Bugs item #1969445, was opened at 2008-05-22 09:09 Message generated for change (Settings changed) made by henningw You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1969445&group_id=139143
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: modules Group: ver devel Status: Open Resolution: None Priority: 5 Private: No Submitted By: Iaki Baz (ibc_sf) Assigned to: Nobody/Anonymous (nobody) >Summary: uri_db: check_to() should allow hex escaped username Initial Comment: To be RFC3261 compliant a SIP proxy should accept hex encoded username in any URI, this is: sip:[EMAIL PROTECTED] == sip:[EMAIL PROTECTED] For allowing this we must use, explicitely, the trnasformation $(rU{s.unescape.user}). Unfortunatelly RFC3261 allows this hex escaping in any URI (From uri, To uri, Contact uri...). But, is OpenSer ready to allow this escaped system globally? I don't think so. For example I send a REGISTER: ------------------- REGISTER sip:openser.org SIP/2.0 From: sip:[EMAIL PROTECTED];tag=18349ed0 To: sip:[EMAIL PROTECTED] Contact: sip:[EMAIL PROTECTED] ------------------- NOTE that "%3800" == "800". When OpenSer requires me authentication I send: ------------------- REGISTER sip:openser.org SIP/2.0 From: sip:[EMAIL PROTECTED];tag=18349ed0 To: sip:[EMAIL PROTECTED] Contact: sip:[EMAIL PROTECTED] Authorization: Digest username="800", uri="sip:openser.org", algorithm=MD5, realm="openser.org", nonce="45353832c42ccf694d4f4aad19e3da236a84dd4d", qop=auth, nc=00000001, cnonce="76fe7385", response="6f19337d47752e6bc60b689d2688793f" ------------------- NOTE that Digest username is "800" (it cannot be escaped). But in OpenSer I use "check_to()" to verify if Digest username is equal to username in "To" header, so "check_to()" will try to match "%3800" against "800" and it fails (it decides they are not equivalent while they do be). The only way to allow it is by modifying "check_to" C code. This is: the valid escenario described above (REGISTER with hex escaped "To" username) is not valid in OpenSer. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1969445&group_id=139143 _______________________________________________ Devel mailing list Devel@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/devel