[SR-Users] Execution Sequence of the Request_Route

Abdulaziz Alghosh aziz647 at gmail.com
Mon Nov 12 17:32:34 CET 2018 

Hello,

I migrated from Kamailio 3.0.3 to Kamailio 5.1.4. and have two questions
about the execution sequence of the Request_Route.
The following condition trys to authenticate the first INVITE or REGISTER
request which normally does not have the Authorization Header:
route (auth)
..
..
..
route[auth]{
if ( !proxy_authorize("myrealm", "subscriber") ) {
                proxy_challenge("myrealm", "0");
                sl_reply_error();
                exit;
         };
return;
}

For sure the Return Code of "proxy_authorize" will not be one (1) at the
beginneing, so the proxy_challenge() will generate the "407 Proxy
Authentication Required" request and the agent will send the INVITE or the
REGISTER again with the Authorization-Header and the call or the
registration attempt succeeds. During my observation to the new returned
codes (values) of both proxy_authorize() and proxy_challenge() in Kamailio
5.1.4, I noticed the following differnet execution sequence of this
"Request_Route".

at Kamailio 3.0.3, and exactly after the proxy_challenge("myrealm", "0")
command was executed, no more commands were excuted as if it jumped out of
the if statement, and the proxy was wating for the new INVITE or REGISTER.
Hence the sl_reply_error() did not send any error reply. I wrote several
logging commad before and after the proxy_challenge("myrealm", "0"), so I
am pretty sure that the proxy_challenge("myrealm", "0") is last excuted
command to be excuted here.

at Kamailio 5.1.4, the behaviour was more logical and the proxy executes
commands which come under the proxy_challenge("myrealm", "0") like logging
commands or sl_reply_error() which generates usually the error reply " 500
I'm terribly sorry, server error occurred".

My first question is: May somebody explain this different behavior?

My second Question: assume that the agent will send a wrong credentials and
response, does the proxy_challenge("myrealm", "0") function terminate this
dialouge with 401 Unauthorized Error or I must add the following "if
condition" afterwards:

if ( !proxy_authorize("myrealm", "subscriber") ) {
                proxy_challenge("myrealm", "0");
                if (!$rc){
                          sl_reply_error(); '#### or I will be more
specific sl_send_reply (code, reason)
                }
                exit;
};

Thanks and best regards
Abdulaziz Alghosh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20181112/d0de046d/attachment.html>

More information about the sr-users mailing list