Sure, I can explain the background:
- I fixed the REGISTER request to use the domain of the AoR in the request URI, instead of the IP address of the registrar (in line with section 10.2 of RFC3261). In order to keep the ability to route based on IP address, the address of the registrar is now added as a Route header
The reason this is needed, is that standards-compliant registrars check the domain in the request URI. If it contains an IP address, some registrars are unable to match/process it (they may forward instead, and get into a forwarding loop)
- I filled in a 'todo' in the security classes, adding support for 'nc', 'cnonce' and 'qop' parameters. It could still be improved (e.g. 'cnonce' should be more random), but at least this way the client interworks with a server that sends a "qop" parameter. Again a step towards better RFC3261 compliancy
Emil Ivov wrote:
Done. Applied, committed and ack-ed. Thanks for sending your fixes over!
I've done some testing but I'd appreciate if you could also give it a
try and confirm that it works for you too.
In case you could spare the time, I'd be very interested in hearing some
more on the problems that you were seeing and the way your patch is
For example, I am not sure I completely understand the first change in
the SipRegistrarConnection class. Were there problems when the registrar
IP address was different from the domain name used in the user account?
Was it something else?
If you find the time to also share a few words on the security
improvements I'd love to hear this too.
Thanks again for contributing!
Jeroen van Bemmel wrote:
if(cnonce_value != null && qop_value != null
&& (qop_value.equals("auth") || (qop_value.equals("auth-int"))))
if(cnonce_value != null && qop_value != null && nc_value!=null
&& (qop_value.equalsIgnoreCase("auth") || (qop_value.equalsIgnoreCase("auth-int"))))
old (line 242)
request = sipProvider.getMessageFactory().createRequest(
String domain = ((SipURI) toHeader.getAddress().getURI()).getHost();
SipURI reqURI = sipProvider.getAddressFactory().createSipURI(null,domain);
request = sipProvider.getMessageFactory().createRequest( reqURI
+ the bit below JvB (adding the Route header)
for SipSecurityManager: see attached where it says 'jvb'
You could overwrite the files, and then diff against CVS (I don't have the tools at hand)
Emil Ivov wrote:
Hi guys, and thanks for sending the patches!
Jeroen, would it be possible for you to send your fixes in the form of
patch files (one or more its the same to me) against the latest
version of SIP Communicator.
I am not sure I am seeing all modifications in the java files you
sent - MessageDigestAlgorithm.java for example does not contain any
M. (Neo-Ranga) Ranganathan wrote:
I have sent them along to Emil (cc'd in this reply).
On 8/11/07, Jeroen van Bemmel <firstname.lastname@example.org> wrote:
I made some fixes to authentication & registration for SIP
communicator, see attached. Can you add them to the project? (I
dont have write access)
To unsubscribe, e-mail: email@example.com
For additional commands, e-mail: firstname.lastname@example.org