[reSIProcate] nonce delta incorrect when authenticating request
    Justin Matthews 
    jmatthewsr at yahoo.com
       
    Mon Jul 24 16:57:23 CDT 2006
    
    
  
Sorry, this cast appears to be a local edit after a double-check of the svn
head.  
-justin
-----Original Message-----
From: Justin Matthews [mailto:jmatthewsr at yahoo.com] 
Sent: Monday, July 24, 2006 5:51 PM
To: 'Scott Godin'; 'resiprocate-devel at list.sipfoundry.org'
Subject: RE: [reSIProcate] nonce delta incorrect when authenticating request
Ahhh, right the problem is not in Timer, its in Helper.cxx:: 
SipMessage*
Helper::makeProxyChallenge(const SipMessage& request, const Data& realm,
bool useAuth, bool stale)
{
   Auth auth;
   auth.scheme() = "Digest";
   Data timestamp((unsigned int)(Timer::getTimeMs()/1000)); 
The unsigned int cast is changing this from 64 to 32 bits, which causes the
nonce param to be created with an invalid value.  The UAC sends back the
challenge response and advancedAuthenticateRequest() fails because the
getSystemTime there returns a 64-bit value.
Minor note: could you remove the two calls in timer.cxx::getSystemTime with
the single GetSystemTimeAsFileTime() call.  
Thanks,
-Justin
-----Original Message-----
From: Scott Godin [mailto:slgodin at icescape.com] 
Sent: Monday, July 24, 2006 4:56 PM
To: Justin Matthews; resiprocate-devel at list.sipfoundry.org
Subject: RE: [reSIProcate] nonce delta incorrect when authenticating request
Why would this cause a problem?  We use getSystemTime to make the
challenge nonce in the first place - so the expires delta calculations
are all relative to the local system.  Are you forming your nonce's from
outside of resip for some reason?
Scott
> -----Original Message-----
> From: resiprocate-devel-bounces at list.sipfoundry.org
> [mailto:resiprocate-devel-bounces at list.sipfoundry.org] On Behalf Of
> Justin Matthews
> Sent: Monday, July 24, 2006 3:41 PM
> To: resiprocate-devel at list.sipfoundry.org
> Subject: [reSIProcate] nonce delta incorrect when authenticating
> request
> 
> I believe the code, for windows only, in Timer.cxx::getSystemTime is
> causing helper.cxx::advancedAuthenticateRequest to fail due to the
> nonce time delta calculation.  For this scenario nonce is expected to
> most likely be the unix epoch timestamp, getSystemTime can be
> normalized to return the unix-style time on windows as follows.
> 
> UInt64
> Timer::getSystemTime()
> {
>     assert( sizeof(UInt64) == 64/8 );
>     UInt64 time=0;
> #if defined(WIN32)
>     FILETIME ft;
> 	GetSystemTimeAsFileTime(&ft);
>     ULARGE_INTEGER li;
>     li.LowPart = ft.dwLowDateTime;
>     li.HighPart = ft.dwHighDateTime;
> 
> 	/** Micro-second difference between windows and unix epoch time:
> 	  * 01.01.1970 - 01.01.1601 = 11644473600000000
> 	  */
>     time = (li.QuadPart/10) - 11644473600000000ULL; #else
>     struct timeval now;
>     gettimeofday( &now , NULL );
>     //assert( now );
>     time = now.tv_sec;
>     time = time*1000000;
>     time += now.tv_usec;
> #endif
>     return time;
> }
> 
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel at list.sipfoundry.org
> https://list.sipfoundry.org/mailman/listinfo/resiprocate-devel
    
    
More information about the resiprocate-devel
mailing list