[SR-Users] Problem with auth_ephemeral and parse_uri(): bad port in uri

Daniel-Constantin Mierla miconda at gmail.com
Thu Feb 24 11:44:29 CET 2022 

Hello,

it should be reviewed properly if does not work before removing. The
entire auth_ephemeral is deprecated from specs point of view, as the
ietf draft never made it to rfc, but it is still useful to use at least
for PoC. I don't have access to some old deployments using mode 0 to see
if they were changed meanwhile.

Cheers,
Daniel

On 24.02.22 10:39, Henning Westerholt wrote:
> Hello,
>
> yes, if it is not working and also deprecated, if probably should be removed. You could open an issue for that or create (even better) a pull request.
>
> Cheers,
>
> Henning
>
> -- 
> Henning Westerholt – https://skalatan.de/blog/
> Kamailio services – https://gilawa.com
>
> -----Original Message-----
> From: sr-users <sr-users-bounces at lists.kamailio.org> On Behalf Of Vlasis Chatzistavrou
> Sent: Sunday, February 20, 2022 8:07 PM
> To: miconda at gmail.com; Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
> Subject: Re: [SR-Users] Problem with auth_ephemeral and parse_uri(): bad port in uri
>
> Hi Daniel,
>
> Just an update, I tested this with username_format set to 1 and set the
> To: and From: headers to be the phone's username (ie without the timestamp). This worked without problems.
>
> However, setting the username_format to 0 (the deprecated option) does not work even with the correct To: and From: headers. Since this option is already deprecated perhaps it could be removed in future versions to avoid confusion?
>
> On 25/1/2022 11:38, Vlasis Chatzistavrou wrote:
>> Thank you Daniel,
>>
>> I will give this a try.
>>
>> On 25/1/2022 11:11, Daniel-Constantin Mierla wrote:
>>> Hello,
>>>
>>> as far as I remember, the format with "user:timestamp" is only for 
>>> authentication username field, respectively the username attribute in 
>>> Proxy-/Authorization header. The subscriber address is still 
>>> user at domain, so that has to be used in From/To headers.
>>>
>>> Cheers,
>>> Daniel
>>>
>>> On 02.01.22 20:36, Vlasis Chatzistavrou wrote:
>>>> Hello,
>>>>
>>>> I have a problem with Kamailio 5.4.6 and auth_ephemeral. I have the 
>>>> following in the Kamailio configuration
>>>>
>>>> loadmodule "auth_ephemeral"
>>>>          modparam( "auth_ephemeral", "sha_algorithm", 3 )
>>>>          modparam( "auth_ephemeral", "username_format", 0 )
>>>>          modparam( "auth_ephemeral", "secret", 1234 )
>>>>
>>>> as per
>>>>
>>>> https://kamailio.org/docs/modules/4.1.x/modules/auth_ephemeral.html#
>>>> auth_eph.p.username_format
>>>>
>>>>
>>>>
>>>> and registrations fail. In the logs we see:
>>>>
>>>> Jan  2 18:21:10 enswitch43 /sbin/kamailio[37501]: DEBUG: {1 545 
>>>> REGISTER rhaqgafd7boteg24jp5db0} sanity [sanity.c:777]:
>>>> check_parse_uris(): looking up From header Jan  2 18:21:10 
>>>> enswitch43 /sbin/kamailio[37501]: DEBUG: {1 545 REGISTER 
>>>> rhaqgafd7boteg24jp5db0} sanity [sanity.c:817]:
>>>> check_parse_uris(): parsing From URI Jan  2 18:21:10 enswitch43 
>>>> /sbin/kamailio[37501]: DEBUG: {1 545 REGISTER 
>>>> rhaqgafd7boteg24jp5db0} <core>
>>>> [core/parser/parse_uri.c:1296]: parse_uri(): bad port in uri (error 
>>>> at char 5 in state 2) parsed: <sip:3518929:16411>(17) 
>>>> /<sip:3518929:1641150726 at 192.168.2.99> (35) Jan  2 18:21:10 
>>>> enswitch43 /sbin/kamailio[37501]: WARNING: {1 545 REGISTER 
>>>> rhaqgafd7boteg24jp5db0} sanity [sanity.c:820]:
>>>> check_parse_uris(): failed to parse From uri
>>>>
>>>>
>>>> Apparently Kamailio is confused by the timestamp following the 
>>>> username separated by the : character. The REGISTER message is below:
>>>>
>>>> REGISTER sip:192.168.2.99 SIP/2.0
>>>> Via: SIP/2.0/WSS 192.0.2.202;branch=z9hG4bK5452321
>>>> Max-Forwards: 70
>>>> To: "3518929" <sip:3518929:1641148397 at 192.168.2.99>
>>>> From: "3518929" <sip:3518929:1641148397 at 192.168.2.99>;tag=ht76o8b2b6
>>>> Call-ID: phkj9mi2n3s3ju7uu3qq2f
>>>> CSeq: 274 REGISTER
>>>> Contact:
>>>> <sip:edh7mmti at 192.0.2.202;transport=wss>;reg-id=1;+sip.instance="<ur
>>>> n:uuid:ca5e9372-dfa1-459a-b6ba-4398d23bd896>";expires=300
>>>>
>>>> Allow: ACK,CANCEL,INVITE,MESSAGE,BYE,OPTIONS,INFO,NOTIFY,REFER
>>>> Supported: path, gruu, outbound
>>>> User-Agent: Raspberry Phone (SipJS - 0.11.6)
>>>> Content-Length: 0
>>>>
>>>> and Kamailio parses it as sip:<username>:<port> instead of 
>>>> sip:<username>:<timestamp>.
>>>>
>>>> Is this a bug that should be reported or is there any setting that I 
>>>> am missing?
>>>>
>>>>
>>>> __________________________________________________________
>>>> Kamailio - Users Mailing List - Non Commercial Discussions
>>>>   * sr-users at lists.kamailio.org
>>>> Important: keep the mailing list in the recipients, do not reply 
>>>> only to the sender!
>>>> Edit mailing list options or unsubscribe:
>>>>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - Online
  March 28-31, 2022 (Europe Timezone)
  * https://www.asipto.com/sw/kamailio-advanced-training-online/

More information about the sr-users mailing list