Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SIP Digest authentication failed when the qop directive present in the challenge #129

Open
Jane-Fan opened this issue Aug 31, 2018 · 2 comments

Comments

@Jane-Fan
Copy link

The sip registration fails sometime via aiosip.auth.py.

The aiosip/auth.py computes the response correctly when the qop directive value is not specified.
It should also include the scenario that the qop directive value is present. The response is calculated differently based on qop directive value.

For example, if the qop directive value is not present,
response=MD5(HA1:nonce:HA2)
If the qop is "auth" or "auth-int",
response=MD5(HA1:nonce:nonceCount:cnonce:qop:HA2)
Please refer the link [details](https://en.wikipedia.org/wiki/Digest_access_authentication.

 @classmethod
 def from_authenticate_header(cls, authenticate, method, uri, username, password):
     if authenticate.startswith('Digest'):
         params = {
             'username': username,
             'uri': uri
         }

         params.update(cls.__parse_digest(authenticate))
         auth = cls(mode='Digest', **params)
         ha1 = md5digest(username, auth['realm'], password)
         ha2 = md5digest(method, uri)
         try:
             qop = auth['qop']
         except KeyError:
             auth['response'] = md5digest(ha1, auth['nonce'], ha2)
         else:
             auth['nc'] = '00000001'
             auth['cnonce'] = '0a4f113b'
             auth['response'] = md5digest(
                 ha1, auth['nonce'], auth['nc'], auth['cnonce'], qop, ha2
             )
     else:
         raise ValueError('Authentication method not supported')
     return auth
@ovv
Copy link
Contributor

ovv commented Aug 31, 2018

I believe your are looking for #125

It isn't yet on master since I haven't had time to get back into aiosip much. Please let me know if #125 work as expected for you

@Jane-Fan
Copy link
Author

Jane-Fan commented Sep 6, 2018

Thanks, the #125 works for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants