hushuitian / rfc5766-turn-server

Automatically exported from code.google.com/p/rfc5766-turn-server
0 stars 0 forks source link

Server should return 438 on unknown nonce for allocation #108

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
If the server receives an allocate request for a super-session that hasn't 
previously sent a nonce, it always returns 401, even if the request contains a 
message-integrity attribute.

Following the steps of RFC 5389 section 10.2.2., and assuming that "unknown 
nonce" should be handled the same as "expired nonce", it should return 438 in 
this case instead.

What steps will reproduce the problem?
1. Send an ALLOCATE request containing a valid username and realm, and with 
message-integrity correctly calculated for the username's password, but with a 
nonce that the server doesn't accept for this allocation.  (It could come from 
a different allocation, for instance, if the client is assuming nonces can be 
shared across allocations; or the server could have crashed and restarted.)

What is the expected output? What do you see instead?

I expect a 438 response; the server instead sends 401.

What version of the product are you using? On what operating system?

turnserver-3.2.2.7 on Ubuntu 12.04

Please provide any additional information below.

See the tram mailing list thread starting at 
<http://www.ietf.org/mail-archive/web/tram/current/msg00248.html>.

Original issue reported on code.google.com by jonathan...@gmail.com on 19 Feb 2014 at 8:31

GoogleCodeExporter commented 9 years ago
Will be fixed in 3.2.2.8

Original comment by mom040...@gmail.com on 19 Feb 2014 at 9:43

GoogleCodeExporter commented 9 years ago

Original comment by mom040...@gmail.com on 22 Feb 2014 at 8:32