[Serusers] 0.10.99 - ERROR: authorize.c:359: Cannot obtain digest realm from parameter '$fd.digest_realm'
Michal Matyska
michal at iptel.org
Wed Jan 10 15:53:52 CET 2007
Do you have
modparam("domain", "load_domain_attrs", 1)
in your config file?
Michal
On Wed, 2007-01-10 at 13:46 +0100, =?UTF-8?Q? tzieleniewski ?= wrote:
> Sorry my copy/paste mistake (wrong window)
> the actually sent message is printed below:
> [I used the latest cvs version from yesterday:)]
> I also tried to change the flag in ofthe digest_realm atrribute
> like the Samuel said but it didn't help.
>
> SEND >> 127.0.0.1:5060
>
> REGISTER sip:sipproxy.hellboy.touk.pl SIP/2.0
>
> Via: SIP/2.0/UDP 192.168.1.10:7000;rport;branch=z9hG4bK0E4F7962011FAB0614802558EC3111BF
>
> From: tzl <sip:tzl at sipproxy.hellboy.touk.pl>;tag=356809508
>
> To: tzl <sip:tzl at sipproxy.hellboy.touk.pl>
>
> Contact: "tzl" <sip:tzl at 192.168.1.10:7000>
>
> Call-ID: 7BD87155EB1AD7E9F60729227BA31D18 at sipproxy.hellboy.touk.pl
>
> CSeq: 43133 REGISTER
>
> Expires: 1800
>
> Max-Forwards: 70
>
> User-Agent: X-Lite release 1105d
>
> Content-Length: 0
>
> below is the dump_attrs()output:
> 4(3626) INFO: avp.c:540: class=GLOBAL
> 4(3626) AVP["lang"]="en"
> 4(3626) INFO: avp.c:550: track=FROM class=DOMAIN
> 4(3626) AVP["did"]="sipproxy.hellboy.touk.pl"
> 4(3626) INFO: avp.c:560: track=TO class=DOMAIN
> 4(3626) AVP["did"]="sipproxy.hellboy.touk.pl"
> 4(3626) INFO: avp.c:570: track=FROM class=USER
> 4(3626) INFO: No AVP present
> 4(3626) INFO: avp.c:580: track=TO class=USER
> 4(3626) INFO: No AVP present
> 4(3626) INFO: avp.c:590: track=FROM class=URI
> 4(3626) INFO: No AVP present
> 4(3626) INFO: avp.c:600: track=TO class=URI
> 4(3626) INFO: No AVP present
> 4(3626) ERROR: authorize.c:359: Cannot obtain digest realm from parameter '$fd.digest_realm'
>
> Tomasz
>
> > To me the problem is very obvious ;-) :
> >
> > You have defined a domain called "sipproxy.hellboy.touk.pl". But in the
> > REGISTER requests the To header contains "scscf.ims.touk.pl". So SER is not
> > able to identify the target domain, and thus can not load the domain
> > attributes. So their is no domain AVP digest_realm when www_authenticate is
> > called.
> > What I dont get is why you do not receive the 403 from the check before. Could
> > you do me a favor and change your config like this:
> > if (method=="REGISTER") {
> > dump_attrs();
> > if (!$t.did) {
> > And send me the log output after another try. That would be a big help.
> >
> > Thanks
> > Nils
> >
> > On Tuesday 09 January 2007 12:03, tzieleniewski wrote:
> > > HI All!
> > >
> > > I have encountered the following error and don't know waht to do with it:)
> > > ERROR: authorize.c:359: Cannot obtain digest realm from parameter
> > > '$fd.digest_realm' the situation takes places when the following sip
> > > massage arives at ser: #
> > > U 2007/01/09 11:43:02.274949 127.0.0.1:7000 -> 127.0.0.1:5060
> > > REGISTER sip:scscf.ims.touk.pl SIP/2.0.
> > > Via: SIP/2.0/UDP
> > > 127.0.0.1:7000;rport;branch=z9hG4bK2575034C94BE793615C5BEE814464E5B. From:
> > > tzl <sip:tzl at scscf.ims.touk.pl>;tag=1829574745.
> > > To: tzl <sip:tzl at scscf.ims.touk.pl>.
> > > Contact: "tzl" <sip:tzl at 127.0.0.1:7000>.
> > > Call-ID: 3E67EAEFDC8BFC73844E4D0F849DF676 at scscf.ims.touk.pl.
> > > CSeq: 38402 REGISTER.
> > > Expires: 1800.
> > > Max-Forwards: 70.
> > > User-Agent: X-Lite release 1105d.
> > > Content-Length: 0.
> > > .
> > >
> > > My Register logic looks like this:
> > > route[REGISTER]
> > > {
> > > if (method=="REGISTER") {
> > > if (!$t.did) {
> > > sl_send_reply("403", "Register forwarding forbidden");
> > > drop;
> > > }
> > > if (!www_authenticate("$fd.digest_realm", "credentials")) {
> > > if ($? == -2) {
> > > sl_send_reply("500", "Internal Server Error");
> > > } else if ($? == -3) {
> > > sl_send_reply("400", "Bad Request");
> > > } else {
> > > if ($digest_challenge) {
> > > append_to_reply("%$digest_challenge");
> > > }
> > > sl_send_reply("401", "Unauthorized");
> > > }
> > > drop;
> > > };
> > > }
> > >
> > > and here are my database contensts:
> > > mysql> select * from uri;
> > > +------------------------------+--------------------------+----------+-----
> > >--+--------+
> > >
> > > | uid | did | username |
> > > | flags | scheme |
> > >
> > > +------------------------------+--------------------------+----------+-----
> > >--+--------+
> > >
> > > | tzl at sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | tzl |
> > > | 61 | sip |
> > >
> > > +------------------------------+--------------------------+----------+-----
> > >--+--------+
> > >
> > > mysql> select * from domain;
> > > +--------------------------+--------------------------+-------+
> > >
> > > | did | domain | flags |
> > >
> > > +--------------------------+--------------------------+-------+
> > >
> > > | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | 37 |
> > >
> > > +--------------------------+--------------------------+-------+
> > >
> > > mysql> select * from domain_attrs;
> > > +--------------------------+--------------+------+-------------------------
> > >-+-------+
> > >
> > > | did | name | type | value
> > > | | flags |
> > >
> > > +--------------------------+--------------+------+-------------------------
> > >-+-------+
> > >
> > > | sipproxy.hellboy.touk.pl | sw_admin | 2 | 0
> > > | | 32 | sipproxy.hellboy.touk.pl | digest_realm | 2 |
> > > | sipproxy.hellboy.touk.pl | 32 |
> > >
> > > +--------------------------+--------------+------+-------------------------
> > >-+-------+
> > >
> > > mysql> select * from credentials;
> > > +---------------+--------------------------+--------------------------+----
> > >------+-------+----------------------------------+--------------------------
> > >--------+------------------------------+
> > >
> > > | auth_username | did | realm |
> > > | password | flags | ha1 | ha1b
> > > | | uid |
> > >
> > > +---------------+--------------------------+--------------------------+----
> > >------+-------+----------------------------------+--------------------------
> > >--------+------------------------------+
> > >
> > > | tzl | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | tzl
> > > | | 33 | df4a49c51b082f68b792d7e2177c6ed8 |
> > > | 8ba18e21048f2f587ad3386b54b99e5e | tzl at sipproxy.hellboy.touk.pl | admin
> > > | | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | heslo |
> > > | 32 | |
> > > | | 0 |
> > >
> > > +---------------+--------------------------+--------------------------+----
> > >------+-------+----------------------------------+--------------------------
> > >--------+------------------------------+
> > >
> > > Thanku for any help
> > > Bests
> > > Tomasz
> > >
> > > _______________________________________________
> > > Serusers mailing list
> > > Serusers at lists.iptel.org
> > > http://lists.iptel.org/mailman/listinfo/serusers
> >
> > --
> > Dipl. Inform. Nils Ohlmeier
> > Quality Assurance Manager
> >
> > iptelorg GmbH
> > Am Borsigturm 11
> > 13507 Berlin
> > Germany
> >
> > nils.ohlmeier at iptelorg.com
> > www.iptelorg.com
> >
> > T +49-30-325132 22
> > T +49-700-IPTELORG
> > F +49-30-6908 8248
>
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list