[OpenSER-Users] Cannot authenticate SUBSCRIBE
Eric PTAK
eric.ptak.fr at gmail.com
Tue Apr 29 10:07:37 CEST 2008
Thank you very much Bogdan, it works fine !
2008/4/25, Bogdan-Andrei Iancu <bogdan at voice-system.ro>:
>
> Hi Eric,
>
> You should try to use proxy_auth() and proxy_challenge() for the
> SUBSCRIBE....
>
> Regards,
> Bogdan
>
> Eric PTAK wrote:
>
> > Hi list !
> > I'm building an agent and currently working on Digest authentication
> > using auth and auth_db modules.
> > I'm trying to authenticate all requests for compliance test purpose.
> > It works fine with REGISTER but I can't authenticate for others methods
> > like SUBSCRIBE, the module is looping authentication.
> > This is a part of my config file :
> > if (uri==myself) {
> > if (!www_authorize("", "subscriber")) {
> > www_challenge("", "0");
> > exit;
> > };
> > // others things
> > };
> > And this is the requests / responses :
> >
> > REGISTER sip:sip.awl.test SIP/2.0
> > Call-ID: 0f13c7c272f62943f2f6345c07249fcd at 10.24.238.150 <mailto:
> > 0f13c7c272f62943f2f6345c07249fcd at 10.24.238.150>
> > CSeq: 1 REGISTER
> > From: <sip:0000 at sip.awl.test>;tag=9c0477b2
> > To: <sip:0000 at sip.awl.test>
> > Via: SIP/2.0/UDP 10.24.238.150:23456
> > ;branch=z9hG4bKb71ee89041bd9f3631cf46a8fc76b46c
> > Max-Forwards: 70
> > Contact: <sip:0000 at 10.24.238.150:23456
> > ;transport=tcp>;expires=3600,<sip:0000 at 10.24.238.150:23456
> > ;transport=udp>;expires=3600
> > Content-Length: 0
> >
> > SIP/2.0 401 Unauthorized
> > Call-ID: 0f13c7c272f62943f2f6345c07249fcd at 10.24.238.150 <mailto:
> > 0f13c7c272f62943f2f6345c07249fcd at 10.24.238.150>
> > CSeq: 1 REGISTER
> > From: <sip:0000 at sip.awl.test>;tag=9c0477b2
> > To: <sip:0000 at sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696
> > Via: SIP/2.0/UDP 10.24.238.150:23456
> > ;branch=z9hG4bKb71ee89041bd9f3631cf46a8fc76b46c
> > WWW-Authenticate: Digest realm="sip.awl.test",
> > nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35"
> > Server: OpenSER (1.3.1-notls (i386/linux))
> > Content-Length: 0
> >
> > REGISTER sip:sip.awl.test SIP/2.0
> > Call-ID: 0f13c7c272f62943f2f6345c07249fcd at 10.24.238.150 <mailto:
> > 0f13c7c272f62943f2f6345c07249fcd at 10.24.238.150>
> > CSeq: 2 REGISTER
> > From: <sip:0000 at sip.awl.test>;tag=9c0477b2
> > To: <sip:0000 at sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696
> > Max-Forwards: 70
> > Contact: <sip:0000 at 10.24.238.150:23456
> > ;transport=tcp>;expires=3600,<sip:0000 at 10.24.238.150:23456
> > ;transport=udp>;expires=3600
> > Via: SIP/2.0/UDP 10.24.238.150:23456
> > ;branch=z9hG4bK4bff3e93bf1dc502db28c4d414e60b4f
> > Authorization: Digest
> > response="efb87138e6340d7a80a1f13ef26821da",username="0000",realm="sip.awl.test",nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35",uri="sip:sip.awl.test",algorithm=MD5
> > Content-Length: 0
> >
> > SIP/2.0 200 OK
> > Call-ID: 0f13c7c272f62943f2f6345c07249fcd at 10.24.238.150 <mailto:
> > 0f13c7c272f62943f2f6345c07249fcd at 10.24.238.150>
> > CSeq: 2 REGISTER
> > From: <sip:0000 at sip.awl.test>;tag=9c0477b2
> > To: <sip:0000 at sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696
> > Via: SIP/2.0/UDP 10.24.238.150:23456
> > ;branch=z9hG4bK4bff3e93bf1dc502db28c4d414e60b4f
> > Contact: <sip:0000 at 10.24.238.150:23456;transport=udp>;expires=3600,
> > <sip:0000 at 10.24.238.150:23456;transport=tcp>;expires=3600
> > Server: OpenSER (1.3.1-notls (i386/linux))
> > Content-Length: 0
> >
> > SUBSCRIBE sip:0000 at sip.awl.test SIP/2.0
> > Call-ID: d27f913809ccfa308b497ce92c3d01ef at 10.24.238.150 <mailto:
> > d27f913809ccfa308b497ce92c3d01ef at 10.24.238.150>
> > CSeq: 1 SUBSCRIBE
> > From: <sip:0000 at sip.awl.test>;tag=3b68764f
> > To: <sip:0000 at sip.awl.test>
> > Via: SIP/2.0/UDP 10.24.238.150:23456
> > ;branch=z9hG4bKae0ab5a2b4dd462eb139276b814b413c
> > Max-Forwards: 70
> > Contact: <sip:0000 at 10.24.238.150:23456 <
> > http://sip:0000@10.24.238.150:23456>>
> > Expires: 3600
> > Event: presence.winfo
> > Content-Length: 0
> >
> > SIP/2.0 401 Unauthorized
> > Call-ID: d27f913809ccfa308b497ce92c3d01ef at 10.24.238.150 <mailto:
> > d27f913809ccfa308b497ce92c3d01ef at 10.24.238.150>
> > CSeq: 1 SUBSCRIBE
> > From: <sip:0000 at sip.awl.test>;tag=3b68764f
> > To: <sip:0000 at sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff
> > Via: SIP/2.0/UDP 10.24.238.150:23456
> > ;branch=z9hG4bKae0ab5a2b4dd462eb139276b814b413c
> > WWW-Authenticate: Digest realm="sip.awl.test",
> > nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35"
> > Server: OpenSER (1.3.1-notls (i386/linux))
> > Content-Length: 0
> >
> > SUBSCRIBE sip:0000 at sip.awl.test SIP/2.0
> > Call-ID: d27f913809ccfa308b497ce92c3d01ef at 10.24.238.150 <mailto:
> > d27f913809ccfa308b497ce92c3d01ef at 10.24.238.150>
> > CSeq: 2 SUBSCRIBE
> > From: <sip:0000 at sip.awl.test>;tag=3b68764f
> > To: <sip:0000 at sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff
> > Max-Forwards: 70
> > Contact: <sip:0000 at 10.24.238.150:23456 <
> > http://sip:0000@10.24.238.150:23456>>
> > Expires: 3600
> > Event: presence.winfo
> > Via: SIP/2.0/UDP 10.24.238.150:23456
> > ;branch=z9hG4bK0afcac1c88fce00c3bfca270ed379ee4
> > Authorization: Digest
> > response="efb87138e6340d7a80a1f13ef26821da",username="0000",realm="sip.awl.test",nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35",uri="sip:sip.awl.test",algorithm=MD5
> > Content-Length: 0
> >
> > SIP/2.0 401 Unauthorized
> > Call-ID: d27f913809ccfa308b497ce92c3d01ef at 10.24.238.150 <mailto:
> > d27f913809ccfa308b497ce92c3d01ef at 10.24.238.150>
> > CSeq: 2 SUBSCRIBE
> > From: <sip:0000 at sip.awl.test>;tag=3b68764f
> > To: <sip:0000 at sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff
> > Via: SIP/2.0/UDP 10.24.238.150:23456
> > ;branch=z9hG4bK0afcac1c88fce00c3bfca270ed379ee4
> > WWW-Authenticate: Digest realm="sip.awl.test",
> > nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35"
> > Server: OpenSER (1.3.1-notls (i386/linux))
> > Content-Length: 0
> >
> >
> >
> > As you can see, auth module always use
> > nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35" in its responses, for both
> > register and subscribe.
> >
> > thanks for your help,
> >
> > Eric.
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.openser.org
> > http://lists.openser.org/cgi-bin/mailman/listinfo/users
> >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20080429/1cd1a0c0/attachment.htm>
More information about the sr-users
mailing list