[Serusers] 0.10.99 - ERROR: authorize.c:359: Cannot obtain digest realm from parameter '$fd.digest_realm'

Nils Ohlmeier nils at iptel.org
Wed Jan 10 12:31:16 CET 2007 

To me the problem is very obvious ;-) :

You have defined a domain called "sipproxy.hellboy.touk.pl". But in the 
REGISTER requests the To header contains "scscf.ims.touk.pl". So SER is not 
able to identify the target domain, and thus can not load the domain 
attributes. So their is no domain AVP digest_realm when www_authenticate is 
called.
What I dont get is why you do not receive the 403 from the check before. Could 
you do me a favor and change your config like this:
    if (method=="REGISTER") {
       dump_attrs();
       if (!$t.did) {
And send me the log output after another try. That would be a big help.

Thanks
  Nils
  
On Tuesday 09 January 2007 12:03, tzieleniewski wrote:
> HI All!
>
> I have encountered the following error and don't know waht to do with it:)
> ERROR: authorize.c:359: Cannot obtain digest realm from parameter
> '$fd.digest_realm' the situation takes places when the following sip
> massage arives at ser: #
> U 2007/01/09 11:43:02.274949 127.0.0.1:7000 -> 127.0.0.1:5060
> REGISTER sip:scscf.ims.touk.pl SIP/2.0.
> Via: SIP/2.0/UDP
> 127.0.0.1:7000;rport;branch=z9hG4bK2575034C94BE793615C5BEE814464E5B. From:
> tzl <sip:tzl at scscf.ims.touk.pl>;tag=1829574745.
> To: tzl <sip:tzl at scscf.ims.touk.pl>.
> Contact: "tzl" <sip:tzl at 127.0.0.1:7000>.
> Call-ID: 3E67EAEFDC8BFC73844E4D0F849DF676 at scscf.ims.touk.pl.
> CSeq: 38402 REGISTER.
> Expires: 1800.
> Max-Forwards: 70.
> User-Agent: X-Lite release 1105d.
> Content-Length: 0.
> .
>
> My Register logic looks like this:
> route[REGISTER]
> {
>    if (method=="REGISTER") {
>       if (!$t.did) {
>          sl_send_reply("403", "Register forwarding forbidden");
>          drop;
>       }
>       if (!www_authenticate("$fd.digest_realm", "credentials")) {
>          if ($? == -2) {
>             sl_send_reply("500", "Internal Server Error");
>          } else if ($? == -3) {
>             sl_send_reply("400", "Bad Request");
>          } else {
>             if ($digest_challenge) {
>                append_to_reply("%$digest_challenge");
>             }
>             sl_send_reply("401", "Unauthorized");
>          }
>          drop;
>       };
> }
>
> and here are my database contensts:
> mysql> select * from uri;
> +------------------------------+--------------------------+----------+-----
>--+--------+
>
> | uid                          | did                      | username |
> | flags | scheme |
>
> +------------------------------+--------------------------+----------+-----
>--+--------+
>
> | tzl at sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | tzl      |   
> | 61 | sip    |
>
> +------------------------------+--------------------------+----------+-----
>--+--------+
>
> mysql> select * from domain;
> +--------------------------+--------------------------+-------+
>
> | did                      | domain                   | flags |
>
> +--------------------------+--------------------------+-------+
>
> | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl |    37 |
>
> +--------------------------+--------------------------+-------+
>
> mysql> select * from domain_attrs;
> +--------------------------+--------------+------+-------------------------
>-+-------+
>
> | did                      | name         | type | value                   
> | | flags |
>
> +--------------------------+--------------+------+-------------------------
>-+-------+
>
> | sipproxy.hellboy.touk.pl | sw_admin     |    2 | 0                       
> | |    32 | sipproxy.hellboy.touk.pl | digest_realm |    2 |
> | sipproxy.hellboy.touk.pl |    32 |
>
> +--------------------------+--------------+------+-------------------------
>-+-------+
>
> mysql> select * from credentials;
> +---------------+--------------------------+--------------------------+----
>------+-------+----------------------------------+--------------------------
>--------+------------------------------+
>
> | auth_username | did                      | realm                    |
> | password | flags | ha1                              | ha1b               
> |              | uid                          |
>
> +---------------+--------------------------+--------------------------+----
>------+-------+----------------------------------+--------------------------
>--------+------------------------------+
>
> | tzl           | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | tzl
> |      |    33 | df4a49c51b082f68b792d7e2177c6ed8 |
> | 8ba18e21048f2f587ad3386b54b99e5e | tzl at sipproxy.hellboy.touk.pl | admin  
> |       | sipproxy.hellboy.touk.pl | sipproxy.hellboy.touk.pl | heslo    | 
> |   32 |                                  |                                
> |  | 0                            |
>
> +---------------+--------------------------+--------------------------+----
>------+-------+----------------------------------+--------------------------
>--------+------------------------------+
>
> Thanku for any help
> Bests
> Tomasz
>
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers

-- 
Dipl. Inform. Nils Ohlmeier
Quality Assurance Manager

iptelorg GmbH
Am Borsigturm 11
13507 Berlin
Germany

nils.ohlmeier at iptelorg.com
www.iptelorg.com

T +49-30-325132 22
T +49-700-IPTELORG
F +49-30-6908 8248

More information about the sr-users mailing list