21 Feb
2006
21 Feb
'06
2:04 p.m.
Pat wang wrote:
Morning everyone,
Has anyone tried authentication of Re-INVITE on SER? When I add the
proxy_challenge to the ReInvite in the SER configure file, the ACK for
407 from the client is porxied by SER to the other side. The signalling
looks like:
caller----------------------SER---------------------Callee
------------------ normal call setup--------------------
--------------------------blha blha-----------------------
-------------------------------------------------------------
---call hold Re-Invite--->
<--- 407 challenge------
--------ACK----------------->
-------------ACK---------> *** This is
not to be proxied!
----ReInvite--------------->
----------------------etc etc............
Anyone seen this while doing similar thing on SER? How can I stop SER
proxing this ACK just like the way SER treat the original Invite with
authentiacion?
Here is the authentication part in the loose route block of my SER
config file:
if (method=="INVITE") {
if (!proxy_authorize("test.com", "subscriber")) {
proxy_challenge( "test.com", "0");
break;
};
};
AFAIK, proxy challenge sends a stateless reply. ACK to stateless replies
should be absorbed by ser immediately without entering the ser.cfg
routing script. Thus, probably ser can't detect this ACK as stateless.
Please watch syslog (debug=4 and "tail -f /var/log/syslog|grep -v qm_")
and verify why ser does nto detect a "stateless" ACK.
Also verifiy the ACK if all the tags are correctly copied from 40x to
the ACK. Maybe this is cause by the branch=0 bug?
regards
klaus