Re: [OpenSIPS-Users] presence blf

Mon, 29 Oct 2018 05:30:02 -0700 

Hi Salva,
In failure route, you should check first for the 407 (btw, you do not have to go via the onreply route, you can use only failure_route, directly). If so, call uac_auth(), but be sure you the $avp(10), $avp(11) and $avp(12) *already* contain the values for realm, username and password. You can load that info from a DB for example. 

Best regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  http://www.opensips-solutions.com
OpenSIPS Bootcamp 2018
  http://opensips.org/training/OpenSIPS_Bootcamp_2018/

On 10/27/2018 06:42 AM, Slava Bendersky wrote:

Hello Bogdan,

The issue that opensips is not handling user authentication, password 
is stored in 3cx. Is there are way set avp or into cache intial 
credentials ?

I come up with something like this.
My though  was.

modparam("uac_auth","auth_realm_avp","$avp(10)")
modparam("uac_auth","auth_username_avp","$avp(11)")
modparam("uac_auth","auth_password_avp","$avp(12)")

route[PUBLISH_407] {

        if(is_method("PUBLISH") && 
has_body("application/dialog-info+xml") && $avp(DLG_dir)=="frompbx") {

                xlog("L_INFO", "[$rm] from $si\n");
                t_on_reply("6");
}

onreply_route[6] {
        if(is_method("PUBLISH") && t_check_status("407")) {

                xlog("L_INFO", "OnReply_Route6: [$rm] Direction: [FS 
~> Client] asked for 407\n");

                t_on_failure("SUPPLY_AUTH");
        }
}

failure_route[SUPPLY_AUTH] {
*don't know how to supply credential  yet*
        uac_auth();
}

volga629

------------------------------------------------------------------------
*From: *"Bogdan-Andrei Iancu" <[email protected]>

*To: *"OpenSIPS users mailling list" <[email protected]>, 
"Slava Bendersky" <[email protected]>

*Sent: *Friday, October 26, 2018 5:28:09 AM
*Subject: *Re: [OpenSIPS-Users] presence blf

Hi Slava,


Sorry for the mistyping your name :D....one wrong character and 
something a bit weird resulted :D.


Regards,
Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
   http://www.opensips-solutions.com
OpenSIPS Bootcamp 2018
   http://opensips.org/training/OpenSIPS_Bootcamp_2018/
On 10/26/2018 09:34 AM, Bogdan-Andrei Iancu wrote:

    Hi Slave,

    If you cannot do an IP authentication / whitelisting for OpenSIPS
    in 3CX, you could use the uac_auth module and the uac_auth()
    function to perform user side authentication in OpenSIPS. See
    http://www.opensips.org/html/docs/modules/2.4.x/uac.html
    http://www.opensips.org/html/docs/modules/2.4.x/uac_auth.html

    Best regards,

    Bogdan-Andrei Iancu

    OpenSIPS Founder and Developer
       http://www.opensips-solutions.com
    OpenSIPS Bootcamp 2018
       http://opensips.org/training/OpenSIPS_Bootcamp_2018/

    On 10/25/2018 09:49 PM, Slava Bendersky wrote:

        Hello Everyone,
        I am trying make BLF working and how opensips should handle
        PUBLISH where server reply 407 ?
        Do we need forward to end point ?
        Opensips send PUBLISH then 3CX send 407 and conversation done.
        Here some trace

        [root@aitossbc01 ~]# cat BLF.txt
        2018/10/25 12:22:19.148093 10.100.104.10:5060 -> 10.2.24.124:5060
        PUBLISH sip:[email protected]:5060 SIP/2.0
        Via: SIP/2.0/UDP 10.100.104.10:5060;branch=z9hG4bK9f23.99096732.0
        To: sip:[email protected]:5060
        From:
        <sip:[email protected]:5060>;tag=4c20d2ebf66939afcc7c67fb6893f1be-672a
        CSeq: 10 PUBLISH
        Call-ID: [email protected]
        Max-Forwards: 70
        Content-Length: 549
        User-Agent: OpenSIPS (3.0.0-dev (x86_64/linux))
        Event: dialog
        Expires: 3601
        Content-Type: application/dialog-info+xml

        <?xml version="1.0"?>
        <dialog-info xmlns="urn:ietf:params:xml:ns:dialog-info"
        state="partial" entity="sip:[email protected]:5060"><dialog
        id="[email protected]"
        call-id="[email protected]"
        
direction="recipient"><state>confirmed</state><remote><identity>sip:[email protected]:5060</identity><target
        
uri="sip:[email protected]:5060"/></remote><local><identity>sip:[email protected]:5060</identity><target
        uri="sip:[email protected]:5060"/></local></dialog></dialog-info>


        2018/10/25 12:22:19.198773 10.2.24.124:5060 -> 10.100.104.10:5060
        SIP/2.0 407 Proxy Authentication Required
        Via: SIP/2.0/UDP 10.100.104.10:5060;branch=z9hG4bK9f23.99096732.0
        Proxy-Authenticate: Digest
        
nonce="414d53595bd1fbcb12:61835c52c28e8a89737c489e16fa5965",algorithm=MD5,realm="3CXPhoneSystem"
        To: <sip:[email protected]:5060>;tag=d9bb492f
        From:
        <sip:[email protected]:5060>;tag=4c20d2ebf66939afcc7c67fb6893f1be-672a
        Call-ID: [email protected]
        CSeq: 10 PUBLISH
        User-Agent: 3CXPhoneSystem 15.5.15502.6 (15502)
        Content-Length: 0


        _______________________________________________
        Users mailing list
        [email protected]
        http://lists.opensips.org/cgi-bin/mailman/listinfo/users




    _______________________________________________
    Users mailing list
    [email protected]
    http://lists.opensips.org/cgi-bin/mailman/listinfo/users






_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users






















					Reply via email to