基于openSER 的 sip register 注册过程
2013-03-23 22:32
211 查看
authenticate 身份鉴定
authorize 授权, 批准
challenge 查问身份
subscriber 用户
openSER.cfg 中注册的配置摘录如下:
route [0] {
#----------------------------------------
# Block begin: REGISTER
#----------------------------------------
if (method=="REGISTER") {
if (uri==myself) {
if(!check_uri())
{
sl_send_reply("403", "Forbidden");
break;
}
if(lookup_contact("subscriber")){
if (!www_authorize("unused", "subscriber")) {
www_challenge("unused", "0");
break;
}
save("location");
break;
}
sl_send_reply("403", "Forbidden");
break;
}
sl_send_reply("403", "Forbidden");
break;
}
注册下载包连接 http://download.csdn.net/detail/xuyunzhang/4329549
1. 用户发request REGISTER,contact头置空,表明用户希望向服务器询问当前的联系列表,请求的号码103是否已被注册或被允许使用。
2. check_uri( )检查request line (REGISTER sip:192.168.1.55 SIP/2.0) 中的uri ( sip:192.168.1.55)所含的主机地址是自己(sip register server)的地址,同事还会查看是否在同一网段内 等有效性检查。如果非法或无效,回
403 Forbidden 包(如下所示),否则 继续。
3.lookup_contact( ) 将REGISTER包的contact header 中的 Contact: <sip:103@192.168.1.30:5060>注册号码103 取出,执行数据库(如:mysql)查找,即执行db_query( )。如果事先在sip registar 表格上填了对应的号码103(db中保存此项,允许使用),则查询成功。
4. 继续查看是否经cred认证过(www_authorize),由于contact头为空,认证失败(其实注册成功时有个Expires时间, 如Expires: 180,在每次expire之前用户会发request REGISTER表示要自己存在并且继续使用该号码,contact当然不为空,相当于keep
alive, 否则expire后,register server收回注册号码等资源), challenge 回 401 Unauthorized 要求用户给出认证信息(www_challenge)。用户再次发REGISTER request,并且在Authorization头域中给出认证信息,同样经历1、2、3过程。认证信息 如:
Digest username="103",
realm="10.0.0.55",
nonce="4d1fa76b8b83f4952d9887a9fd5e38784517577a",
uri="sip:192.168.1.55",
response="89c2a21daae7c38270d12b4240d258c2",
algorithm=MD5
sip register server 进行哈希运算得出用户密码,并检测用户名和密码
5. 认证成功回200 OK表示允许使用, 否则回403 Forbidden 注册失败,整个注册过程结束。
注册数据包:
REGISTER sip:192.168.1.55 SIP/2.0
From: "103"<sip:103@192.168.1.55>;tag=c0a8011e-13c44d1fa63f
To: <sip:103@192.168.1.55>
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 15135 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport;branch=z9hG4bK-4d1fa63f-a32af64-2369
Max-Forwards: 70
Supported: 100rel,replaces
User-Agent: IP2061-V1.0.1_ICON_VN
Contact: <sip:103@192.168.1.30:5060>
Expires: 180
Content-Length: 0
------------------------------------------------------------------------------------------------------------------------------------
SIP/2.0 401 Unauthorized
From: "103"<sip:103@192.168.1.55>;tag=c0a8011e-13c44d1fa63f
To: <sip:103@192.168.1.55>;tag=414c40746541a2c9f630b7b3ee2781c7.6e19
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 15135 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport=5060;branch=z9hG4bK-4d1fa63f-a32af64-2369
WWW-Authenticate: Digest realm="10.0.0.55", nonce="4d1fa76b8b83f4952d9887a9fd5e38784517577a"
Content-Length: 0
------------------------------------------------------------------------------------------------------------------------------------
REGISTER sip:192.168.1.55 SIP/2.0
From: "103"<sip:103@192.168.1.55>;tag=c0a8011e-13c44d1fa63f
To: <sip:103@192.168.1.55>
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 15136 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport;branch=z9hG4bK-4d1fa63f-a32af78-468f
Max-Forwards: 70
Supported: 100rel,replaces
User-Agent: IP2061-V1.0.1_ICON_VN
Contact: <sip:103@192.168.1.30:5060>
Expires: 180
Authorization: Digest username="103", realm="10.0.0.55", nonce="4d1fa76b8b83f4952d9887a9fd5e38784517577a", uri="sip:192.168.1.55", response="89c2a21daae7c38270d12b4240d258c2", algorithm=MD5
Content-Length: 0
------------------------------------------------------------------------------------------------------------------------------------
SIP/2.0 200 OK
From: "103"<sip:103@192.168.1.55>;tag=c0a8011e-13c44d1fa63f
To: <sip:103@192.168.1.55>;tag=414c40746541a2c9f630b7b3ee2781c7.28d7
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 15136 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport=5060;branch=z9hG4bK-4d1fa63f-a32af78-468f
Contact: <sip:103@192.168.1.30:5060>;q=0.00;expires=180
Content-Length: 0
------------------------------------------------------------------------------------------------------------------------------------
SIP/2.0 403 Forbidden
From: "101"<sip:101@192.168.1.55>;tag=c0a8011e-13c44d1e7872
To: <sip:101@192.168.1.55>;tag=414c40746541a2c9f630b7b3ee2781c7.01a9
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 11432 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport=5060;branch=z9hG4bK-4d1e7890-43146c0-1d93
Content-Length: 0
authorize 授权, 批准
challenge 查问身份
subscriber 用户
openSER.cfg 中注册的配置摘录如下:
route [0] {
#----------------------------------------
# Block begin: REGISTER
#----------------------------------------
if (method=="REGISTER") {
if (uri==myself) {
if(!check_uri())
{
sl_send_reply("403", "Forbidden");
break;
}
if(lookup_contact("subscriber")){
if (!www_authorize("unused", "subscriber")) {
www_challenge("unused", "0");
break;
}
save("location");
break;
}
sl_send_reply("403", "Forbidden");
break;
}
sl_send_reply("403", "Forbidden");
break;
}
注册下载包连接 http://download.csdn.net/detail/xuyunzhang/4329549
1. 用户发request REGISTER,contact头置空,表明用户希望向服务器询问当前的联系列表,请求的号码103是否已被注册或被允许使用。
2. check_uri( )检查request line (REGISTER sip:192.168.1.55 SIP/2.0) 中的uri ( sip:192.168.1.55)所含的主机地址是自己(sip register server)的地址,同事还会查看是否在同一网段内 等有效性检查。如果非法或无效,回
403 Forbidden 包(如下所示),否则 继续。
3.lookup_contact( ) 将REGISTER包的contact header 中的 Contact: <sip:103@192.168.1.30:5060>注册号码103 取出,执行数据库(如:mysql)查找,即执行db_query( )。如果事先在sip registar 表格上填了对应的号码103(db中保存此项,允许使用),则查询成功。
4. 继续查看是否经cred认证过(www_authorize),由于contact头为空,认证失败(其实注册成功时有个Expires时间, 如Expires: 180,在每次expire之前用户会发request REGISTER表示要自己存在并且继续使用该号码,contact当然不为空,相当于keep
alive, 否则expire后,register server收回注册号码等资源), challenge 回 401 Unauthorized 要求用户给出认证信息(www_challenge)。用户再次发REGISTER request,并且在Authorization头域中给出认证信息,同样经历1、2、3过程。认证信息 如:
Digest username="103",
realm="10.0.0.55",
nonce="4d1fa76b8b83f4952d9887a9fd5e38784517577a",
uri="sip:192.168.1.55",
response="89c2a21daae7c38270d12b4240d258c2",
algorithm=MD5
sip register server 进行哈希运算得出用户密码,并检测用户名和密码
5. 认证成功回200 OK表示允许使用, 否则回403 Forbidden 注册失败,整个注册过程结束。
注册数据包:
REGISTER sip:192.168.1.55 SIP/2.0
From: "103"<sip:103@192.168.1.55>;tag=c0a8011e-13c44d1fa63f
To: <sip:103@192.168.1.55>
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 15135 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport;branch=z9hG4bK-4d1fa63f-a32af64-2369
Max-Forwards: 70
Supported: 100rel,replaces
User-Agent: IP2061-V1.0.1_ICON_VN
Contact: <sip:103@192.168.1.30:5060>
Expires: 180
Content-Length: 0
------------------------------------------------------------------------------------------------------------------------------------
SIP/2.0 401 Unauthorized
From: "103"<sip:103@192.168.1.55>;tag=c0a8011e-13c44d1fa63f
To: <sip:103@192.168.1.55>;tag=414c40746541a2c9f630b7b3ee2781c7.6e19
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 15135 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport=5060;branch=z9hG4bK-4d1fa63f-a32af64-2369
WWW-Authenticate: Digest realm="10.0.0.55", nonce="4d1fa76b8b83f4952d9887a9fd5e38784517577a"
Content-Length: 0
------------------------------------------------------------------------------------------------------------------------------------
REGISTER sip:192.168.1.55 SIP/2.0
From: "103"<sip:103@192.168.1.55>;tag=c0a8011e-13c44d1fa63f
To: <sip:103@192.168.1.55>
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 15136 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport;branch=z9hG4bK-4d1fa63f-a32af78-468f
Max-Forwards: 70
Supported: 100rel,replaces
User-Agent: IP2061-V1.0.1_ICON_VN
Contact: <sip:103@192.168.1.30:5060>
Expires: 180
Authorization: Digest username="103", realm="10.0.0.55", nonce="4d1fa76b8b83f4952d9887a9fd5e38784517577a", uri="sip:192.168.1.55", response="89c2a21daae7c38270d12b4240d258c2", algorithm=MD5
Content-Length: 0
------------------------------------------------------------------------------------------------------------------------------------
SIP/2.0 200 OK
From: "103"<sip:103@192.168.1.55>;tag=c0a8011e-13c44d1fa63f
To: <sip:103@192.168.1.55>;tag=414c40746541a2c9f630b7b3ee2781c7.28d7
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 15136 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport=5060;branch=z9hG4bK-4d1fa63f-a32af78-468f
Contact: <sip:103@192.168.1.30:5060>;q=0.00;expires=180
Content-Length: 0
------------------------------------------------------------------------------------------------------------------------------------
SIP/2.0 403 Forbidden
From: "101"<sip:101@192.168.1.55>;tag=c0a8011e-13c44d1e7872
To: <sip:101@192.168.1.55>;tag=414c40746541a2c9f630b7b3ee2781c7.01a9
Call-ID: c0a8011e-13c4-495c0780-28f0-7d61@192.168.1.30
CSeq: 11432 REGISTER
Via: SIP/2.0/UDP 192.168.1.30:5060;rport=5060;branch=z9hG4bK-4d1e7890-43146c0-1d93
Content-Length: 0
相关文章推荐
- 基于openSER 的 sip register 注册过程
- Android应用程序注册广播接收器(registerReceiver)的过程分析
- 基于XMPP协议的aSmack源码分析【3】register过程分析
- sip.js基于 FreeSwitch的使用过程
- SIP注册过程分析
- exosip注册过程(转http://www.koders.com/c/fid6A93E066F256E8E5FC007DD515597A164D7D7593.aspx)
- Android应用程序注册广播接收器(registerReceiver)的过程分析
- 基于GBT28181:SIP协议组件开发-----------第四篇SIP注册流程eXosip2实现(一)
- 基于GBT28181:SIP协议组件开发-----------第五篇SIP注册流程eXosip2实现(二)
- voip 一个简单的eXosip的register注册例子
- linux I2C 驱动之----i2c驱动的注册过程(i2c_register_driver->driver_register(&driver->driver)->driver_find)
- exosip注册过程
- 基于GBT28181:SIP协议组件开发-----------第三篇SIP注册流程分析实现
- 基于MVC模式模拟实现登录注册开发过程(二)
- Android应用程序注册广播接收器(registerReceiver)的过程分析
- SIP 注册过程
- SIP注册过程
- Android应用程序注册广播接收器(registerReceiver)的过程分析
- Android应用程序注册广播接收器(registerReceiver)的过程分析
- Android应用程序注册广播接收器(registerReceiver)的过程分析