<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<font face="monospace">I'm quite sure OpenSIPS is computing the auth
correctly, after all you are the only one complaining on this. And
the point is to identify which side is not doing the proper
computing and eventually see why - it may be a setting, a typo,
etc...<br>
<br>
Just my 2 cents on the matter.<br>
</font>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
<a class="moz-txt-link-freetext" href="https://www.opensips.org/events/Summit-2022Athens/">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
<div class="moz-cite-prefix">On 9/8/22 10:29 AM, Bob Atkins wrote:<br>
</div>
<blockquote type="cite"
cite="mid:a3d3566a-8d13-26cb-dd02-42d4306f9f53@digilink.net">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Iancu,<br>
<br>
I'm not sure what the point of this would be. Even if it showed
that OpenSIPS was calculating incorrectly - then what?<br>
<br>
The device registers just fine with both asterisk and OpenSER v1.1
with exactly the same parameters.<br>
<br>
The device is calculating the response correctly for 2 other
systems.<br>
<br>
OpenSIPS is clearly getting it wrong. The question is why? Or
even how. This is a pretty basic calculation.<br>
<br>
---<br>
Bob<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 9/7/2022 11:16 PM, Bogdan-Andrei
Iancu wrote:<br>
</div>
<blockquote type="cite"
cite="mid:c05fb2fd-35f7-4b5c-481c-ef6d37237a6e@opensips.org">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8">
<font face="monospace">Hi Bob,<br>
<br>
<br>
Use the below to double check which party is failing in
computing the right auth response.<br>
<br>
<a class="moz-txt-link-freetext"
href="https://openplatform.xyz/sip_register_digest_authentication.html"
moz-do-not-send="true">https://openplatform.xyz/sip_register_digest_authentication.html</a><br>
<br>
<br>
Regards,<br>
</font>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com" moz-do-not-send="true">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
<a class="moz-txt-link-freetext" href="https://www.opensips.org/events/Summit-2022Athens/" moz-do-not-send="true">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
<div class="moz-cite-prefix">On 9/7/22 10:46 PM, Bob Atkins
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:a95dda7b-f2a2-b022-7c57-235f7d81ff18@digilink.net">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8">
Iancu,<br>
<br>
Thank you!! You identified the problem. Turns out that I had
failed to add the IP for the OpenSIPS proxy to a firewall that
was blocking the response from this new sip server (facepalm)
to the device :-(<br>
<br>
So, once I fixed the firewall I thought that would be it...
Not my luck.<br>
<br>
Now it is challenging and <i><u><b>rejecting!</b></u></i> The
HA1 is failing to compare! But the passwords are correct! Now
I am really mystified.<br>
<br>
I created identical DB entries for this unit in both the
original OpenSER system and the OpenSIPS system.<br>
<br>
Registration to the OpenSER system works perfectly - HA1
validates. When I change the sip server to the new system, to
OpenSIPS system fails due to mismatched HA1. Whaaa.... ?!?! <br>
<br>
Mismatched HA1 would imply a password failure but I have
absolutely, positively verified the passwords in both database
entries and the <i><u><b>only</b></u></i> thing I change on
the device is the sip server. It should just register on the
new system. I have attached packet capture of the transaction
between the device and teh OpenSIPSs system.<br>
<br>
I have absolutely, positively copied and pasted (no trailing
nl or spaces) and verified that the passwords are the same in
both databases and also the same on the device.<br>
<br>
<table width="1624" cellspacing="0" cellpadding="0" border="0">
<colgroup><col
style="mso-width-source:userset;mso-width-alt:2816;
width:58pt" width="77" span="2"> <col
style="mso-width-source:userset;mso-width-alt:2523;width:52pt"
width="69"> <col
style="mso-width-source:userset;mso-width-alt:2633;
width:54pt" width="72" span="2"> <col
style="mso-width-source:userset;mso-width-alt:2450;width:50pt"
width="67"> <col
style="mso-width-source:userset;mso-width-alt:2816;width:58pt"
width="77"> <col
style="mso-width-source:userset;mso-width-alt:3364;width:69pt"
width="92"> <col
style="mso-width-source:userset;mso-width-alt:3949;width:81pt"
width="108"> <col
style="mso-width-source:userset;mso-width-alt:4132;width:85pt"
width="113"> <col
style="mso-width-source:userset;mso-width-alt:3986;width:82pt"
width="109"> <col
style="mso-width-source:userset;mso-width-alt:987;width:20pt"
width="27"> <col
style="mso-width-source:userset;mso-width-alt:3584;width:74pt"
width="98"> <col
style="mso-width-source:userset;mso-width-alt:1938;width:40pt"
width="53"> <col
style="mso-width-source:userset;mso-width-alt:1024;width:21pt"
width="28"> <col
style="mso-width-source:userset;mso-width-alt:1280;width:26pt"
width="35"> <col
style="mso-width-source:userset;mso-width-alt:2304;width:47pt"
width="63"> <col
style="mso-width-source:userset;mso-width-alt:2194;width:45pt"
width="60"> <col
style="mso-width-source:userset;mso-width-alt:1024;width:21pt"
width="28"> <col
style="mso-width-source:userset;mso-width-alt:1426;width:29pt"
width="39"> <col
style="mso-width-source:userset;mso-width-alt:1133;width:23pt"
width="31"> <col
style="mso-width-source:userset;mso-width-alt:2669;width:55pt"
width="73"> <col
style="mso-width-source:userset;mso-width-alt:5705;width:117pt"
width="156"> </colgroup><tbody>
<tr style="height:12.75pt" height="17">
<td colspan="3"
style="height:12.75pt;mso-ignore:colspan; width:168pt"
width="223" height="17">OpenSER DB subscriber entery</td>
<td style="width:54pt" width="72"><br>
</td>
<td style="width:54pt" width="72"><br>
</td>
<td style="width:50pt" width="67"><br>
</td>
<td style="width:58pt" width="77"><br>
</td>
<td style="width:69pt" width="92"><br>
</td>
<td style="width:81pt" width="108"><br>
</td>
<td style="width:85pt" width="113"><br>
</td>
<td style="width:82pt" width="109"><br>
</td>
<td style="width:20pt" width="27"><br>
</td>
<td style="width:74pt" width="98"><br>
</td>
<td style="width:40pt" width="53"><br>
</td>
<td style="width:21pt" width="28"><br>
</td>
<td style="width:26pt" width="35"><br>
</td>
<td style="width:47pt" width="63"><br>
</td>
<td style="width:45pt" width="60"><br>
</td>
<td style="width:21pt" width="28"><br>
</td>
<td style="width:29pt" width="39"><br>
</td>
<td style="width:23pt" width="31"><br>
</td>
<td style="width:55pt" width="73"><br>
</td>
<td style="width:117pt" width="156"><br>
</td>
</tr>
<tr style="height:12.75pt" height="17">
<td style="height:12.75pt" height="17">phplib_id</td>
<td>username</td>
<td>domain</td>
<td>password</td>
<td>first_name</td>
<td>last_name</td>
<td>phone</td>
<td>email_address</td>
<td>datetime_created</td>
<td>datetime_modified</td>
<td>confirmation</td>
<td>flag</td>
<td>sendnotification</td>
<td>greeting</td>
<td>ha1</td>
<td>ha1b</td>
<td>allow_find</td>
<td>timezone</td>
<td>rpid</td>
<td>domn</td>
<td>uuid</td>
<td>customerID</td>
<td>customerName</td>
</tr>
<tr style="height:12.75pt" height="17">
<td style="height:12.75pt" height="17" align="right">3105738133</td>
<td align="right">3105738133</td>
<td>digilink.net</td>
<td>XXXXXXXX</td>
<td>PPC Home</td>
<td>Fax</td>
<td align="right">3105738133</td>
<td><br>
</td>
<td class="xl24" align="right">7/5/2012 16:36</td>
<td class="xl24" align="right">11/7/2021 13:58</td>
<td><br>
</td>
<td>o</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td align="right">0</td>
<td>\N</td>
<td>\N</td>
<td>\N</td>
<td>\N</td>
<td align="right">72</td>
<td>DigiLink Internet Services</td>
</tr>
<tr style="height:12.75pt" height="17">
<td style="height:12.75pt" height="17"><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td class="xl24"><br>
</td>
<td class="xl24"><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
</tr>
<tr style="height:12.75pt" height="17">
<td colspan="3"
style="height:12.75pt;mso-ignore:colspan" height="17">OpenSIPS
DB subscriber entry</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
</tr>
<tr style="height:12.75pt" height="17">
<td style="height:12.75pt" height="17">id</td>
<td>username</td>
<td>domain</td>
<td>password</td>
<td>cr_preferred_carrier</td>
<td>first_name</td>
<td>last_name</td>
<td>phone</td>
<td>email_address</td>
<td>datetime_created</td>
<td>datetime_modified</td>
<td>confirmation</td>
<td>flag</td>
<td>sendnotification</td>
<td>greeting</td>
<td>allow_find</td>
<td>timezone</td>
<td>customerID</td>
<td>customerName</td>
<td>ha1</td>
<td>ha1_sha256</td>
<td>ha1_sha512t256</td>
<td>rpid</td>
</tr>
<tr style="height:12.75pt" height="17">
<td style="height:12.75pt" height="17" align="right">1</td>
<td align="right">3105738133</td>
<td>digidial</td>
<td>XXXXXXXX</td>
<td>\N</td>
<td>PPC Home</td>
<td>Fax</td>
<td align="right">3105738133</td>
<td><a class="moz-txt-link-abbreviated
moz-txt-link-freetext"
href="mailto:bob@planeparts.com"
moz-do-not-send="true">bob@planeparts.com</a></td>
<td class="xl24" align="right">7/5/2012 16:36</td>
<td class="xl24" align="right">11/7/2021 13:58</td>
<td><br>
</td>
<td align="right">0</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td><br>
</td>
<td align="right">72</td>
<td colspan="4" style="mso-ignore:colspan">DigiLink
Internet Services</td>
<td>\N</td>
</tr>
</tbody>
</table>
<br>
<br>
Registration code:<br>
<br>
OpenSER system:<br>
<br>
<font face="monospace">modparam("auth_db", "calculate_ha1",
yes)<br>
modparam("auth_db", "password_column", "password")<br>
<br>
if (method=="REGISTER") {<br>
#xlog("L_INFO","[$rm][$ft][$tt]
Processing registration");<br>
<br>
if (!www_authorize("digilink.net",
"subscriber")) {<br>
#xlog("L_INFO","[$rm][$ft][$tt] Challenging peer");<br>
www_challenge("digilink.net", "0");<br>
exit;<br>
};<br>
<br>
xlog("L_INFO","[$rm][$ft][$tt]
Registered $fu from $si");<br>
save("location");<br>
exit;<br>
};<br>
</font><br>
==============<br>
OpenSIPS system<br>
<br>
<font face="monospace">#### AUTH Db module<br>
loadmodule "auth.so"<br>
loadmodule "auth_db.so"<br>
modparam("auth_db", "calculate_ha1", 1)<br>
modparam("auth_db", "use_domain", 1)<br>
modparam("auth_db", "user_column", "username")<br>
modparam("auth_db", "password_column", "password")<br>
modparam("auth_db", "load_credentials", "")<br>
<br>
<br>
if (is_method("REGISTER")) {<br>
xlog("L_INFO", "REGISTER: [$tu] request from
[$si]");<br>
xlog("L_INFO","[$ft][$au]@[$ad] - Processing
registration");<br>
xlog("L_INFO", "REGISTER: www_authorize returned
[$var(x)] to authenticate with [$rU]$ru credential");<br>
<br>
if (!www_authorize("digilink.net",
"subscriber")) {<br>
xlog("L_INFO","CHALLENGE: [$ft][$tt]");<br>
www_challenge("digilink.net","auth","MD5");<br>
exit;<br>
} else {<br>
xlog("L_ALERT", "REGISTER: URI [$tu][$rU]$ru
credential from [$si] - FAILED!");<br>
sl_send_reply(403, "Not Authorized!");<br>
exit;<br>
}<br>
<br>
xlog("L_INFO", "REGISTER: URI [$tu] -
[$rm][$ft][$tt] Registered $fu from $si");<br>
save("location");<br>
exit;<br>
}</font><br>
<br>
</blockquote>
<br>
</blockquote>
<br>
</blockquote>
<br>
</body>
</html>