[OpenSIPS-Devel] [opensips] B2B + uac_auth - corrupted INVITE packet (#577)
DMOsipov
notifications at github.com
Tue Jul 21 15:05:08 CEST 2015
I have OpenSIPS packages installed on Debian Wheezy.
* opensips 2.1.0-2~1.gbp4480d1
* opensips-b2bua-module 2.1.0-2~1.gbp4480d1
OpenSIPS works as outbound proxy for SIP-agents in local network and implements B2B topology hiding scenario.
Additionally it performs UAC authentication against destination SIP-server.
If local_route is NOT specified in the opensips.cfg then everything works as expected. OpenSIPS sends INVITE towards destination server, receives "407 Proxy Authentication Required" and sends INVITE once again using credentials specified in uac_auth.credential parameter.
But if local_route is specified and not empty then second INVITE packet is not correct. Seems this is an issue with memory buffers management because there is some garbage in the packet (see trace below).
In the config and in the SIP trace below
* 192.168.56.4 - OpenSIPS implementing B2B topology hiding + UAC authentication
* 192.168.56.3 - destination SIP server requiring authentication
Here is my opensips.cfg
```
debug=4
log_stderror=no
log_facility=LOG_LOCAL1
children=4
auto_aliases=no
listen=udp:192.168.56.4:5060
mpath="/usr/lib/opensips/modules/"
loadmodule "proto_udp.so"
modparam("proto_udp", "udp_port", 5060)
loadmodule "sipmsgops.so"
loadmodule "db_text.so"
loadmodule "uac_auth.so"
modparam("uac_auth","credential","9000:192.168.56.3:1234")
loadmodule "tm.so"
modparam("tm", "pass_provisional_replies", 1)
modparam("tm", "onreply_avp_mode", 1)
loadmodule "b2b_entities.so"
modparam("b2b_entities", "script_req_route", "b2b_request")
modparam("b2b_entities", "script_reply_route", "b2b_reply")
loadmodule "b2b_logic.so"
route[b2b_request] {
xlog("L_INFO", "[b2b_request] method=$rm, uri=$ru, contact=$ct, call_id=$ci, src_address=$si:$sp, dst_address=$Ri:$Rp");
}
route[b2b_reply] {
xlog("L_INFO", "[b2b_reply] method=$rm, status=$rs, contact=$ct, call_id=$ci, src_address=$si:$sp, dst_address=$Ri:$Rp");
}
local_route {
xlog("L_INFO", "[local] method=$rm, uri=$ru, contact=$ct, call_id=$ci, src_address=$si:$sp, dst_address=$Ri:$Rp");
}
route {
xlog("L_INFO", "[default] method=$rm, uri=$ru, contact=$ct, call_id=$ci, src_address=$si:$sp, dst_address=$Ri:$Rp");
if (is_method("INVITE")) {
b2b_init_request("top hiding");
}
}
```
This is corrupted INVITE packet send after "407 Proxy Authentication Required" (the line after Proxy-Authorization header is a corrupted data that can not be parsed by destination SIP server)
```
U 192.168.56.4:5060 -> 192.168.56.3:5060
INVITE sip:123 at 192.168.56.3 SIP/2.0.
Via: SIP/2.0/UDP 192.168.56.4:5060;branch=z9hG4bK31d2.39c97747.0.
To: sip:123 at 192.168.56.3.
From: <sip:9000 at 192.168.56.3>;tag=09ce71be7287589c0ed1c8fd51287ec7.
CSeq: 3 INVITE.
Call-ID: B2B.69.303482.
Max-Forwards: 70.
Content-Length: 234.
User-Agent: OpenSIPS (2.1.0 (x86_64/linux)).
Proxy-Authorization: Digest username="9000", realm="192.168.56.3", nonce="55ae22ae0000001d82d430b449995b7c1e5668ac9af40114", uri="sip:123 at 192.168.56.3", response="9cab361d24060fde3ca9c3eebac97b70", algorithm=MD5.
.......................x.......................................................x[......................B2B.69.303482sip:123 at 192.168.56.3sip.
000 at 192.168.56.3472439456 1 IN IP4 10.0.0.42.
s=X-Lite release 4.8.4 stamp 76590.
c=IN IP4 10.0.0.42.
t=0 0.
m=audio 58914 RTP/AVP 9 8 0 84 101.
a=rtpmap:84 speex/16000.
a=rtpmap:101 telephone-event/8000.
a=fmtp:101 0-15.
a=sendrecv.
```
---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/issues/577
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/devel/attachments/20150721/07595e7a/attachment.htm>
More information about the Devel
mailing list