我是靠谱客的博主 昏睡摩托,这篇文章主要介绍SIP 协议之 注册流程 (二),现在分享给大家,希望可以做个参考。

前言

本篇主要讲解SIP 的注册流程,认证算法


1、注册流程

(1)终端代理A向代理服务器发送REGISTER 注册请求;

(2)代理服务器收到REGISTER请求后, 便向终端代理回送401 Unauthorized 信息,其中包含安全认证所需的令牌即WWW-Authenticate

(3)终端代理根据安全认证令牌将其加密后,再次用REGISTER 消息报告给代理服务器即Authorization

(4)代理服务器收到REGISTER 消息中Authorization,将与数据库中记录的信息匹配,若验证ok将向终端代理A 返回成功响应消息200 OK, 否则401。

2、注册信令参考

复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
REGISTER sip:sh.gg:5061;transport=tls SIP/2.0 Via: SIP/2.0/TLS 192.168.1.104:52400;branch=z9hG4bKccc1e88d4ab68cf2;rport Contact: <sip:1001-0x20d1a38@192.168.1.104:52400;transport=tls>;expires=3600 Max-Forwards: 70 To: <sip:1001@sh.gg:5061;transport=tls> From: <sip:1001@sh.gg:5061;transport=tls>;tag=24174dec803066c5 Call-ID: 8f8e5fb8ce260308 CSeq: 62430 REGISTER User-Agent: 1.0.2 Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,REFER,NOTIFY,SUBSCRIBE,INFO,MESSAGE Keepalive: 30 Content-Length: 0 SIP/2.0 401 Unauthorized Via: SIP/2.0/TLS 192.168.1.104:52400;branch=z9hG4bKccc1e88d4ab68cf2;rport=43769;received=218.94.29.190 To: <sip:1001@sh.gg:5061;transport=tls> From: <sip:1001@sh.gg:5061;transport=tls>;tag=24174dec803066c5 Call-ID: 8f8e5fb8ce260308 CSeq: 62430 REGISTER WWW-Authenticate: Digest realm="sh.gg", nonce="54d8597d-6b64-458b-b6b5-91143e8968c2" Content-Length: 0 REGISTER sip:sh.gg:5061;transport=tls SIP/2.0 Via: SIP/2.0/TLS 192.168.1.104:52400;branch=z9hG4bK124e2b0912d0db1c;rport Contact: <sip:1001-0x20d1a38@192.168.1.104:52400;transport=tls>;expires=3600 Max-Forwards: 70 Authorization: Digest username="1001", realm="sh.gg", nonce="54d8597d-6b64-458b-b6b5-91143e8968c2", uri="sip:sh.gg:5061;transport=tls", response="ce80353d7bc815052c651b0c26e5dee0"To: <sip:1001@sh.gg:5061;transport=tls> From: <sip:1001@sh.gg:5061;transport=tls>;tag=24174dec803066c5 Call-ID: 8f8e5fb8ce260308 CSeq: 62431 REGISTER User-Agent: 1.0.2 Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,REFER,NOTIFY,SUBSCRIBE,INFO,MESSAGE Keepalive: 30 Content-Length: 0 SIP/2.0 200 OK Contact: <sip:218.94.29.190:43769;expires=3600> Via: SIP/2.0/TLS 192.168.1.104:52400;branch=z9hG4bK124e2b0912d0db1c;rport=43769;received=218.94.29.190 To: <sip:1001@sh.gg:5061;transport=tls> From: <sip:1001@sh.gg:5061;transport=tls>;tag=24174dec803066c5 Call-ID: 8f8e5fb8ce260308 CSeq: 62431 REGISTER Content-Length: 0

3、计算方法

  • client获取服务端 WWW-Authenticate, client 根据 MD5(ha1:nonce:ha1b) 计算得到response, 同时SIP携带Authorization
  • 服务验证Authorization中response, 是否与采用SQL记录计算的结果一致

      ha1 = MD5(username:realm:password)
      ha1b = MD5(method:uri)                // method = "REGISTER"
      response = MD5(HA1:nonce:HA2)


参考:

https://www.ietf.org/rfc/rfc3261.txt (RFC3216)

https://www.cnblogs.com/gnuhpc/archive/2012/12/10/2812095.html


最后

以上就是昏睡摩托最近收集整理的关于SIP 协议之 注册流程 (二)的全部内容,更多相关SIP内容请搜索靠谱客的其他文章。

本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
点赞(115)

评论列表共有 0 条评论

立即
投稿
返回
顶部