[Sip-implementors] Empty Proxy-Authorization Header

Discussion:

ROHIT CHAUDHARY

2008-12-11 20:05:47 UTC

Hi,

What should be a response to an INVITE with an empty Proxy-Authorization header (i.e. with no value) ?

Regards,
Rohit

Add more friends to your messenger and enjoy! Go to http://messenger.yahoo.com/invite/

Maxim Sobolev

2008-12-11 20:10:45 UTC

Permalink

Post by ROHIT CHAUDHARY
Hi,
What should be a response to an INVITE with an empty Proxy-Authorization header (i.e. with no value) ?

400 Bad Request, just like any other empty header with no value IMHO.
Header value is not optional.

Regards,

--
Maksym Sobolyev
Sippy Software, Inc.
Internet Telephony (VoIP) Experts
T/F: +1-646-651-1110
Web: http://www.sippysoft.com
MSN: sales at sippysoft.com
Skype: SippySoft

Brett Tate

2008-12-11 20:16:48 UTC

Permalink

Post by ROHIT CHAUDHARY
What should be a response to an INVITE with an empty
Proxy-Authorization header (i.e. with no value) ?

If you want to be strict, return a 400 response. Otherwise you can
process the request as though the Proxy-Authorization was not intended
for your device.

Brett Tate

2008-12-11 20:23:03 UTC

Permalink

Post by Maxim Sobolev

Post by ROHIT CHAUDHARY
What should be a response to an INVITE with
an empty Proxy-Authorization header (i.e.
with no value) ?

400 Bad Request, just like any other empty
header with no value IMHO. Header value is
not optional.

I agree that the header value is not optional within
Proxy-Authorization. However an empty header value is valid within some
headers such as Supported.

Iñaki Baz Castillo

2008-12-11 20:27:57 UTC

Permalink

Post by Brett Tate
I agree that the header value is not optional within
Proxy-Authorization. However an empty header value is valid within some
headers such as Supported.

"Supported" header does NOT allow empty value:

--------
Supported = ( "Supported" / "k" ) HCOLON [option-tag *(COMMA option-tag)]

option-tag = token

token = 1*( alphanum
/ "-" / "." / "!" / "%" / "*"
/ "_" / "+" / "`" / "'" / "~" )
---------

It requires, at least, one value.

--
I?aki Baz Castillo

Neelakantan Balasubramanian

2008-12-11 20:41:46 UTC

Permalink

See below.

Thanks,
Neel.

-----Original Message-----
From: sip-implementors-bounces at lists.cs.columbia.edu [mailto:sip-
implementors-bounces at lists.cs.columbia.edu] On Behalf Of I?aki Baz
Castillo
Sent: Thursday, December 11, 2008 2:28 PM
To: sip-implementors at lists.cs.columbia.edu
Subject: Re: [Sip-implementors] Empty Proxy-Authorization Header

Post by Brett Tate
I agree that the header value is not optional within
Proxy-Authorization. However an empty header value is valid within

some

Post by Brett Tate
headers such as Supported.

--------
Supported = ( "Supported" / "k" ) HCOLON [option-tag *(COMMA option-
tag)]

[Neelakantan Balasubramanian]
Section 20.37 Supported

The Supported header field enumerates all the extensions supported by
the UAC or UAS.

The Supported header field contains a list of option tags, described
in Section 19.2, that are understood by the UAC or UAS. A UA
compliant to this specification MUST only include option tags
corresponding to standards-track RFCs. If empty, it means that no
extensions are supported.

So, it can be empty.

If my understating id right, anything in "[" "]" is optional.

option-tag = token
token = 1*( alphanum
/ "-" / "." / "!" / "%" / "*"
/ "_" / "+" / "`" / "'" / "~" )
---------
It requires, at least, one value.
--
I?aki Baz Castillo
_______________________________________________
Sip-implementors mailing list
Sip-implementors at lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors

Brett Tate

2008-12-11 20:41:24 UTC

Permalink

RFC 2234 section 3.8 indicates meaning of the brackets within ABNF:

Square brackets enclose an optional element sequence:

[foo bar]

is equivalent to

*1(foo bar).

-----Original Message-----
From: sip-implementors-bounces at lists.cs.columbia.edu
[mailto:sip-implementors-bounces at lists.cs.columbia.edu] On
Behalf Of I?aki Baz Castillo
Sent: Thursday, December 11, 2008 3:28 PM
To: sip-implementors at lists.cs.columbia.edu
Subject: Re: [Sip-implementors] Empty Proxy-Authorization Header

Post by Brett Tate
I agree that the header value is not optional within
Proxy-Authorization. However an empty header value is valid within
some headers such as Supported.

--------
Supported = ( "Supported" / "k" ) HCOLON [option-tag
*(COMMA option-tag)]
option-tag = token
token = 1*( alphanum
/ "-" / "." / "!" / "%" / "*"
/ "_" / "+" / "`" / "'" / "~" )
---------
It requires, at least, one value.
--
I?aki Baz Castillo
_______________________________________________
Sip-implementors mailing list
Sip-implementors at lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors

Iñaki Baz Castillo

2008-12-11 21:38:47 UTC

Permalink

Post by Brett Tate
[foo bar]
is equivalent to
*1(foo bar).

Let me insist a bit ;)

-----------------
3.6 Variable Repetition *Rule

The operator "*" preceding an element indicates repetition. The full
form is:

<a>*element

where <a> and are optional decimal values, indicating at least
<a> and at most occurrences of element.

Default values are 0 and infinity so that *<element> allows any
number, including zero; 1*<element> requires at least one;
3*3<element> allows exactly 3 and 1*2<element> allows one or two.
------------------

So 1*ANYTHING means requires at least one ANYTHING.

:)

--
I?aki Baz Castillo

Iñaki Baz Castillo

2008-12-11 21:41:22 UTC

Permalink

Post by IÃ±aki Baz Castillo
-----------------
3.6 Variable Repetition *Rule
The operator "*" preceding an element indicates repetition. The full
<a>*element
where <a> and are optional decimal values, indicating at least
<a> and at most occurrences of element.
Default values are 0 and infinity so that *<element> allows any
number, including zero; 1*<element> requires at least one;
3*3<element> allows exactly 3 and 1*2<element> allows one or two.
------------------
So 1*ANYTHING means requires at least one ANYTHING.
:)

Sorry!!! I'm wrong!

- 1*<element> => at least 1 element
- *1<element> => 0 or 1 element

Thanks a lot.

--
I?aki Baz Castillo

ROHIT CHAUDHARY

2008-12-12 07:18:05 UTC

Permalink

Is sending a 403 Forbiddden jusitfied for this case?

--- On Fri, 12/12/08, Brett Tate <brett at broadsoft.com> wrote:
From: Brett Tate <brett at broadsoft.com>
Subject: Re: [Sip-implementors] Empty Proxy-Authorization Header
To: "Maxim Sobolev" <sobomax at sippysoft.com>
Cc: sip-implementors at lists.cs.columbia.edu
Date: Friday, 12 December, 2008, 1:53 AM

Post by Maxim Sobolev

Post by ROHIT CHAUDHARY
What should be a response to an INVITE with
an empty Proxy-Authorization header (i.e.
with no value) ?

400 Bad Request, just like any other empty
header with no value IMHO. Header value is
not optional.

Alex Balashov

2008-12-12 07:25:26 UTC

Permalink

Well, empty authorisation values mean invalid authorisation credentials,
so why not? Either that or 500 Internal Server Error or 400 Bad Request.

Post by ROHIT CHAUDHARY
Is sending a 403 Forbiddden jusitfied for this case?
From: Brett Tate <brett at broadsoft.com>
Subject: Re: [Sip-implementors] Empty Proxy-Authorization Header
To: "Maxim Sobolev" <sobomax at sippysoft.com>
Cc: sip-implementors at lists.cs.columbia.edu
Date: Friday, 12 December, 2008, 1:53 AM

Post by Maxim Sobolev

Post by ROHIT CHAUDHARY
What should be a response to an INVITE with
an empty Proxy-Authorization header (i.e.
with no value) ?

400 Bad Request, just like any other empty
header with no value IMHO. Header value is
not optional.

I agree that the header value is not optional within
Proxy-Authorization. However an empty header value is valid within some
headers such as Supported.
_______________________________________________
Sip-implementors mailing list
Sip-implementors at lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
Add more friends to your messenger and enjoy! Go to http://messenger.yahoo.com/invite/
_______________________________________________
Sip-implementors mailing list
Sip-implementors at lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors

--
Alex Balashov
Evariste Systems
Web : http://www.evaristesys.com/
Tel : (+1) (678) 954-0670
Direct : (+1) (678) 954-0671
Mobile : (+1) (706) 338-8599

Iñaki Baz Castillo

2008-12-12 09:08:24 UTC

Permalink

Post by Alex Balashov
Well, empty authorisation values mean invalid authorisation credentials,
so why not? Either that or 500 Internal Server Error or 400 Bad Request.

500 means an error in the server, while this is obviously a client
error. I expect 400 is the correct response while 5XX is unappropiate.

--
I?aki Baz Castillo
<ibc at aliax.net>

Dale Worley

2008-12-12 17:24:17 UTC

Permalink

Post by Alex Balashov
Well, empty authorisation values mean invalid authorisation credentials,
so why not? Either that or 500 Internal Server Error or 400 Bad Request.

The obvious choices are 400 (with a suitable reason phrase) (because the
header is syntactically incorrect), or 407 (because the proxy needs
authorization and the message does not provide it), or 4xx (for other
errors in the message), or just ignore the header (if its value is not
needed to process the message).

Dale

Bossiel thioriguel

2008-12-12 17:39:48 UTC

Permalink

Hi all,

I have a question about MSRP client ports binding.
I have two clients used in the IMS context (SIP signaling before setting up MSRP connections). The first client(UE1) send an INVITE to the second client(UE2).

a)The UE1 request(SIP INVITE) contains a port number (both in media line and msrp path) equal to 1010.

b)The UE2 send a response(SIP 200 OK) that contain a port number (both in media line and msrp path) equal to 2020.

c)The UE1 send the first MSRP request (MSRP SEND) to the UE2.

The question is: In which port the UE2 MUST send the MSRP response(MSRP 200 OK)?

PS: I use Mercuro IMS Client and UCT for tests.