[OpenSIPS-Users] Nonce expire

Daniel Goepp dan at goepp.net
Sat Apr 3 00:17:37 CEST 2010


Or just bad math on my part, I turned up logging, and found:

Apr  2 15:15:58 ip-10-160-23-47 /usr/local/sbin/opensips[30579]:
DBG:auth:pre_auth: credentials with given realm not found

So it would appear this is not in fact a nonce expire issue, but a
credentials disappearing issue.  Not sure why those credentials are
disappearing so consistently every other register.

-dg


On Fri, Apr 2, 2010 at 2:06 PM, Daniel Goepp <dan at goepp.net> wrote:

> Ah...I see what that retcode is anyway, 2^32 = 4294967296, so those are
> really just -4 first, no credentials, then -3 stale nonce
>
> -dg
>
>
>
> On Fri, Apr 2, 2010 at 1:50 PM, Daniel Goepp <dan at goepp.net> wrote:
> >
> > A quick follow up on this, I enabled some logging, but the retcode is not
> making any sense to me (probably because I'm using it wrong).
> >
> > From my config:
> >
> >                 xlog ("REGISTER $fu");
> >                 # authenticate the REGISTER requests (uncomment to enable
> auth)
> >                 if (!www_authorize("", "subscriber"))
> >                 {
> >                         xlog ("Not authorized - challenging, error:
> $retcode");
> >                         www_challenge("", "1");
> >                         exit;
> >                 }
> >
> > Then in the log:
> >
> > Apr  2 13:49:38 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr  2 13:49:38 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: Not
> authorized - challenging, error: 4294967293
> > Apr  2 13:49:38 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr  2 13:49:58 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr  2 13:50:18 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr  2 13:50:18 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: Not
> authorized - challenging, error: 4294967292
> > Apr  2 13:50:18 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr  2 13:50:38 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr  2 13:50:58 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> > Apr  2 13:50:58 ip-10-160-23-47 /usr/local/sbin/opensips[30180]: Not
> authorized - challenging, error: 4294967292
> > Apr  2 13:50:58 ip-10-160-23-47 /usr/local/sbin/opensips[30182]: REGISTER
> sip:1001 at vidtel.com <sip%3A1001 at vidtel.com>
> >
> > Also I'm running 1.6.2-tls compiled today from latest 1_6 branch in SVN.
> >
> > -dg
> >
> >
> > On Fri, Apr 2, 2010 at 1:40 PM, Daniel Goepp <dan at goepp.net> wrote:
> >>
> >> I'm having some trouble with nonce expiring I believe.  The problem is
> that every other one of my endpoint registrations is doing an auth challenge
> w/401.
> >>
> >> From my config:
> >> modparam("registrar", "default_expires", 60)
> >> modparam("registrar", "min_expires", 60)
> >> modparam("registrar", "max_expires", 60
> >>
> >> modparam("auth", "nonce_expire", 3600)
> >>
> >> From this I would expect the devices to try to register every 60
> seconds, and get challenged every hour with a new nonce.
> >>
> >> Comments on why OpenSIPS is challenging every other registration?
> >>
> >> Thanks
> >>
> >> -dg
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20100402/902fae60/attachment.htm 


More information about the Users mailing list