[reSIProcate] auth info in BYE same as INVITE 403 / advancedAuthenticateRequest() passes millsecond expires, but compares seconds
Jason Fischl
jason at counterpath.com
Mon Mar 5 10:23:53 CST 2007
On 3/3/07, Justin Matthews <jmatthewsr at gmail.com> wrote:
> If DUM challenges an INVITE and then successfully authenticates a call and
> the UA then sends DUM a BYE and copies the auth info from the original
> INVITE, a 403 is returned because the Method portion of the request-uri is
> used in calculating A2 and the Method is now BYE and originally was INVITE.
>
Can you clarify which user agent you are talking about in this case?
T1: UA1 sends INVITE to UA2 (dum)
T2: UA2 challenges with 407
T3: UA1 resend INVITE to UA2 with credentials
...
T4: UA1 sends BYE to UA2 (dum) copying credentials from INVITE
T5: UA2 sends 403
Is this the behavior you are seeing? In this case UA2 should send a
407 in T5 if the method is used to compute the nonce in T2.
Jason
>
>
> Is this behavior by the UA sending the BYE completely against the spec(s),
> or should DUM be able to allow my app to decide whether to accept this kind
> of behavior?
>
> Also, the call to advancedAuthenticateRequest in ServerAuthManager.cxx
> passes 3000 as a hard-coded expiration for the nonce value, is this meant to
> be 3 seconds? The comparison on nonce expiration values is done in seconds
> in advancedAuthenticateRequest. On a side note, how was the value of the
> expiration interval decided?
>
>
>
>
> Thanks,
>
>
>
> Justin
>
>
>
>
> _______________________________________________
> resiprocate-devel mailing list
> resiprocate-devel at list.resiprocate.org
> https://list.resiprocate.org/mailman/listinfo/resiprocate-devel
>
More information about the resiprocate-devel
mailing list