[Freeswitch-users] Forbidden using UDP, works with TCP/TLS

Mark Campbell-Smith mcampbellsmith at gmail.com
Thu Feb 18 00:22:54 PST 2010


Thanks for looking at that Brian.  If the token is not used, I assume
this is not the reason for FS rejecting the Registration attempt?

Also, when is stale=true set in the WWW-Authentication?  I notice that
for this device, I do not see stale=true, but for all my other
devices, I see stale=true (at least from the logs I've taken today).


On Tue, Feb 16, 2010 at 2:03 AM, Brian West <brian at freeswitch.org> wrote:
> Ok looks like the token is not used at all in digest auth.  This is the
> first time I have seen a device send back something other than auth or
> auth-int.
> /b
> On Feb 14, 2010, at 11:09 PM, Mark Campbell-Smith wrote:
>
> A little more testing.    I noticed that the Authorization field
> differs when TCP or UDP:
>
> UDP (fails)
> Digest username=\"2010\", realm=\"mydns.dyndns.org\",
> nonce=\"e5f119c6-19e9-11df-bd09-773b7a755f78\",
> uri=\"sip:mydns.dyndns.org:5060\",
> response=\"e37be3e49c159d4f98e8bd04b36f2bd7\", algorithm=MD5,
> qop=\"1fffcc9f\"
>
> TCP (works)
> Digest
> username=\"2010\",realm=\"mydns.dyndns.org\",nonce=\"5d9e75c2-19ea-11df-bd0b-773b7a755f78\",uri=\"sip:mydns.dyndns.org:5060\",algorithm=MD5,response=\"45ba55d3fbafcbf2bc2aa6418656ecc2\",qop=auth,nc=00000001,cnonce=\"3a650454\"
>
> Is qop = 1fffcc9f valid in SIP?  Does a cnonce need to be included also?
>
> FS sends qop=auth in the Unauthorized response.
>
> Thanks
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>




More information about the FreeSWITCH-users mailing list