I have been investigating more and more... pjsua register fine. IMS send WWW-Authenticate, pjsua responds with Authorization, without domain, and IMS responds OK: -> 18:34:29.249 pjsua_core.c TX 511 bytes Request msg REGISTER/cseq=32910 (tdta00c485c8) to UDP x.x.x.x:5060: (without auth) <-18:34:29.296 pjsua_core.c RX 529 bytes Response msg 401/REGISTER/cseq=32910 (rdata00c45464) from UDP x.x.x.x:5060: SIP/2.0 401 Unauthorized (WWW-Authenticate: Digest realm="xxx.xxx",domain="sip:xxx.xxx",nonce="xxxx",stale=false,qop="auth",algorithm=MD5) -> 18:34:29.296 pjsua_core.c TX 797 bytes Request msg REGISTER/cseq=32911 (tdta00c485c8) to UDP x.x.x.x:5060: (Authorization: Digest username="xxx at xxx.xxx", realm="xxx.xxx", nonce="xxx", uri="sip:xxx.xxx", response="xxx", algorithm=MD5, cnonce="xxx", qop=auth, nc=00000001 <- 18:34:29.359 pjsua_core.c RX 652 bytes Response msg 200/REGISTER/cseq=32911 (rdata00c45464) from UDP x.x.x.x:5060: SIP/2.0 200 OK There are a little problem with reregister 3GPP timeout (as expected due to the known issue #432 <http://trac.pjsip.org/repos/ticket/432> Support 3GPP refresh interval rule). Please if you solve this I can test with real enviroment. But real problem appear (I suspect) because the IMS has a SBC (Session Border Controller) that uses domain for routing calls. On an INVITE with same auth scheme, the call is stablished with a locution from IMS (183 early with media fine), and a 500 Internal server error. -> 10:40:52.733 pjsua_core.c TX 1027 bytes Request msg INVITE/cseq=6925 (tdta00c85f10) to UDP x.x.x.x:5060: <- 10:40:52.780 pjsua_core.c RX 304 bytes Response msg 100/INVITE/cseq=6925 (rdata00c45434) from UDP x.x.x.x:5060: SIP/2.0 100 Trying <- 10:40:52.827 pjsua_core.c RX 536 bytes Response msg 407/INVITE/cseq=6925 (rdata00c45434) from UDPx.x.x.x:5060: SIP/2.0 407 Proxy Authorization Required ( Proxy-Authenticate: Digest realm="xxx.xxx",domain="sip:xxx.xxx",nonce="xxx",stale=false,qop="auth",algorithm=MD5) -> 10:40:52.843 pjsua_core.c TX 350 bytes Request msg ACK/cseq=6925 (tdta00c8a610) to UDP x.x.x.x:5060: ACK SIP/2.0 -> 10:40:52.858 pjsua_core.c TX 1320 bytes Request msg INVITE/cseq=6926 (tdta00c85f10) to UDP x.x.x.x:5060: ( Proxy-Authorization: Digest username="xxx at xxx.xxx", realm="xxx.xx", nonce="xxx", uri="sip:xxx at xxx.xxx", response="xxx", algorithm=MD5, cnonce="xxx", qop=auth, nc=00000001) <- 10:40:53.015 pjsua_core.c RX 304 bytes Response msg 100/INVITE/cseq=6926 (rdata00c45434) from UDP x.x.x.x:5060: SIP/2.0 100 Trying <- 10:40:53.655 pjsua_core.c RX 882 bytes Response msg 183/INVITE/cseq=6926 (rdata00c45434) from UDP x.x.x.x:5060: SIP/2.0 183 Session Description -> 10:40:53.702 pjsua_core.c TX 401 bytes Request msg PRACK/cseq=6927 (tdta00c92bc0) to UDP x.x.x.x:5060: <- 10:40:53.780 pjsua_core.c RX 568 bytes Response msg 200/PRACK/cseq=6927 (rdata00c45434) from UDP x.x.x.x:5060: SIP/2.0 200 OK (Locution) <- 10:41:02.577 pjsua_core.c RX 426 bytes Response msg 500/INVITE/cseq=6926 (rdata00c45434) from UDP x.x.x.x:5060: SIP/2.0 500 Internal Server Error Reason: Q.850;cause=41;eri-location=3 -> 10:41:02.593 pjsua_core.c TX 330 bytes Request msg ACK/cseq=6926 (tdta00c92bc0) to UDP x.x.x.x:5060: Please could anybody help me to modify code to send "domain" field sended by IMS?... Seems that sip_auth_client.c has the code to make something with domain, but I dont know howto patch... ... [ #if PJSIP_AUTH_AUTO_SEND_NEXT!=0 if (!cached_auth->last_chal || pj_stricmp2(&hdr->scheme, "digest")) { cached_auth->last_chal = (pjsip_www_authenticate_hdr*) pjsip_hdr_clone(ses_pool, hdr); } else { /* Only update if the new challenge is "significantly different" * than the one in the cache, to reduce memory usage. */ const pjsip_digest_challenge *d1 = &cached_auth->last_chal->challenge.digest; const pjsip_digest_challenge *d2 = &hdr->challenge.digest; if (pj_strcmp(&d1->domain, &d2->domain) || pj_strcmp(&d1->realm, &d2->realm) || pj_strcmp(&d1->nonce, &d2->nonce) || pj_strcmp(&d1->opaque, &d2->opaque) || pj_strcmp(&d1->algorithm, &d2->algorithm) || pj_strcmp(&d1->qop, &d2->qop)) { cached_auth->last_chal = (pjsip_www_authenticate_hdr*) pjsip_hdr_clone(ses_pool, hdr); } } #endif ] Thanks in advance... Forwarded message ---------- From: segalion <segalion@xxxxxxxxx> Date: 2009/11/2 Subject: Problem with "407 Proxy Authorization Required" in IMS: Missing "Authentication domain" To: pjsip at lists.pjsip.org I was trying pjsua (1.4.5) with an IMS system, and I have a problem making outgoing calls, because IMS responds with 407 Proxy Authorization Required: [extract from wireshark inside 407 Proxy Authorization Required IMS response packet] Proxy-Authenticate: Digest realm="mydomain.net",domain="sip: mydomain.net ",nonce="c803a53ff76b7e11d8615f0015adc4e2",stale=false,qop="auth",algorithm=MD5 Authentication Scheme: Digest Realm: "mydomain.net" Authentication Domain: "sip:domain.net" Nonce Value: "c803a53ff76b7e11d8615f0015adc4e2" Stale Flag: false QOP: "auth" Algorithm: MD5 and pjsua make the second invite with proper MD5 authentication, but without "Authentication domain" field: [extract from wireshark pjsua Invite with MD5 auth] Authorization: Digest username="segalion at mydomain.es", realm=" mydomain.net", nonce="", uri="sip:999999999 at mydomain.es", response="" Authentication Scheme: Digest Username: "segalion at mydomain.es" Realm: "mydomain.net" Nonce Value: "" Authentication URI: "sip:999999999 at mydomain.es" Digest Authentication Response: "" k: replaces, 100rel, timer, norefersub x: 1800 Min-SE: 90 User-Agent: PJSUA v1.4.5/i686-pc-mingw32 [truncated] Proxy-Authorization: Digest username=" segalion at mydomain.es", realm="mydomain.net", nonce="c803a53ff76b7e11d8615f0015adc4e2", uri="sip:999999999 at mydomain.es", response="9bd8fc0a1488f95f51df5aff69fc3c4a", algorithm=M Authentication Scheme: Digest Username: "segalion at mydomain.es" Realm: "mydomain.net" Nonce Value: "c803a53ff76b7e11d8615f0015adc4e2" Authentication URI: "sip:999999999 at mydomain.es" Digest Authentication Response: "9bd8fc0a1488f95f51df5aff69fc3c4a" Algorithm: MD5 CNonce Value: "538f092c348f485cb882e34cb35924c5" QOP: auth Nonce Count: 00000001 As you can see pjsua miss "Authentication Domain", so IMS is not abble to finish the call (responds with 480 Temporaly not available). Please help me if this is a bug, or not standard field, or how to change pjsua code to support this... Thanks in advance.. PD: Finally, after a hard work, I could integrate voiceage g729 in pjsua w32-mingw enviroment!!!. Now, I need to solve this to test with IMS. Thanks in advance, and please help me with this.... -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/attachments/20110517/b7455f4f/attachment-0001.html>
