[Asterisk-Dev] Authorization header not formatted properly when REGISTER msg is challenged (algorithm=MD5)

Tilghman Lesher tilghman at mail.jeffandtilghman.com
Thu Jul 22 21:26:12 MST 2004


On Thursday 22 July 2004 17:47, Rob Gagnon wrote:
> This is interesting....  You obviously are right, in that the
> quotes fix your problem.  The issue seems to stem from an
> inconsistency in RFC3261...
>
> Sections 20.27, and 20.44 show examples with the MD5 without
> quotes: Example:
>       Proxy-Authenticate: Digest realm="atlanta.com",
>       domain="sip:ss1.carrier.com", qop="auth",
>       nonce="f84f1cec41e6cbe5aea9c8e88d359",
>       opaque="", stale=FALSE, algorithm=MD5
>
> Now, in Section 25.1 (Basic Rules), the value for "algorithm" is
> shown to apparently require the quotes:
>    algorithm = "algorithm" EQUAL ( "MD5" / "MD5-sess" / token )

No inconsistency.  If the RFC writers had meant for the quotes to be
there, they would have written:

algorithm = "algorithm" EQUAL <"> ( "MD5" | "MD5-sess" | token ) <">

Take a look at the stated grammar for one of the other fields that has
quoted values, and you'll see the special notation.

-- 
Tilghman



More information about the asterisk-dev mailing list