< Previous by Date	Date Index	Next by Date >
	Thread Index	Next in Thread >

[reSIProcate] auth info in BYE same as INVITE 403 / advancedAuthenticateRequest() passes millsecond expires, but compares seconds

From: "Justin Matthews" <jmatthewsr@xxxxxxxxx>
Date: Sat, 3 Mar 2007 20:07:37 -0500

If DUM challenges an INVITE and then successfully authenticates a call and the UA then sends DUM a BYE and copies the auth info from the original INVITE, a 403 is returned because the Method portion of the request-uri is used in calculating A2 and the Method is now BYE and originally was INVITE.

Is this behavior by the UA sending the BYE completely against the spec(s), or should DUM be able to allow my app to decide whether to accept this kind of behavior?

Also, the call to advancedAuthenticateRequest in ServerAuthManager.cxx passes 3000 as a hard-coded expiration for the nonce value, is this meant to be 3 seconds?  The comparison on nonce expiration values is done in seconds in advancedAuthenticateRequest.  On a side note, how was the value of the expiration interval decided?

Thanks,

Justin

Follow-Ups:
- Re: [reSIProcate] auth info in BYE same as INVITE 403 / advancedAuthenticateRequest() passes millsecond expires, but compares seconds
  - From: Jason Fischl
- Re: [reSIProcate] auth info in BYE same as INVITE 403 /advancedAuthenticateRequest() passes millsecond expires, but compares seconds
  - From: Scott Godin

Prev by Date: Re: [reSIProcate] DNS blacklist/whitelist problem on resip 1.1 RC1
Next by Date: [reSIProcate] SipStack not sending the message to correct address
Previous by thread: Re: [reSIProcate] Probable memory leaks in DialogUsageManager::incomingProcess
Next by thread: Re: [reSIProcate] auth info in BYE same as INVITE 403 /advancedAuthenticateRequest() passes millsecond expires, but compares seconds
Index(es):
- Date
- Thread