[OpenSIPS-Users] SIP password in Mysql

Tue Aug 11 06:21:05 CEST 2009

I set calculate_ha1 modparam to 0 now and store_plaintext_pw=0 in opensipsctlrc. But sill get unauthorized message.

Debug message is like:
Aug 11 04:17:09 [15614] DBG:core:parse_msg: SIP Request:
Aug 11 04:17:09 [15614] DBG:core:parse_msg:  method:  <REGISTER>
Aug 11 04:17:09 [15614] DBG:core:parse_msg:  uri:     <sip:202.158.197.102>
Aug 11 04:17:09 [15614] DBG:core:parse_msg:  version: <SIP/2.0>
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=2
Aug 11 04:17:09 [15614] DBG:core:parse_to: end of header reached, state=10
Aug 11 04:17:09 [15614] DBG:core:parse_to: display={"1000"}, ruri={sip:1000 at 202.158.197.102}
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: <To> [35]; uri=[sip:1000 at 202.158.197.102]
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: to body ["1000" <sip:1000 at 202.158.197.102>
]
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: cseq <CSeq>: <1> <REGISTER>
Aug 11 04:17:09 [15614] DBG:core:parse_via_param: found param type 232, <branch> = <z9hG4bK-9748c0f520-DL>; state=16
Aug 11 04:17:09 [15614] DBG:core:parse_via: end of header reached, state=5
Aug 11 04:17:09 [15614] DBG:core:parse_headers: via found, flags=2
Aug 11 04:17:09 [15614] DBG:core:parse_headers: this is the first via
Aug 11 04:17:09 [15614] DBG:core:receive_msg: After parse_msg...
Aug 11 04:17:09 [15614] DBG:core:receive_msg: preparing to run routing scripts...
Aug 11 04:17:09 [15614] DBG:maxfwd:is_maxfwd_present: value = 70
Aug 11 04:17:09 [15614] DBG:uri:has_totag: no totag
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=78
Aug 11 04:17:09 [15614] DBG:tm:t_lookup_request: start searching: hash=47315, isACK=0
Aug 11 04:17:09 [15614] DBG:tm:matching_3261: RFC3261 transaction matching failed
Aug 11 04:17:09 [15614] DBG:tm:t_lookup_request: no transaction found
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=200
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: content_length=0
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: found end of header
Aug 11 04:17:09 [15614] DBG:rr:find_first_route: No Route headers found
Aug 11 04:17:09 [15614] DBG:rr:loose_route: There is no Route HF
Aug 11 04:17:09 [15614] DBG:core:grep_sock_info: checking if host==us: 15==15 &&  [202.158.197.102] == [202.158.197.102]
Aug 11 04:17:09 [15614] DBG:core:grep_sock_info: checking if port 5060 matches port 5060
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=4000
Aug 11 04:17:09 [15614] DBG:auth:pre_auth: credentials with given realm not found
authorization requires
Aug 11 04:17:09 [15614] DBG:auth:reserve_nonce_index: second= 24, sec_monit= -1,  index= 0
Aug 11 04:17:09 [15614] DBG:auth:build_auth_hf: nonce index= 0
Aug 11 04:17:09 [15614] DBG:auth:build_auth_hf: 'WWW-Authenticate: Digest realm="202.158.197.102", nonce="4a80f0e30000000000ad71db9724452d1bda13e9fea0dc93", qop="auth"
'
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=ffffffffffffffff
Aug 11 04:17:09 [15614] DBG:core:check_via_address: params 202.158.213.79, 202.158.213.79, 0
Aug 11 04:17:09 [15614] DBG:core:destroy_avp_list: destroying list (nil)
Aug 11 04:17:09 [15614] DBG:core:receive_msg: cleaning up
Aug 11 04:17:09 [15614] DBG:core:parse_msg: SIP Request:
Aug 11 04:17:09 [15614] DBG:core:parse_msg:  method:  <REGISTER>
Aug 11 04:17:09 [15614] DBG:core:parse_msg:  uri:     <sip:202.158.197.102>
Aug 11 04:17:09 [15614] DBG:core:parse_msg:  version: <SIP/2.0>
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=2
Aug 11 04:17:09 [15614] DBG:core:parse_to: end of header reached, state=10
Aug 11 04:17:09 [15614] DBG:core:parse_to: display={"1000"}, ruri={sip:1000 at 202.158.197.102}
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: <To> [35]; uri=[sip:1000 at 202.158.197.102]
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: to body ["1000" <sip:1000 at 202.158.197.102>
]
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: cseq <CSeq>: <2> <REGISTER>
Aug 11 04:17:09 [15614] DBG:core:parse_via_param: found param type 232, <branch> = <z9hG4bK-c63d538fdb-DL>; state=16
Aug 11 04:17:09 [15614] DBG:core:parse_via: end of header reached, state=5
Aug 11 04:17:09 [15614] DBG:core:parse_headers: via found, flags=2
Aug 11 04:17:09 [15614] DBG:core:parse_headers: this is the first via
Aug 11 04:17:09 [15614] DBG:core:receive_msg: After parse_msg...
Aug 11 04:17:09 [15614] DBG:core:receive_msg: preparing to run routing scripts...
Aug 11 04:17:09 [15614] DBG:maxfwd:is_maxfwd_present: value = 70
Aug 11 04:17:09 [15614] DBG:uri:has_totag: no totag
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=78
Aug 11 04:17:09 [15614] DBG:tm:t_lookup_request: start searching: hash=47312, isACK=0
Aug 11 04:17:09 [15614] DBG:tm:matching_3261: RFC3261 transaction matching failed
Aug 11 04:17:09 [15614] DBG:tm:t_lookup_request: no transaction found
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=200
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: content_length=0
Aug 11 04:17:09 [15614] DBG:core:get_hdr_field: found end of header
Aug 11 04:17:09 [15614] DBG:rr:find_first_route: No Route headers found
Aug 11 04:17:09 [15614] DBG:rr:loose_route: There is no Route HF
Aug 11 04:17:09 [15614] DBG:core:grep_sock_info: checking if host==us: 15==15 &&  [202.158.197.102] == [202.158.197.102]
Aug 11 04:17:09 [15614] DBG:core:grep_sock_info: checking if port 5060 matches port 5060
Aug 11 04:17:09 [15614] DBG:auth:check_nonce: comparing [4a80f0e30000000000ad71db9724452d1bda13e9fea0dc93] and [4a80f0e30000000000ad71db9724452d1bda13e9fea0dc93]
Aug 11 04:17:09 [15614] DBG:core:db_do_query: SYNC-DBG - SELECT successfully executed!
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_do_prepared_query: conn=0x778828 (tail=7834680) MC=0x77db78
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_do_prepared_query: new query=|select ha1,rpid from subscriber where username=?|
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_do_prepared_query: new statement(0x778f20) on connection: (0x778828) 0x778c38
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_do_prepared_query: set values for the statement run
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_val2bind: added val (0): len=4; type=254; is_null=0
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_do_prepared_query: doing BIND_PARAM in...
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_do_prepared_query: prepared statement has 2 columns in result
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_do_prepared_query: doing to BIND_PARAM out ...
Aug 11 04:17:09 [15614] DBG:core:db_new_result: allocate 48 bytes for result set at 0x76bc60
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_get_columns: 2 columns returned from the query
Aug 11 04:17:09 [15614] DBG:core:db_allocate_columns: allocate 56 bytes for result columns at 0x778ff0
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_get_columns: RES_NAMES(0x779000)[0]=[ha1]
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_get_columns: use DB_STRING result type
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_get_columns: RES_NAMES(0x779010)[1]=[rpid]
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_get_columns: use DB_STRING result type
Aug 11 04:17:09 [15614] DBG:core:db_allocate_rows: allocate 80 bytes for result rows and values at 0x779038
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_str2val: converting STRING [b87a788cca1220433e95d20c1c7946b1]
Aug 11 04:17:09 [15614] DBG:db_mysql:db_mysql_str2val: converting STRING []
Aug 11 04:17:09 [15614] DBG:auth:check_response: our result = '9db7ff71e72d232d1d5920ed7ebdd389'
Aug 11 04:17:09 [15614] DBG:auth:check_response: authorization failed
Aug 11 04:17:09 [15614] DBG:core:db_free_columns: freeing result columns at 0x778ff0
Aug 11 04:17:09 [15614] DBG:core:db_free_rows: freeing 1 rows
Aug 11 04:17:09 [15614] DBG:core:db_free_row: freeing row values at 0x779048
Aug 11 04:17:09 [15614] DBG:core:db_free_rows: freeing rows at 0x779038
Aug 11 04:17:09 [15614] DBG:core:db_free_result: freeing result set at 0x76bc60
Aug 11 04:17:09 [15614] DBG:core:db_free_result: SYNC-DBG - freeing result!
authorization requires
Aug 11 04:17:09 [15614] DBG:auth:reserve_nonce_index: second= 24, sec_monit= -1,  index= 1
Aug 11 04:17:09 [15614] DBG:auth:build_auth_hf: nonce index= 1
Aug 11 04:17:09 [15614] DBG:auth:build_auth_hf: 'WWW-Authenticate: Digest realm="202.158.197.102", nonce="4a80f0e3000000018afdeac4fffaefbae63af2e1a15acb7b", qop="auth"
'
Aug 11 04:17:09 [15614] DBG:core:parse_headers: flags=ffffffffffffffff
Aug 11 04:17:09 [15614] DBG:core:check_via_address: params 202.158.213.79, 202.158.213.79, 0
Aug 11 04:17:09 [15614] DBG:core:destroy_avp_list: destroying list (nil)
Aug 11 04:17:09 [15614] DBG:core:receive_msg: cleaning up

And subscriber table is like:
[lli at bne-a-sysdev1 ~]$ sudo /usr/sbin/opensipsctl db show subscriber
database engine 'MYSQL' loaded
Control engine 'FIFO' loaded
+----+----------+---------------+----------+---------------+----------------------------------+----------------------------------+------+
| id | username | domain        | password | email_address | ha1                              | ha1b                             | rpid |
+----+----------+---------------+----------+---------------+----------------------------------+----------------------------------+------+
|  6 | 1000     |               |          |               | b87a788cca1220433e95d20c1c7946b1 | 10451b7d43222a3088a202254af86865 | NULL |
|  7 | 1001     |               |          |               | 14c980a8afb38176fab8a170b45040df | d83bc96ed6663a2f4b6b764858925d6f | NULL |
+----+----------+---------------+----------+---------------+----------------------------------+----------------------------------+------+

Please help.

Thanks,
Leon 

-----Original Message-----
From: Saúl Ibarra [mailto:saghul at gmail.com] 
Sent: Monday, 10 August 2009 4:34 PM
To: Leon Li; users at lists.opensips.org
Subject: Re: [OpenSIPS-Users] SIP password in Mysql

Have you set calculate_ha1 modparam to false?

2009/8/10, Leon Li <Leon.Li at aarnet.edu.au>:
> Hi,
>
>
>
> I got a problem with password stored in Mysql.
>
>
>
> If I set "STORE_PLAINTEXT_PW=1" to allow plaintext pw in Mysql table, I
> am able to authenticate. However, if I set it to "0", I am UNABLE to do
> so with the same password. I would certainly not reveal users' pws for
> security reason. J
>
>
>
> Any ideas?
>
>
>
> Regards
>
> Leon
>
>
>
>
>
>

-- 
Enviado desde mi dispositivo móvil

Saúl -- "Nunca subestimes el ancho de banda de un camión lleno de disketes."
----------------------------------------------------------------
http://www.saghul.net/