[Freeswitch-users] Registration problem after attempting to install mod_opal and updating to latest git pull
Michael Collins
msc at freeswitch.org
Sat Feb 11 00:01:55 MSK 2012
On Fri, Feb 10, 2012 at 12:50 PM, Phil Quesinberry <
philq at qsystemsengineering.com> wrote:
> **
>
> *Ok, here's part of the sip trace as requested. I won't have time to
> sanitize the whole thing until later but in the meantime, here's an
> interesting excerpt that I wanted to make a few comments on:*
>
> *First, notice the "Unauthorized" response to the first registration
> attempt but the next attempt is successful. This has actually been going
> on as long as I can remember with this particular provider.*
>
As far as the auth goes I believe it is required to have the registrar send
out the 401 first because it contains a nonce that assists in keeping the
communication relatively secure. If I could send a single REG and magically
authenticate then that would make a SIP replay attack really easy.
If I understand all this correctly, the registrar sending a 401
"Unauthorized" does not mean, "Go away." Rather it means, "I'm not gonna
let you in unless you give me the magic password. Here's a nonce to help
you calculate the proper digest. I'm waiting for your next REGISTER message
with the appropriate Authorization header."
I'll have to defer to those more experienced than I on the rest of the post.
-MC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120210/beb1d98b/attachment.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list