private SIPRequest GetAuthenticatedRegistrationRequest(SIPRequest registerRequest, SIPResponse sipResponse) { try { SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest; string username = (m_authUsername != null) ? m_authUsername : m_sipAccountAOR.User; authRequest.SetCredentials(username, m_password, registerRequest.URI.ToString(), SIPMethodsEnum.REGISTER.ToString()); SIPRequest regRequest = registerRequest.Copy(); regRequest.LocalSIPEndPoint = registerRequest.LocalSIPEndPoint; regRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId(); regRequest.Header.From.FromTag = CallProperties.CreateNewTag(); regRequest.Header.To.ToTag = null; regRequest.Header.CSeq = ++m_cseq; regRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest); regRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest; return(regRequest); } catch (Exception excp) { logger.LogError("Exception GetAuthenticatedRegistrationRequest. " + excp.Message); throw excp; } }
private SIPRequest GetAuthenticatedRegistrationRequest(SIPRequest registerRequest, SIPResponse sipResponse) { SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest; string username = (m_authUsername != null) ? m_authUsername : m_sipAccountAOR.User; authRequest.SetCredentials(username, m_password, registerRequest.URI.ToString(), SIPMethodsEnum.REGISTER.ToString()); if (!this.m_realm.IsNullOrBlank()) { authRequest.Realm = this.m_realm; } SIPRequest regRequest = registerRequest.Copy(); regRequest.SetSendFromHints(registerRequest.LocalSIPEndPoint); regRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId(); regRequest.Header.From.FromTag = CallProperties.CreateNewTag(); regRequest.Header.To.ToTag = null; regRequest.Header.CSeq = ++m_cseq; regRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest); regRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest; return(regRequest); }
private SIPRequest GetAuthenticatedRequest(SIPRequest originalRequest, SIPResponse sipResponse) { try { SIPAuthorisationDigest digest = sipResponse.Header.AuthenticationHeader.SIPDigest; m_lastServerNonce = digest.Nonce; string username = (m_callDescriptor.AuthUsername != null) ? m_callDescriptor.AuthUsername : m_callDescriptor.Username; digest.SetCredentials(username, m_callDescriptor.Password, originalRequest.URI.ToString(), originalRequest.Method.ToString()); SIPRequest authRequest = originalRequest.Copy(); authRequest.SetSendFromHints(originalRequest.LocalSIPEndPoint); authRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId(); authRequest.Header.From.FromTag = CallProperties.CreateNewTag(); authRequest.Header.To.ToTag = null; authRequest.Header.CallId = CallProperties.CreateNewCallId(); authRequest.Header.CSeq = originalRequest.Header.CSeq + 1; authRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(digest); authRequest.Header.AuthenticationHeader.SIPDigest.Response = digest.Digest; return(authRequest); } catch (Exception excp) { logger.LogError("Exception SIPNonInviteClientUserAgent GetAuthenticatedRequest. " + excp.Message); throw; } }
private Task <SocketError> ByeServerFinalResponseReceived(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPTransaction sipTransaction, SIPResponse sipResponse) { try { logger.LogDebug("Response " + sipResponse.StatusCode + " " + sipResponse.ReasonPhrase + " for " + sipTransaction.TransactionRequest.URI.ToString() + "."); SIPNonInviteTransaction byeTransaction = sipTransaction as SIPNonInviteTransaction; if ((sipResponse.Status == SIPResponseStatusCodesEnum.ProxyAuthenticationRequired || sipResponse.Status == SIPResponseStatusCodesEnum.Unauthorised) && SIPAccount != null) { // Resend BYE with credentials. SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest; SIPURI contactUri = sipResponse.Header.Contact.Any() ? sipResponse.Header.Contact[0].ContactURI : sipResponse.Header.From.FromURI; authRequest.SetCredentials(SIPAccount.SIPUsername, SIPAccount.SIPPassword, contactUri.ToString(), SIPMethodsEnum.BYE.ToString()); SIPRequest authByeRequest = byeTransaction.TransactionRequest; authByeRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest); authByeRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest; authByeRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId(); authByeRequest.Header.CSeq = authByeRequest.Header.CSeq + 1; SIPNonInviteTransaction authByeTransaction = new SIPNonInviteTransaction(m_sipTransport, authByeRequest, null); authByeTransaction.SendRequest(); } return(Task.FromResult(SocketError.Success)); } catch (Exception excp) { logger.LogError("Exception ByServerFinalResponseReceived. " + excp.Message); return(Task.FromResult(SocketError.Fault)); } }
private void ByeServerFinalResponseReceived(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPTransaction sipTransaction, SIPResponse sipResponse) { try { Log_External(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.UserAgentServer, SIPMonitorEventTypesEnum.DialPlan, "Response " + sipResponse.StatusCode + " " + sipResponse.ReasonPhrase + " for " + sipTransaction.TransactionRequest.URI.ToString() + ".", Owner)); SIPNonInviteTransaction byeTransaction = sipTransaction as SIPNonInviteTransaction; byeTransaction.NonInviteTransactionFinalResponseReceived -= ByeServerFinalResponseReceived; if ((sipResponse.Status == SIPResponseStatusCodesEnum.ProxyAuthenticationRequired || sipResponse.Status == SIPResponseStatusCodesEnum.Unauthorised) && SIPAccount != null) { // Resend BYE with credentials. SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest; SIPURI contactUri = sipResponse.Header.Contact.Any() ? sipResponse.Header.Contact[0].ContactURI : sipResponse.Header.From.FromURI; authRequest.SetCredentials(SIPAccount.SIPUsername, SIPAccount.SIPPassword, contactUri.ToString(), SIPMethodsEnum.BYE.ToString()); SIPRequest authByeRequest = byeTransaction.TransactionRequest; authByeRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest); authByeRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest; authByeRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId(); authByeRequest.Header.CSeq = authByeRequest.Header.CSeq + 1; SIPNonInviteTransaction bTransaction = m_sipTransport.CreateNonInviteTransaction(authByeRequest, null, localSIPEndPoint, null); bTransaction.SendReliableRequest(); } } catch (Exception excp) { Log_External(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.UserAgentClient, SIPMonitorEventTypesEnum.Error, "Exception ByServerFinalResponseReceived. " + excp.Message, Owner)); } }
/// <summary> /// Cancels an in progress call. This method should be called prior to the remote user agent server answering the call. /// </summary> public void Cancel() { try { m_callCancelled = true; // Cancel server call. if (m_serverTransaction == null) { logger.LogDebug("Cancelling forwarded call leg " + m_sipCallDescriptor.Uri + ", server transaction has not been created yet no CANCEL request required."); } else if (m_cancelTransaction != null) { if (m_cancelTransaction.TransactionState != SIPTransactionStatesEnum.Completed) { logger.LogDebug("Call " + m_serverTransaction.TransactionRequest.URI.ToString() + " has already been cancelled once, trying again."); m_cancelTransaction.SendRequest(); } else { logger.LogDebug("Call " + m_serverTransaction.TransactionRequest.URI.ToString() + " has already responded to CANCEL, probably overlap in messages not re-sending."); } } else //if (m_serverTransaction.TransactionState == SIPTransactionStatesEnum.Proceeding || m_serverTransaction.TransactionState == SIPTransactionStatesEnum.Trying) { logger.LogDebug("Cancelling forwarded call leg, sending CANCEL to " + m_serverTransaction.TransactionRequest.URI.ToString() + "."); // No response has been received from the server so no CANCEL request necessary, stop any retransmits of the INVITE. m_serverTransaction.CancelCall(); SIPRequest cancelRequest = GetCancelRequest(m_serverTransaction.TransactionRequest); // If auth header is included inside INVITE request, we re-include them inside CANCEL request if (m_serverTransaction.TransactionRequest.Header.HasAuthenticationHeader) { string username = (m_sipCallDescriptor.AuthUsername == null || m_sipCallDescriptor.AuthUsername.Trim().Length <= 0 ? m_sipCallDescriptor.Username : m_sipCallDescriptor.AuthUsername); SIPAuthorisationDigest authDigest = m_serverTransaction.TransactionRequest.Header.AuthenticationHeaders.First().SIPDigest; authDigest.SetCredentials(username, m_sipCallDescriptor.Password, m_sipCallDescriptor.Uri, SIPMethodsEnum.CANCEL.ToString()); var authHeader = new SIPAuthenticationHeader(authDigest); authHeader.SIPDigest.IncrementNonceCount(); authHeader.SIPDigest.Response = authDigest.GetDigest(); cancelRequest.Header.AuthenticationHeaders.Clear(); cancelRequest.Header.AuthenticationHeaders.Add(authHeader); } m_cancelTransaction = new SIPNonInviteTransaction(m_sipTransport, cancelRequest, m_outboundProxy); m_cancelTransaction.SendRequest(); } CallFailed?.Invoke(this, "Call cancelled by user.", null); } catch (Exception excp) { logger.LogError("Exception CancelServerCall. " + excp.Message); } }
public void ParseWWWAuthenticateDigestTest() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"Digest realm=""aol.com"",nonce=""48e7541d4339e27ee7b520a4bf8a8e3c4fffcb90"",qop=""auth"",opaque=""004533235332435434ffac663e"",algorithm=MD5"); Assert.IsTrue(authRequest.Realm == "aol.com", "The authorisation realm was not parsed correctly."); Assert.IsTrue(authRequest.Nonce == "48e7541d4339e27ee7b520a4bf8a8e3c4fffcb90", "The authorisation nonce was not parsed correctly."); Assert.IsTrue(authRequest.Qop == "auth", "The authorisation qop was not parsed correctly."); Assert.IsTrue(authRequest.Opaque == "004533235332435434ffac663e", "The authorisation opaque was not parsed correctly."); Console.WriteLine("-----------------------------------------"); }
public void KnownRegisterDigestTest() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaron", "password", "sip:blueface", "1c8192c9", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue("08881d1d56c0b21f11d19f4067da7045" == digest, "Digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
public void KnownDigestTest2() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaronxten2", "password", "sip:[email protected]", "4a4ad124", "INVITE"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(true, "True was false."); Console.WriteLine("-----------------------------------------"); }
public void KnownDigestTestObscureChars2() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "sip.blueface.ie", "aaronxten", "_*!$%^()\"", "sip:sip.blueface.ie", "1263192143", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(digest == "54b08b70ed1976068b9e18d38ea59849", "The digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
public void KnownDigestTestObscureChars() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "sip.blueface.ie", "aaronnetgear", "!\"$%^&*()_-+=}[{]~#@':;?><,.", "sip:sip.blueface.ie:5060", "1430352056", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(digest == "500fd998b609a0f24b45edfe190f2a17", "The digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
public void KnownDigestTestObscureChars() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "sip.blueface.ie", "aaronnetgear", "!\"$%^&*()_-+=}[{]~#@':;?><,.", "sip:sip.blueface.ie:5060", "1430352056", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(digest == "500fd998b609a0f24b45edfe190f2a17", "The digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
public void KnownDigestTestObscureChars2() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "sip.blueface.ie", "aaronxten", "_*!$%^()\"", "sip:sip.blueface.ie", "1263192143", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(digest == "54b08b70ed1976068b9e18d38ea59849", "The digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
public void KnownDigestTest2() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaronxten2", "password", "sip:[email protected]", "4a4ad124", "INVITE"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(true, "True was false."); Console.WriteLine("-----------------------------------------"); }
public void KnownRegisterDigestTest2() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaron", "password", "sip:blueface", "1c3c7a97", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue("1ef20beed71043225873e4f6712e4922" == digest, "Digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
public void KnownDigestTest() { logger.LogDebug("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); logger.BeginScope(System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaronxten2", "password", "sip:303@bluesipd", "17190028", "INVITE"); string digest = authRequest.Digest; logger.LogDebug("Digest = " + digest + "."); logger.LogDebug(authRequest.ToString()); Assert.True(true, "True was false."); logger.LogDebug("-----------------------------------------"); }
public void GenreateDigestTest() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"digest realm=""sipsorcery.com"", nonce=""1265068315059e3bbf3052cf13ea5ca22fb71669a7"", opaque=""09c0f23f71f89ce53baab5664c09cbfa"", algorithm=MD5"); authRequest.SetCredentials("username", "password", "sip:sipsorcery.com", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(true, "True was false."); Console.WriteLine("-----------------------------------------"); }
public void KnownOpaqueTest() { logger.LogDebug("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); logger.BeginScope(System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"digest realm=""Syndeo Corporation"", nonce=""1265068315059e3bbf3052cf13ea5ca22fb71669a7"", opaque=""09c0f23f71f89ce53baab5664c09cbfa"", algorithm=MD5"); authRequest.SetCredentials("user", "pass", "sip:sip.ribbit.com", "REGISTER"); string digest = authRequest.Digest; logger.LogDebug("Digest = " + digest + "."); logger.LogDebug(authRequest.ToString()); Assert.True(true, "True was false."); logger.LogDebug("-----------------------------------------"); }
public void GenerateDigestTest() { logger.LogDebug("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); logger.BeginScope(System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"digest realm=""sipsorcery.com"", nonce=""1265068315059e3bbf3052cf13ea5ca22fb71669a7"", opaque=""09c0f23f71f89ce53baab5664c09cbfa"", algorithm=MD5"); authRequest.SetCredentials("username", "password", "sip:sipsorcery.com", "REGISTER"); string digest = authRequest.Digest; logger.LogDebug("Digest = " + digest + "."); logger.LogDebug(authRequest.ToString()); Assert.Equal("b1ea9d6b32e8dd0023a3feec14b16177", digest); logger.LogDebug("-----------------------------------------"); }
public override void AddMessageResponse(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPResponse response) { if (response.Status == SIPResponseStatusCodesEnum.Unauthorised) { logger.Info("需要提供身份认证字段" + remoteEndPoint.ToHost()); //安全身份认证 SIPAuthorisationDigest digest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.Authorize); digest.Username = response.Header.AuthenticationHeader.SIPDigest.Username; digest.Password = "******"; digest.Realm = response.Header.AuthenticationHeader.SIPDigest.Realm; digest.Nonce = response.Header.AuthenticationHeader.SIPDigest.Nonce; digest.Response = digest.Digest; string md5Pass = digest.ToString(); SIPAuthenticationHeader auth = new SIPAuthenticationHeader(digest); _auth = auth; RegisterToPlatform(); } }
public void KnownWWWAuthenticateDigestTest() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"Digest realm=""aol.com"",nonce=""48e757f3b95250379d63fe29f777984a93831b80"",qop=""auth"",opaque=""004533235332435434ffac663e"",algorithm=MD5"); authRequest.SetCredentials("*****@*****.**", "password", "sip:[email protected];transport=udp", "INVITE"); authRequest.Cnonce = "e66ea40d700e8ab69509df4893f4a821"; string digest = authRequest.Digest; authRequest.Response = digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue("6221ea0348e2d5229dd1f3825d633295" == digest, "Digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
public void AuthenticateHeaderToStringTest() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"Digest realm=""aol.com"",nonce=""48e7541d4339e27ee7b520a4bf8a8e3c4fffcb90"",qop=""auth"",opaque=""004533235332435434ffac663e"",algorithm=MD5"); authRequest.SetCredentials("*****@*****.**", "password", "sip:[email protected];transport=udp", "INVITE"); authRequest.Cnonce = "cf2e005f1801550717cc8c59193aa9f4"; string digest = authRequest.Digest; authRequest.Response = digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(authRequest.ToString() == @"Digest username=""*****@*****.**"",realm=""aol.com"",nonce=""48e7541d4339e27ee7b520a4bf8a8e3c4fffcb90"",uri=""sip:[email protected];transport=udp"",response=""18ad0e62fcc9d7f141a72078c4a0784f"",cnonce=""cf2e005f1801550717cc8c59193aa9f4"",nc=00000001,qop=auth,opaque=""004533235332435434ffac663e"",algorithm=MD5", "The authorisation header was not put to a string correctly."); Console.WriteLine("-----------------------------------------"); }
public void KnownQOPUnitTest() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, "Digest realm=\"jnctn.net\", nonce=\"4a597e1c0000a1636739088e9151ef2f319af257c8f585f1\", qop=\"auth\""); authRequest.SetCredentials("user", "password", "sip:user.onsip.com", "REGISTER"); authRequest.Cnonce = "d3a1ca6af34e72e2461b794f48d5045d"; string digest = authRequest.Digest; authRequest.Response = digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue(authRequest.Response == "7709215c1d58c1912dc59d1e8b5b6248", "The authentication response digest was not generated properly."); Console.WriteLine("-----------------------------------------"); }
/// <summary> /// Authenticates a SIP request. /// </summary> public static SIPRequestAuthenticationResult AuthenticateSIPRequest( SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPRequest sipRequest, ISIPAccount sipAccount) { try { if (sipAccount == null) { return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Forbidden, null)); } else if (sipAccount.IsDisabled) { logger.LogWarning($"SIP account {sipAccount.SIPUsername}@{sipAccount.SIPDomain} is disabled for {sipRequest.Method}."); return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Forbidden, null)); } else { SIPAuthenticationHeader reqAuthHeader = sipRequest.Header.AuthenticationHeader; if (reqAuthHeader == null) { // Check for IP address authentication. //if (!sipAccount.IPAddressACL.IsNullOrBlank()) //{ // SIPEndPoint uaEndPoint = (!sipRequest.Header.ProxyReceivedFrom.IsNullOrBlank()) ? SIPEndPoint.ParseSIPEndPoint(sipRequest.Header.ProxyReceivedFrom) : remoteEndPoint; // if (Regex.Match(uaEndPoint.GetIPEndPoint().ToString(), sipAccount.IPAddressACL).Success) // { // // Successfully authenticated // return new SIPRequestAuthenticationResult(true, true); // } //} SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce()); return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader)); } else { // Check for IP address authentication. //if (!sipAccount.IPAddressACL.IsNullOrBlank()) //{ // SIPEndPoint uaEndPoint = (!sipRequest.Header.ProxyReceivedFrom.IsNullOrBlank()) ? SIPEndPoint.ParseSIPEndPoint(sipRequest.Header.ProxyReceivedFrom) : remoteEndPoint; // if (Regex.Match(uaEndPoint.GetIPEndPoint().ToString(), sipAccount.IPAddressACL).Success) // { // // Successfully authenticated // return new SIPRequestAuthenticationResult(true, true); // } //} string requestNonce = reqAuthHeader.SIPDigest.Nonce; string uri = reqAuthHeader.SIPDigest.URI; string response = reqAuthHeader.SIPDigest.Response; // Check for stale nonces. if (IsNonceStale(requestNonce)) { logger.LogWarning($"Authentication failed stale nonce for realm={sipAccount.SIPDomain}, username={sipAccount.SIPUsername}, uri={uri}, nonce={requestNonce}, method={sipRequest.Method}."); SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce()); return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader)); } else { SIPAuthorisationDigest checkAuthReq = reqAuthHeader.SIPDigest; if (sipAccount.SIPPassword != null) { checkAuthReq.SetCredentials(sipAccount.SIPUsername, sipAccount.SIPPassword, uri, sipRequest.Method.ToString()); } else if (sipAccount.HA1Digest != null) { checkAuthReq.SetCredentials(sipAccount.HA1Digest, uri, sipRequest.Method.ToString()); } else { throw new ApplicationException("SIP authentication cannot be attempted as neither a password or HA1 digest are available."); } string digest = checkAuthReq.Digest; if (digest == response) { // Successfully authenticated return(new SIPRequestAuthenticationResult(true, false)); } else { logger.LogWarning("Authentication token check failed for realm=" + sipAccount.SIPDomain + ", username="******", uri=" + uri + ", nonce=" + requestNonce + ", method=" + sipRequest.Method + "."); SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce()); return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader)); } } } } } catch (Exception excp) { logger.LogError(0, excp, "Exception AuthoriseSIPRequest. " + excp.Message); return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.InternalServerError, null)); } }
public void KnownRegisterDigestTest() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaron", "password", "sip:blueface", "1c8192c9", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue("08881d1d56c0b21f11d19f4067da7045" == digest, "Digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
public void KnownRegisterDigestTest2() { Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name); SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaron", "password", "sip:blueface", "1c3c7a97", "REGISTER"); string digest = authRequest.Digest; Console.WriteLine("Digest = " + digest + "."); Console.WriteLine(authRequest.ToString()); Assert.IsTrue("1ef20beed71043225873e4f6712e4922" == digest, "Digest was incorrect."); Console.WriteLine("-----------------------------------------"); }
private Task <SocketError> SubscribeTransactionFinalResponseReceived(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPTransaction sipTransaction, SIPResponse sipResponse) { try { if (sipResponse.Status == SIPResponseStatusCodesEnum.IntervalTooBrief) { // The expiry interval used was too small. Adjust and try again. m_expiry = (sipResponse.Header.MinExpires > 0) ? sipResponse.Header.MinExpires : m_expiry * 2; logger.LogWarning("A subscribe request was rejected with IntervalTooBrief, adjusting expiry to " + m_expiry + " and trying again."); Subscribe(m_resourceURI, m_expiry, m_sipEventPackage, m_subscribeCallID, null); } else if (sipResponse.Status == SIPResponseStatusCodesEnum.Forbidden) { // The subscription is never going to succeed so cancel it. SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "A Forbidden response was received on a subscribe attempt to " + m_resourceURI.ToString() + " for user " + m_authUsername + "."); m_exit = true; m_waitForSubscribeResponse.Set(); } else if (sipResponse.Status == SIPResponseStatusCodesEnum.BadEvent) { // The subscription is never going to succeed so cancel it. SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "A BadEvent response was received on a subscribe attempt to " + m_resourceURI.ToString() + " for event package " + m_sipEventPackage.ToString() + "."); m_exit = true; m_waitForSubscribeResponse.Set(); } else if (sipResponse.Status == SIPResponseStatusCodesEnum.CallLegTransactionDoesNotExist) { // The notifier server does not have a record for the existing subscription. SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "Subscribe failed with response " + sipResponse.StatusCode + " " + sipResponse.ReasonPhrase + "."); m_waitForSubscribeResponse.Set(); } else if (sipResponse.Status == SIPResponseStatusCodesEnum.ProxyAuthenticationRequired || sipResponse.Status == SIPResponseStatusCodesEnum.Unauthorised) { if (m_authUsername.IsNullOrBlank() || m_authPassword.IsNullOrBlank()) { // No point trying to authenticate if there are no credentials to use. SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "Authentication requested on subscribe request when no credentials available."); m_waitForSubscribeResponse.Set(); } else if (sipResponse.Header.AuthenticationHeader != null) { if (m_attempts >= MAX_SUBSCRIBE_ATTEMPTS) { m_subscribed = false; SubscriptionFailed?.Invoke(m_resourceURI, SIPResponseStatusCodesEnum.InternalServerError, "Subscription reached the maximum number of allowed attempts."); m_waitForSubscribeResponse.Set(); } else { logger.LogDebug("Attempting authentication for subscribe request for event package " + m_sipEventPackage.ToString() + " and " + m_resourceURI.ToString() + "."); m_attempts++; // Resend SUBSCRIBE with credentials. SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest; authRequest.SetCredentials(m_authUsername, m_authPassword, m_resourceURI.ToString(), SIPMethodsEnum.SUBSCRIBE.ToString()); SIPRequest authSubscribeRequest = sipTransaction.TransactionRequest; authSubscribeRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest); authSubscribeRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest; authSubscribeRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId(); m_localCSeq = sipTransaction.TransactionRequest.Header.CSeq + 1; authSubscribeRequest.Header.CSeq = m_localCSeq; authSubscribeRequest.Header.CallId = m_subscribeCallID; if (!m_filter.IsNullOrBlank()) { authSubscribeRequest.Body = m_filter; authSubscribeRequest.Header.ContentLength = m_filter.Length; authSubscribeRequest.Header.ContentType = m_filterTextType; } // Create a new transaction to establish the authenticated server call. SIPNonInviteTransaction subscribeTransaction = new SIPNonInviteTransaction(m_sipTransport, authSubscribeRequest, m_outboundProxy); subscribeTransaction.NonInviteTransactionFinalResponseReceived += SubscribeTransactionFinalResponseReceived; subscribeTransaction.NonInviteTransactionFailed += SubscribeTransactionFailed; //m_sipTransport.SendTransaction(subscribeTransaction); subscribeTransaction.SendRequest(); } } else { SubscriptionFailed?.Invoke(sipTransaction.TransactionRequestURI, sipResponse.Status, "Subscribe requested authentication but did not provide an authentication header."); m_waitForSubscribeResponse.Set(); } } else if (sipResponse.StatusCode >= 200 && sipResponse.StatusCode <= 299) { logger.LogDebug("Authenticating subscribe request for event package " + m_sipEventPackage.ToString() + " and " + m_resourceURI.ToString() + " was successful."); m_subscribed = true; m_subscriptionToTag = sipResponse.Header.To.ToTag; SubscriptionSuccessful?.Invoke(m_resourceURI); m_waitForSubscribeResponse.Set(); } else { SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "Subscribe failed with response " + sipResponse.StatusCode + " " + sipResponse.ReasonPhrase + "."); m_waitForSubscribeResponse.Set(); } return(Task.FromResult(SocketError.Success)); } catch (Exception excp) { logger.LogError("Exception SubscribeTransactionFinalResponseReceived. " + excp.Message); SubscriptionFailed?.Invoke(m_resourceURI, SIPResponseStatusCodesEnum.InternalServerError, "Exception processing subscribe response. " + excp.Message); m_waitForSubscribeResponse.Set(); return(Task.FromResult(SocketError.Fault)); } }
/// <summary> /// Authenticates a SIP request. /// </summary> public static SIPRequestAuthenticationResult AuthenticateSIPRequest(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPRequest sipRequest, SIPAccount sipAccount, SIPMonitorLogDelegate logSIPMonitorEvent) { try { if (sipAccount == null) { return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Forbidden, null)); } else if (sipAccount.IsDisabled) { if (logSIPMonitorEvent != null) { logSIPMonitorEvent(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.Authoriser, SIPMonitorEventTypesEnum.DialPlan, "SIP account " + sipAccount.SIPUsername + "@" + sipAccount.SIPDomain + " is disabled for " + sipRequest.Method + ".", sipAccount.Owner)); } return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Forbidden, null)); } else { SIPAuthenticationHeader reqAuthHeader = sipRequest.Header.AuthenticationHeader; if (reqAuthHeader == null) { // Check for IP address authentication. if (!sipAccount.IPAddressACL.IsNullOrBlank()) { SIPEndPoint uaEndPoint = (!sipRequest.Header.ProxyReceivedFrom.IsNullOrBlank()) ? SIPEndPoint.ParseSIPEndPoint(sipRequest.Header.ProxyReceivedFrom) : remoteEndPoint; if (Regex.Match(uaEndPoint.GetIPEndPoint().ToString(), sipAccount.IPAddressACL).Success) { // Successfully authenticated return(new SIPRequestAuthenticationResult(true, true)); } } SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce()); return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader)); } else { // Check for IP address authentication. if (!sipAccount.IPAddressACL.IsNullOrBlank()) { SIPEndPoint uaEndPoint = (!sipRequest.Header.ProxyReceivedFrom.IsNullOrBlank()) ? SIPEndPoint.ParseSIPEndPoint(sipRequest.Header.ProxyReceivedFrom) : remoteEndPoint; if (Regex.Match(uaEndPoint.GetIPEndPoint().ToString(), sipAccount.IPAddressACL).Success) { // Successfully authenticated return(new SIPRequestAuthenticationResult(true, true)); } } string requestNonce = reqAuthHeader.SIPDigest.Nonce; string uri = reqAuthHeader.SIPDigest.URI; string response = reqAuthHeader.SIPDigest.Response; // Check for stale nonces. if (IsNonceStale(requestNonce)) { if (logSIPMonitorEvent != null) { logSIPMonitorEvent(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.Authoriser, SIPMonitorEventTypesEnum.Warn, "Authentication failed stale nonce for realm=" + sipAccount.SIPDomain + ", username="******", uri=" + uri + ", nonce=" + requestNonce + ", method=" + sipRequest.Method + ".", null)); } SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce()); return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader)); } else { SIPAuthorisationDigest checkAuthReq = reqAuthHeader.SIPDigest; checkAuthReq.SetCredentials(sipAccount.SIPUsername, sipAccount.SIPPassword, uri, sipRequest.Method.ToString()); string digest = checkAuthReq.Digest; if (digest == response) { // Successfully authenticated return(new SIPRequestAuthenticationResult(true, false)); } else { if (logSIPMonitorEvent != null) { logSIPMonitorEvent(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.Authoriser, SIPMonitorEventTypesEnum.Warn, "Authentication token check failed for realm=" + sipAccount.SIPDomain + ", username="******", uri=" + uri + ", nonce=" + requestNonce + ", method=" + sipRequest.Method + ".", sipAccount.Owner)); } SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce()); return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader)); } } } } } catch (Exception excp) { if (logSIPMonitorEvent != null) { logSIPMonitorEvent(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.Authoriser, SIPMonitorEventTypesEnum.Error, "Exception AuthoriseSIPRequest. " + excp.Message, null)); } return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.InternalServerError, null)); } }