:5060;lr>
         Record-Route: <sip:213.24.21.2;lr>
         WWW-Authenticate: Digest 
realm="etc.tario.ru",nonce="4280dfdc5f3d72476c787a60f587f741"
         Content-Length: 0

My ser.cfg:

user=voip
listen=213.24.21.2
log_stderror=yes

debug=3
fifo="/var/run/ser.pipe"
fifo_mode=0600
children=5
alias=tagan.ru
alias=megalink.com.ru
sip_warning=no

# ------------------ module loading ----------------------------------

loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/xlog.so"
loadmodule "/usr/local/lib/ser/modules/exec.so"
loadmodule "/usr/local/lib/ser/modules/uac.so"

modparam("uac","credential","user:etc.tario.ru:password")


route [0] {
..... skip......
     if (method=="INVITE") {
         if (isflagset(2)) {
             # Our user
             xlog("L_INFO", "[%ci]: GO TO PSTN.\n");
             t_on_failure("3");
             t_relay_to_udp("212.53.35.244","5060");
             break;
         }
         sl_send_reply("404", "Not found.");
         break;
     }
..... skip......

failure_route[3] {

     # authentication reply received?
     if ( t_check_status("401|407") ) {
         # have we already tried to authenticate?
         if (isflagset(7)) {
             t_reply("513","Authentication failed");
             xlog("L_INFO", "[%ci]: Remote authentication failed\n");
             break;
         }
         if (uac_auth()) {
             # mark that auth was performed
             setflag(7);
             # trigger again the failure route
             t_on_failure("3");
             # repeat the request with auth response this time
             append_branch();
             t_relay();
             break;
         }
         t_reply("514","Unknow authentication peer");
         xlog("L_INFO", "[%ci]: Unknown authentication peer.\n");
         break;
     }

}

More information about the sr-users mailing list