[OpenSIPS-Users] learning the realm from authentication challenges

Ben Newlin Ben.Newlin at genesys.com
Fri Sep 25 01:51:29 EST 2020


According to the docs, $ar provides the realm from the “Authorization” or “Proxy-Authorization” headers. Not from the ”Proxy-Authenticate” header, which is what you have.

https://www.opensips.org/Documentation/Script-CoreVar-3-1#toc6

Ben Newlin

From: Users <users-bounces at lists.opensips.org>
Date: Thursday, September 24, 2020 at 9:31 PM
To: OpenSIPS users mailling list <users at lists.opensips.org>
Subject: [OpenSIPS-Users] learning the realm from authentication challenges
I'm trying to recover the realm of an auth challenge to OpenSIPS so I can respond to it with the uac_auth() function, and that requires knowing the realm.  The docs say that $ar<https://www.opensips.org/Documentation/Script-CoreVar-3-1#toc6> should provide that, perhaps written like $(<reply>ar) to get it in the right context.  I'm having some trouble getting the data.

failure_route[relay_failure] {
...
        if (t_check_status("407")) {
                xlog("L_NOTICE", "[1] Proxy-Authenticate: $(<reply>hdr(Proxy-Authenticate))\n");
                xlog("L_NOTICE", "[2] Auth Realm: $(<reply>ar)\n");
                xlog("L_NOTICE", "[3] Auth Realm: $ar\n");
        }
...
}

The logs show:

/usr/sbin/opensips[33044]: [1] Proxy-Authenticate: Digest realm="asterisk", nonce="5f6d42140000936ad820dbcd452e6bcd145777e458dd46dd", qop="auth"
/usr/sbin/opensips[33044]: [2] Auth Realm reply: <null>
/usr/sbin/opensips[33044]: [3] Auth Realm: <null>

Is it possible to get the realm?  Is it possible to build a response with uac_auth() for an arbitrary authentication challenge?

This is on 3.1.0~20200923~88f89e941.



- Jeff

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20200925/bccc36c3/attachment.html>


More information about the Users mailing list