[asterisk-dev] Strange SIP packet

fadey at scancom.es fadey at scancom.es
Sat May 3 14:37:59 CDT 2008


Hi, everyone

I'm quite confused. Is this scenario (multiple digests in the same
REGISTER request) implemented in asterisk? I'm
not using multiple proxies. It's just one asterisk box. Below is the
full authorization attempt.

21:45:29.279524 IP 10.2.0.177.5060 > 192.168.0.4.5060: UDP, length 1347
E.._{...?.0.
............K.$REGISTER sip:192.168.0.4 SIP/2.0
From:
968268002<sip:968268002 at localhost>;tag=94b7ef58-a0200b1-13c4-45026-1b-e4c7add-1b
To: 968268002<sip:968268002 at localhost>
Call-ID: 94b7b630-a0200b1-13c4-45026-1b-58dc074f-1b
CSeq: 9859 REGISTER
Via: SIP/2.0/UDP 10.2.0.177:5060;branch=z9hG4bK-5ad5a-162d2ac4-358a1c45
Max-Forwards: 70
Supported: timer,replaces,join,100rel
User-Agent: ARRIS-TM501B release v.05.02.0X SN/0015A362C83A
Contact: 968268002<sip:968268002 at 10.2.0.177:5060>
Authorization: Digest
username="968268002",realm="asterisk",nonce="17556aad",uri="sip:192.168.0.4",response="1de97913ad8dbf7e8b07fa6f7ee41d3f",algorithm=MD5
Authorization: Digest
username="968268002",realm="asterisk",nonce="5fbf85be",uri="sip:192.168.0.4",response="86488521ebf8ee7f30ed8cb13aeabc7d",algorithm=MD5
Authorization: Digest
username="968268002",realm="asterisk",nonce="5a7661e3",uri="sip:192.168.0.4",response="ab901a9d83512f0362c8707db9f4919d",algorithm=MD5
Authorization: Digest
username="968268002",realm="asterisk",nonce="29dc7886",uri="sip:192.168.0.4",response="fdc28c3d521fa48adcdc928f681b479e",algorithm=MD5
Authorization: Digest
username="968268002",realm="asterisk",nonce="0b501d98",uri="sip:192.168.0.4",response="8cde4f1d13a32e7918572797f2691779",algorithm=MD5
Allow: INVITE,ACK,BYE,CANCEL,NOTIFY,PRACK,UPDATE,OPTIONS
Content-Length: 0



21:45:29.279709 IP 192.168.0.4.5060 > 10.2.0.177.5060: UDP, length 468
E....P.. at ..=....
..........LSIP/2.0 100 Trying
Via: SIP/2.0/UDP
10.2.0.177:5060;branch=z9hG4bK-5ad5a-162d2ac4-358a1c45;received=10.2.0.177
From:
968268002<sip:968268002 at localhost>;tag=94b7ef58-a0200b1-13c4-45026-1b-e4c7add-1b
To: 968268002<sip:968268002 at localhost>
Call-ID: 94b7b630-a0200b1-13c4-45026-1b-58dc074f-1b
CSeq: 9859 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Contact: <sip:968268002 at 192.168.0.4>
Content-Length: 0


21:45:29.279750 IP 192.168.0.4.5060 > 10.2.0.177.5060: UDP, length 527
E..+.Q.. at .......
...........SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP
10.2.0.177:5060;branch=z9hG4bK-5ad5a-162d2ac4-358a1c45;received=10.2.0.177
From:
968268002<sip:968268002 at localhost>;tag=94b7ef58-a0200b1-13c4-45026-1b-e4c7add-1b
To: 968268002<sip:968268002 at localhost>;tag=as59e75087
Call-ID: 94b7b630-a0200b1-13c4-45026-1b-58dc074f-1b
CSeq: 9859 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
WWW-Authenticate: Digest algorithm=MD5, realm="asterisk",
nonce="22f29aa8"
Content-Length: 0



21:45:29.310484 IP 10.2.0.177.5060 > 192.168.0.4.5060: UDP, length 1347
E.._{...?.0.
............K..REGISTER sip:192.168.0.4 SIP/2.0
From:
968268002<sip:968268002 at localhost>;tag=94b7ef58-a0200b1-13c4-45026-1b-e4c7add-1b
To: 968268002<sip:968268002 at localhost>
Call-ID: 94b7b630-a0200b1-13c4-45026-1b-58dc074f-1b
CSeq: 9860 REGISTER
Via: SIP/2.0/UDP 10.2.0.177:5060;branch=z9hG4bK-5ad5a-162d2ae2-4405e933
Max-Forwards: 70
Supported: timer,replaces,join,100rel
User-Agent: ARRIS-TM501B release v.05.02.0X SN/0015A362C83A
Contact: 968268002<sip:968268002 at 10.2.0.177:5060>
Authorization: Digest
username="968268002",realm="asterisk",nonce="5fbf85be",uri="sip:192.168.0.4",response="86488521ebf8ee7f30ed8cb13aeabc7d",algorithm=MD5
Authorization: Digest
username="968268002",realm="asterisk",nonce="5a7661e3",uri="sip:192.168.0.4",response="ab901a9d83512f0362c8707db9f4919d",algorithm=MD5
Authorization: Digest
username="968268002",realm="asterisk",nonce="29dc7886",uri="sip:192.168.0.4",response="fdc28c3d521fa48adcdc928f681b479e",algorithm=MD5
Authorization: Digest
username="968268002",realm="asterisk",nonce="0b501d98",uri="sip:192.168.0.4",response="8cde4f1d13a32e7918572797f2691779",algorithm=MD5
Authorization: Digest
username="968268002",realm="asterisk",nonce="22f29aa8",uri="sip:192.168.0.4",response="4ea4d79e138eadcdbbbb34d187fd67c2",algorithm=MD5
Allow: INVITE,ACK,BYE,CANCEL,NOTIFY,PRACK,UPDATE,OPTIONS
Content-Length: 0



21:45:29.310562 IP 192.168.0.4.5060 > 10.2.0.177.5060: UDP, length 468
E....R.. at ..;....
..........LSIP/2.0 100 Trying
Via: SIP/2.0/UDP
10.2.0.177:5060;branch=z9hG4bK-5ad5a-162d2ae2-4405e933;received=10.2.0.177
From:
968268002<sip:968268002 at localhost>;tag=94b7ef58-a0200b1-13c4-45026-1b-e4c7add-1b
To: 968268002<sip:968268002 at localhost>
Call-ID: 94b7b630-a0200b1-13c4-45026-1b-58dc074f-1b
CSeq: 9860 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Contact: <sip:968268002 at 192.168.0.4>
Content-Length: 0


21:45:29.310643 IP 192.168.0.4.5060 > 10.2.0.177.5060: UDP, length 539
E..7.S.. at .......
........#..SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP
10.2.0.177:5060;branch=z9hG4bK-5ad5a-162d2ae2-4405e933;received=10.2.0.177
From:
968268002<sip:968268002 at localhost>;tag=94b7ef58-a0200b1-13c4-45026-1b-e4c7add-1b
To: 968268002<sip:968268002 at localhost>;tag=as59e75087
Call-ID: 94b7b630-a0200b1-13c4-45026-1b-58dc074f-1b
CSeq: 9860 REGISTER
User-Agent: Asterisk PBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
WWW-Authenticate: Digest algorithm=MD5, realm="asterisk",
nonce="05d194fa", stale=true
Content-Length: 0




> The UAS (asterisk) should probably check the "nonce" fields in the various
> Authorization lines and the chose the line with that has a nonce value that
> it recognizes.
>
>
> rfc3261
> 22.3 Proxy-to-User Authentication
>
>    It is possible for multiple challenges associated with the same realm
>    to appear in the same 401 (Unauthorized) or 407 (Proxy Authentication
>    Required).
>
>    This can occur, for example, when multiple proxies within
>    the same administrative domain, which use a common realm, are reached
>    by a forking request.
>
>    When it retries a request, a UAC MAY therefore
>    supply multiple credentials in Authorization or Proxy-Authorization
>    header fields with the same "realm" parameter value.  The same
>    credentials SHOULD be used for the same realm.
>
>
> > -----Original Message-----
> > From: asterisk-dev-bounces at lists.digium.com [mailto:asterisk-dev-
> > bounces at lists.digium.com] On Behalf Of Klaus Darilion
> > Sent: Tuesday, April 22, 2008 6:04 AM
> > To: fadey at scancom.es; Asterisk Developers Mailing List
> > Subject: Re: [asterisk-dev] Strange SIP packet
> >
> > This is clearly a bug in the client. There should not bet multiple
> > Authorization headers with the same realm.
> >
> > regards
> > klaus
> >
> > fadey schrieb:
> > > Hi, everyone.
> > > I'm testing a SIP cable modem with asterisk. The REGISTER packet it
> > > sends has varios "Authorization" sections, which I have never seen
> > > before. Asterisk sends back "401 Unauthorized". I've checked username
> > > and password both in cable modem config and in asterisk sip.conf. They
> > > are correct. So, is the reason for "401 Unauthorized" those multiple
> > > "Authorization" sections? If anyone is more or less familiar with SIP,
> > > please could you take a look at the packet trace below. Is it ok?
> > > Thanks in advance.
> > >
> > > 15:06:48.346157 IP 10.2.0.63.5060 > 192.168.0.4.5060: UDP, length 1345
> > > E..]\...?.O.
> > > ..?.........I".REGISTER sip:192.168.0.4 SIP/2.0
> > > From:
> > > 968953939<sip:968953939 at localhost>;tag=94b7ef58-a02003f-13c4-45026-20-
> > 3eb775bd-20
> > > To: 968953939<sip:968953939 at localhost>
> > > Call-ID: 94b7b630-a02003f-13c4-45026-20-6733142f-20
> > > CSeq: 9898 REGISTER
> > > Via: SIP/2.0/UDP 10.2.0.63:5060;branch=z9hG4bK-63b06-185692fe-78a7e24
> > > Max-Forwards: 70
> > > Supported: timer,replaces,join,100rel
> > > User-Agent: ARRIS-TM501B release v.05.02.0X SN/0015960DBC24
> > > Contact: 968953939<sip:968953939 at 10.2.0.63:5060>
> > > Authorization: Digest
> > >
> > username="968953939",realm="asterisk",nonce="5e8e5c3a",uri="sip:192.168.0.
> > 4",response="918f7f23dd8ae8e8fc9465940e8914db",algorithm=MD5
> > > Authorization: Digest
> > >
> > username="968953939",realm="asterisk",nonce="5f3ff920",uri="sip:192.168.0.
> > 4",response="d3acf42b9afa65708936b525bb912f36",algorithm=MD5
> > > Authorization: Digest
> > >
> > username="968953939",realm="asterisk",nonce="60b3eb72",uri="sip:192.168.0.
> > 4",response="715c6da5586490ee90f16b39f57b98ac",algorithm=MD5
> > > Authorization: Digest
> > >
> > username="968953939",realm="asterisk",nonce="637cb9c0",uri="sip:192.168.0.
> > 4",response="49a55de9aab1776c1f7f081465a8c593",algorithm=MD5
> > > Authorization: Digest
> > >
> > username="968953939",realm="asterisk",nonce="2d73aae7",uri="sip:192.168.0.
> > 4",response="1dd245c05ade19d7d4fc85c21e5e86fe",algorithm=MD5
> > > Allow: INVITE,ACK,BYE,CANCEL,NOTIFY,PRACK,UPDATE,OPTIONS
> > > Content-Length: 0
> > >
> > >
> > > _______________________________________________
> > > --Bandwidth and Colocation Provided by http://www.api-digital.com--
> > >
> > > asterisk-dev mailing list
> > > To UNSUBSCRIBE or update options visit:
> > >    http://lists.digium.com/mailman/listinfo/asterisk-dev
> >
> > _______________________________________________
> > --Bandwidth and Colocation Provided by http://www.api-digital.com--
> >
> > asterisk-dev mailing list
> > To UNSUBSCRIBE or update options visit:
> >    http://lists.digium.com/mailman/listinfo/asterisk-dev
>




More information about the asterisk-dev mailing list