Re: [SR-Users] exit after www_challenge

2019-10-08 Thread PICCORO McKAY Lenz 
2019-10-08 12:13 GMT-04:00, David Villasmil :
> And this is because the next message (response to the authentication
> challenge) will come in as a different packet.

umm David gimme to me the most reasonable response..

maybe i must shared a more expanded code.. to property see if are
reasonable a "exit" call there?

that is the complete portion of the code:
(i follow the kamailio/asterisk integration realtime guide)



# Authentication route
route[AUTH] {
#!ifdef WITH_AUTH
#!ifdef WITH_ASTERISK
# do not auth traffic from Asterisk - trusted!
if(route(FROMASTERISK))
return;
#!endif

if (is_method("REGISTER"))
{
# authenticate the REGISTER requests (uncomment to enable auth)
#!ifdef WITH_ASTERISK
if (!www_authorize("$td", "sipusers"))
#!else
if (!www_authorize("$td", "subscriber"))
#!endif
{
www_challenge("$td", "0");
exit;
}

if ($au!=$tU)
{
sl_send_reply("403","Forbidden auth ID");
exit;
}
consume_credentials();
xlog("L_ALERT","get hole from $si\n");
} else {

#!ifdef WITH_IPAUTH
if(allow_source_address())
{
# source IP allowed
return;
}



#!endif

if (from_uri==myself)
{
#!ifdef WITH_ASTERISK
if (!proxy_authorize("$fd", "sipusers")) {
#!else
if (!proxy_authorize("$fd", "subscriber")) {
#!endif
proxy_challenge("$fd", "0");
exit;
}
xlog("L_ALERT","get hole from $si\n");
if (is_method("PUBLISH"))
{
if ($au!=$tU) {
sl_send_reply("403","Forbidden auth 
ID");
exit;
}
} else {
if ($au!=$fU) {
sl_send_reply("403","Forbidden auth 
ID");
exit;
}
}

consume_credentials();
# caller authenticated
} else {
# caller is not local subscriber, then check if it calls
# a local destination, otherwise deny, not an open 
relay here
if (!uri==myself)
{
sl_send_reply("403","Not relaying");
exit;
}
}
}


#!endif
return;
}



>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Tue, Oct 8, 2019 at 4:57 PM Daniel Tryba  wrote:
>
>> On Tue, Oct 08, 2019 at 11:07:44AM -0400, PICCORO McKAY Lenz wrote:
>> > i have the code with an exit, i dont know if are correct that "exit"
>> > in that line? or not? help me please?
>>
>> They are correct (to me). After calling www_challenge() you want to stop
>> any further processing. Same for your 403 condition. If you only want
>> authenticated after that pooint exit will stop the processing of the
>> message.
>>
>>
>> ___
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>


-- 
Lenz McKAY Gerardo (PICCORO)
http://qgqlochekone.blogspot.com

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] exit after www_challenge

2019-10-08 Thread David Villasmil 
And this is because the next message (response to the authentication
challenge) will come in as a different packet.

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Tue, Oct 8, 2019 at 4:57 PM Daniel Tryba  wrote:

> On Tue, Oct 08, 2019 at 11:07:44AM -0400, PICCORO McKAY Lenz wrote:
> > i have the code with an exit, i dont know if are correct that "exit"
> > in that line? or not? help me please?
>
> They are correct (to me). After calling www_challenge() you want to stop
> any further processing. Same for your 403 condition. If you only want
> authenticated after that pooint exit will stop the processing of the
> message.
>
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] exit after www_challenge

2019-10-08 Thread Daniel Tryba 
On Tue, Oct 08, 2019 at 11:07:44AM -0400, PICCORO McKAY Lenz wrote:
> i have the code with an exit, i dont know if are correct that "exit"
> in that line? or not? help me please?

They are correct (to me). After calling www_challenge() you want to stop
any further processing. Same for your 403 condition. If you only want
authenticated after that pooint exit will stop the processing of the
message.
 

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] exit after www_challenge

2019-10-08 Thread Alex Balashov 
Seems reasonable to me.

On Tue, Oct 08, 2019 at 11:07:44AM -0400, PICCORO McKAY Lenz wrote:

> i have the code with an exit, i dont know if are correct that "exit"
> in that line? or not? help me please?
> 
> # authenticate the REGISTER requests (uncomment to enable auth)
> #!ifdef WITH_ASTERISK
> if (!www_authorize("$td", "sipusers"))
> #!else
> if (!www_authorize("$td", "subscriber"))
> #!endif
> {
> www_challenge("$td", "0");
> exit;
> }
> 
> if ($au!=$tU)
> {
> sl_send_reply("403","Forbidden auth ID");
> exit;
> }
> consume_credentials();
> 
> 
> Lenz McKAY Gerardo (PICCORO)
> http://qgqlochekone.blogspot.com
> 
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Alex Balashov | Principal | Evariste Systems LLC

Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) 
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users