·这是我参与2022首次更文挑战的第9天，活动详情查看：2022首次更文挑战

Opensips(3.2.4) 401 鉴权报错问题解决

当前环境

• 系统版本: ubuntu 20.04.1
• Opensips版本: 3.2.4
• mysql版本: 8.0.27

前言

在官网安装好opensips后，生成账号却无法登录，报401 Unauthorized错误，只好打开调试查看啥情况。各位看官可以看看是不是和你们的一样。

报错原因（先说原因好散场）

opensips-cli在生成账户信息的时候没有创建密码，但是登录的时候会去查询密码然后构建一个md5值，和我们sip客户端发过去的数据构建的md5不一样，鉴权失败。

关键报错点

鉴权失败,截图如下。

解决问题

opensips-cli在生成账户信息的时候默认是没有存入密码的，查看源码可以看到存不存密码是被一个参数plain_text_passwords控制的。

在文档中也有说到（我没看，难受，弄了大半个小时，特此记录一下）

修改配置文件

加上这句

plain_text_passwords: 1

我的完整opensips-cli.cfg

[default]
#database_modules: acc clusterer dialog dialplan dispatcher domain rtpproxy usrloc
database_modules: ALL

#database_admin_url: postgres://root@localhost
database_admin_url: mysql://root@localhost
database_schema_path: /opt/opensips-3.2.4/scripts/
plain_text_passwords: 1

重载配置文件

重新载入配置文件才会生效

opensips-cli -f /opt/opensipsconfig/opensips-cli.cfg

新建的105已经默认有了密码了

报错案例演示

创建用户

• 使用opensips-cli创建一个用户

opensips-cli -x user add  101@192.168.43.213 123456

• 创建成功

查看用户

• 使用mysql命令查看用户列表

select * from subscriber;

• 查询结果如下，可以看到新创建的用户是没得密码的！

Sip客户端登录

• 我这使用的是iOS端登录

• Xcode日志

• Opensips debug 给大家来个完整的日志，可以看到就是md5值不一致。

19:09:35 [79200] DBG:core:receive_msg: cleaning up
19:09:35 [79199] DBG:core:parse_msg: SIP Request:
19:09:35 [79199] DBG:core:parse_msg:  method:  <REGISTER>
19:09:35 [79199] DBG:core:parse_msg:  uri:     <sip:192.168.43.213>
19:09:35 [79199] DBG:core:parse_msg:  version: <SIP/2.0>
19:09:35 [79199] DBG:core:parse_headers: flags=ffffffffffffffff
19:09:35 [79199] DBG:core:parse_via_param: found param type 232, <branch> = <z9hG4bK.nezA6YRyZ>; state=6
19:09:35 [79199] DBG:core:parse_via_param: found param type 235, <rport> = <n/a>; state=17
19:09:35 [79199] DBG:core:parse_via: end of header reached, state=5
19:09:35 [79199] DBG:core:parse_headers: via found, flags=ffffffffffffffff
19:09:35 [79199] DBG:core:parse_headers: this is the first via
19:09:35 [79199] DBG:core:_parse_to: end of header reached, state=9
19:09:35 [79199] DBG:core:_parse_to: display={}, ruri={sip:101@192.168.43.213}
19:09:35 [79199] DBG:core:get_hdr_field: <To> [24]; uri=[sip:101@192.168.43.213] 
19:09:35 [79199] DBG:core:get_hdr_field: to body [sip:101@192.168.43.213]
19:09:35 [79199] DBG:core:get_hdr_field: cseq <CSeq>: <28> <REGISTER>
19:09:35 [79199] DBG:core:get_hdr_field: found end of header
19:09:35 [79199] DBG:core:receive_msg: After parse_msg...
19:09:35 [79199] DBG:core:receive_msg: preparing to run routing scripts...
19:09:35 [79199] DBG:core:parse_headers: flags=ffffffffffffffff
19:09:35 [79199] DBG:core:parse_params: Parsing params for:[+sip.instance="<urn:uuid:3d288584-1b2a-0099-8b38-46c135b31386>"]
19:09:35 [79199] DBG:maxfwd:is_maxfwd_present: value = 70 
19:09:35 [79199] DBG:sipmsgops:has_totag: no totag
19:09:35 [79199] DBG:core:parse_headers: flags=78
19:09:35 [79199] DBG:tm:t_lookup_request: start searching: hash=33932, isACK=0
19:09:35 [79199] DBG:tm:matching_3261: RFC3261 transaction matching failed
19:09:35 [79199] DBG:tm:t_lookup_request: no transaction found
19:09:35 [79199] DBG:core:parse_headers: flags=200
19:09:35 [79199] DBG:rr:find_first_route: No Route headers found
19:09:35 [79199] DBG:rr:loose_route: There is no Route HF
19:09:35 [79199] DBG:core:grep_sock_info_ext: checking if host==us: 14==14 &&  [192.168.43.213] == [192.168.43.213]
19:09:35 [79199] DBG:auth:pre_auth: nonce index= 24
19:09:35 [79199] DBG:db_mysql:has_stmt_ctx: ctx found for subscriber
19:09:35 [79199] DBG:db_mysql:db_mysql_do_prepared_query: conn=0x7fbe1e328350 (tail=140454527138592) MC=0x7fbe1e327bb8
19:09:35 [79199] DBG:db_mysql:db_mysql_do_prepared_query: set values for the statement run
19:09:35 [79199] DBG:db_mysql:db_mysql_val2bind: added val (0): len=3; type=254; is_null=0
19:09:35 [79199] DBG:db_mysql:db_mysql_do_prepared_query: doing BIND_PARAM in...
19:09:35 [79199] DBG:db_mysql:mysql_raise_event: MySQL status has not changed: connected
19:09:35 [79199] DBG:db_mysql:db_mysql_do_prepared_query: prepared statement has 1 columns in result
19:09:35 [79199] DBG:core:db_new_result: allocate 48 bytes for result set at 0x7fbe1e329a48
19:09:35 [79199] DBG:db_mysql:db_mysql_get_columns: 1 columns returned from the query
19:09:35 [79199] DBG:core:db_allocate_columns: allocate 28 bytes for result columns at 0x7fbe1e32a580
19:09:35 [79199] DBG:db_mysql:db_mysql_get_columns: RES_NAMES(0x7fbe1e32a588)[0]=[password]
19:09:35 [79199] DBG:db_mysql:db_mysql_get_columns: use DB_STRING result type
19:09:35 [79199] DBG:core:db_allocate_rows: allocate 48 bytes for result rows and values at 0x7fbe1e3290a8
19:09:35 [79199] DBG:db_mysql:db_mysql_str2val: converting STRING []
19:09:35 [79199] DBG:auth_db:get_ha1: HA1 string calculated: d2238dd061cf145a3ed21af56c01f49c
19:09:35 [79199] DBG:auth:check_response: our result = 'efa95561d7949c6def44acdcc19a8671'
19:09:35 [79199] DBG:auth:check_response: authorization failed
19:09:35 [79199] DBG:core:db_free_columns: freeing result columns at 0x7fbe1e32a580
19:09:35 [79199] DBG:core:db_free_rows: freeing 1 rows
19:09:35 [79199] DBG:core:db_free_row: freeing row values at 0x7fbe1e3290b8
19:09:35 [79199] DBG:core:db_free_rows: freeing rows at 0x7fbe1e3290a8
19:09:35 [79199] DBG:core:db_free_result: freeing result set at 0x7fbe1e329a48
19:09:35 [79199] DBG:auth:reserve_nonce_index: second= 13, sec_monit= 21,  index= 25
19:09:35 [79199] DBG:auth:challenge: nonce index= 25
19:09:35 [79199] DBG:auth:build_auth_hf: 'WWW-Authenticate: Digest realm="192.168.43.213", nonce="/PbvMcpVAUyvLPGoD8UF7nmXSQ31KbpEEztB12RHZ0QA",qop="auth"'
19:09:35 [79199] DBG:core:MD5StringArray: MD5 calculated: 5031da166136a122b0e237b032fa593e
19:09:35 [79199] DBG:core:parse_headers: flags=ffffffffffffffff
19:09:35 [79199] DBG:core:destroy_avp_list: destroying list 0x7fbe1c6ea758

加上密码正常登录

总结

opensips3.2已经推荐不要存明文密码了，但是鉴权的时候还是用到了，具体什么情况还是看看opensips的源码在做做总结。