Hi Rik, Try to use pedantic=no (sip.conf) on Asterisk. it stops some SIP checkings for Asterisk. Usually this is the default setting, but it is worth checking.
Best regards, Flavio E. Goncalves 2013/11/6 Rik Broers <rbro...@motto.nl> > Hmm I can see that increasing Cseq on proxy would create some out of > sequence problems on the original UA. > > What else could I try to manage what I want? > > > > Maybe B2Bua scenario for opensips? > > > > I’m unable to relay the 401 Unauth back to the UA as the call will be > stopped then :/ > > Is there a way to trigger the ua to answer me so I get an increased Cseq > and that I can transform that message into an invite with auth? > > > > I’m also looking into asterisk to see if I can modify it to accept my > Same-Cseq invite. > > > > Met vriendelijke groet, > > > > *Rik Broers* > > *Voice Engineer* > > > > > > *From:* Bogdan-Andrei Iancu [mailto:bog...@opensips.org] > *Sent:* maandag 4 november 2013 12:26 > > *To:* Rik Broers > *Cc:* OpenSIPS users mailling list > *Subject:* Re: [OpenSIPS-Users] uac_auth > > > > Hi Rik, > > The truth is in the middle. The second invite from opensips (the one with > credentials) must not be considered a retransmission - it has a totally > different VIA branch -> different transaction. > Also, OpenSIPS should increase the CSeq when answering to the challenge, > but not able to do so as OpenSIPS is mainly a SIP proxy, not a b2bua. > > Regards, > > > Bogdan-Andrei Iancu > > OpenSIPS Founder and Developer > > http://www.opensips-solutions.com > > > On 11/04/2013 12:22 PM, Rik Broers wrote: > > Hello Bogdan, > > > > Yes I’m very sure that the proper credentials are used ;) > > > > I’m going to try and calculate the response according to the RFC. > > > > One thing I found is that asterisk seems to ignore my second invite with > Authorization because of retransmit? > > It seems that I should increase my CSEQ on second invite.. How can I do > this neatly? > > > > [Nov 4 11:08:25] DEBUG[22804]: chan_sip.c:22448 handle_incoming: **** > Received INVITE (5) - Command in SIP INVITE > > [Nov 4 11:08:25] DEBUG[22804]: chan_sip.c:22467 handle_incoming: > Ignoring SIP message because of retransmit (INVITE Seqno 12481, ours 12481) > Ignoring this INVITE request > > > > > > Met vriendelijke groet, > > > > *Rik Broers* > > *Voice Engineer* > > > > > > *From:* Bogdan-Andrei Iancu [mailto:bog...@opensips.org<bog...@opensips.org>] > > *Sent:* vrijdag 1 november 2013 12:34 > *To:* Rik Broers > *Cc:* OpenSIPS users mailling list > *Subject:* Re: [OpenSIPS-Users] uac_auth > > > > Hello Rik, > > It may be silly , but are you sure you filled in the proper credentials > (realm, auth user and password) ?? > > Also, based on how the response for digest is computed, you can double > check the OpenSIPS auth response (calculating the HA and md5 sums as per > RFC 2617). > > Regards, > > > Bogdan-Andrei Iancu > > OpenSIPS Founder and Developer > > http://www.opensips-solutions.com > > > On 11/01/2013 01:09 PM, Rik Broers wrote: > > Yes, thats correct. Opensips sends out an invite with Authorization header > as response on the 401 unauthorized. > > This authorization header contains the correct Nonce. > > Instead of being authorized I receive another 401 unauthorized which > opensips replies again with new nonce and so on until max branches is > reached. > > > > Met vriendelijke groet, > > Regards, > > > > *Rik Broers* > > *Voice Engineer* > > > > > > *From:* Bogdan-Andrei Iancu [mailto:bog...@opensips.org<bog...@opensips.org>] > > *Sent:* vrijdag 1 november 2013 11:49 > *To:* OpenSIPS users mailling list > *Cc:* Rik Broers > *Subject:* Re: [OpenSIPS-Users] uac_auth > > > > Hello Rik, > > So OpenSIPS generates a new INVITE with credentials (as a result of the > uac_auth() ), but this is also rejected ? > > Regards, > > > > Bogdan-Andrei Iancu > > OpenSIPS Founder and Developer > > http://www.opensips-solutions.com > > > On 10/31/2013 11:46 AM, Rik Broers wrote: > > Hi, > > > > I’m trying to use the uac_auth() function to add Authorization to my > invite after I received a 401 Unauthorized. > > I call the function in the failure route and according to Debug the > authorization header is inserted. I also see this in a trace. > > Unfortunately I haven’t been able to authorize successfully, double > checked everything and also tried with phones to ensure the credentials are > correct and my asterisk is working. > > I’m filling the credentials with a modparam not with AVP. > > > > In DBG I see this: DBG:uac_auth:build_authorization_hdr: hdr is > <Authorization: Digest username="**", realm="**", nonce="31d5b0d9", > uri="***;user=phone", response="ea344343187f27c668be8fdc3acf8c5a", > algorithm=MD5#015#012> > > So it seems to match correctly. > > > > I’m authenticating against Asterisk. And my failure route looks like this: > > failure_route[FailPBX]{ > > xlog("Im in failpbx route"); > > uac_auth(); > > t_on_failure("FailPBX"); > > t_relay(); > > } > > > > What happens is the following > > -> Invite > > <- 100 Giving a try > > <- 401 Unauthorized (Unique nonce 1) > > -> ACK > > -> invite with authorization header (unique Nonce 1) > > <- 100 Giving a try > > <- 401 Unauthorized (Unique nonce 2) > > -> invite with authorization header (unique Nonce 2) > > ….. and so on until ERROR:tm:add_uac: maximum number of branches exceeded. > > > > > > Only thing left for me now is to verify that the Digest calculated is > correct. *How can I do this?* What functions should I use on linux.. > > Below my authorization challenge. > > [image: > imap://bog...@opensips.org:993/fetch%3EUID%3E.INBOX%3E191220?header=quotebody&part=1.2&filename=image005.png] > > > > Or are there any other things I’m missing? > > Im using NOTICE:core:main: version: opensips 1.10.0-notls (x86_64/linux) > > > > > > Met vriendelijke groet, > > Regards, > > > > *Rik Broers* > > *Voice Engineer* > > > > > > > > _______________________________________________ > > Users mailing list > > Users@lists.opensips.org > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > _______________________________________________ > Users mailing list > Users@lists.opensips.org > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > >
<<image001.png>>
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users
