[OpenSIPS-Users] uac_auth
Rik Broers
RBroers at motto.nl
Fri Nov 1 12:09:57 CET 2013
Yes, thats correct. Opensips sends out an invite with Authorization header as response on the 401 unauthorized.
This authorization header contains the correct Nonce.
Instead of being authorized I receive another 401 unauthorized which opensips replies again with new nonce and so on until max branches is reached.
Met vriendelijke groet,
Regards,
Rik Broers
Voice Engineer
From: Bogdan-Andrei Iancu [mailto:bogdan at opensips.org]
Sent: vrijdag 1 november 2013 11:49
To: OpenSIPS users mailling list
Cc: Rik Broers
Subject: Re: [OpenSIPS-Users] uac_auth
Hello Rik,
So OpenSIPS generates a new INVITE with credentials (as a result of the uac_auth() ), but this is also rejected ?
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 10/31/2013 11:46 AM, Rik Broers wrote:
Hi,
I'm trying to use the uac_auth() function to add Authorization to my invite after I received a 401 Unauthorized.
I call the function in the failure route and according to Debug the authorization header is inserted. I also see this in a trace.
Unfortunately I haven't been able to authorize successfully, double checked everything and also tried with phones to ensure the credentials are correct and my asterisk is working.
I'm filling the credentials with a modparam not with AVP.
In DBG I see this: DBG:uac_auth:build_authorization_hdr: hdr is <Authorization: Digest username="**", realm="**", nonce="31d5b0d9", uri="***;user=phone", response="ea344343187f27c668be8fdc3acf8c5a", algorithm=MD5#015#012>
So it seems to match correctly.
I'm authenticating against Asterisk. And my failure route looks like this:
failure_route[FailPBX]{
xlog("Im in failpbx route");
uac_auth();
t_on_failure("FailPBX");
t_relay();
}
What happens is the following
-> Invite
<- 100 Giving a try
<- 401 Unauthorized (Unique nonce 1)
-> ACK
-> invite with authorization header (unique Nonce 1)
<- 100 Giving a try
<- 401 Unauthorized (Unique nonce 2)
-> invite with authorization header (unique Nonce 2)
..... and so on until ERROR:tm:add_uac: maximum number of branches exceeded.
Only thing left for me now is to verify that the Digest calculated is correct. How can I do this? What functions should I use on linux..
Below my authorization challenge.
[cid:image001.png at 01CED6FB.453FAF60]
Or are there any other things I'm missing?
Im using NOTICE:core:main: version: opensips 1.10.0-notls (x86_64/linux)
Met vriendelijke groet,
Regards,
Rik Broers
Voice Engineer
_______________________________________________
Users mailing list
Users at lists.opensips.org<mailto:Users at lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20131101/6678175d/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3285 bytes
Desc: image001.png
URL: <http://lists.opensips.org/pipermail/users/attachments/20131101/6678175d/attachment-0001.png>
More information about the Users
mailing list