< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index Next in Thread >

RE: [reSIProcate] nonce delta incorrect when authenticating request


Sorry, this cast appears to be a local edit after a double-check of the svn
head.  

-justin

-----Original Message-----
From: Justin Matthews [mailto:jmatthewsr@xxxxxxxxx] 
Sent: Monday, July 24, 2006 5:51 PM
To: 'Scott Godin'; 'resiprocate-devel@xxxxxxxxxxxxxxxxxxx'
Subject: RE: [reSIProcate] nonce delta incorrect when authenticating request

Ahhh, right the problem is not in Timer, its in Helper.cxx:: 

SipMessage*
Helper::makeProxyChallenge(const SipMessage& request, const Data& realm,
bool useAuth, bool stale)
{
   Auth auth;
   auth.scheme() = "Digest";
   Data timestamp((unsigned int)(Timer::getTimeMs()/1000)); 

The unsigned int cast is changing this from 64 to 32 bits, which causes the
nonce param to be created with an invalid value.  The UAC sends back the
challenge response and advancedAuthenticateRequest() fails because the
getSystemTime there returns a 64-bit value.

Minor note: could you remove the two calls in timer.cxx::getSystemTime with
the single GetSystemTimeAsFileTime() call.  

Thanks,

-Justin

-----Original Message-----
From: Scott Godin [mailto:slgodin@xxxxxxxxxxxx] 
Sent: Monday, July 24, 2006 4:56 PM
To: Justin Matthews; resiprocate-devel@xxxxxxxxxxxxxxxxxxx
Subject: RE: [reSIProcate] nonce delta incorrect when authenticating request

Why would this cause a problem?  We use getSystemTime to make the
challenge nonce in the first place - so the expires delta calculations
are all relative to the local system.  Are you forming your nonce's from
outside of resip for some reason?

Scott

> -----Original Message-----
> From: resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto:resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of
> Justin Matthews
> Sent: Monday, July 24, 2006 3:41 PM
> To: resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> Subject: [reSIProcate] nonce delta incorrect when authenticating
> request
> 
> I believe the code, for windows only, in Timer.cxx::getSystemTime is
> causing helper.cxx::advancedAuthenticateRequest to fail due to the
> nonce time delta calculation.  For this scenario nonce is expected to
> most likely be the unix epoch timestamp, getSystemTime can be
> normalized to return the unix-style time on windows as follows.
> 
> UInt64
> Timer::getSystemTime()
> {
>     assert( sizeof(UInt64) == 64/8 );
>     UInt64 time=0;
> #if defined(WIN32)
>     FILETIME ft;
>       GetSystemTimeAsFileTime(&ft);
>     ULARGE_INTEGER li;
>     li.LowPart = ft.dwLowDateTime;
>     li.HighPart = ft.dwHighDateTime;
> 
>       /** Micro-second difference between windows and unix epoch time:
>         * 01.01.1970 - 01.01.1601 = 11644473600000000
>         */
>     time = (li.QuadPart/10) - 11644473600000000ULL; #else
>     struct timeval now;
>     gettimeofday( &now , NULL );
>     //assert( now );
>     time = now.tv_sec;
>     time = time*1000000;
>     time += now.tv_usec;
> #endif
>     return time;
> }
> 
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel@xxxxxxxxxxxxxxxxxxx
> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel