[SR-Users] UACREG - answering to 401 on invite

Jean Cérien cerien.jean at gmail.com
Tue Sep 26 21:34:52 CEST 2017 

Hi

Still searching on that one. My guess now is that I am receiving another
401 because the CSEQ does not get incremented.

INVITE cseq 102--->
<---- 401 (with nonce) cseq 102
ACK cseq 102 --->

INVITE ---> with correct nonce & response, I've recalculated the response,
it is ok -- cseq 102
<--- 401 (with new nonce) cseq 102
ACK -->cseq 102

I think the 2nd exchange should have a cseq of 103 or higher.

How can I increase it ?

J.

// Here is the section  generating the reply with the wrong cseq

if(t_check_status("401|407")) {
        $avp(auser) = "test";
        $avp(apass) = "test";
        uac_auth();
        t_relay();
        exit;
}





On Tue, Sep 26, 2017 at 11:02 AM, Jean Cérien <cerien.jean at gmail.com> wrote:

>
> Thanks - I've done some progress - I've hard coded temporarily the user,
> pass & realm, and authentication goes out now.
>
> However, the provider is answering with a 401 & a new nonce.
>
> here is what I have
>
> INVITE --->
> <---- 401 (with nonce)
> ACK --->
> INVITE ---> with correct nonce & response, I've recalculated the response,
> it is ok
> <--- 401 (with new nonce)
> ACK -->
>
> When I configure another box with a plain asterisk and same credentials,
> the call goes through fine - so it is not because my ip is wrong or not
> whitelisted.
>
> Why would the remote send me a 401 ??? I've tried to contact them but no
> answer
>
> J.
>
>
> On Tue, Sep 26, 2017 at 10:03 AM, Daniel Tryba <d.tryba at pocos.nl> wrote:
>
>> On Tue, Sep 26, 2017 at 09:36:19AM -0400, Jean Cérien wrote:
>> > I've inserted the following block on the failure route:
>> >         if (t_check_status("401|407")) {
>> >                 xlog("L_INFO","failure_route(ROUTEFAIL) @@ call to
>> > uac_auth()\n");
>> >                 uac_auth();
>> >                 t_relay();
>> >                 exit;
>> >         }
>>
>> Unlike when calling uac_reg_request_to, you'll have to fill the
>> auth_*_avp pvs yourself. So in the example you have to fill $avp(auser)
>> and $avp(apass).
>>
>> modparam("uac","auth_username_avp","$avp(auser)")
>> modparam("uac","auth_password_avp","$avp(apass)")
>> modparam("uac","auth_realm_avp","$avp(arealm)")
>>
>> ...
>>
>> if(t_check_status("401|407")) {
>>         $avp(auser) = "test";
>>         $avp(apass) = "test";
>>         uac_auth();
>>         t_relay();
>>         exit;
>> }
>>
>> So next problem is how to get those credentials. You already know the
>> user making the call. So either have a custom query to a custom table
>> (sqlops/avpops) to retrieve the external user/pass for current user, or
>> try to store that information with the subscriber data (saw some
>> suggestions for this a while back on the list).
>>
>>
>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20170926/d59c50ad/attachment.html>

More information about the sr-users mailing list