[sip-comm-dev] Re: SIP communicator patches


#1

Hi Jeroen,

I have sent them along to Emil (cc'd in this reply).

Regards,

Ranga

···

On 8/11/07, Jeroen van Bemmel <jbemmel@zonnet.nl> wrote:

Ranga,

I made some fixes to authentication & registration for SIP communicator, see
attached. Can you add them to the project? (I dont have write access)

Regards,
Jeroen

--
M. Ranganathan
"There are two ways to write error-free programs; only the third one
works." -- Alan Perlis
http://www.animenewsnetwork.com/encyclopedia/anime.php?id=1052

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#2

Hi guys, and thanks for sending the patches!

Jeroen, would it be possible for you to send your fixes in the form of
patch files (one or more its the same to me) against the latest version
of SIP Communicator.

I am not sure I am seeing all modifications in the java files you sent -
MessageDigestAlgorithm.java for example does not contain any jvb tags.

Thanks
Emil

M. (Neo-Ranga) Ranganathan wrote:

···

Hi Jeroen,

I have sent them along to Emil (cc'd in this reply).

Regards,

Ranga

On 8/11/07, Jeroen van Bemmel <jbemmel@zonnet.nl> wrote:

Ranga,

I made some fixes to authentication & registration for SIP communicator, see
attached. Can you add them to the project? (I dont have write access)

Regards,
Jeroen

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#3

Hello Jeroen,

Done. Applied, committed and ack-ed. Thanks for sending your fixes over!

I've done some testing but I'd appreciate if you could also give it a
try and confirm that it works for you too.

In case you could spare the time, I'd be very interested in hearing some
more on the problems that you were seeing and the way your patch is
resolving them.

For example, I am not sure I completely understand the first change in
the SipRegistrarConnection class. Were there problems when the registrar
IP address was different from the domain name used in the user account?
Was it something else?

If you find the time to also share a few words on the security
improvements I'd love to hear this too.

Thanks again for contributing!

Emil

Jeroen van Bemmel wrote:

···

Emil,

for MessageDigestAlgorithm:
old
        if(cnonce_value != null && qop_value != null
           && (qop_value.equals("auth") || (qop_value.equals("auth-int"))))

new
        if(cnonce_value != null && qop_value != null && nc_value!=null
           && (qop_value.equalsIgnoreCase("auth") ||
(qop_value.equalsIgnoreCase("auth-int"))))

for SipRegistrarConnection
old (line 242)
            request = sipProvider.getMessageFactory().createRequest(
                registrarURI

new
         String domain = ((SipURI)
toHeader.getAddress().getURI()).getHost();
         SipURI reqURI =
sipProvider.getAddressFactory().createSipURI(null,domain);
         request = sipProvider.getMessageFactory().createRequest( reqURI

+ the bit below JvB (adding the Route header)

for SipSecurityManager: see attached where it says 'jvb'

You could overwrite the files, and then diff against CVS (I don't have the
tools at hand)

Regards,
jeroen

Emil Ivov wrote:

Hi guys, and thanks for sending the patches!

Jeroen, would it be possible for you to send your fixes in the form of
patch files (one or more its the same to me) against the latest
version of SIP Communicator.

I am not sure I am seeing all modifications in the java files you
sent - MessageDigestAlgorithm.java for example does not contain any
jvb tags.

Thanks
Emil

M. (Neo-Ranga) Ranganathan wrote:

Hi Jeroen,

I have sent them along to Emil (cc'd in this reply).

Regards,

Ranga

On 8/11/07, Jeroen van Bemmel <jbemmel@zonnet.nl> wrote:

Ranga,

I made some fixes to authentication & registration for SIP
communicator, see attached. Can you add them to the project? (I
dont have write access)

Regards,
Jeroen

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#4

Hi Emil,

Sure, I can explain the background:

- I fixed the REGISTER request to use the domain of the AoR in the request URI, instead of the IP address of the registrar (in line with section 10.2 of RFC3261). In order to keep the ability to route based on IP address, the address of the registrar is now added as a Route header

The reason this is needed, is that standards-compliant registrars check the domain in the request URI. If it contains an IP address, some registrars are unable to match/process it (they may forward instead, and get into a forwarding loop)

- I filled in a 'todo' in the security classes, adding support for 'nc', 'cnonce' and 'qop' parameters. It could still be improved (e.g. 'cnonce' should be more random), but at least this way the client interworks with a server that sends a "qop" parameter. Again a step towards better RFC3261 compliancy

Regards,
Jeroen

Emil Ivov wrote:

···

Hello Jeroen,

Done. Applied, committed and ack-ed. Thanks for sending your fixes over!

I've done some testing but I'd appreciate if you could also give it a
try and confirm that it works for you too.

In case you could spare the time, I'd be very interested in hearing some
more on the problems that you were seeing and the way your patch is
resolving them.

For example, I am not sure I completely understand the first change in
the SipRegistrarConnection class. Were there problems when the registrar
IP address was different from the domain name used in the user account?
Was it something else?

If you find the time to also share a few words on the security
improvements I'd love to hear this too.

Thanks again for contributing!

Emil

Jeroen van Bemmel wrote:
  

Emil,

for MessageDigestAlgorithm:
old
        if(cnonce_value != null && qop_value != null
           && (qop_value.equals("auth") || (qop_value.equals("auth-int"))))

new
        if(cnonce_value != null && qop_value != null && nc_value!=null
           && (qop_value.equalsIgnoreCase("auth") || (qop_value.equalsIgnoreCase("auth-int"))))

for SipRegistrarConnection
old (line 242)
            request = sipProvider.getMessageFactory().createRequest(
                registrarURI

new
         String domain = ((SipURI) toHeader.getAddress().getURI()).getHost();
         SipURI reqURI = sipProvider.getAddressFactory().createSipURI(null,domain);
         request = sipProvider.getMessageFactory().createRequest( reqURI

+ the bit below JvB (adding the Route header)

for SipSecurityManager: see attached where it says 'jvb'

You could overwrite the files, and then diff against CVS (I don't have the tools at hand)

Regards,
jeroen

Emil Ivov wrote:
    

Hi guys, and thanks for sending the patches!

Jeroen, would it be possible for you to send your fixes in the form of
patch files (one or more its the same to me) against the latest
version of SIP Communicator.

I am not sure I am seeing all modifications in the java files you
sent - MessageDigestAlgorithm.java for example does not contain any
jvb tags.

Thanks
Emil

M. (Neo-Ranga) Ranganathan wrote:
      

Hi Jeroen,

I have sent them along to Emil (cc'd in this reply).

Regards,

Ranga

On 8/11/07, Jeroen van Bemmel <jbemmel@zonnet.nl> wrote:
        

Ranga,

I made some fixes to authentication & registration for SIP
communicator, see attached. Can you add them to the project? (I
dont have write access)

Regards,
Jeroen
          
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net