Re: [SR-Users] exit after www_challenge
2019-10-08 12:13 GMT-04:00, David Villasmil : > And this is because the next message (response to the authentication > challenge) will come in as a different packet. umm David gimme to me the most reasonable response.. maybe i must shared a more expanded code.. to property see if are reasonable a "exit" call there? that is the complete portion of the code: (i follow the kamailio/asterisk integration realtime guide) # Authentication route route[AUTH] { #!ifdef WITH_AUTH #!ifdef WITH_ASTERISK # do not auth traffic from Asterisk - trusted! if(route(FROMASTERISK)) return; #!endif if (is_method("REGISTER")) { # authenticate the REGISTER requests (uncomment to enable auth) #!ifdef WITH_ASTERISK if (!www_authorize("$td", "sipusers")) #!else if (!www_authorize("$td", "subscriber")) #!endif { www_challenge("$td", "0"); exit; } if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } consume_credentials(); xlog("L_ALERT","get hole from $si\n"); } else { #!ifdef WITH_IPAUTH if(allow_source_address()) { # source IP allowed return; } #!endif if (from_uri==myself) { #!ifdef WITH_ASTERISK if (!proxy_authorize("$fd", "sipusers")) { #!else if (!proxy_authorize("$fd", "subscriber")) { #!endif proxy_challenge("$fd", "0"); exit; } xlog("L_ALERT","get hole from $si\n"); if (is_method("PUBLISH")) { if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } } else { if ($au!=$fU) { sl_send_reply("403","Forbidden auth ID"); exit; } } consume_credentials(); # caller authenticated } else { # caller is not local subscriber, then check if it calls # a local destination, otherwise deny, not an open relay here if (!uri==myself) { sl_send_reply("403","Not relaying"); exit; } } } #!endif return; } > > Regards, > > David Villasmil > email: david.villasmil.w...@gmail.com > phone: +34669448337 > > > On Tue, Oct 8, 2019 at 4:57 PM Daniel Tryba wrote: > >> On Tue, Oct 08, 2019 at 11:07:44AM -0400, PICCORO McKAY Lenz wrote: >> > i have the code with an exit, i dont know if are correct that "exit" >> > in that line? or not? help me please? >> >> They are correct (to me). After calling www_challenge() you want to stop >> any further processing. Same for your 403 condition. If you only want >> authenticated after that pooint exit will stop the processing of the >> message. >> >> >> ___ >> Kamailio (SER) - Users Mailing List >> sr-users@lists.kamailio.org >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >> > -- Lenz McKAY Gerardo (PICCORO) http://qgqlochekone.blogspot.com ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] exit after www_challenge
And this is because the next message (response to the authentication challenge) will come in as a different packet. Regards, David Villasmil email: david.villasmil.w...@gmail.com phone: +34669448337 On Tue, Oct 8, 2019 at 4:57 PM Daniel Tryba wrote: > On Tue, Oct 08, 2019 at 11:07:44AM -0400, PICCORO McKAY Lenz wrote: > > i have the code with an exit, i dont know if are correct that "exit" > > in that line? or not? help me please? > > They are correct (to me). After calling www_challenge() you want to stop > any further processing. Same for your 403 condition. If you only want > authenticated after that pooint exit will stop the processing of the > message. > > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] exit after www_challenge
On Tue, Oct 08, 2019 at 11:07:44AM -0400, PICCORO McKAY Lenz wrote: > i have the code with an exit, i dont know if are correct that "exit" > in that line? or not? help me please? They are correct (to me). After calling www_challenge() you want to stop any further processing. Same for your 403 condition. If you only want authenticated after that pooint exit will stop the processing of the message. ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] exit after www_challenge
Seems reasonable to me. On Tue, Oct 08, 2019 at 11:07:44AM -0400, PICCORO McKAY Lenz wrote: > i have the code with an exit, i dont know if are correct that "exit" > in that line? or not? help me please? > > # authenticate the REGISTER requests (uncomment to enable auth) > #!ifdef WITH_ASTERISK > if (!www_authorize("$td", "sipusers")) > #!else > if (!www_authorize("$td", "subscriber")) > #!endif > { > www_challenge("$td", "0"); > exit; > } > > if ($au!=$tU) > { > sl_send_reply("403","Forbidden auth ID"); > exit; > } > consume_credentials(); > > > Lenz McKAY Gerardo (PICCORO) > http://qgqlochekone.blogspot.com > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Alex Balashov | Principal | Evariste Systems LLC Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users