[Serusers] MD5 Authentication Question

Andrew Ho andrewh at voicegenie.com
Tue Nov 23 01:18:05 CET 2004 

Hi all,

I'm trying to implement the MD5 digest authentication in my SIP client to
register with SER, and I sent and receive:

REGISTER sip:10.0.0.113:6060 SIP/2.0
Via: SIP/2.0/UDP 205.150.90.93:5060;branch=z9hG4bK0167f788a27be2
From:
<sip:VoiceGenie at 10.0.0.113:6060>;tag=AB7327E9-BD62-46F5-F2A0-55C60D2C15A3
To: <sip:VoiceGenie at 10.0.0.113:6060>
Max-Forwards: 70
CSeq: 1 REGISTER
Call-ID: ED2DD8A5-2A10-40F6-5BA1-27F0DE4456D1 at 205.150.90.93:5060
Contact: <sip:VoiceGenie at 205.150.90.93:5060>;expires=60
Content-Length: 0

SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 205.150.90.93:5060;branch=z9hG4bK0167f788a27be2
From:
<sip:VoiceGenie at 10.0.0.113:6060>;tag=AB7327E9-BD62-46F5-F2A0-55C60D2C15A3
To:
<sip:VoiceGenie at 10.0.0.113:6060>;tag=224edcece75971e271cb292defd4983a.bf0d
CSeq: 1 REGISTER
Call-ID: ED2DD8A5-2A10-40F6-5BA1-27F0DE4456D1 at 205.150.90.93:5060
WWW-Authenticate: Digest realm="iptel.org",
nonce="41a27b3b6184801b57dba727f73804c29f91f1b3"
Server: Sip EXpress router (0.8.14 (i386/linux))
Content-Length: 0
Warning: 392 10.0.0.113:6060 "Noisy feedback tells:  pid=9455
req_src_ip=205.150.90.93 req_src_port=5060 in_uri=sip:10.0.0.113:6060
out_uri=sip:10.0.0.113:6060 via_cnt==1"


Following RFC 2617,
A1 = admin:iptel.org:heslo
(where SER's default username:password pair "admin:heslo" are used, with
realm="iptel.org)
A2 = REGISTER:sip:10.0.0.113:6060
(where method="REGISTER" and digest-url="sip:10.0.0.113:6060" which agrees
with request URI, and note that SER is running at 10.0.0.113, port = 6060)

Response was calculated as
MD5( MD5(A1):nonce:MD5(A2) )

And my new REGISTER msg is:
REGISTER sip:10.0.0.113:6060 SIP/2.0
Via: SIP/2.0/UDP 205.150.90.93:5060;branch=z9hG4bK01683cc0a27be2
From:
<sip:VoiceGenie at 10.0.0.113:6060>;tag=A1C28CFF-9D16-47DD-059A-0E8F88F7F4AE
To: <sip:VoiceGenie at 10.0.0.113:6060>
Max-Forwards: 70
CSeq: 2 REGISTER
Call-ID: 30EB6AEA-9A88-4D34-1E92-5050F566665B at 205.150.90.93:5060
Contact: <sip:VoiceGenie at 205.150.90.93:5060>;expires=60
Content-Length: 0
Authorization: Digest username="admin", realm="iptel.org",
nonce="41a27b3b6184801b57dba727f73804c29f91f1b3", uri="sip:10.0.0.113:6060",
response="55a3888ff8ff7e8a9b31e38091effe21"

But I still get another 401 Unauthorized response ...
I'm pretty sure my A1 is correct. Could it be my A2 where method shouldn't
be REGISTER? Or may be the digest-uri is wrong?

Thank you in advance.
Andrew Ho
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20041122/19815008/attachment.htm>

More information about the sr-users mailing list