in...@intrans.baku.az said: > > Daniel-Constantin Mierla said: >> >> On 7/10/12 12:14 PM, in...@intrans.baku.az wrote: >>> Daniel-Constantin Mierla said: >>>> On 7/10/12 11:50 AM, in...@intrans.baku.az wrote: >>>>> Daniel-Constantin Mierla said: >>>>>> Hello, >>>>>> >>>>>> On 7/6/12 7:59 PM, in...@intrans.baku.az wrote: >>>>>>> Can anybody help me with configuration kamailio to authenticate >>>>>>> call >>>>>>> on >>>>>>> 3rd party server? >>>>>>> >>>>>>> I want to authenticate(and proxy) call's on other server. >>>>>>> >>>>>>> for example, user A have account on my server(let it be >>>>>>> a...@myserver.com) >>>>>>> and account on other server (let it be a...@hisserver.com) >>>>>>> myserver.com keeps A's credentials for a...@hisserver.com >>>>>>> when A is registered on myserver.com, he make call to >>>>>>> b...@othersip.com >>>>>>> (using myserver.com as a proxy) >>>>>>> Kamailio on myserver authenticate itself on hisserver as >>>>>>> a...@hisserver.com, >>>>>>> makes call to destination, and connect it to A. >>>>>>> >>>>>>> How can I setup kamailio for such behavior? >>>>>>> Which module should I use? >>>>>>> UAC seems can authenticate on another server, but I don't sure that >>>>>>> it >>>>>>> do >>>>>>> what I want. (I've tried it, but without much success) >>>>>> indeed, the uac module is the one that can provide what you want, >>>>>> with >>>>>> some limitations in regard to cseq incrementation. You have to set a >>>>>> failure route and if the reply code is 407, the sent the >>>>>> realm/username >>>>>> and password to the avps specified by the appropriate module >>>>>> parameters >>>>>> -- the next tree at: >>>>>> >>>>>> * >>>>>> http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id >>>>>> >>>>>> Then call uac_auth() and relay again. >>>>> You mean, i need set auth_*_avp with credentials. set failure route, >>>>> send >>>>> request to auth_proxy (btw, how? ) and call uac_auth() in failure >>>>> route, >>>>> correct? >>>> t_relay() is one of the functions to sent the request further. >>> I mean how set next hop not to final destination, but to auth_proxy? >>> >>>>> I've tried to use uacreg sql table and uac_reg_request_to, but there >>>>> was >>>>> some problems: >>>>> 1) in uac_reg_request_to with mode 1 mistake (it found credentials >>>>> only >>>>> if >>>>> l_uuid==l_username) >>>>> i've opened ticket on bugtracker >>>>> http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139143&atid=743020 >>>>> 2) uac_reg_request_to changes uri in request and instead INVITE >>>>> sip:b...@othersip.com makes INVITE sip:a...@hisserver.com >>>>> if comment out >>>>> snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", >>>>> reg->r_username.len, reg->r_username.s, >>>>> reg->r_domain.len, reg->r_domain.s); >>>>> and so on seems working, but I'm don't sure that such modification >>>>> don't >>>>> break something else >>>>> (pretty sure that breaks, but don't know where exactly :) >>>>> 3)uacreg table loaded on startup, and AFAIK there is no way to modify >>>>> it >>>>> dynamically, >>>>> so if you change something in this table you MUST restart kamailio >>>>> (not >>>>> convinient) >>>>> I've tried to make RPC for adding new record in htable (using >>>>> reg_ht_add()), but it returns error and in log I can see >>>>> ERROR: uac [uac_reg.c:313]: no more shm >>>> If you have a lot of records, you need to allocate more shared memory, >>>> via -m command line parameter. >>> 19 records in table -OK >>> 1 record in table and try to add using RPC (self modified uac_reg.c) - >>> no >>> more shm. >> can you set debug=3 in you config file, try again and send all log >> messages of the operation here? >> > > debug=4 > > kamctl sercmd uac.reg_add 1 2 3 4 5 6 7 8 sip:85.132.76.182:36999 100 > database engine 'DB_BERKELEY' loaded > Control engine 'FIFO' loaded > entering ser_cmd uac.reg_add 1 2 3 4 5 6 7 8 sip:85.132.76.182:36999 100 > error: 500 - Error adding reg to htable > > in log: > > Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl > [../../io_wait.h:390]: DBG: io_watch_add(0x7fc0e9310680, 15, 3, > 0x2066670), fd_no=1 > Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl > [io_listener.c:453]: handle_stream read: new connection (1) on > /tmp/kamailio_ctl > Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: ERROR: uac > [uac_reg.c:313]: no more shm > Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl > [io_listener.c:506]: handle_stream read: eof on /tmp/kamailio_ctl > Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl > [../../io_wait.h:617]: DBG: io_watch_del (0x7fc0e9310680, 15, -1, 0x10) > fd_no=2 called > > uac_reg.c is modified, so line 313 in it is not exist in distribution > sources. > there is > > nr = (reg_uac_t*)shm_malloc(sizeof(reg_uac_t) + len); > if(nr==NULL) > { > LM_ERR("no more shm\n");// 313 is here! > return -1; > } > > the full source of function in previous message. Sorry, i've mistaken. this is part of standard function reg_ht_add(), not my addition
BTW, I also wrote RPCS uac.reg_dump_byuuid and uac.reg_dump_byuser to get just one record from hash table, to where should I send patches for including this fuctionality in mainstream? > > >> Cheers, >> DAniel >> >> -- >> Daniel-Constantin Mierla - http://www.asipto.com >> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda >> Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - >> http://asipto.com/u/katu >> Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - >> http://asipto.com/u/kpw >> >> > > > -- > > -- _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
