[SR-Users] Execution Sequence of the Request_Route
Daniel-Constantin Mierla
miconda at gmail.com
Tue Nov 13 08:34:59 CET 2018
Hello,
the 3.0.x was the first release after merging kamailio and ser source
code trees and there were two variants of many functions, and depending
on which proxy_authorize() you use the behaviour might have been
different that what's now in 5.x.
If you want to send an error response if proxy_authorize() fails (very
unlikely because of in memory only operations), then yes, add an if
condition.
Cheers,
Daniel
On 12.11.18 17:32, Abdulaziz Alghosh wrote:
> Hello,
>
> I migrated from Kamailio 3.0.3 to Kamailio 5.1.4. and have two
> questions about the execution sequence of the Request_Route.
> The following condition trys to authenticate the first INVITE or
> REGISTER request which normally does not have the Authorization Header:
> route (auth)
> ..
> ..
> ..
> route[auth]{
> if ( !proxy_authorize("myrealm", "subscriber") ) {
> proxy_challenge("myrealm", "0");
> sl_reply_error();
> exit;
> };
> return;
> }
>
> For sure the Return Code of "proxy_authorize" will not be one (1) at
> the beginneing, so the proxy_challenge() will generate the "407 Proxy
> Authentication Required" request and the agent will send the INVITE or
> the REGISTER again with the Authorization-Header and the call or the
> registration attempt succeeds. During my observation to the new
> returned codes (values) of both proxy_authorize() and
> proxy_challenge() in Kamailio 5.1.4, I noticed the following differnet
> execution sequence of this "Request_Route".
>
> at Kamailio 3.0.3, and exactly after the proxy_challenge("myrealm",
> "0") command was executed, no more commands were excuted as if it
> jumped out of the if statement, and the proxy was wating for the new
> INVITE or REGISTER. Hence the sl_reply_error() did not send any error
> reply. I wrote several logging commad before and after the
> proxy_challenge("myrealm", "0"), so I am pretty sure that the
> proxy_challenge("myrealm", "0") is last excuted command to be excuted
> here.
>
> at Kamailio 5.1.4, the behaviour was more logical and the proxy
> executes commands which come under the proxy_challenge("myrealm", "0")
> like logging commands or sl_reply_error() which generates usually the
> error reply " 500 I'm terribly sorry, server error occurred".
>
> My first question is: May somebody explain this different behavior?
>
> My second Question: assume that the agent will send a wrong
> credentials and response, does the proxy_challenge("myrealm", "0")
> function terminate this dialouge with 401 Unauthorized Error or I must
> add the following "if condition" afterwards:
>
> if ( !proxy_authorize("myrealm", "subscriber") ) {
> proxy_challenge("myrealm", "0");
> if (!$rc){
> sl_reply_error(); '#### or I will be more
> specific sl_send_reply (code, reason)
> }
> exit;
> };
>
> Thanks and best regards
> Abdulaziz Alghosh
>
>
>
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference -- www.kamailioworld.com
Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20181113/85cc2c08/attachment.html>
More information about the sr-users
mailing list