[Serusers] INVITE authentication false

Tung Tran tr.tung at gmail.com
Fri Sep 14 05:16:13 CEST 2007 

Hi all,


I am trying to do workaorund of my issue with how to check the FROM user in INVITE message, I am doing radius_proxy_authenticate for INVITE message, but I got new trouble:
- Radius server reply with Access-Accept.
- But SER always understands the authentication is false and do proxy_challeng again and again (althrough all the debug I see  on the debug   >>radius_authorize_sterman(): Success..)

Please tell me what I am wrong ( I am using SER 0.8).

Thanks in advance, Tung

Here is my conf for radius_proxy_authenticate.
                                if (method == "INVITE" && (uri=~"^sip:00"))               
                          {

                                                          if (!radius_proxy_authorize(""))
                                                         {
                                                             xlog("L_INFO", "Radius proxy authorized false, Challenging .. \n");
                                                             proxy_challenge("", "0");
                                                             break;
                                                         };

                                                         xlog("L_INFO", "Radius proxy authorized OK, process call routing .. \n");
                                                         consume_credentials();                                                                
                                                         
                                                         log (1, "************* PC2Phone Using AsteriskB2UBA, Rewriting the host:port **************");
                                                         rewritehostport ("x.x.x.x:5071");
                                                         use_media_proxy();
                                                               t_on_reply("1");
                                                        .............

                        }

And here is the debug on SER

0(2828)  method:  <INVITE>
 0(2828)  uri:     <sip:0012127773456 at sip3.thequocte.com:5060>
 0(2828)  version: <SIP/2.0>
 0(2828) parse_headers: flags=1
 0(2828) Found param type 235, <rport> = <n/a>; state=6
 0(2828) Found param type 232, <branch> = <z9hG4bKPjdc616205bf324ab996179b219e5986b9>; state=16
 0(2828) end of header reached, state=5
 0(2828) parse_headers: Via found, flags=1
 0(2828) parse_headers: this is the first via
 0(2828) After parse_msg...
 0(2828) preparing to run routing scripts...
 0(2828) DEBUG : is_maxfwd_present: searching for max_forwards header
 0(2828) parse_headers: flags=128
 0(2828) DEBUG: is_maxfwd_present: value = 70
 0(2828) parse_headers: flags=8
 0(2828) DEBUG: add_param: tag=e9d3c1dcadf44089b4bd19407187c6dc
 0(2828) end of header reached, state=29
 0(2828) parse_headers: flags=256
 0(2828) end of header reached, state=8
 0(2828) DEBUG: get_hdr_field: <To> [38]; uri=[sip:0012127773456 at sip3.xxxxx.com]
 0(2828) DEBUG: to body [sip:0012127773456 at sip3.xxxxx.com
]
 0(2828) get_hdr_field: cseq <CSeq>: <2> <INVITE>
 0(2828) DEBUG: get_hdr_body : content_length=405
 0(2828) found end of header
 0(2828) find_first_route(): No Route headers found
 0(2828) loose_route(): There is no Route HF
 0(2828) parse_headers: flags=64
 0(2828) parse_headers: flags=64
 0(2828) parse_headers: flags=33554432
 0(2828) check_nonce(): comparing [46e97a6ac3463940efca3302e91c79bea2a80448] and [46e97a6ac3463940efca3302e91c79bea2a80448]
 0(2828) to: 0012127773456
 0(2828) radius_authorize_sterman(): Success
 0(2828) XLOG: xl_print_log: final buffer length 47
 0(2828) Radius proxy authorized false, Challenging ..
 0(2828) build_auth_hf(): 'Proxy-Authenticate: Digest realm="xxxxxxx", nonce="46e97a6ac3463940efca3302e91c79bea2a80448"

More information about the sr-users mailing list