<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <font face="monospace">Hi Bob,<br>
      <br>
      <br>
      Use the below to double check which party is failing in computing
      the right auth response.<br>
      <br>
      <a class="moz-txt-link-freetext" href="https://openplatform.xyz/sip_register_digest_authentication.html">https://openplatform.xyz/sip_register_digest_authentication.html</a><br>
      <br>
      <br>
      Regards,<br>
    </font>
    <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  <a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
  <a class="moz-txt-link-freetext" href="https://www.opensips.org/events/Summit-2022Athens/">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
    <div class="moz-cite-prefix">On 9/7/22 10:46 PM, Bob Atkins wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:a95dda7b-f2a2-b022-7c57-235f7d81ff18@digilink.net">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      Iancu,<br>
      <br>
      Thank you!! You identified the problem. Turns out that I had
      failed to add the IP for the OpenSIPS proxy to a firewall that was
      blocking the response from this new sip server (facepalm) to the
      device :-(<br>
      <br>
      So, once I fixed the firewall I thought that would be it...  Not
      my luck.<br>
      <br>
      Now it is challenging and <i><u><b>rejecting!</b></u></i> The HA1
      is failing to compare! But the passwords are correct!  Now I am
      really mystified.<br>
      <br>
      I created identical DB entries for this unit in both the original
      OpenSER system and the OpenSIPS system.<br>
      <br>
      Registration to the OpenSER system works perfectly - HA1
      validates. When I change the sip server to the new system, to
      OpenSIPS system fails due to mismatched HA1. Whaaa.... ?!?! <br>
      <br>
      Mismatched HA1 would imply a password failure but I have
      absolutely, positively verified the passwords in both database
      entries and the <i><u><b>only</b></u></i> thing I change on the
      device is the sip server. It should just register on the new
      system. I have attached packet capture of the transaction between
      the device and teh OpenSIPSs system.<br>
      <br>
      I have absolutely, positively copied and pasted (no trailing nl or
      spaces) and verified that the passwords are the same in both
      databases and also the same on the device.<br>
      <br>
      <table width="1624" cellspacing="0" cellpadding="0" border="0">
        <colgroup><col
            style="mso-width-source:userset;mso-width-alt:2816;
            width:58pt" width="77" span="2"> <col
            style="mso-width-source:userset;mso-width-alt:2523;width:52pt"
            width="69"> <col
            style="mso-width-source:userset;mso-width-alt:2633;
            width:54pt" width="72" span="2"> <col
            style="mso-width-source:userset;mso-width-alt:2450;width:50pt"
            width="67"> <col
            style="mso-width-source:userset;mso-width-alt:2816;width:58pt"
            width="77"> <col
            style="mso-width-source:userset;mso-width-alt:3364;width:69pt"
            width="92"> <col
            style="mso-width-source:userset;mso-width-alt:3949;width:81pt"
            width="108"> <col
            style="mso-width-source:userset;mso-width-alt:4132;width:85pt"
            width="113"> <col
            style="mso-width-source:userset;mso-width-alt:3986;width:82pt"
            width="109"> <col
            style="mso-width-source:userset;mso-width-alt:987;width:20pt"
            width="27"> <col
            style="mso-width-source:userset;mso-width-alt:3584;width:74pt"
            width="98"> <col
            style="mso-width-source:userset;mso-width-alt:1938;width:40pt"
            width="53"> <col
            style="mso-width-source:userset;mso-width-alt:1024;width:21pt"
            width="28"> <col
            style="mso-width-source:userset;mso-width-alt:1280;width:26pt"
            width="35"> <col
            style="mso-width-source:userset;mso-width-alt:2304;width:47pt"
            width="63"> <col
            style="mso-width-source:userset;mso-width-alt:2194;width:45pt"
            width="60"> <col
            style="mso-width-source:userset;mso-width-alt:1024;width:21pt"
            width="28"> <col
            style="mso-width-source:userset;mso-width-alt:1426;width:29pt"
            width="39"> <col
            style="mso-width-source:userset;mso-width-alt:1133;width:23pt"
            width="31"> <col
            style="mso-width-source:userset;mso-width-alt:2669;width:55pt"
            width="73"> <col
            style="mso-width-source:userset;mso-width-alt:5705;width:117pt"
            width="156"> </colgroup><tbody>
          <tr style="height:12.75pt" height="17">
            <td colspan="3" style="height:12.75pt;mso-ignore:colspan;
              width:168pt" width="223" height="17">OpenSER DB subscriber
              entery</td>
            <td style="width:54pt" width="72"><br>
            </td>
            <td style="width:54pt" width="72"><br>
            </td>
            <td style="width:50pt" width="67"><br>
            </td>
            <td style="width:58pt" width="77"><br>
            </td>
            <td style="width:69pt" width="92"><br>
            </td>
            <td style="width:81pt" width="108"><br>
            </td>
            <td style="width:85pt" width="113"><br>
            </td>
            <td style="width:82pt" width="109"><br>
            </td>
            <td style="width:20pt" width="27"><br>
            </td>
            <td style="width:74pt" width="98"><br>
            </td>
            <td style="width:40pt" width="53"><br>
            </td>
            <td style="width:21pt" width="28"><br>
            </td>
            <td style="width:26pt" width="35"><br>
            </td>
            <td style="width:47pt" width="63"><br>
            </td>
            <td style="width:45pt" width="60"><br>
            </td>
            <td style="width:21pt" width="28"><br>
            </td>
            <td style="width:29pt" width="39"><br>
            </td>
            <td style="width:23pt" width="31"><br>
            </td>
            <td style="width:55pt" width="73"><br>
            </td>
            <td style="width:117pt" width="156"><br>
            </td>
          </tr>
          <tr style="height:12.75pt" height="17">
            <td style="height:12.75pt" height="17">phplib_id</td>
            <td>username</td>
            <td>domain</td>
            <td>password</td>
            <td>first_name</td>
            <td>last_name</td>
            <td>phone</td>
            <td>email_address</td>
            <td>datetime_created</td>
            <td>datetime_modified</td>
            <td>confirmation</td>
            <td>flag</td>
            <td>sendnotification</td>
            <td>greeting</td>
            <td>ha1</td>
            <td>ha1b</td>
            <td>allow_find</td>
            <td>timezone</td>
            <td>rpid</td>
            <td>domn</td>
            <td>uuid</td>
            <td>customerID</td>
            <td>customerName</td>
          </tr>
          <tr style="height:12.75pt" height="17">
            <td style="height:12.75pt" height="17" align="right">3105738133</td>
            <td align="right">3105738133</td>
            <td>digilink.net</td>
            <td>XXXXXXXX</td>
            <td>PPC Home</td>
            <td>Fax</td>
            <td align="right">3105738133</td>
            <td><br>
            </td>
            <td class="xl24" align="right">7/5/2012 16:36</td>
            <td class="xl24" align="right">11/7/2021 13:58</td>
            <td><br>
            </td>
            <td>o</td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td align="right">0</td>
            <td>\N</td>
            <td>\N</td>
            <td>\N</td>
            <td>\N</td>
            <td align="right">72</td>
            <td>DigiLink Internet Services</td>
          </tr>
          <tr style="height:12.75pt" height="17">
            <td style="height:12.75pt" height="17"><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td class="xl24"><br>
            </td>
            <td class="xl24"><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
          </tr>
          <tr style="height:12.75pt" height="17">
            <td colspan="3" style="height:12.75pt;mso-ignore:colspan"
              height="17">OpenSIPS DB subscriber entry</td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
          </tr>
          <tr style="height:12.75pt" height="17">
            <td style="height:12.75pt" height="17">id</td>
            <td>username</td>
            <td>domain</td>
            <td>password</td>
            <td>cr_preferred_carrier</td>
            <td>first_name</td>
            <td>last_name</td>
            <td>phone</td>
            <td>email_address</td>
            <td>datetime_created</td>
            <td>datetime_modified</td>
            <td>confirmation</td>
            <td>flag</td>
            <td>sendnotification</td>
            <td>greeting</td>
            <td>allow_find</td>
            <td>timezone</td>
            <td>customerID</td>
            <td>customerName</td>
            <td>ha1</td>
            <td>ha1_sha256</td>
            <td>ha1_sha512t256</td>
            <td>rpid</td>
          </tr>
          <tr style="height:12.75pt" height="17">
            <td style="height:12.75pt" height="17" align="right">1</td>
            <td align="right">3105738133</td>
            <td>digidial</td>
            <td>XXXXXXXX</td>
            <td>\N</td>
            <td>PPC Home</td>
            <td>Fax</td>
            <td align="right">3105738133</td>
            <td><a class="moz-txt-link-abbreviated"
                href="mailto:bob@planeparts.com" moz-do-not-send="true">bob@planeparts.com</a></td>
            <td class="xl24" align="right">7/5/2012 16:36</td>
            <td class="xl24" align="right">11/7/2021 13:58</td>
            <td><br>
            </td>
            <td align="right">0</td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td><br>
            </td>
            <td align="right">72</td>
            <td colspan="4" style="mso-ignore:colspan">DigiLink Internet
              Services</td>
            <td>\N</td>
          </tr>
        </tbody>
      </table>
      <br>
      <br>
      Registration code:<br>
      <br>
      OpenSER system:<br>
      <br>
      <font face="monospace">modparam("auth_db", "calculate_ha1", yes)<br>
        modparam("auth_db", "password_column", "password")<br>
        <br>
                        if (method=="REGISTER") {<br>
                                    #xlog("L_INFO","[$rm][$ft][$tt]
        Processing registration");<br>
        <br>
                            if (!www_authorize("digilink.net",
        "subscriber")) {<br>
                                        #xlog("L_INFO","[$rm][$ft][$tt]
        Challenging peer");<br>
                                www_challenge("digilink.net", "0");<br>
                                exit;<br>
                            };<br>
        <br>
                            xlog("L_INFO","[$rm][$ft][$tt] Registered
        $fu from $si");<br>
                            save("location");<br>
                            exit;<br>
                        };<br>
      </font><br>
      ==============<br>
      OpenSIPS system<br>
      <br>
      <font face="monospace">#### AUTH Db module<br>
        loadmodule "auth.so"<br>
        loadmodule "auth_db.so"<br>
        modparam("auth_db", "calculate_ha1", 1)<br>
        modparam("auth_db", "use_domain", 1)<br>
        modparam("auth_db", "user_column", "username")<br>
        modparam("auth_db", "password_column", "password")<br>
        modparam("auth_db", "load_credentials", "")<br>
        <br>
        <br>
                if (is_method("REGISTER")) {<br>
                    xlog("L_INFO", "REGISTER: [$tu] request from
        [$si]");<br>
                    xlog("L_INFO","[$ft][$au]@[$ad] - Processing
        registration");<br>
                    xlog("L_INFO", "REGISTER: www_authorize returned
        [$var(x)] to authenticate with [$rU]$ru credential");<br>
                    <br>
                    if (!www_authorize("digilink.net", "subscriber")) {<br>
                        xlog("L_INFO","CHALLENGE: [$ft][$tt]");<br>
                        www_challenge("digilink.net","auth","MD5");<br>
                        exit;<br>
                    } else {<br>
                        xlog("L_ALERT", "REGISTER: URI [$tu][$rU]$ru
        credential from [$si] - FAILED!");<br>
                        sl_send_reply(403, "Not Authorized!");<br>
                        exit;<br>
                    }<br>
        <br>
                    xlog("L_INFO", "REGISTER: URI [$tu] -
        [$rm][$ft][$tt] Registered $fu from $si");<br>
                    save("location");<br>
                    exit;<br>
                }</font><br>
      <br>
    </blockquote>
    <br>
  </body>
</html>