Richard, as part of the RFC8760 work we've changed nonce algorithm to be more secure and do not expose as much info to a potential attacker starting with 3.1. It also prevents qop/algorithm "downgrade" attacks on a stateless proxy. But as Bogdan pointed out, there are some options to ignore validation of nonce and just verify digest, which might provide some help in your situation.
-Maksym On Wed, Nov 2, 2022, 11:18 AM Richard Revels via Users < users@lists.opensips.org> wrote: > If I set a nonce password on a opensips 3.x proxy and the same one on > opensips 2.x proxy it is expected behaviour that it still wont match if > call starts on opensips 2, is challenged, then INVITE is sent to opensips 3 > proxy? > > > > [image: BandwidthMaroon.png] > > > > Richard Revels • System Architect II > > 900 Main Campus Drive, Suite 100, Raleigh, NC 27606 > > > > m: 919-578-3421 • o: 919-727-4614 > > e: rrev...@bandwidth.com > _______________________________________________ > Users mailing list > Users@lists.opensips.org > http://lists.opensips.org/cgi-bin/mailman/listinfo/users >
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users
