[Users] Re: Digest Authentication Problem with header parsing problem

Abdurrahman Sahin abdsahin at gmail.com
Sun Apr 1 14:57:38 CEST 2007


hi all;
i solved my problem;
i was setting my server's ip address as the realm, and i guess providing an ip address as the realm causes problem.
so i changed the realm name to a domain name , then set a sip proxy address for the client
i also changed SIP_DOMAIN to a domain name.

  ----- Original Message ----- 
  From: Abdurrahman Sahin 
  To: users at openser.org 
  Sent: Sunday, April 01, 2007 3:00 PM
  Subject: Digest Authentication Problem with header parsing problem


  hi all;
  i'm trying to activate digest authentication with mysql, but i see a strange parsing error in the logs.

  here is my logser log
  ==================
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: New request - M=REGISTER RURI=sip:server_public_ip_address F=<null> T=sip:apo at server_public_ip_address IP=ua_public_ip_address ID=NWYyZGNjMWRjYjFlNTk5YjlhMjE5ODA4MWQ0ZGFiNTY.
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: DEBUG:maxfwd:is_maxfwd_present: value = 70
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: parse_headers: flags=200
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: get_hdr_field: cseq <CSeq>: <1> <REGISTER>
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: DEBUG: get_hdr_body : content_length=0
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: found end of header
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: find_first_route: No Route headers found
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: loose_route: There is no Route HF
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: parse_headers: flags=ffffffffffffffff
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: check_via_address(ua_public_ip_address, ua_public_ip_address, 0)
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: parse_headers: flags=4000
  Apr  1 13:39:04 testsrv200 /usr/local/sbin/openser[577]: pre_auth(): Credentials with given realm not found
  ] in status 6: <<"apo"<sip:apo at ua_public_ip_address;tag=5d692f7d>> . R: parse_to : unexpected char [
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: ERROR:parse_from_header: bad from header
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: set_err_info: ec: 1, el: 3, ei: 'error parsing From'
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: xl_get_from_attr: ERROR cannot parse FROM header
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: Register authentication failed - M=REGISTER RURI=sip:server_public_ip_address F=<null> T=sip:apo at server_public_ip_address IP=ua_public_ip_address ID=NWYyZGNjMWRjYjFlNTk5YjlhMjE5ODA4MWQ0ZGFiNTY.
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: build_auth_hf(): 'WWW-Authenticate: Digest realm="server_public_ip_address", nonce ' 60f8cf5a7a5eb40c26f914280272b51f58caaa7"
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: parse_headers: flags=ffffffffffffffff
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: check_via_address(ua_public_ip_address, ua_public_ip_address, 0)
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: DEBUG:destroy_avp_list: destroying list (nil)
  Apr  1 13:39:05 testsrv200 /usr/local/sbin/openser[577]: receive_msg: cleaning up



  and sip msg received at the server side
  ==============================
  U ua_public_ip_address:28443 -> 192.168.200.2:5060
  REGISTER sip:server_public_ip_address SIP/2.0.
  Via: SIP/2.0/UDP ua_public_ip_address:28443;branch=z9hG4bK-d87543-08523511e5151c18-1--d87543-;rport.
  Max-Forwards: 70.
  Contact: <sip:apo at ua_public_ip_address:28443;rinstance=1ff3024a97431241>.
  To: "apo"<sip:apo at server_public_ip_address>.
  From: "apo"<sip:apo at ua_public_ip_address;tag=5d692f7d.
  Call-ID: NWYyZGNjMWRjYjFlNTk5YjlhMjE5ODA4MWQ0ZGFiNTY..
  CSeq: 1 REGISTER.
  Expires: 3600.
  Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO.
  User-Agent: X-Lite release 1006e stamp 34025.
  Content-Length: 0.
  .

  #
  U 192.168.200.2:5060 -> ua_public_ip_address:28443
  SIP/2.0 100 Trying.
  Via: SIP/2.0/UDP ua_public_ip_address:28443;branch=z9hG4bK-d87543-08523511e5151c18-1--d87543-;rport=28443.
  To: "apo"<sip:apo at server_public_ip_address>.
  From: "apo"<sip:apo at ua_public_ip_address;tag=5d692f7d.
  Call-ID: NWYyZGNjMWRjYjFlNTk5YjlhMjE5ODA4MWQ0ZGFiNTY..
  CSeq: 1 REGISTER.
  Server: OpenSER (1.2.0-notls (x86_64/linux)).
  Content-Length: 0.
  .

  #
  U 192.168.200.2:5060 -> ua_public_ip_address:28443
  SIP/2.0 401 Unauthorized.
  Via: SIP/2.0/UDP ua_public_ip_address:28443;branch=z9hG4bK-d87543-08523511e5151c18-1--d87543-;rport=28443.
  To: "apo"<sip:apo at server_public_ip_address>;tag=329cfeaa6ded039da25ff8cbb8668bd2.4f01.
  From: "apo"<sip:apo at ua_public_ip_address;tag=5d692f7d.
  Call-ID: NWYyZGNjMWRjYjFlNTk5YjlhMjE5ODA4MWQ0ZGFiNTY..
  CSeq: 1 REGISTER.
  WWW-Authenticate: Digest realm="server_public_ip_address", nonce="460f8cf5a7a5eb40c26f914280272b51f58caaa7".
  Server: OpenSER (1.2.0-notls (x86_64/linux)).
  Content-Length: 0.




  openser.cfg file register section
  =======================================
  # Request route 'base-route-register'
  ########################################################################
  route[2]
  {
          sl_send_reply("100", "Trying");
          if(!www_authorize("server_public_ip_address", "subscriber"))
          {

                  xlog("L_INFO", "Register authentication failed - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                  www_challenge("server_public_ip_address", "0");
                  exit;
          }
          if(!check_to())
          {

                  xlog("L_INFO", "Spoofed To-URI detected - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                  sl_send_reply("403", "Spoofed To-URI Detected");
                  exit;
          }
          consume_credentials();
          if(!search("^Contact:[ ]*\*") && nat_uac_test("19"))
          {
                  fix_nated_register();
                  setbflag(6);
          }
          if(!save("location"))
          {

                  xlog("L_ERR", "Saving contact failed - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                  sl_reply_error();
                  exit;
          }

          xlog("L_INFO", "Registration successful - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
          exit;

  }

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kamailio.org/pipermail/users/attachments/20070401/5e1bed3e/attachment.htm 


More information about the Users mailing list