Re: [Freeswitch-users] Problem with gateway registration

Tue, 06 Oct 2009 14:53:16 -0700

First off you have to fully understand how SIP authentication works the two authorization line are different because one is for a challenge and one is a response to a challenge. 

http://en.wikipedia.org/wiki/Digest_access_authentication


On Oct 6, 2009, at 4:22 PM, Nicolas Brenner wrote:
That happens with both gateways though, one works and the other doesn't. Would the rport have anything to do with the registration failing?
The big difference to me is that the working gateway replies a 401 Unauthorized containing:
WWW-Authenticate: Digest realm="pxextmy.redvoiss.net", nonce="4acac8fe248a9075a13773274684392a65a40240", qop="auth". 

Whereas the non-working gateway's 401 has:
WWW-Authenticate: Digest realm="216.72.10.39", nonce="4acac08249c439decb2bea539282faf755c80b0c".
What is this gateway? You might actually put the realm param INTO the gateway config for this gateway.
What does the qop parameter stand for? Apparently because of that parameter, FS sends a new REGISTER including this: 

Quality of Protection, qop is assumed auth if excluded.
Authorization: Digest username="xxxxxxxxx", realm="pxextmy.redvoiss.net ", nonce="4acac8fe248a9075a13773274684392a65a40240", cnonce="h1DCSizTEi2eMQAdCe9KJA", algorithm=MD5, uri="sip:pxextmy.redvoiss.net ", response="05adb2a7f9d7772e57dc846257484f5d", qop=auth, nc=00000001. 

This is a response to a challenge.
Instead, on the non-working gateway case, FS sends a REGISTER with this:
Authorization: Digest username="yyyyyyyyy", realm="216.72.10.39", nonce="4acac08249c439decb2bea539282faf755c80b0c", algorithm=MD5, uri="sip:216.72.10.39", response="8311db7666779df89d5223e16a611826". 

This is a challenge.
Notice the absence of the qop and nc parameters. I'm guessing the lack of those parameters causes the gateway (SIP server) to use another nonce and hence reject the mismatching REGISTER. 

Again challenge vs response.



BTW, registration from an X-Lite softphone works.


Thanks!

Nicolas



_______________________________________________
FreeSWITCH-users mailing list
[email protected]
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org

Reply via email to