[Users] 407 and algorithm=MD5
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Mon Feb 5 11:14:52 CET 2007
Hi Cesc,
actually this is the idea here. The key question is if both parties -
server and client- do use the default algorithm if non is explicitly set.
but this is not a problem from OpenSER point of view as it supports only
the MD5 algorithm :).
regards,
bogdan
Cesc wrote:
> I don't really understand who fails to do what ... but in any case, if
> MD5 is the default, neither openser proxy or the phone sending the
> invite should complain for a missing algorithm=MD5 parameter ... both
> should simply assume this value unless specified otherwise ... thus,
> the phone, when re-sending the INV with the authentication material,
> it should do so with MD5 algorithm ...
>
>
> Cesc
>
> On 2/1/07, Bruno Machado <bsmufu at yahoo.com.br> wrote:
>
>>
>> The section 3.2.1 (The WWW-Authenticate Response Header) from RFC
>> 2617 says:
>>
>> "algorithm
>> A string indicating a pair of algorithms used to produce the digest
>> and a checksum. If this is not present it is assumed to be "MD5".
>> "
>>
>> I send a INVITE to Openser but it send back a 407 (Proxy
>> Authentication).
>> The parameter response was OK. But, without the parameter
>> 'algorithm', the
>> proxy
>> didn't allow the authentication. It neither consult at Radius.
>> Looking at the RFC above, the SIP proxy must to use MD5 by default,
>> but it
>> don't accept the message without the parameter. Who needs to assume the
>> algorithm?
>> UAC or SIP Proxy?
>>
>> Can it be a bug of OpenSER? Or my interpretation is
>> wrong?
>>
>> Best regards.
>>
>> Bruno Machado
>>
>>
>>
>>
>> ----- Mensagem original ----
>> De: Bogdan-Andrei Iancu <bogdan at voice-system.ro>
>> Para: Bruno Machado <bsmufu at yahoo.com.br>
>> Cc: users at openser.org
>> Enviadas: Segunda-feira, 29 de Janeiro de 2007 14:21:31
>> Assunto: Re: [Users] 407 and algorithm=MD5
>>
>> Hi Bruno,
>>
>> you cannot configure to have the algorithm param added. If I'm not
>> wrong, the digest RFC says this is an optional param and the default
>> value is MD5.
>>
>> regards,
>> bogdan
>>
>> Bruno Machado wrote:
>>
>> > Hi.
>> >
>> > When I use the function proxy_challenge(), the 407 don't have the
>> > parameter 'algorithm=MD5'. Look below:
>> >
>> > ...
>> > Proxy-Authenticate: Digest realm="proxy.com.br",
>> > nonce="45be00f941f137ff037436c77f80a9531a02155f".
>> > ...
>> >
>> > How can I put this parameter in digest informations?
>> >
>> > ...
>> > Proxy-Authenticate: Digest realm="proxy.com.br",
>> > nonce="45be00f941f137ff037436c77f80a9531a02155f",
>> > algorithm="MD5".
>> > ...
>> >
>> >
>> > Thanks in advance.
>> >
>> > Bruno
>> >
>> > __________________________________________________
>> > Fale com seus amigos de graça com o novo Yahoo! Messenger
>> > http://br.messenger.yahoo.com/
>> >
>> >------------------------------------------------------------------------
>>
>> >
>> >_______________________________________________
>> >Users mailing list
>> >Users at openser.org
>> >http://openser.org/cgi-bin/mailman/listinfo/users
>> >
>> >
>>
>>
>>
>> __________________________________________________
>> Fale com seus amigos de graça com o novo Yahoo! Messenger
>> http://br.messenger.yahoo.com/
>> _______________________________________________
>> Users mailing list
>> Users at openser.org
>> http://openser.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
>
More information about the Users
mailing list