[OpenSIPS-Users] Nonce expire
Daniel Goepp
dan at goepp.net
Sat Apr 3 00:17:37 CEST 2010
Or just bad math on my part, I turned up logging, and found:
Apr 2 15:15:58 ip-10-160-23-47 /usr/local/sbin/opensips[30579]:
DBG:auth:pre_auth: credentials with given realm not found
So it would appear this is not in fact a nonce expire issue, but a
credentials disappearing issue. Not sure why those credentials are
disappearing so consistently every other register.
-dg
On Fri, Apr 2, 2010 at 2:06 PM, Daniel Goepp <dan at goepp.net> wrote:
> Ah...I see what that retcode is anyway, 2^32 = 4294967296, so those are
> really just -4 first, no credentials, then -3 stale nonce
>
> -dg
>
>
>
> On Fri, Apr 2, 2010 at 1:50 PM, Daniel Goepp <dan at goepp.net> wrote:
> >
> > A quick follow up on this, I enabled some logging, but the retcode is not
> making any sense to me (probably because I'm using it wrong).
> >
> > From my config:
> >
> > xlog ("REGISTER $fu");
> > # authenticate the REGISTER requests (uncomment to enable
> auth)
> > if (!www_authorize("", "subscriber"))
> > {
> > xlog ("Not authorized - challenging, error:
> $retcode");
> > www_challenge("", "1");
> > exit;
> > }
> >
> > Then in the log:
> >
> > Apr 2 13:49:38 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr 2 13:49:38 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: Not
> authorized - challenging, error: 4294967293
> > Apr 2 13:49:38 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr 2 13:49:58 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr 2 13:50:18 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr 2 13:50:18 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: Not
> authorized - challenging, error: 4294967292
> > Apr 2 13:50:18 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr 2 13:50:38 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr 2 13:50:58 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr 2 13:50:58 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: Not
> authorized - challenging, error: 4294967292
> > Apr 2 13:50:58 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> >
> > Also I'm running 1.6.2-tls compiled today from latest 1_6 branch in SVN.
> >
> > -dg
> >
> >
> > On Fri, Apr 2, 2010 at 1:40 PM, Daniel Goepp <dan at goepp.net> wrote:
> >>
> >> I'm having some trouble with nonce expiring I believe. The problem is
> that every other one of my endpoint registrations is doing an auth challenge
> w/401.
> >>
> >> From my config:
> >> modparam("registrar", "default_expires", 60)
> >> modparam("registrar", "min_expires", 60)
> >> modparam("registrar", "max_expires", 60
> >>
> >> modparam("auth", "nonce_expire", 3600)
> >>
> >> From this I would expect the devices to try to register every 60
> seconds, and get challenged every hour with a new nonce.
> >>
> >> Comments on why OpenSIPS is challenging every other registration?
> >>
> >> Thanks
> >>
> >> -dg
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20100402/902fae60/attachment.htm
More information about the Users
mailing list