<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1251"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div><div>Hi all sorry for my english!</div><div>Iam trying to authenticate as uac on 3rd party server(Asterisk).</div><div>Kamailio get 401, send next invite with DIGEST but Asterisk send 401 again(((</div><div>Asterisk don稚 write in log what auth is failed.</div><div><br></div><div><br></div><div><div>115.600045 xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy SIP/SDP 1093 Request: INVITE <a href="sip:321321231@xxx.xxx.xxx.xxx">sip:321321231@xxx.xxx.xxx.xxx</a>, with session description</div><div>115.601818 yyy.yyy.yyy.yyy -> xxx.xxx.xxx.xxx SIP 674 Status: 401 Unauthorized</div><div>115.602470 xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy SIP 389 Request: ACK <a href="sip:321321231@xxx.xxx.xxx.xxx">sip:321321231@xxx.xxx.xxx.xxx</a></div><div>115.604310 xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy SIP/SDP 1267 Request: INVITE <a href="sip:321321231@xxx.xxx.xxx.xxx">sip:321321231@xxx.xxx.xxx.xxx</a>, with session description</div><div>115.605537 yyy.yyy.yyy.yyy -> xxx.xxx.xxx.xxx SIP 674 Status: 401 Unauthorized</div><div>115.606431 xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy SIP 389 Request: ACK <a href="sip:321321231@xxx.xxx.xxx.xxx">sip:321321231@xxx.xxx.xxx.xxx</a></div></div><div><br></div><div>My aster peer:</div><div><br></div><div><div>[kamailio]</div><div>type=peer</div><div>defaultuser=kamailio</div><div>secret=1234</div><div>host=dynamic</div><div>disallow=all</div><div>allow=alaw</div><div>nat=no</div><div>qualify=yes</div></div><div><br></div><div><br></div><div><br></div><div>My kamailio config:</div><div><br></div><div><br></div><div>modparam("uac","auth_username_avp","$avp(s:uac_user)")</div><div>modparam("uac","auth_password_avp","$avp(s:uac_pass)")</div><div>modparam("uac","auth_realm_avp","$avp(s:uac_realm)")</div></div><div><br></div><div>route[DISPATCH_OUT] {</div><div><div>            if(!ds_select_dst( 4, 8)){</div><div>                    send_reply("404", "No destination");</div><div>                    exit;</div><div>            }</div><div>            t_set_fr(0,2000);</div><div>            t_on_failure("RTF_DISPATCH_OUT");</div><div>            t_relay();</div><div>            exit;</div><div>}</div></div><div><br></div><div>failure_route[RTF_DISPATCH_OUT] {</div><div>        if (t_is_canceled()) {</div><div>                exit;</div><div>        }</div><div><br></div><div>    <span class="Apple-tab-span" style="white-space:pre"> </span>if ( t_check_status("401|407") ) {</div><div>        <span class="Apple-tab-span" style="white-space:pre">     </span>$avp(s:uac_user) = "kamailio";</div><div>        <span class="Apple-tab-span" style="white-space:pre"> </span>$avp(s:uac_pass) = "1234";</div><div>        <span class="Apple-tab-span" style="white-space:pre">     </span>$avp(s:uac_realm) = "asterisk";</div><div>       </div><div>        <span class="Apple-tab-span" style="white-space:pre">      </span>if (isflagset(7)) {</div><div>            <span class="Apple-tab-span" style="white-space:pre">                </span>t_reply("513","Authentication failed");</div><div>            <span class="Apple-tab-span" style="white-space:pre">                </span>xlog("L_INFO", "[%ci]: Remote authentication failed\n");</div><div>            <span class="Apple-tab-span" style="white-space:pre">               </span>break;</div><div>       <span class="Apple-tab-span" style="white-space:pre">            </span> }</div><div><br></div><div>        <span class="Apple-tab-span" style="white-space:pre">      </span>if (uac_auth()) {</div><div>            <span class="Apple-tab-span" style="white-space:pre">          </span>xlog("L_INFO", "401/407 message recived");</div><div>            <span class="Apple-tab-span" style="white-space:pre">             </span># mark that auth was performed</div><div>            <span class="Apple-tab-span" style="white-space:pre">             </span>setflag(7);</div><div>            <span class="Apple-tab-span" style="white-space:pre">                </span># trigger again the failure route</div><div>            <span class="Apple-tab-span" style="white-space:pre">          </span>t_on_failure("RTF_DISPATCH_OUT");</div><div>            <span class="Apple-tab-span" style="white-space:pre">                </span># repeat the request with auth response this time</div><div>            <span class="Apple-tab-span" style="white-space:pre">          </span>append_branch();</div><div>            <span class="Apple-tab-span" style="white-space:pre">           </span>#t_relay_to_udp("94.25.100.198","5060");</div><div>            <span class="Apple-tab-span" style="white-space:pre">               </span>t_relay();</div><div>            <span class="Apple-tab-span" style="white-space:pre">         </span>break;</div><div>       <span class="Apple-tab-span" style="white-space:pre">            </span> } else {</div><div>            <span class="Apple-tab-span" style="white-space:pre">          </span>xlog("L_INFO", "uac_auth filed!!!!!!!!!!!");</div><div>        <span class="Apple-tab-span" style="white-space:pre"> </span>}</div><div>        <span class="Apple-tab-span" style="white-space:pre">        </span>t_reply("514","Unknow authentication peer");</div><div>        <span class="Apple-tab-span" style="white-space:pre"> </span>xlog("L_INFO", "[%ci]: Unknown authentication peer.\n");</div><div>        <span class="Apple-tab-span" style="white-space:pre">     </span>break;</div><div>    <span class="Apple-tab-span" style="white-space:pre">         </span>}</div><div><br></div><div>       <span class="Apple-tab-span" style="white-space:pre">                </span> # next DST - only for 500 or local timeout</div><div>        <span class="Apple-tab-span" style="white-space:pre">      </span>if (t_check_status("500") or t_check_status("480") or (t_branch_timeout() and !t_branch_replied())){</div><div>        <span class="Apple-tab-span" style="white-space:pre"> </span>ds_mark_dst("p");</div><div>                if(ds_next_dst()){</div><div>                        t_set_fr(0,2000);</div><div>                        t_on_failure("RTF_DISPATCH_OUT");</div><div>                        route(RELAY);</div><div>                        exit;</div><div>                }</div><div>        }</div><div>}</div><div><br></div><div><br></div><div><br></div><div>
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">覧覧覧覧覧覧<br><br>Timofeev Dmitry<br>VoIP Engineer<br>Linux, Asterisk, Freeswitch, Cisco solutions<br>Skype: itsroot<br>icq: 227227933<br><br><br></div>
</div>
<br></body></html>