[reSIProcate] Proxy-Authorization realm

[Matthias Moetje]

Hi,

 

I just came across a potential problem in resiprocate (or in our application).

 

The AclStore is currently inactive, so resiprocate - acting as a UAS - is asking for authentication for each message. When the client sends an INVITE, resiprocate answers with a 407 with:

 

Proxy-Authorization: Digest username="24",realm="terastation5.m.terasens.de",nonce="12835812933:5145d934c594a99a742360f04560d34d",uri="sip:250 at terastation5.m.terasens.de;user=phone",qop=auth,nc=00000001,cnonce="5b932ae2",response="e7c031b9

 

The client sends the correct Proxy-Authorization and the messages gets accepted. 

When the client sends BYE later, resiprocate sends a 407 with:

 

Proxy-Authorization: Digest username="24",realm="192.168.20.12",nonce="12835812948:e969ac8d7671b4c2c0a282b0c022fd91",uri="sip:250 at 192.168.20.12:5060;user=phone",qop=auth,nc=00000001,cnonce="7f21c771",response="3b861f089995dd78b0aa6e597cfd2

 

The realm does not match anymore and the client cannot authenticate. Is this behaviour correct or shouldn't resiprocate send the original realm value?

 

 

Thanks and best regards,

 

Matthias Moetje 



 

TERASENS GmbH
Augustenstraße 24
80333 Munich
GERMANY

 

Phone:
Fax:
e-mail:
Web:

	+49.89.143370-0
+49.89.143370-22
info at terasens.com <mailto:info at terasens.com> 
www.terasens.com <http://www.terasens.com/> 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.resiprocate.org/pipermail/resiprocate-devel/attachments/20071004/37452916/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 2937 bytes
Desc: image001.jpg
URL: <http://list.resiprocate.org/pipermail/resiprocate-devel/attachments/20071004/37452916/attachment.jpg>