I am registering my client to kamailo successfully. client --> Register --> kamailioclient <-- 401 with nonce value <-- kamailioclient --> Register with nonce and md5 response values --> kamailioclient <-- 200ok <-- kamailio However, when the client sends an invite with the same digest values, kamailio sends a 407 request for another challenge: client --> Invite with the same nonce and md5 response values --> kamailioclient <-- 407 <-- kamailio I am thinking the same digest values from register could be used for making calls. Thanks,Al
Al S wrote
I am registering my client to kamailo successfully. client --> Register --> kamailioclient <-- 401 with nonce value <-- kamailioclient --> Register with nonce and md5 response values --> kamailioclient <-- 200ok <-- kamailio However, when the client sends an invite with the same digest values, kamailio sends a 407 request for another challenge: client --> Invite with the same nonce and md5 response values --> kamailioclient <-- 407 <-- kamailio I am thinking the same digest values from register could be used for making calls. Thanks,Al _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@.sip-router
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hi! Kamailio behave according to RFC in this point. Without this, if, you use e.g. UDP as a transport, the sip exchange can be eavesdropped, and man-in-a-middle get nonce from response and use it for INVITE - as a result get unauthorised access.
This is why Kamailio ask new authorisation in 407 (with new nonce) Cheers
-- View this message in context: http://sip-router.1086192.n5.nabble.com/sending-INVTE-with-Digest-values-tp1... Sent from the Users mailing list archive at Nabble.com.
-
Al S -
Vasiliy Ganchev