Hi!
I really wonder if the nonce_reuse protection feature is useful and if
anybody uses it without problems.
One problem I have is with retransmission: e.g:
----INV1 --->
<---407------
----ACK----->
----INV2------>
here happens a delay to the INVITE (e.g. jam in the access uplink,
SIP proxy slow, ... whatever) which causes a retransmission of the INVITE
----INV3------> (retransmission of INV2)
the proxy processes INV2, authenticates the user successful and forwards
the requests
then the proxy processes INV3, finds out that the nonce is reused and
sends back 407 --> client gives up, but the request was also forwarded
by the proxy :-(
How do you handle such a scenario? Do you always create the transaction
before authentication?
One other thing I just found out is that reuse-check is done after
successful authentication - shouldn't it be done the other way round?
regards
Klaus