[OpenSER-Users] Logging failed registration attempt
Anatoly Pidruchny
apidruchny at newxt.com
Tue Aug 14 16:00:33 CEST 2007
Please take a look at this patch:
http://sourceforge.net/tracker/index.php?func=detail&aid=1693132&group_id=139143&atid=743022
This patch was uploaded into the trunk. This patch allows to check the
reason why the www/proxy_authorize function fails. It now returns the
following negative codes:
-1 - non existent user;
-2 - invalid passwd
-3 - stale nonce
-4 - no credentials
-5 - error
You can use "switch" and "$retval" to test the return code in your script.
It does not look like the documentation was updated though to include
this information.
Anatoly.
> Ok, that's how I did
>
> if (!proxy_authorize("exorsa", "openser_view")) {
> if(search("Proxy-Authorization")) {
> xlog("L_ERR", "REGISTER: Auth error from - $au");
> }
> proxy_challenge("exorsa", "0");
> exit;
> }
>
> so, if the packet contains credentials but they're wrong the attempt
> is logged
>
> Now I'm facing the following problem...
> When the nonce axpires and the client reREGISTER the packet will
> contain wrong credential and the UA is challenged again.
>
> This way that's logged as a bad authentication
>
> I also tried to do
>
> if(search("Proxy-Authorization")) {
> if(!registered("location")) {
> xlog("L_ERR", "REGISTER: Auth error from - $au");
> }
> }
>
> ...but without good results....
>
> Any idea ?
>
> Tnx in advance
>
> Edoardo
>
> Iñaki Baz Castillo ha scritto:
>> El Monday 13 August 2007 22:11:34 Edoardo Serra escribió:
>>> Hi all,
>>> I'd like to log failed SIP REGISTER attempt either with xlog or
>>> with
>>> sip_trace() but I cannot understand where to put related code to catch
>>> the authentication error
>>
>>
>> With XLOG is easy :)
>>
>>
>>> Here is the part of my opensr.cfg dedicated to REGISTER handling
>>>
>>> if (method=="REGISTER") {
>>> if (!proxy_authorize("exorsa", "openser_view")) {
>> xlog("L_INFO", "REGISTER: auth required\n");
>>> proxy_challenge("exorsa", "0");
>>> exit;
>>> }
>>> if (!check_to()) {
>> xlog("L_WARN", "REGISTER: !check_to()\n");
>>> sl_send_reply("403", "Digest username and URI username
>>> do NOT match! Stay away!");
>>> exit;
>>> }
>> xlog("L_INFO", "REGISTER: authorized\n");
>>> save("location");
>>>
>>> exit;
>>> };
>>
>>
>> Regards.
>>
>
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
More information about the Users
mailing list