<div>Hi list !</div>
<div> </div>
<div>I'm building an agent and currently working on Digest authentication using auth and auth_db modules.</div>
<div>I'm trying to authenticate all requests for compliance test purpose.</div>
<div>It works fine with REGISTER but I can't authenticate for others methods like SUBSCRIBE, the module is looping authentication.</div>
<div> </div>
<div>This is a part of my config file :</div>
<div> </div>
<div> if (uri==myself) {<br> if (!www_authorize("", "subscriber")) {<br> www_challenge("", "0");<br> exit;<br> };</div>
<div> // others things</div>
<div> };</div>
<div> </div>
<div>And this is the requests / responses :</div>
<div> </div>
<div>
<p>REGISTER sip:sip.awl.test SIP/2.0<br>Call-ID: <a href="mailto:0f13c7c272f62943f2f6345c07249fcd@10.24.238.150">0f13c7c272f62943f2f6345c07249fcd@10.24.238.150</a><br>CSeq: 1 REGISTER<br>From: <sip:0000@sip.awl.test>;tag=9c0477b2<br>
To: <sip:0000@sip.awl.test><br>Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bKb71ee89041bd9f3631cf46a8fc76b46c<br>Max-Forwards: 70<br>Contact: <sip:0000@10.24.238.150:23456;transport=tcp>;expires=3600,<sip:0000@10.24.238.150:23456;transport=udp>;expires=3600<br>
Content-Length: 0</p>
<p>SIP/2.0 401 Unauthorized<br>Call-ID: <a href="mailto:0f13c7c272f62943f2f6345c07249fcd@10.24.238.150">0f13c7c272f62943f2f6345c07249fcd@10.24.238.150</a><br>CSeq: 1 REGISTER<br>From: <sip:0000@sip.awl.test>;tag=9c0477b2<br>
To: <sip:0000@sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696<br>Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bKb71ee89041bd9f3631cf46a8fc76b46c<br>WWW-Authenticate: Digest realm="sip.awl.test", nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35"<br>
Server: OpenSER (1.3.1-notls (i386/linux))<br>Content-Length: 0</p>
<p>REGISTER sip:sip.awl.test SIP/2.0<br>Call-ID: <a href="mailto:0f13c7c272f62943f2f6345c07249fcd@10.24.238.150">0f13c7c272f62943f2f6345c07249fcd@10.24.238.150</a><br>CSeq: 2 REGISTER<br>From: <sip:0000@sip.awl.test>;tag=9c0477b2<br>
To: <sip:0000@sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696<br>Max-Forwards: 70<br>Contact: <sip:0000@10.24.238.150:23456;transport=tcp>;expires=3600,<sip:0000@10.24.238.150:23456;transport=udp>;expires=3600<br>
Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bK4bff3e93bf1dc502db28c4d414e60b4f<br>Authorization: Digest response="efb87138e6340d7a80a1f13ef26821da",username="0000",realm="sip.awl.test",nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35",uri="sip:sip.awl.test",algorithm=MD5<br>
Content-Length: 0</p>
<p>SIP/2.0 200 OK<br>Call-ID: <a href="mailto:0f13c7c272f62943f2f6345c07249fcd@10.24.238.150">0f13c7c272f62943f2f6345c07249fcd@10.24.238.150</a><br>CSeq: 2 REGISTER<br>From: <sip:0000@sip.awl.test>;tag=9c0477b2<br>
To: <sip:0000@sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.8696<br>Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bK4bff3e93bf1dc502db28c4d414e60b4f<br>Contact: <sip:0000@10.24.238.150:23456;transport=udp>;expires=3600, <sip:0000@10.24.238.150:23456;transport=tcp>;expires=3600<br>
Server: OpenSER (1.3.1-notls (i386/linux))<br>Content-Length: 0</p>
<p>SUBSCRIBE sip:0000@sip.awl.test SIP/2.0<br>Call-ID: <a href="mailto:d27f913809ccfa308b497ce92c3d01ef@10.24.238.150">d27f913809ccfa308b497ce92c3d01ef@10.24.238.150</a><br>CSeq: 1 SUBSCRIBE<br>From: <sip:0000@sip.awl.test>;tag=3b68764f<br>
To: <sip:0000@sip.awl.test><br>Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bKae0ab5a2b4dd462eb139276b814b413c<br>Max-Forwards: 70<br>Contact: <<a href="http://sip:0000@10.24.238.150:23456">sip:0000@10.24.238.150:23456</a>><br>
Expires: 3600<br>Event: presence.winfo<br>Content-Length: 0</p></div>
<div>
<p>SIP/2.0 401 Unauthorized<br>Call-ID: <a href="mailto:d27f913809ccfa308b497ce92c3d01ef@10.24.238.150">d27f913809ccfa308b497ce92c3d01ef@10.24.238.150</a><br>CSeq: 1 SUBSCRIBE<br>From: <sip:0000@sip.awl.test>;tag=3b68764f<br>
To: <sip:0000@sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff<br>Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bKae0ab5a2b4dd462eb139276b814b413c<br>WWW-Authenticate: Digest realm="sip.awl.test", nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35"<br>
Server: OpenSER (1.3.1-notls (i386/linux))<br>Content-Length: 0</p>
<p>SUBSCRIBE sip:0000@sip.awl.test SIP/2.0<br>Call-ID: <a href="mailto:d27f913809ccfa308b497ce92c3d01ef@10.24.238.150">d27f913809ccfa308b497ce92c3d01ef@10.24.238.150</a><br>CSeq: 2 SUBSCRIBE<br>From: <sip:0000@sip.awl.test>;tag=3b68764f<br>
To: <sip:0000@sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff<br>Max-Forwards: 70<br>Contact: <<a href="http://sip:0000@10.24.238.150:23456">sip:0000@10.24.238.150:23456</a>><br>Expires: 3600<br>Event: presence.winfo<br>
Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bK0afcac1c88fce00c3bfca270ed379ee4<br>Authorization: Digest response="efb87138e6340d7a80a1f13ef26821da",username="0000",realm="sip.awl.test",nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35",uri="sip:sip.awl.test",algorithm=MD5<br>
Content-Length: 0</p>
<p>SIP/2.0 401 Unauthorized<br>Call-ID: <a href="mailto:d27f913809ccfa308b497ce92c3d01ef@10.24.238.150">d27f913809ccfa308b497ce92c3d01ef@10.24.238.150</a><br>CSeq: 2 SUBSCRIBE<br>From: <sip:0000@sip.awl.test>;tag=3b68764f<br>
To: <sip:0000@sip.awl.test>;tag=329cfeaa6ded039da25ff8cbb8668bd2.78ff<br>Via: SIP/2.0/UDP 10.24.238.150:23456;branch=z9hG4bK0afcac1c88fce00c3bfca270ed379ee4<br>WWW-Authenticate: Digest realm="sip.awl.test", nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35"<br>
Server: OpenSER (1.3.1-notls (i386/linux))<br>Content-Length: 0</p>
<p> </p>
<p> </p>
<p>As you can see, auth module always use nonce="4811de4caf098eb6f25ea5db9a788578a2d4be35" in its responses, for both register and subscribe.</p>
<p>thanks for your help,</p>
<p>Eric.</p></div>