[OpenSIPS-Users] including auth nonce header in next hop

Tito Cumpen tito at xsvoce.com
Wed Sep 24 21:11:34 CEST 2014


Bogdan,


After reconsidering the requirements I find the easiest thing to do would
be to set a flag on the branch during its creation and remove the header in
the per branch route. Although I cant seem to find examples of setting a
branch flag and referencing to it. Do you have documentation or examples
you can point me to?

Thanks,
Tito

On Wed, Sep 17, 2014 at 3:36 AM, Bogdan-Andrei Iancu <bogdan at opensips.org>
wrote:

>  Hi Tito,
>
> Instead of consume_credentials() you can simply do
> remove_hf("Proxy-Authorization") - it does the same.
>
> Regarding the second part, I do not get the problem - in branch route, if
> $du or $ru does not point to you, you want to remove the credentials - what
> the is the problem here ?
>
> Regards,
>
> Bogdan-Andrei Iancu
> OpenSIPS Founder and Developerhttp://www.opensips-solutions.com
>
> On 17.09.2014 08:13, Tito Cumpen wrote:
>
> Bogdan,
>
>  the branch route seems pretty limited in functionality. How would you
> compare a $du to allow credentials to traverse when they are going to a
> neighbor proxy? Also noticed you cant use consume_credentials().
>
>  if(uri != myself ) {
>
>                 #consume_credentials();
>
>                 xlog("This is branch is not for me $ru");
>
>
>  }
>
>
>  the above will not work since branches are going to aor entries along
> with neighbor proxies set like this:
>
>                     while loop{
>
>                                         avp_subst("$avp(myloc[$var(i)])",
> "/(.+)/\sip:\0/");
>
>
>                                          xlog("$avp(myloc[$var(i)])\n");
>
>                                         avp_pushto("$du","$avp(myloc
> [$var(i)])");
>
>
> insert_hf("Subject:traversal\r\n",  "p-hint");
>
>                                         append_branch();
>
>
>  }
>
>
>  Much Appreciated,
>
>  Tito
>
> On Fri, Sep 12, 2014 at 5:45 PM, Tito Cumpen <tito at xsvoce.com> wrote:
>
>> Thanks Bogdan,
>>
>>  I found this shortly after I am now allowing calls from neighbor
>> proxies to enter if the ret code is only 3 stale. Thanks for your
>> suggestion on handling this in branch route I will now check if $du
>> (neighbor) proxy is the branch hop in order to allow credentials to linger
>> or be removed.
>>
>>
>>
>> On Fri, Sep 12, 2014 at 9:41 AM, Bogdan-Andrei Iancu <bogdan at opensips.org
>> > wrote:
>>
>>>  Hi Tito,
>>>
>>> If you do not to "consume credentials" after auth, the credentials will
>>> stay in your requests and they will be forwarded to the next hop (this is
>>> what you want, right ?).
>>>
>>> You can use branch_route[] to remove the credentials in a per branch
>>> manner .
>>>
>>> Regards,
>>>
>>> Bogdan-Andrei Iancu
>>> OpenSIPS Founder and Developerhttp://www.opensips-solutions.com
>>>
>>>  On 10.09.2014 23:59, Tito Cumpen wrote:
>>>
>>>  Group,
>>>
>>>
>>>  What is the adequate way to include or insert nonce response after a
>>> proxy challenge?
>>> I am forwarding invites to local and remote locations by forking. The
>>> remote proxy checks againsts the same db for authentication. Therefore I
>>> would to include the proxy authorization header when forwarding the invite
>>> to the remote locations. Currently I am being sent a 407 by the remote
>>> proxy which consequently kills ends the branch.
>>>
>>>
>>> Thanks,
>>> Tito
>>>
>>>
>>>  _______________________________________________
>>> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20140924/68dd1966/attachment-0001.htm>


More information about the Users mailing list