Hi Eric,
You should try to use proxy_auth() and proxy_challenge() for the SUBSCRIBE....
Regards, Bogdan
Eric PTAK wrote:
Hi list !
I'm building an agent and currently working on Digest authentication using auth and auth_db modules. I'm trying to authenticate all requests for compliance test purpose. It works fine with REGISTER but I can't authenticate for others methods like SUBSCRIBE, the module is looping authentication.
This is a part of my config file :
if (uri==myself) { if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; }; // others things };And this is the requests / responses :
REGISTER sip:sip.awl.test SIP/2.0 Call-ID: 0f13c7c272f62943f2f6345c07249fcd@10.24.238.150 mailto:0f13c7c272f62943f2f6345c07249fcd@10.24.238.150 CSeq: 1 REGISTER From: sip:0000@sip.awl.test;tag=9c0477b2 To: sip:0000@sip.awl.test Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bKb71ee89041bd9f3631cf46a8fc76b46c Max-Forwards: 70 Contact: sip:0000@10.24.238.150:23456;transport=tcp;expires=3600,sip:0000@10.24.238.150:23456;transport=udp;expires=3600 Content-Length: 0
SIP/2.0 401 Unauthorized Call-ID: 0f13c7c272f62943f2f6345c07249fcd@10.24.238.150 mailto:0f13c7c272f62943f2f6345c07249fcd@10.24.238.150 CSeq: 1 REGISTER From: sip:0000@sip.awl.test;tag=9c0477b2 To: sip:0000@sip.awl.test;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696 Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bKb71ee89041bd9f3631cf46a8fc76b46c WWW-Authenticate: Digest realm="sip.awl.test", nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35" Server: OpenSER (1.3.1-notls (i386/linux)) Content-Length: 0
REGISTER sip:sip.awl.test SIP/2.0 Call-ID: 0f13c7c272f62943f2f6345c07249fcd@10.24.238.150 mailto:0f13c7c272f62943f2f6345c07249fcd@10.24.238.150 CSeq: 2 REGISTER From: sip:0000@sip.awl.test;tag=9c0477b2 To: sip:0000@sip.awl.test;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696 Max-Forwards: 70 Contact: sip:0000@10.24.238.150:23456;transport=tcp;expires=3600,sip:0000@10.24.238.150:23456;transport=udp;expires=3600 Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bK4bff3e93bf1dc502db28c4d414e60b4f Authorization: Digest response="efb87138e6340d7a80a1f13ef26821da",username="0000",realm="sip.awl.test",nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35",uri="sip:sip.awl.test",algorithm=MD5 Content-Length: 0
SIP/2.0 200 OK Call-ID: 0f13c7c272f62943f2f6345c07249fcd@10.24.238.150 mailto:0f13c7c272f62943f2f6345c07249fcd@10.24.238.150 CSeq: 2 REGISTER From: sip:0000@sip.awl.test;tag=9c0477b2 To: sip:0000@sip.awl.test;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696 Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bK4bff3e93bf1dc502db28c4d414e60b4f Contact: sip:0000@10.24.238.150:23456;transport=udp;expires=3600, sip:0000@10.24.238.150:23456;transport=tcp;expires=3600 Server: OpenSER (1.3.1-notls (i386/linux)) Content-Length: 0
SUBSCRIBE sip:0000@sip.awl.test SIP/2.0 Call-ID: d27f913809ccfa308b497ce92c3d01ef@10.24.238.150 mailto:d27f913809ccfa308b497ce92c3d01ef@10.24.238.150 CSeq: 1 SUBSCRIBE From: sip:0000@sip.awl.test;tag=3b68764f To: sip:0000@sip.awl.test Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bKae0ab5a2b4dd462eb139276b814b413c Max-Forwards: 70 Contact: <sip:0000@10.24.238.150:23456 http://sip:0000@10.24.238.150:23456> Expires: 3600 Event: presence.winfo Content-Length: 0
SIP/2.0 401 Unauthorized Call-ID: d27f913809ccfa308b497ce92c3d01ef@10.24.238.150 mailto:d27f913809ccfa308b497ce92c3d01ef@10.24.238.150 CSeq: 1 SUBSCRIBE From: sip:0000@sip.awl.test;tag=3b68764f To: sip:0000@sip.awl.test;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bKae0ab5a2b4dd462eb139276b814b413c WWW-Authenticate: Digest realm="sip.awl.test", nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35" Server: OpenSER (1.3.1-notls (i386/linux)) Content-Length: 0
SUBSCRIBE sip:0000@sip.awl.test SIP/2.0 Call-ID: d27f913809ccfa308b497ce92c3d01ef@10.24.238.150 mailto:d27f913809ccfa308b497ce92c3d01ef@10.24.238.150 CSeq: 2 SUBSCRIBE From: sip:0000@sip.awl.test;tag=3b68764f To: sip:0000@sip.awl.test;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff Max-Forwards: 70 Contact: <sip:0000@10.24.238.150:23456 http://sip:0000@10.24.238.150:23456> Expires: 3600 Event: presence.winfo Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bK0afcac1c88fce00c3bfca270ed379ee4 Authorization: Digest response="efb87138e6340d7a80a1f13ef26821da",username="0000",realm="sip.awl.test",nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35",uri="sip:sip.awl.test",algorithm=MD5 Content-Length: 0
SIP/2.0 401 Unauthorized Call-ID: d27f913809ccfa308b497ce92c3d01ef@10.24.238.150 mailto:d27f913809ccfa308b497ce92c3d01ef@10.24.238.150 CSeq: 2 SUBSCRIBE From: sip:0000@sip.awl.test;tag=3b68764f To: sip:0000@sip.awl.test;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bK0afcac1c88fce00c3bfca270ed379ee4 WWW-Authenticate: Digest realm="sip.awl.test", nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35" Server: OpenSER (1.3.1-notls (i386/linux)) Content-Length: 0
As you can see, auth module always use nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35" in its responses, for both register and subscribe.
thanks for your help,
Eric.
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users