I’m trying to troubleshoot a client not being able to register. My suspicion is that its implementation of the www-authentication is flawed on this client UA.
I’m trying to re-create the challenge and response of md5 hashes using a console “echo -n “” |md5sum” to verify what I’m seeing.
I have rifled through the RFC 2617, in attempt to understand how the client would construct its response to the challenge, but other than learing that user Mufasa has “Circle Of Life” as a password, it hasn’t taken me forward very much.
What I understand of the response nonce is:
md5 < A1,nonce:A2
where A1 = md5secret (as you would put it in the sip.conf)
nonce = the nonce that was issued in the 401 challenge
A2 =md5<( (method: md5<URI value))
Can you please explain to me how the client’s response hash is put together?