[Sipp-users] [ sipp-Bugs-2126228 ] authentication: nc is not incremented in a session

Sun, 05 Oct 2008 23:26:47 -0700 

Bugs item #2126228, was opened at 2008-09-24 13:43
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=637564&aid=2126228&group_id=104305

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Colaviti (colaviti)
Assigned to: Nobody/Anonymous (nobody)
Summary: authentication: nc is not incremented in a session

Initial Comment:
When using sipp as a client, the nc is not incremented for each request and so, 
the server rejects the request because it is considered as a replay.

If the same nonce is used for following requests, the nc MUST be incremented.

examples:

SIPP client                                server
       request without credentials ------------>
       <-----  401 with challenge
       request with credentials (nc=00000001)-->
       <-----  401 because bad password
       request with credentials (nc=00000001)-->
       <-----  400 rejected by server

it should be 
       request without credentials ------------>
       <-----  401 with challenge
       request with credentials (nc=00000001)-->
       <-----  401 because bad password
       request with credentials (nc=00000002)-->
       <-----  200 (if right password)
or 

       INVITE without credentials ------------>
       <-----  401 with challenge
       INVITE with credentials (nc=00000001)-->
       <-----  200
       ACK ----------------------------------->

       Subsequent REFER with credentials (nc=00000001)->
       <-----  400 rejected by server
it should be

       INVITE without credentials ------------>
       <-----  401 with challenge
       INVITE with credentials (nc=00000001)-->
       <-----  200
       ACK ----------------------------------->

       Subsequent REFER with credentials (nc=00000002)->
       <-----  200




----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=637564&aid=2126228&group_id=104305

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Sipp-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/sipp-users

Reply via email to