No, no errors with last code. Just show solution to other user-list readers.
30.07.14 16:23, Bogdan-Andrei Iancu написав(ла): > Do you still get that error ? and issues with this code ? > > Regards, > Bogdan-Andrei Iancu > OpenSIPS Founder and Developer > http://www.opensips-solutions.com > On 30.07.2014 15:39, Igor Olhovskiy wrote: >> Made it in a more accurate way: >> >> if ($(<reply>hdr(Proxy-Authenticate))) { >> $var(raw_auth) = >> $(<reply>hdr(Proxy-Authenticate)); >> } >> if ($(<reply>hdr(WWW-Authenticate))) { >> $var(raw_auth) = >> $(<reply>hdr(WWW-Authenticate)); >> } >> ......... >> >> 30.07.14 11:42, Igor Olhovskiy написав(ла): >>> Code to get realm from failure_route is now looks like >>> >>> $var(hdr) = $(<reply>hdr(Proxy-Authenticate)); >>> if ( $var(hdr) != NULL ) { >>> $var(raw_auth) = $var(hdr); >>> xlog("L_INFO", "Proxy-Auth is present"); >>> } >>> #WWW is an Asterisk flavour >>> $var(hdr) = $(<reply>hdr(WWW-Authenticate)); >>> if ( $var(hdr) != NULL ) { >>> $var(raw_auth) = $var(hdr); >>> xlog("L_INFO", "WWW-Auth is present"); >>> } >>> $var(reg_start) = "/(.*?)realm=\"//g"; >>> $var(reg_end) = "/\"(.*)//g"; >>> xlog("L_INFO", "Raw data $var(raw_auth)"); >>> $var(raw_auth) = >>> $(var(raw_auth){re.subst,$var(reg_start)}); >>> $var(raw_auth) = >>> $(var(raw_auth){re.subst,$var(reg_end)}); >>> xlog("L_INFO", "Got realm data $var(raw_auth)"); >>> >>> One little problem is I have not found analog of is_set function, so >>> I get >>> WARNING:core:do_assign: no value in right expression on line >>> in console. >>> >>> 29.07.14 12:44, Bogdan-Andrei Iancu написав(ла): >>>> Hi, >>>> >>>> If you try it from a failure route, you need to do : >>>> $(<reply>hdr(Proxy-Authenticate)) >>>> >>>> (see http://www.opensips.org/Documentation/Script-CoreVar-1-11) >>>> >>>> In failure route, the context is of the request message, so if you >>>> want to access the reply, you need to switch to its context. >>>> >>>> Regards, >>>> Bogdan-Andrei Iancu >>>> OpenSIPS Founder and Developer >>>> http://www.opensips-solutions.com >>>> On 29.07.2014 12:41, Igor Olhovskiy wrote: >>>>> Hi again. >>>>> Seems to be, $hdr(Proxy-Authenticate) is NULL at 401 response. >>>>> >>>>> failure_route[1] { >>>>> ... >>>>> if ( t_check_status("40[17]") ) { >>>>> ... >>>>> xlog("L_INFO", "Asterisk flavour $hdr(WWW-Authenticate), Proxy >>>>> flavour $hdr(Proxy-Authenticate)"); >>>>> } >>>>> } >>>>> >>>>> becomes >>>>> >>>>> /usr/sbin/opensips[18983]: Asterisk flavour <null>, Proxy flavour >>>>> <null> >>>>> >>>>> It's logic, cause in failure_route we work with initial INVITE, >>>>> but not 401 reply. Cause, if we working with reply directly, we >>>>> can't apply uac_auth function to it. >>>>> >>>>> 28.07.14 21:10, Игорь Ольховский написав(ла): >>>>>> Hi, >>>>>> >>>>>> Many thanks on your answer, will wait for a new feature and look at $hdr >>>>>> var more close. >>>>>> Anyway, I have a little trouble with CSeq change (means it is need to do >>>>>> accurate), but for now it’s a solution. >>>>>> Many thanks again. >>>>>> 28 июля 2014, в 20:46, Bogdan-Andrei Iancu <bog...@opensips.org> >>>>>> написал(а): >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> 1) on changing cseq as a simple text - this is not wise as you break >>>>>>> the sequence of cseq number in the dialog; we are working on a feature >>>>>>> to allow you do that in sip-wise way. >>>>>>> >>>>>>> 2) about realm, the proxy/www -Authenticate header (in the 401/407 >>>>>>> reply) has the realm parameter; you can grab it by transformations; on >>>>>>> $hdr(Proxy-Authenticate) apply a regexp transformation (see >>>>>>> http://www.opensips.org/Documentation/Script-Tran-1-11#toc72) to get >>>>>>> the realm param from there. >>>>>>> >>>>>>> Regards, >>>>>>> >>>>>>> Bogdan-Andrei Iancu >>>>>>> OpenSIPS Founder and Developer >>>>>>> http://www.opensips-solutions.com >>>>>>> >>>>>>> On 21.07.2014 20:15, Igor Olkhovskii wrote: >>>>>>>> Made it work via modification of CSeq (remove_hf -> append_hf) and now >>>>>>>> is a question, how to get correct realm from response. OpenSIPs is >>>>>>>> very limitated to text processing.... >>>>>>>> >>>>>>>> 21.07.2014 18:39, Igor Olhovskiy пишет: >>>>>>>>> Found this tread, but seems to be no luck in to work with INVITE on >>>>>>>>> Asterisk. >>>>>>>>> Is there any luck to get Asterisk auth (without touching Asterisk) >>>>>>>>> >>>>>>>>> https://www.mail-archive.com/users@lists.opensips.org/msg25236.html >>>>>>>>> On 21.07.2014 16:14, Igor Olhovskiy wrote: >>>>>>>>>> Hi! >>>>>>>>>> I'm trying to get OpenSIPS 1.11 act as registrar proxy. Means it's >>>>>>>>>> not >>>>>>>>>> only register on external servers, but take care of INVITE's and so. >>>>>>>>>> I've configured modules as: >>>>>>>>>> >>>>>>>>>> loadmodule "uac_auth.so" >>>>>>>>>> loadmodule "uac.so" >>>>>>>>>> loadmodule "uac_registrant.so" >>>>>>>>>> modparam("uac","restore_mode","auto") >>>>>>>>>> modparam("uac_auth","auth_realm_avp","$avp(uac_realm)") >>>>>>>>>> modparam("uac_auth","auth_username_avp","$avp(uac_username)") >>>>>>>>>> modparam("uac_auth","auth_password_avp","$avp(uac_password)") >>>>>>>>>> modparam("uac_registrant", "timer_interval", 120) >>>>>>>>>> modparam("uac_registrant", "hash_size", 2) >>>>>>>>>> modparam("uac_registrant", "db_url", >>>>>>>>>> "mysql://opensips:opensips@localhost/opensips") >>>>>>>>>> >>>>>>>>>> .... >>>>>>>>>> failure_route[1] { >>>>>>>>>> ...... >>>>>>>>>> # have we already tried to authenticate? >>>>>>>>>> if (isflagset(8)) { >>>>>>>>>> xlog("L_INFO", >>>>>>>>>> "FAILUREROUTE_STATUS40X_SETFLAG8: >>>>>>>>>> [F=$fu R=$ru D=$du M=$rm IP=($si:$sp $Ri:$Rp) ID=$ci]"); >>>>>>>>>> t_reply("503","Authentication failed"); >>>>>>>>>> exit; >>>>>>>>>> } >>>>>>>>>> if (is_method("INVITE")) { >>>>>>>>>> # mark that auth was performed >>>>>>>>>> setflag(8); >>>>>>>>>> # trigger again the failure route >>>>>>>>>> t_on_failure("1"); >>>>>>>>>> # repeat the request with auth response this >>>>>>>>>> time >>>>>>>>>> $avp(uac_realm) = $td; >>>>>>>>>> $avp(uac_username) = $fU; >>>>>>>>>> avp_db_query("SELECT password FROM registrant >>>>>>>>>> WHERE (registrar = 'sip:$avp(uac_realm)') AND ( username = >>>>>>>>>> '$avp(uac_username)')","$avp(uac_password)"); >>>>>>>>>> xlog("L_INFO", >>>>>>>>>> "FAILUREROUTE_STATUS40X_UACAUTHINVITE_DEBUG_VARIABLES: AVP_UAC_REALM: >>>>>>>>>> $avp(uac_realm) AVP_UAC_USERNAME: $avp(uac_username) AVP_UAC_PASSWORD >>>>>>>>>> :$avp(uac_password)"); >>>>>>>>>> uac_auth(); >>>>>>>>>> t_relay(); >>>>>>>>>> } >>>>>>>>>> } >>>>>>>>>> ..... >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> I see correct vars in debug message, but uac_auth() not to append >>>>>>>>>> branch >>>>>>>>>> to reply INVITE. >>>>>>>>>> >>>>>>>>>> For example, I have such string >>>>>>>>>> AVP_UAC_REALM: some-dns.example.net.ua AVP_UAC_USERNAME: 2225678 >>>>>>>>>> AVP_UAC_PASSWORD :SuperStrongPassword >>>>>>>>>> >>>>>>>>>> What is wrong in this config/AVP's? >>>>>>>> _______________________________________________ >>>>>>>> Users mailing list >>>>>>>> Users@lists.opensips.org >>>>>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >>>>> >>>> >>> >> >
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users