[SR-Users] UACREG - answering to 401 on invite

Jean Cérien cerien.jean at gmail.com
Tue Sep 26 21:59:37 CEST 2017


Ok - found it !!

I've managed to get the cseq incremented following the info in this post:
https://github.com/kamailio/kamailio/issues/679

Many thanks for your help,

J.

On Tue, Sep 26, 2017 at 3:34 PM, Jean Cérien <cerien.jean at gmail.com> wrote:

>
> Hi
>
> Still searching on that one. My guess now is that I am receiving another
> 401 because the CSEQ does not get incremented.
>
> INVITE cseq 102--->
> <---- 401 (with nonce) cseq 102
> ACK cseq 102 --->
>
> INVITE ---> with correct nonce & response, I've recalculated the response,
> it is ok -- cseq 102
> <--- 401 (with new nonce) cseq 102
> ACK -->cseq 102
>
> I think the 2nd exchange should have a cseq of 103 or higher.
>
> How can I increase it ?
>
> J.
>
> // Here is the section  generating the reply with the wrong cseq
>
> if(t_check_status("401|407")) {
>         $avp(auser) = "test";
>         $avp(apass) = "test";
>         uac_auth();
>         t_relay();
>         exit;
> }
>
>
>
>
>
> On Tue, Sep 26, 2017 at 11:02 AM, Jean Cérien <cerien.jean at gmail.com>
> wrote:
>
>>
>> Thanks - I've done some progress - I've hard coded temporarily the user,
>> pass & realm, and authentication goes out now.
>>
>> However, the provider is answering with a 401 & a new nonce.
>>
>> here is what I have
>>
>> INVITE --->
>> <---- 401 (with nonce)
>> ACK --->
>> INVITE ---> with correct nonce & response, I've recalculated the
>> response, it is ok
>> <--- 401 (with new nonce)
>> ACK -->
>>
>> When I configure another box with a plain asterisk and same credentials,
>> the call goes through fine - so it is not because my ip is wrong or not
>> whitelisted.
>>
>> Why would the remote send me a 401 ??? I've tried to contact them but no
>> answer
>>
>> J.
>>
>>
>> On Tue, Sep 26, 2017 at 10:03 AM, Daniel Tryba <d.tryba at pocos.nl> wrote:
>>
>>> On Tue, Sep 26, 2017 at 09:36:19AM -0400, Jean Cérien wrote:
>>> > I've inserted the following block on the failure route:
>>> >         if (t_check_status("401|407")) {
>>> >                 xlog("L_INFO","failure_route(ROUTEFAIL) @@ call to
>>> > uac_auth()\n");
>>> >                 uac_auth();
>>> >                 t_relay();
>>> >                 exit;
>>> >         }
>>>
>>> Unlike when calling uac_reg_request_to, you'll have to fill the
>>> auth_*_avp pvs yourself. So in the example you have to fill $avp(auser)
>>> and $avp(apass).
>>>
>>> modparam("uac","auth_username_avp","$avp(auser)")
>>> modparam("uac","auth_password_avp","$avp(apass)")
>>> modparam("uac","auth_realm_avp","$avp(arealm)")
>>>
>>> ...
>>>
>>> if(t_check_status("401|407")) {
>>>         $avp(auser) = "test";
>>>         $avp(apass) = "test";
>>>         uac_auth();
>>>         t_relay();
>>>         exit;
>>> }
>>>
>>> So next problem is how to get those credentials. You already know the
>>> user making the call. So either have a custom query to a custom table
>>> (sqlops/avpops) to retrieve the external user/pass for current user, or
>>> try to store that information with the subscriber data (saw some
>>> suggestions for this a while back on the list).
>>>
>>>
>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20170926/fb0a7a8f/attachment.html>


More information about the sr-users mailing list