[SR-Users] uac_auth()

Daniel-Constantin Mierla miconda at gmail.com
Wed Jun 16 10:56:12 CEST 2010



On 6/16/10 10:32 AM, Alex Balashov wrote:
> On 06/16/2010 04:27 AM, Iñaki Baz Castillo wrote:
>> 2010/6/16 Alex Balashov<abalashov at evaristesys.com>:
>>>   Also, CSeq is not being incremented.
>>
>> Why do you want CSeq being incremented by the proxy? Note that the UAS
>> still knows nothing about the request until it receives the first
>> INVITE (with credentials) from he proxy.
>
> Am I misreading 3261 Section 22.3?
>
>
>       If a proxy were to resubmit a request adding a
>       Proxy-Authorization header field value, it would need
>       to increment the CSeq in the new request.  However, this
>       would cause the UAC that submitted the original request to
>       discard a response from the UAS, as the CSeq value would
>       be different.
>
> Since the proxy is the authentication actor, I assumed this is how it 
> should be done.  On the other hand, if the purpose of the UAC module 
> is to "spoof" a challenge response as if it really came from the UAC, 
> I suppose this is not appropriate.
>
> Either way, regardless of CSeq, the Proxy-Authorization header is not 
> being added to the resent request.  Unless I am doing something wrong, 
> I believe uac_auth() doesn't work.
do you get any error message? The only case when is printed a dbg 
message is when no credentials for the realm in challenge are found. 
Test to see if uac_auth() returns false or true.

CSeq is not incremented is a know limitation:
http://kamailio.org/docs/modules/stable/modules_k/uac.html#id2899892

Tracking CSeq will require getting into b2bua-like since there can be 
many auth requests.

Cheers,
Daniel

-- 
Daniel-Constantin Mierla
Asterisk SIP Router Masterclass
Malaga, Spain - July 5-9, 2010
http://www.asipto.com/




More information about the sr-users mailing list