After looking at this I'm almost sure it is the 32 vs. 33 flag thing. I guess
you changed the flag by hand in the DB, right? In this case you would have to
restart SER or use ser_ctl to reload the domains, because the domain
attributes are cached in memory.
Nils
On Wednesday 10 January 2007 13:46, tzieleniewski wrote:
Sorry my copy/paste mistake (wrong window)
the actually sent message is printed below:
[I used the latest cvs version from yesterday:)]
I also tried to change the flag in ofthe digest_realm atrribute
like the Samuel said but it didn't help.
SEND >> 127.0.0.1:5060
REGISTER sip:sipproxy.hellboy.touk.pl SIP/2.0
Via: SIP/2.0/UDP
192.168.1.10:7000;rport;branch=z9hG4bK0E4F7962011FAB0614802558EC3111BF
From: tzl <sip:tzl@sipproxy.hellboy.touk.pl>;tag=356809508
To: tzl <sip:tzl@sipproxy.hellboy.touk.pl>
Contact: "tzl" <sip:tzl@192.168.1.10:7000>
Call-ID: 7BD87155EB1AD7E9F60729227BA31D18(a)sipproxy.hellboy.touk.pl
CSeq: 43133 REGISTER
Expires: 1800
Max-Forwards: 70
User-Agent: X-Lite release 1105d
Content-Length: 0
below is the dump_attrs()output:
4(3626) INFO: avp.c:540: class=GLOBAL
4(3626) AVP["lang"]="en"
4(3626) INFO: avp.c:550: track=FROM class=DOMAIN
4(3626) AVP["did"]="sipproxy.hellboy.touk.pl"
4(3626) INFO: avp.c:560: track=TO class=DOMAIN
4(3626) AVP["did"]="sipproxy.hellboy.touk.pl"
4(3626) INFO: avp.c:570: track=FROM class=USER
4(3626) INFO: No AVP present
4(3626) INFO: avp.c:580: track=TO class=USER
4(3626) INFO: No AVP present
4(3626) INFO: avp.c:590: track=FROM class=URI
4(3626) INFO: No AVP present
4(3626) INFO: avp.c:600: track=TO class=URI
4(3626) INFO: No AVP present
4(3626) ERROR: authorize.c:359: Cannot obtain digest realm from parameter
'$fd.digest_realm'
Tomasz
> To me the problem is very obvious ;-) :
>
> You have defined a domain called "sipproxy.hellboy.touk.pl". But in the
> REGISTER requests the To header contains "scscf.ims.touk.pl". So SER is
> not able to identify the target domain, and thus can not load the domain
> attributes. So their is no domain AVP digest_realm when www_authenticate
> is called.
> What I dont get is why you do not receive the 403 from the check before.
> Could you do me a favor and change your config like this:
> if (method=="REGISTER") {
> dump_attrs();
> if (!$t.did) {
> And send me the log output after another try. That would be a big help.
>
> Thanks
> Nils
>
> On Tuesday 09 January 2007 12:03, tzieleniewski wrote:
> > HI All!
> >
> > I have encountered the following error and don't know waht to do with
> > it:) ERROR: authorize.c:359: Cannot obtain digest realm from parameter
> > '$fd.digest_realm' the situation takes places when the following sip
> > massage arives at ser: #
> > U 2007/01/09 11:43:02.274949 127.0.0.1:7000 -> 127.0.0.1:5060
> > REGISTER sip:scscf.ims.touk.pl SIP/2.0.
> > Via: SIP/2.0/UDP
> > 127.0.0.1:7000;rport;branch=z9hG4bK2575034C94BE793615C5BEE814464E5B.
> > From: tzl <sip:tzl@scscf.ims.touk.pl>;tag=1829574745.
> > To: tzl <sip:tzl@scscf.ims.touk.pl>.
> > Contact: "tzl" <sip:tzl@127.0.0.1:7000>.
> > Call-ID: 3E67EAEFDC8BFC73844E4D0F849DF676(a)scscf.ims.touk.pl.
> > CSeq: 38402 REGISTER.
> > Expires: 1800.
> > Max-Forwards: 70.
> > User-Agent: X-Lite release 1105d.
> > Content-Length: 0.
> > .
> >
> > My Register logic looks like this:
> > route[REGISTER]
> > {
> > if (method=="REGISTER") {
> > if (!$t.did) {
> > sl_send_reply("403", "Register forwarding
forbidden");
> > drop;
> > }
> > if (!www_authenticate("$fd.digest_realm",
"credentials")) {
> > if ($? == -2) {
> > sl_send_reply("500", "Internal Server Error");
> > } else if ($? == -3) {
> > sl_send_reply("400", "Bad Request");
> > } else {
> > if ($digest_challenge) {
> > append_to_reply("%$digest_challenge");
> > }
> > sl_send_reply("401", "Unauthorized");
> > }
> > drop;
> > };
> > }
> >
> > and here are my database contensts:
> > mysql> select * from uri;
> > +------------------------------+--------------------------+----------+-
> >---- --+--------+
> >
> > | uid | did | username |
> > | flags | scheme |
> >
> > +------------------------------+--------------------------+----------+-
> >---- --+--------+
> >
> > | tzl(a)sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | tzl |
> > | 61 | sip |
> >
> > +------------------------------+--------------------------+----------+-
> >---- --+--------+
> >
> > mysql> select * from domain;
> > +--------------------------+--------------------------+-------+
> >
> > | did | domain | flags |
> >
> > +--------------------------+--------------------------+-------+
> >
> > | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | 37 |
> >
> > +--------------------------+--------------------------+-------+
> >
> > mysql> select * from domain_attrs;
> > +--------------------------+--------------+------+---------------------
> >---- -+-------+
> >
> > | did | name | type | value
> > |
> > | | flags |
> >
> > +--------------------------+--------------+------+---------------------
> >---- -+-------+
> >
> > | sipproxy.hellboy.touk.pl | sw_admin | 2 | 0
> > |
> > | | 32 | sipproxy.hellboy.touk.pl | digest_realm | 2 |
> > |
> > | sipproxy.hellboy.touk.pl | 32 |
> >
> > +--------------------------+--------------+------+---------------------
> >---- -+-------+
> >
> > mysql> select * from credentials;
> > +---------------+--------------------------+--------------------------+
> >----
> > ------+-------+----------------------------------+---------------------
> >----- --------+------------------------------+
> >
> > | auth_username | did | realm |
> > | password | flags | ha1 | ha1b
> > |
> > | | uid |
> >
> > +---------------+--------------------------+--------------------------+
> >----
> > ------+-------+----------------------------------+---------------------
> >----- --------+------------------------------+
> >
> > | tzl | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl |
> > | tzl
> > |
> > | | 33 | df4a49c51b082f68b792d7e2177c6ed8 |
> > |
> > | 8ba18e21048f2f587ad3386b54b99e5e | tzl(a)sipproxy.hellboy.touk.pl |
> > | admin
> > |
> > | | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | heslo
> > | | |
> > |
> > | 32 | |
> > |
> > | | 0 |
> >
> > +---------------+--------------------------+--------------------------+
> >----
> > ------+-------+----------------------------------+---------------------
> >----- --------+------------------------------+