[Sipp-users] opaque value in the authorisation header

[Martin.Klier]

Hello,

If case of authentication with <recv response="401" auth="true"> the 
authorisation header will be reinjected. In the following example you can see, 
that opaque value in the request  is too short. The opaque value has to be 
equal in the 401- Message and Register. A Registration is not possible.

Status-Line: SIP/2.0 401 Login fehlgeschlagen (inkorrekte Login-Daten)
    Message Header
        Via: SIP/2.0/UDP 
123.456.789.123:5061;rport=5061;branch=z9hG4bK-17543-1-2
        To: +123456789 
<sip:+123456...@test.tel.come>;tag=30b79c980afe10e09fea8e1f2cdede
            SIP Display info: +123456789
            SIP to address: sip:+123456...@test.tel.come
            SIP tag: 30b79c980afe10e09fea8e1f2cdede
        From: +123456789 <sip:+123456...@test.tel.come>;tag=1
            SIP Display info: +123456789
            SIP from address: sip:+123456...@test.tel.come
            SIP tag: 1
        Call-ID: 1-17543@123.456.789.123
        CSeq: 2 REGISTER
        WWW-Authenticate: Digest algorithm=MD5, 
nonce="3E322C31A6E28E4E00000000C47F7B63", 
opaque="q3c1ad7586c1ad75868f23a6eac1ad70b98630307851b1a2fadfd7d68d14157afd3b1848a3",
 qop="auth", realm="test.tel.come"
            Authentication Scheme: Digest
            algorithm=MD5
            nonce="3E322C31A6E28E4E00000000C47F7B63"
            
opaque="q3c1ad7586c1ad75868f23a6eac1ad70b98630307851b1a2fadfd7d68d14157afd3b1848a3"
            qop="auth"
            realm="test.tel.come"
        Content-Length: 0

    Request-Line: REGISTER sip:test.tel.come SIP/2.0
    Message Header
        Via: SIP/2.0/UDP 123.456.789.123:5061;rport;branch=z9hG4bK-17543-1-4
        CSeq: 3 REGISTER
        To: "+123456789" <sip:+123456...@test.tel.come>
            SIP Display info: "+123456789"
            SIP to address: sip:+123456...@test.tel.come
        [truncated] Authorization: Digest 
username="4991247825482",realm="test.tel.come",cnonce="6b8b4567",nc=00000001,qop=auth,uri="sip:217.94.70.134:5060",nonce="3E322C31A6E28E4E00000000C47F7B63",response="c31b01cdac0694fe0e2c38dd0f7e
            Authentication Scheme: Digest
            username="4991247825482"
            realm="test.tel.come"
            cnonce="6b8b4567"
            nc=00000001
            qop=auth
            uri="sip:217.xx.xx.xxx:5060"
            nonce="3E322C31A6E28E4E00000000C47F7B63"
            response="c31b01cdac0694fe0e2c38dd0f7eba2c"
            algorithm=MD5
            
opaque="q3c1ad7586c1ad75868f23a6eac1ad70b98630307851b1a2fadfd7d68d14157"
        Expires: 3600
        From:"+123456789" <sip:+123456...@test.tel.come>;tag=1
            SIP Display info: "+123456789"
            SIP from address: sip:+123456...@test.tel.come
            SIP tag: 1
        Call-ID: 1-17543@123.456.789.123
        Content-Length: 0
        User-Agent: kphone/4.0.2
        Allow-Events: dialog
        Contact:"+123456789" 
<sip:+123456789@123.456.789.123:5061;transport=udp>;methods="INVITE, MESSAGE, 
INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY, ACK, OK"
            SIP Display info: "+123456789"
            Contact-URI: sip:+123456789@123.456.789.123:5061;transport=udp
            Contact parameter: transport=udp>
            Contact parameter: methods="INVITE,
            Contact-URI: \n


Kind regards
Martin




------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2dcopy2
_______________________________________________
Sipp-users mailing list
Sipp-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sipp-users