[Serusers] 0.10.99 - ERROR: authorize.c:359: Cannot obtain digest realm from parameter '$fd.digest_realm'
Nils Ohlmeier
nils at iptel.org
Wed Jan 10 15:54:11 CET 2007
After looking at this I'm almost sure it is the 32 vs. 33 flag thing. I guess
you changed the flag by hand in the DB, right? In this case you would have to
restart SER or use ser_ctl to reload the domains, because the domain
attributes are cached in memory.
Nils
On Wednesday 10 January 2007 13:46, tzieleniewski wrote:
> Sorry my copy/paste mistake (wrong window)
> the actually sent message is printed below:
> [I used the latest cvs version from yesterday:)]
> I also tried to change the flag in ofthe digest_realm atrribute
> like the Samuel said but it didn't help.
>
> SEND >> 127.0.0.1:5060
>
> REGISTER sip:sipproxy.hellboy.touk.pl SIP/2.0
>
> Via: SIP/2.0/UDP
> 192.168.1.10:7000;rport;branch=z9hG4bK0E4F7962011FAB0614802558EC3111BF
>
> From: tzl <sip:tzl at sipproxy.hellboy.touk.pl>;tag=356809508
>
> To: tzl <sip:tzl at sipproxy.hellboy.touk.pl>
>
> Contact: "tzl" <sip:tzl at 192.168.1.10:7000>
>
> Call-ID: 7BD87155EB1AD7E9F60729227BA31D18 at sipproxy.hellboy.touk.pl
>
> CSeq: 43133 REGISTER
>
> Expires: 1800
>
> Max-Forwards: 70
>
> User-Agent: X-Lite release 1105d
>
> Content-Length: 0
>
> below is the dump_attrs()output:
> 4(3626) INFO: avp.c:540: class=GLOBAL
> 4(3626) AVP["lang"]="en"
> 4(3626) INFO: avp.c:550: track=FROM class=DOMAIN
> 4(3626) AVP["did"]="sipproxy.hellboy.touk.pl"
> 4(3626) INFO: avp.c:560: track=TO class=DOMAIN
> 4(3626) AVP["did"]="sipproxy.hellboy.touk.pl"
> 4(3626) INFO: avp.c:570: track=FROM class=USER
> 4(3626) INFO: No AVP present
> 4(3626) INFO: avp.c:580: track=TO class=USER
> 4(3626) INFO: No AVP present
> 4(3626) INFO: avp.c:590: track=FROM class=URI
> 4(3626) INFO: No AVP present
> 4(3626) INFO: avp.c:600: track=TO class=URI
> 4(3626) INFO: No AVP present
> 4(3626) ERROR: authorize.c:359: Cannot obtain digest realm from parameter
> '$fd.digest_realm'
>
> Tomasz
>
> > To me the problem is very obvious ;-) :
> >
> > You have defined a domain called "sipproxy.hellboy.touk.pl". But in the
> > REGISTER requests the To header contains "scscf.ims.touk.pl". So SER is
> > not able to identify the target domain, and thus can not load the domain
> > attributes. So their is no domain AVP digest_realm when www_authenticate
> > is called.
> > What I dont get is why you do not receive the 403 from the check before.
> > Could you do me a favor and change your config like this:
> > if (method=="REGISTER") {
> > dump_attrs();
> > if (!$t.did) {
> > And send me the log output after another try. That would be a big help.
> >
> > Thanks
> > Nils
> >
> > On Tuesday 09 January 2007 12:03, tzieleniewski wrote:
> > > HI All!
> > >
> > > I have encountered the following error and don't know waht to do with
> > > it:) ERROR: authorize.c:359: Cannot obtain digest realm from parameter
> > > '$fd.digest_realm' the situation takes places when the following sip
> > > massage arives at ser: #
> > > U 2007/01/09 11:43:02.274949 127.0.0.1:7000 -> 127.0.0.1:5060
> > > REGISTER sip:scscf.ims.touk.pl SIP/2.0.
> > > Via: SIP/2.0/UDP
> > > 127.0.0.1:7000;rport;branch=z9hG4bK2575034C94BE793615C5BEE814464E5B.
> > > From: tzl <sip:tzl at scscf.ims.touk.pl>;tag=1829574745.
> > > To: tzl <sip:tzl at scscf.ims.touk.pl>.
> > > Contact: "tzl" <sip:tzl at 127.0.0.1:7000>.
> > > Call-ID: 3E67EAEFDC8BFC73844E4D0F849DF676 at scscf.ims.touk.pl.
> > > CSeq: 38402 REGISTER.
> > > Expires: 1800.
> > > Max-Forwards: 70.
> > > User-Agent: X-Lite release 1105d.
> > > Content-Length: 0.
> > > .
> > >
> > > My Register logic looks like this:
> > > route[REGISTER]
> > > {
> > > if (method=="REGISTER") {
> > > if (!$t.did) {
> > > sl_send_reply("403", "Register forwarding forbidden");
> > > drop;
> > > }
> > > if (!www_authenticate("$fd.digest_realm", "credentials")) {
> > > if ($? == -2) {
> > > sl_send_reply("500", "Internal Server Error");
> > > } else if ($? == -3) {
> > > sl_send_reply("400", "Bad Request");
> > > } else {
> > > if ($digest_challenge) {
> > > append_to_reply("%$digest_challenge");
> > > }
> > > sl_send_reply("401", "Unauthorized");
> > > }
> > > drop;
> > > };
> > > }
> > >
> > > and here are my database contensts:
> > > mysql> select * from uri;
> > > +------------------------------+--------------------------+----------+-
> > >---- --+--------+
> > >
> > > | uid | did | username |
> > > | flags | scheme |
> > >
> > > +------------------------------+--------------------------+----------+-
> > >---- --+--------+
> > >
> > > | tzl at sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | tzl |
> > > | 61 | sip |
> > >
> > > +------------------------------+--------------------------+----------+-
> > >---- --+--------+
> > >
> > > mysql> select * from domain;
> > > +--------------------------+--------------------------+-------+
> > >
> > > | did | domain | flags |
> > >
> > > +--------------------------+--------------------------+-------+
> > >
> > > | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | 37 |
> > >
> > > +--------------------------+--------------------------+-------+
> > >
> > > mysql> select * from domain_attrs;
> > > +--------------------------+--------------+------+---------------------
> > >---- -+-------+
> > >
> > > | did | name | type | value
> > > |
> > > | | flags |
> > >
> > > +--------------------------+--------------+------+---------------------
> > >---- -+-------+
> > >
> > > | sipproxy.hellboy.touk.pl | sw_admin | 2 | 0
> > > |
> > > | | 32 | sipproxy.hellboy.touk.pl | digest_realm | 2 |
> > > |
> > > | sipproxy.hellboy.touk.pl | 32 |
> > >
> > > +--------------------------+--------------+------+---------------------
> > >---- -+-------+
> > >
> > > mysql> select * from credentials;
> > > +---------------+--------------------------+--------------------------+
> > >----
> > > ------+-------+----------------------------------+---------------------
> > >----- --------+------------------------------+
> > >
> > > | auth_username | did | realm |
> > > | password | flags | ha1 | ha1b
> > > |
> > > | | uid |
> > >
> > > +---------------+--------------------------+--------------------------+
> > >----
> > > ------+-------+----------------------------------+---------------------
> > >----- --------+------------------------------+
> > >
> > > | tzl | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl |
> > > | tzl
> > > |
> > > | | 33 | df4a49c51b082f68b792d7e2177c6ed8 |
> > > |
> > > | 8ba18e21048f2f587ad3386b54b99e5e | tzl at sipproxy.hellboy.touk.pl |
> > > | admin
> > > |
> > > | | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | heslo
> > > | | |
> > > |
> > > | 32 | |
> > > |
> > > | | 0 |
> > >
> > > +---------------+--------------------------+--------------------------+
> > >----
> > > ------+-------+----------------------------------+---------------------
> > >----- --------+------------------------------+
More information about the sr-users
mailing list