Hi.
In UAC scenario I'm having "createAuthHeader: authentication must use MD5 or AKAv1-MD5" error case RFC8760 compatible UAS sends two WWW-Authenticate headers in 401, with MD5 on the second place. Is it possible to look for other WWW-
Authenticate headers that might have MD5?
Scenario is simulated with simple UAS xml, that is attached just for the case.
I checked v3.6.0-4-gcc24f9d-PCAP-RTPSTREAM and v3.7-dev-TLS-SCTP-PCAP-RTPSTREAM.
From 3261:
When resubmitting its request in response to a 401 (Unauthorized) or
407 (Proxy Authentication Required) that contains multiple
challenges, a UAC MAY include an Authorization value for each WWW-
Authenticate value and a Proxy-Authorization value for each Proxy-
Authenticate value for which the UAC wishes to supply a credential.
----------------------------------------------- 2020-09-22 14:18:04.430130
UDP message sent (498 bytes):
INVITE sip:12345678901@192.168.1.2:1023 SIP/2.0
Via: SIP/2.0/UDP 192.168.1.2:1036;branch=z9hG4bK-2030-1-0
From: sipp <sip:sipp-md5@192.168.1.2>;tag=1
To: <sip:12345678901@192.168.1.2:1023>
Call-ID: 1-2030@192.168.1.2
CSeq: 1 INVITE
Contact: sip:sipp-md5@192.168.1.2:1036
Max-Forwards: 100
Content-Type: application/sdp
Content-Length: 137
v=0
o=user1 53655765 2353687637 IN IP4 192.168.1.2
s=-
c=IN IP4 192.168.1.2
t=0 0
m=audio 6004 RTP/AVP 8
a=rtpmap:8 PCMA/8000
----------------------------------------------- 2020-09-22 14:18:04.430345
UDP message received [565] bytes :
SIP/2.0 401 Authorization Required
Via: SIP/2.0/UDP 192.168.1.2:1036;branch=z9hG4bK-2030-1-0
From: sipp <sip:sipp-md5@192.168.1.2>;tag=1
To: <sip:12345678901@192.168.1.2:1023>;tag=99638SIPpTag013
Call-ID: 1-2030@192.168.1.2
CSeq: 1 INVITE
Contact: <sip:192.168.1.2:1023;transport=UDP>
WWW-Authenticate: Digest realm="test.example.com", nonce="47ebe028cda119c35d4877b383027d28da013815", algorithm=SHA-256, qop="auth"
WWW-Authenticate: Digest realm="test.example.com", nonce="17ebe028cda119c35d4877b383027d28da013815", algorithm=MD5, qop="auth"
Content-Length: 0
----------------------------------------------- 2020-09-22 14:18:04.430432
UDP message sent (340 bytes):
ACK sip:12345678901@192.168.1.2:1023 SIP/2.0
Via: SIP/2.0/UDP 192.168.1.2:1036;branch=z9hG4bK-2030-1-0
From: sipp <sip:sipp-md5@192.168.1.2>;tag=1
To: <sip:12345678901@192.168.1.2:1023>;tag=99638SIPpTag013
Call-ID: 1-2030@192.168.1.2
CSeq: 1 ACK
Contact: sip:sipp-md5@192.168.1.2:1036
Max-Forwards: 100
Content-Length: 0
UAS scenario:
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE scenario SYSTEM "sipp.dtd">
<scenario name="Basic UAS with authentication">
<recv request="INVITE" />
<send><![CDATA[
SIP/2.0 401 Authorization Required
[last_Via:]
[last_From:]
[last_To:];tag=[pid]SIPpTag01[call_number]
[last_Call-ID:]
[last_CSeq:]
Contact: <sip:[local_ip]:[local_port];transport=[transport]>
WWW-Authenticate: Digest realm="test.example.com", nonce="47ebe028cda119c35d4877b383027d28da013815", algorithm=SHA-256, qop="auth"
WWW-Authenticate: Digest realm="test.example.com", nonce="17ebe028cda119c35d4877b383027d28da013815", algorithm=MD5, qop="auth"
Content-Length: [len]
]]>
</send>
<recv request="INVITE" >
</recv>
<send>
<![CDATA[
SIP/2.0 200 OK
[last_Via:]
[last_From:]
[last_To:];tag=[call_number]
[last_Call-ID:]
[last_CSeq:]
Contact: <sip:[local_ip]:[local_port];transport=[transport]>
Content-Length: 0
Expires: 180
]]>
</send>
</scenario>
Hi.
In UAC scenario I'm having "createAuthHeader: authentication must use MD5 or AKAv1-MD5" error case RFC8760 compatible UAS sends two WWW-Authenticate headers in 401, with MD5 on the second place. Is it possible to look for other WWW-
Authenticate headers that might have MD5?
Scenario is simulated with simple UAS xml, that is attached just for the case.
I checked v3.6.0-4-gcc24f9d-PCAP-RTPSTREAM and v3.7-dev-TLS-SCTP-PCAP-RTPSTREAM.
From 3261:
UAS scenario: