[asterisk-bugs] [JIRA] (ASTERISK-29667) Asterisk sends with the wrong Nonce to the Telecom operator for the Registration Packet.
Joshua C. Colp (JIRA)
noreply at issues.asterisk.org
Wed Sep 22 04:38:33 CDT 2021
[ https://issues.asterisk.org/jira/browse/ASTERISK-29667?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joshua C. Colp updated ASTERISK-29667:
--------------------------------------
Reference Notes: (was: Sample sip messages for the SIP registration.
No. Time Source Destination Protocol Length Info
3 2021-09-21 13:37:22.410347 10.10.10.10 10.10.20.20 SIP 634 Request: REGISTER sip:10.10.20.20 (1 binding) |
Frame 3: 634 bytes on wire (5072 bits), 634 bytes captured (5072 bits)
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 10.10.20.20
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (REGISTER)
Request-Line: REGISTER sip:10.10.20.20 SIP/2.0
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK700e676b
Max-Forwards: 70
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>
SIP to address: sip:68880888 at 10.10.20.20
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
CSeq: 377 REGISTER
Supported: replaces, timer
User-Agent: Telephony
Authorization: Digest username="68880888", realm="SIP-68889200", algorithm=MD5, uri="sip:10.10.20.20", nonce="bf272c5f1558befb11675e94def46b72", response="b03ac89127dd1fce96bbf3e563ab34b7"
Authentication Scheme: Digest
Username: "68880888"
Realm: "SIP-68889200"
Algorithm: MD5
Authentication URI: "sip:10.10.20.20"
Nonce Value: "bf272c5f1558befb11675e94def46b72"
Digest Authentication Response: "b03ac89127dd1fce96bbf3e563ab34b7"
Expires: 300
Contact: <sip:68880888 at 10.10.10.10:5060>
Contact URI: sip:68880888 at 10.10.10.10:5060
Content-Length: 0
No. Time Source Destination Protocol Length Info
4 2021-09-21 13:37:22.422771 10.10.20.20 10.10.10.10 SIP 472 Status: 401 Unauthorized |
Frame 4: 472 bytes on wire (3776 bits), 472 bytes captured (3776 bits)
Internet Protocol Version 4, Src: 10.10.20.20, Dst: 10.10.10.10
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (401)
Status-Line: SIP/2.0 401 Unauthorized
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK700e676b
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>;tag=bngrgl34
SIP to address: sip:68880888 at 10.10.20.20
SIP to tag: bngrgl34
CSeq: 377 REGISTER
User-Agent: ZTE-SoftSwitch
WWW-Authenticate: Digest realm="SIP-68889200",nonce="5b6847c6f2b05851070a7c10602cce87",ZTE-ID=694579d9636cb0748c101dfbc203134f
Authentication Scheme: Digest
Realm: "SIP-68889200"
Nonce Value: "5b6847c6f2b05851070a7c10602cce87"
ZTE-ID=694579d9636cb0748c101dfbc203134f
Content-Length: 0
No. Time Source Destination Protocol Length Info
5 2021-09-21 13:37:24.301300 10.10.10.10 10.10.20.20 SIP 634 Request: REGISTER sip:10.10.20.20 (1 binding) |
Frame 5: 634 bytes on wire (5072 bits), 634 bytes captured (5072 bits)
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 10.10.20.20
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (REGISTER)
Request-Line: REGISTER sip:10.10.20.20 SIP/2.0
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK700e676b
Max-Forwards: 70
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>
SIP to address: sip:68880888 at 10.10.20.20
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
CSeq: 377 REGISTER
Supported: replaces, timer
User-Agent: Telephony
Authorization: Digest username="68880888", realm="SIP-68889200", algorithm=MD5, uri="sip:10.10.20.20", nonce="bf272c5f1558befb11675e94def46b72", response="b03ac89127dd1fce96bbf3e563ab34b7"
Authentication Scheme: Digest
Username: "68880888"
Realm: "SIP-68889200"
Algorithm: MD5
Authentication URI: "sip:10.10.20.20"
Nonce Value: "bf272c5f1558befb11675e94def46b72"
Digest Authentication Response: "b03ac89127dd1fce96bbf3e563ab34b7"
Expires: 300
Contact: <sip:68880888 at 10.10.10.10:5060>
Contact URI: sip:68880888 at 10.10.10.10:5060
Content-Length: 0
No. Time Source Destination Protocol Length Info
6 2021-09-21 13:37:24.306410 10.10.20.20 10.10.10.10 SIP 472 Status: 401 Unauthorized |
Frame 6: 472 bytes on wire (3776 bits), 472 bytes captured (3776 bits)
Internet Protocol Version 4, Src: 10.10.20.20, Dst: 10.10.10.10
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (401)
Status-Line: SIP/2.0 401 Unauthorized
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK700e676b
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>;tag=bngrgl34
SIP to address: sip:68880888 at 10.10.20.20
SIP to tag: bngrgl34
CSeq: 377 REGISTER
User-Agent: ZTE-SoftSwitch
WWW-Authenticate: Digest realm="SIP-68889200",nonce="5b6847c6f2b05851070a7c10602cce87",ZTE-ID=694579d9636cb0748c101dfbc203134f
Authentication Scheme: Digest
Realm: "SIP-68889200"
Nonce Value: "5b6847c6f2b05851070a7c10602cce87"
ZTE-ID=694579d9636cb0748c101dfbc203134f
Content-Length: 0
No. Time Source Destination Protocol Length Info
7 2021-09-21 13:37:24.750605 10.10.10.10 10.10.20.20 SIP 634 Request: REGISTER sip:10.10.20.20 (1 binding) |
Frame 7: 634 bytes on wire (5072 bits), 634 bytes captured (5072 bits)
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 10.10.20.20
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (REGISTER)
Request-Line: REGISTER sip:10.10.20.20 SIP/2.0
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK700e676b
Max-Forwards: 70
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>
SIP to address: sip:68880888 at 10.10.20.20
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
CSeq: 377 REGISTER
Supported: replaces, timer
User-Agent: Telephony
Authorization: Digest username="68880888", realm="SIP-68889200", algorithm=MD5, uri="sip:10.10.20.20", nonce="bf272c5f1558befb11675e94def46b72", response="b03ac89127dd1fce96bbf3e563ab34b7"
Authentication Scheme: Digest
Username: "68880888"
Realm: "SIP-68889200"
Algorithm: MD5
Authentication URI: "sip:10.10.20.20"
Nonce Value: "bf272c5f1558befb11675e94def46b72"
Digest Authentication Response: "b03ac89127dd1fce96bbf3e563ab34b7"
Expires: 300
Contact: <sip:68880888 at 10.10.10.10:5060>
Contact URI: sip:68880888 at 10.10.10.10:5060
Content-Length: 0
No. Time Source Destination Protocol Length Info
8 2021-09-21 13:37:24.755641 10.10.20.20 10.10.10.10 SIP 472 Status: 401 Unauthorized |
Frame 8: 472 bytes on wire (3776 bits), 472 bytes captured (3776 bits)
Internet Protocol Version 4, Src: 10.10.20.20, Dst: 10.10.10.10
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (401)
Status-Line: SIP/2.0 401 Unauthorized
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK700e676b
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>;tag=bngrgl34
SIP to address: sip:68880888 at 10.10.20.20
SIP to tag: bngrgl34
CSeq: 377 REGISTER
User-Agent: ZTE-SoftSwitch
WWW-Authenticate: Digest realm="SIP-68889200",nonce="5b6847c6f2b05851070a7c10602cce87",ZTE-ID=694579d9636cb0748c101dfbc203134f
Authentication Scheme: Digest
Realm: "SIP-68889200"
Nonce Value: "5b6847c6f2b05851070a7c10602cce87"
ZTE-ID=694579d9636cb0748c101dfbc203134f
Content-Length: 0
No. Time Source Destination Protocol Length Info
9 2021-09-21 13:37:24.902966 10.10.10.10 10.10.20.20 SIP 634 Request: REGISTER sip:10.10.20.20 (1 binding) |
Frame 9: 634 bytes on wire (5072 bits), 634 bytes captured (5072 bits)
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 10.10.20.20
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (REGISTER)
Request-Line: REGISTER sip:10.10.20.20 SIP/2.0
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK5e0d1dec
Max-Forwards: 70
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>
SIP to address: sip:68880888 at 10.10.20.20
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
CSeq: 378 REGISTER
Supported: replaces, timer
User-Agent: Telephony
Authorization: Digest username="68880888", realm="SIP-68889200", algorithm=MD5, uri="sip:10.10.20.20", nonce="5b6847c6f2b05851070a7c10602cce87", response="debb78c805d7496603f05d30e88368e1"
Authentication Scheme: Digest
Username: "68880888"
Realm: "SIP-68889200"
Algorithm: MD5
Authentication URI: "sip:10.10.20.20"
Nonce Value: "5b6847c6f2b05851070a7c10602cce87"
Digest Authentication Response: "debb78c805d7496603f05d30e88368e1"
Expires: 300
Contact: <sip:68880888 at 10.10.10.10:5060>
Contact URI: sip:68880888 at 10.10.10.10:5060
Content-Length: 0
No. Time Source Destination Protocol Length Info
10 2021-09-21 13:37:25.422681 10.10.10.10 10.10.20.20 SIP 634 Request: REGISTER sip:10.10.20.20 (1 binding) |
Frame 10: 634 bytes on wire (5072 bits), 634 bytes captured (5072 bits)
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 10.10.20.20
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (REGISTER)
Request-Line: REGISTER sip:10.10.20.20 SIP/2.0
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK5e0d1dec
Max-Forwards: 70
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>
SIP to address: sip:68880888 at 10.10.20.20
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
CSeq: 378 REGISTER
Supported: replaces, timer
User-Agent: Telephony
Authorization: Digest username="68880888", realm="SIP-68889200", algorithm=MD5, uri="sip:10.10.20.20", nonce="5b6847c6f2b05851070a7c10602cce87", response="debb78c805d7496603f05d30e88368e1"
Authentication Scheme: Digest
Username: "68880888"
Realm: "SIP-68889200"
Algorithm: MD5
Authentication URI: "sip:10.10.20.20"
Nonce Value: "5b6847c6f2b05851070a7c10602cce87"
Digest Authentication Response: "debb78c805d7496603f05d30e88368e1"
Expires: 300
Contact: <sip:68880888 at 10.10.10.10:5060>
Contact URI: sip:68880888 at 10.10.10.10:5060
Content-Length: 0
No. Time Source Destination Protocol Length Info
11 2021-09-21 13:37:25.431774 10.10.20.20 10.10.10.10 SIP 472 Status: 401 Unauthorized |
Frame 11: 472 bytes on wire (3776 bits), 472 bytes captured (3776 bits)
Internet Protocol Version 4, Src: 10.10.20.20, Dst: 10.10.10.10
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (401)
Status-Line: SIP/2.0 401 Unauthorized
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK5e0d1dec
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>;tag=m9adgm59
SIP to address: sip:68880888 at 10.10.20.20
SIP to tag: m9adgm59
CSeq: 378 REGISTER
User-Agent: ZTE-SoftSwitch
WWW-Authenticate: Digest realm="SIP-68889200",nonce="511352bc0988bf25dc3a32a020edf0e0",ZTE-ID=8abc21ef719f49de422e35bd366acae7
Authentication Scheme: Digest
Realm: "SIP-68889200"
Nonce Value: "511352bc0988bf25dc3a32a020edf0e0"
ZTE-ID=8abc21ef719f49de422e35bd366acae7
Content-Length: 0
No. Time Source Destination Protocol Length Info
12 2021-09-21 13:37:26.474149 10.10.20.20 10.10.10.10 SIP 472 Status: 401 Unauthorized |
Frame 12: 472 bytes on wire (3776 bits), 472 bytes captured (3776 bits)
Internet Protocol Version 4, Src: 10.10.20.20, Dst: 10.10.10.10
User Datagram Protocol, Src Port: 5060, Dst Port: 5060
Session Initiation Protocol (401)
Status-Line: SIP/2.0 401 Unauthorized
Message Header
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK5e0d1dec
Call-ID: 76a211b70f1b7cba6cea00b93528dcf5 at 10.10.10.10
From: <sip:68880888 at 10.10.20.20>;tag=as0af0b750
SIP from address: sip:68880888 at 10.10.20.20
SIP from tag: as0af0b750
To: <sip:68880888 at 10.10.20.20>;tag=m9adgm59
SIP to address: sip:68880888 at 10.10.20.20
SIP to tag: m9adgm59
CSeq: 378 REGISTER
User-Agent: ZTE-SoftSwitch
WWW-Authenticate: Digest realm="SIP-68889200",nonce="511352bc0988bf25dc3a32a020edf0e0",ZTE-ID=8abc21ef719f49de422e35bd366acae7
Authentication Scheme: Digest
Realm: "SIP-68889200"
Nonce Value: "511352bc0988bf25dc3a32a020edf0e0"
ZTE-ID=8abc21ef719f49de422e35bd366acae7
Content-Length: 0
)
> Asterisk sends with the wrong Nonce to the Telecom operator for the Registration Packet.
> ----------------------------------------------------------------------------------------
>
> Key: ASTERISK-29667
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-29667
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/General, Channels/chan_sip/Registration
> Affects Versions: 16.17.0
> Environment: OS : CentOS Linux release 7.9.2009 (Core)
> Asterisk : Asterisk 16.17.0
> Chan_sip used
> Reporter: Vijo Jose
>
> I have a SIP trunk from a telecom operator which is registered on the Asterisk Box.
> Asterisk sends with the wrong Nonce to the Telecom operator for the Registration Packet and due to this the operator rejects the sip registration packet.
> Asterisk was supposed to send the registration request with Nonce received from the previous unauthorized from Telecom operator and with new Cseq number. But the same is not happening intermittently.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list