[Serusers] Ser config problem

Rick Gocher rgocher at coptalk.com
Tue Dec 9 18:00:56 CET 2003 

Hi all,

I have had some success with the configuration, however using 
authentication does not work for me at all.  I have grabbed another cfg for 
testing, I can see my ata sending reg requests to the server and the server 
just replying immediately with unauthorized 401 error.  Shouldn't  the 
server first reply with a 100 trying message?  Does the cfg file look like 
it should work?

Thanks again,


64.189.165.2065060 -> 64.189.165.2055060
   REGISTER sip:sip.coptalk.com SIP/2.0..Via SIP/2.0/UDP 
64.189.165.2065060..From sip:Rick at sip.coptalk.com;tag=21094236
   64..To sip:Rick at sip.coptalk.com..Call-ID 399581690 at 64.189.165.206..CSeq 
1 REGISTER..Contact <sip:Rick at 64.189.165.206
   5060;transport=udp>;expires=3600..User-Agent Cisco ATA 186  v2.16.2 
ata18x (030909a)..Content-Length 0....
#
U 64.189.165.2055060 -> 64.189.165.2065060
   SIP/2.0 401 Unauthorized..Via SIP/2.0/UDP 64.189.165.2065060..From 
sip:Rick at sip.coptalk.com;tag=2109423664..To sip:R
   ick at sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID 
399581690 at 64.189.165.206..CSeq 1 REGISTER..WWW-
   Authenticate Digest realm="sip.coptalk.com", 
nonce="3fd602692d1f0bf922ae277c623f1d201acbde03"..Server Sip EXpress rou
   ter (0.8.12 (i386/linux))..Content-Length 0....



# ----------- global configuration parameters ------------------------

debug=3        # debug level (cmd line -dddddddddd)
fork=yes
log_stderror=yes        # (cmd line -E)

#/* Uncomment these lines to enter debugging mode
#fork=no
#log_stderror=yes
#*/

check_via=no    # (cmd. line -v)
dns=no           # (cmd. line -r)
rev_dns=no      # (cmd. line -R)
port=5060
children=4
fifo="/tmp/ser_fifo"

#
  # $Id pstn.cfg,v 1.2 2003/06/03 031812 jiri Exp $
  #
  #

  # ------------------ module loading ----------------------------------
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/acc.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/uri.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/auth.so"
loadmodule "/usr/lib/ser/modules/auth_db.so"
loadmodule "/usr/lib/ser/modules/textops.so"
loadmodule "/usr/lib/ser/modules/group.so"
modparam("auth_db", "db_url","sql//password at localhost/ser")
modparam("usrloc", "db_url", "sql//password at localhost/ser")

  # ----------------- setting module-specific parameters ---------------

  modparam("auth_db", "calculate_ha1", yes)
  modparam("auth_db", "password_column", "password")
modparam("usrloc", "db_mode", 2)
  # -- acc params --
# modparam("acc", "log_level", 1)
  # that is the flag for which we will account -- don't forget to
  # set the same one -)
# modparam("acc", "log_flag", 1 )

  # -------------------------  request routing logic -------------------

  # main routing logic
alias="coptalk.com"
alias="sip.coptalk.com"
use sip_warning=no


modparam("rr", "enable_full_lr", 1)


route{

         # initial sanity checks -- messages with
         # max_forwards==0, or excessively longrequests
         if (!mf_process_maxfwd_header("10")) {
                 sl_send_reply("483","Too Many Hops");
                 break;
         };

                 if (msglen >=  max_len ) {
                 sl_send_reply("513", "Message too big");
                 break;
         };

         # we record-route all messages -- to make surethat
         # subsequent messages will go through ourproxy; that's
         # particularly good if upstream and downstreamentities
         # use different transport protocol

         record_route();
         # loose-route processing
         if (loose_route()) {
                 t_relay();
                 break;
         };

         # if the request is for other domain useUsrLoc
         # (in case, it does not work, use thefollowing command
         # with proper names and addresses in it)
         if (uri=~"[@\.]sip\.coptalk\.com([;].*)*") {

                 if (method=="REGISTER") {

# Uncomment this if you want to use digestauthentication
                         if
         (!www_authorize("sip.coptalk.com", "subscriber")) {
             www_challenge("sip.coptalk.com", "0");
                          break;
                          };
                         save("location");
                         break;
                 };

                 # native SIP destinations are handledusing our USRLOC DB
                 if (!lookup("location")) {
                         sl_send_reply("404", "NotFound");
                         break;
                 };
         };
         # forward to current uri now; use statefulforwarding; that
         # works reliably even if we forward from TCPto UDP
         if (!t_relay()) {
                 sl_reply_error();
         };
if (uri=~"^sip[0-9]*@.*") {
      log("Forwarding to PSTN\n");
      t_relay_to_udp ("65.189.155.101","5060");
      t_relay_to_tcp ("65.189.155.101","5060");
                         break;
                 };

                if (method=="INVITE") {
                        sl_send_reply("403", "Call cannot be served here");
                } else {
                     forward(urihost, uriport);
                };
                break;
}

More information about the sr-users mailing list