[OpenSIPS-Users] including auth nonce header in next hop

Bogdan-Andrei Iancu bogdan at opensips.org
Thu Oct 2 18:45:50 CEST 2014


Hello Tito,

Simply use the setbflag() functions:
http://www.opensips.org/Documentation/Script-CoreFunctions-1-11#toc21
http://www.opensips.org/Documentation/Script-CoreFunctions-1-11#toc50

Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com

On 24.09.2014 22:11, Tito Cumpen wrote:
> Bogdan,
>
>
> After reconsidering the requirements I find the easiest thing to do 
> would be to set a flag on the branch during its creation and remove 
> the header in the per branch route. Although I cant seem to find 
> examples of setting a branch flag and referencing to it. Do you have 
> documentation or examples you can point me to?
>
> Thanks,
> Tito
>
> On Wed, Sep 17, 2014 at 3:36 AM, Bogdan-Andrei Iancu 
> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>
>     Hi Tito,
>
>     Instead of consume_credentials() you can simply do
>     remove_hf("Proxy-Authorization") - it does the same.
>
>     Regarding the second part, I do not get the problem - in branch
>     route, if $du or $ru does not point to you, you want to remove the
>     credentials - what the is the problem here ?
>
>     Regards,
>
>     Bogdan-Andrei Iancu
>     OpenSIPS Founder and Developer
>     http://www.opensips-solutions.com
>
>     On 17.09.2014 08:13, Tito Cumpen wrote:
>>     Bogdan,
>>
>>     the branch route seems pretty limited in functionality. How would
>>     you compare a $du to allow credentials to traverse when they are
>>     going to a neighbor proxy? Also noticed you cant use
>>     consume_credentials().
>>
>>     if(uri != myself ) {
>>
>>     #consume_credentials();
>>
>>                     xlog("This is branch is not for me $ru");
>>
>>
>>     }
>>
>>
>>     the above will not work since branches are going to aor entries
>>     along with neighbor proxies set like this:
>>
>>                         while loop{
>>
>>     avp_subst("$avp(myloc[$var(i)])", "/(.+)/\sip:\0/");
>>
>>
>>     xlog("$avp(myloc[$var(i)])\n");
>>
>>     avp_pushto("$du","$avp(myloc[$var(i)])");
>>
>>     insert_hf("Subject:traversal\r\n",  "p-hint");
>>
>>     append_branch();
>>
>>
>>     }
>>
>>
>>     Much Appreciated,
>>
>>     Tito
>>
>>     On Fri, Sep 12, 2014 at 5:45 PM, Tito Cumpen <tito at xsvoce.com
>>     <mailto:tito at xsvoce.com>> wrote:
>>
>>         Thanks Bogdan,
>>
>>         I found this shortly after I am now allowing calls from
>>         neighbor proxies to enter if the ret code is only 3 stale.
>>         Thanks for your suggestion on handling this in branch route I
>>         will now check if $du (neighbor) proxy is the branch hop in
>>         order to allow credentials to linger or be removed.
>>
>>
>>
>>         On Fri, Sep 12, 2014 at 9:41 AM, Bogdan-Andrei Iancu
>>         <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>>
>>             Hi Tito,
>>
>>             If you do not to "consume credentials" after auth, the
>>             credentials will stay in your requests and they will be
>>             forwarded to the next hop (this is what you want, right ?).
>>
>>             You can use branch_route[] to remove the credentials in a
>>             per branch manner .
>>
>>             Regards,
>>
>>             Bogdan-Andrei Iancu
>>             OpenSIPS Founder and Developer
>>             http://www.opensips-solutions.com
>>
>>             On 10.09.2014 23:59, Tito Cumpen wrote:
>>>             Group,
>>>
>>>
>>>             What is the adequate way to include or insert nonce
>>>             response after a proxy challenge?
>>>             I am forwarding invites to local and remote locations by
>>>             forking. The remote proxy checks againsts the same db
>>>             for authentication. Therefore I would to include the
>>>             proxy authorization header when forwarding the invite to
>>>             the remote locations. Currently I am being sent a 407 by
>>>             the remote proxy which consequently kills ends the branch.
>>>
>>>
>>>             Thanks,
>>>             Tito
>>>
>>>
>>>             _______________________________________________
>>>             Users mailing list
>>>             Users at lists.opensips.org  <mailto:Users at lists.opensips.org>
>>>             http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20141002/02a8d517/attachment.htm>


More information about the Users mailing list