[ previous ] [ next ] [ threads ]
 To :  yate@v...
 From :  Bill Simon <bill@b...>
 Subject :  Re: Possible problem with qop=auth digest authentication
 Date :  Fri, 23 Dec 2011 10:14:55 -0500 (EST)
Can any Yate programmer or other expert tell me how to solve this problem? 

----- Original Message -----

> From: "Bill Simon" 
> To: yate@v...
> Sent: Wednesday, December 21, 2011 10:00:40 PM
> Subject: Possible problem with qop=auth digest authentication

> Yate gurus, I am trying to authenticate to a provider using
> MetaSwitch. The authorization is not working, and the provider
> suggests that it is a problem with our switch (Yate) not
> authenticating correctly. I am on the latest SVN of yate 3.3.3.

> After the initial invite, I get:

> SIP/2.0 401 Unauthorized
> WWW-Authenticate: Digest
> realm="domain",nonce="413eb806a9e9",stale=false,algorithm=MD5,qop="auth"
> Call-ID: 1171378329@domain
> CSeq: 2 INVITE

> Yate sends ACK for CSeq 2 and then a new INVITE:

> Call-ID: 1171378329@domain
> User-Agent: YATE/3.3.3
> Contact: ...
> Allow: ACK, INVITE, BYE, CANCEL, REGISTER, REFER, OPTIONS, INFO
> CSeq: 3 INVITE
> Authorization: Digest username="username", realm="domain",
> nonce="413eb806a9e9", uri="...",
> response="8bb8f371e3e9428d14a01da632f79984", algorithm=MD5,
> qop="auth", nc="00000001", cnonce="7aa1dc097d3ab938dd72adab4bf96134"

> Then the provider replies with 401 again:

> SIP/2.0 401 Unauthorized
> WWW-Authenticate: Digest
> realm="domain",nonce="413eb807a9ea",stale=false,algorithm=MD5,qop="auth"
> Call-ID: 1171378329@domain
> CSeq: 3 INVITE

> Yate sends ACK for CSeq 3 and then gives up:

>  YateSIPConnection::hangup() state=1 trans=0xdeea10
> error='noauth' code=401 reason='Unauthorized' [0xdcdad0]

> Connections to this provider without auth (IP auth only) work OK, but
> the provider wants us to authenticate.

> I saw an old message on the mailing list from 2011-March that Yate
> cannot handle qop=auth type authentication, but it looks like this
> functionality exists in version 3.3.3.

> Bill



Can any Yate programmer or other expert tell me how to solve this problem?



From: "Bill Simon" <bill@b...>
To: yate@v...
Sent: Wednesday, December 21, 2011 10:00:40 PM
Subject: Possible problem with qop=auth digest authentication

Yate gurus, I am trying to authenticate to a provider using MetaSwitch. The authorization is not working, and the provider suggests that it is a problem with our switch (Yate) not authenticating correctly. I am on the latest SVN of yate 3.3.3.

After the initial invite, I get:

SIP/2.0 401 Unauthorized
WWW-Authenticate: Digest realm="domain",nonce="413eb806a9e9",stale=false,algorithm=MD5,qop="auth"
Call-ID: 1171378329@domain
CSeq: 2 INVITE


Yate sends ACK for CSeq 2 and then a new INVITE:

Call-ID: 1171378329@domain
User-Agent: YATE/3.3.3
Contact: ...
Allow: ACK, INVITE, BYE, CANCEL, REGISTER, REFER, OPTIONS, INFO
CSeq: 3 INVITE
Authorization: Digest username="username", realm="domain", nonce="413eb806a9e9", uri="...", response="8bb8f371e3e9428d14a01da632f79984", algorithm=MD5, qop="auth", nc="00000001", cnonce="7aa1dc097d3ab938dd72adab4bf96134"


Then the provider replies with 401 again:

SIP/2.0 401 Unauthorized
WWW-Authenticate: Digest realm="domain",nonce="413eb807a9ea",stale=false,algorithm=MD5,qop="auth"
Call-ID: 1171378329@domain
CSeq: 3 INVITE

Yate sends ACK for CSeq 3 and then gives up:

<sip/4:ALL> YateSIPConnection::hangup() state=1 trans=0xdeea10 error='noauth' code=401 reason='Unauthorized' [0xdcdad0]


Connections to this provider without auth (IP auth only) work OK, but the provider wants us to authenticate.


I saw an old message on the mailing list from 2011-March that Yate cannot handle qop=auth type authentication, but it looks like this functionality exists in version 3.3.3.

Bill