[OpenSIPS-Users] including auth nonce header in next hop

Bogdan-Andrei Iancu bogdan at opensips.org
Wed Sep 17 09:36:49 CEST 2014


Hi Tito,

Instead of consume_credentials() you can simply do 
remove_hf("Proxy-Authorization") - it does the same.

Regarding the second part, I do not get the problem - in branch route, 
if $du or $ru does not point to you, you want to remove the credentials 
- what the is the problem here ?

Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com

On 17.09.2014 08:13, Tito Cumpen wrote:
> Bogdan,
>
> the branch route seems pretty limited in functionality. How would you 
> compare a $du to allow credentials to traverse when they are going to 
> a neighbor proxy? Also noticed you cant use consume_credentials().
>
> if(uri != myself ) {
>
> #consume_credentials();
>
>                 xlog("This is branch is not for me $ru");
>
>
> }
>
>
> the above will not work since branches are going to aor entries along 
> with neighbor proxies set like this:
>
>                     while loop{
>
> avp_subst("$avp(myloc[$var(i)])", "/(.+)/\sip:\0/");
>
>
>                                         xlog("$avp(myloc[$var(i)])\n");
>
> avp_pushto("$du","$avp(myloc[$var(i)])");
>
> insert_hf("Subject:traversal\r\n",  "p-hint");
>
>                                         append_branch();
>
>
> }
>
>
> Much Appreciated,
>
> Tito
>
> On Fri, Sep 12, 2014 at 5:45 PM, Tito Cumpen <tito at xsvoce.com 
> <mailto:tito at xsvoce.com>> wrote:
>
>     Thanks Bogdan,
>
>     I found this shortly after I am now allowing calls from neighbor
>     proxies to enter if the ret code is only 3 stale. Thanks for your
>     suggestion on handling this in branch route I will now check if
>     $du (neighbor) proxy is the branch hop in order to allow
>     credentials to linger or be removed.
>
>
>
>     On Fri, Sep 12, 2014 at 9:41 AM, Bogdan-Andrei Iancu
>     <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>
>         Hi Tito,
>
>         If you do not to "consume credentials" after auth, the
>         credentials will stay in your requests and they will be
>         forwarded to the next hop (this is what you want, right ?).
>
>         You can use branch_route[] to remove the credentials in a per
>         branch manner .
>
>         Regards,
>
>         Bogdan-Andrei Iancu
>         OpenSIPS Founder and Developer
>         http://www.opensips-solutions.com
>
>         On 10.09.2014 23:59, Tito Cumpen wrote:
>>         Group,
>>
>>
>>         What is the adequate way to include or insert nonce response
>>         after a proxy challenge?
>>         I am forwarding invites to local and remote locations by
>>         forking. The remote proxy checks againsts the same db for
>>         authentication. Therefore I would to include the proxy
>>         authorization header when forwarding the invite to the remote
>>         locations. Currently I am being sent a 407 by the remote
>>         proxy which consequently kills ends the branch.
>>
>>
>>         Thanks,
>>         Tito
>>
>>
>>         _______________________________________________
>>         Users mailing list
>>         Users at lists.opensips.org  <mailto:Users at lists.opensips.org>
>>         http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20140917/7c45d332/attachment.htm>


More information about the Users mailing list