Hello,
We have one particular device which won't authenticate with Kamailio, and are looking for any insight into why. When Kamailio receives the REGISTER it logs:
Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} <core> [core/parser/digest/digest.c:323]: find_credentials(): error while parsing credentials Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} auth [api.c:73]: pre_auth(): Error while looking for credentials
A redacted copy of the REGISTER is below. I note two unusual things: - On the Authorization header it says "[truncated]Authorization". - It includes a "cnonce" (client nonce) in the Authorization data, which is unusual compared to our other SIP devices. Thanks in advance!
Session Initiation Protocol (REGISTER) Request-Line: REGISTER sip:sip.example.com:5060 SIP/2.0 Message Header To: "C25" sip:123456789@sip.example.com SIP to display info: "C25" SIP to address: sip:123456789@sip.example.com SIP to address User Part: 123456789 SIP to address Host Part: sip.example.com From: "C25" sip:123456789@sip.example.com;tag=mmVG392Qv SIP from display info: "C25" SIP from address: sip:123456789@sip.example.com SIP from tag: mmVG392Qv Contact: sip:123456789@11.22.221.114:65477;transport=udp Contact URI: sip:123456789@11.22.221.114:65477;transport=udp Via: SIP/2.0/UDP 11.22.221.114:65477;branch=z9hG4bK.X0v8d63yc CSeq: 2 REGISTER Call-ID: iYC5fcJqy [Generated Call-ID: iYC5fcJqy] Max-Forwards: 70 Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, NOTIFY User-Agent: Rogue sip 7.1.11 (stm32mp15-ya157c-v2) linux Expires: 3600 [truncated]Authorization: Digest realm="sip.example.com", nonce="aRvGYGkbxTQrS5pTzBoahdefo1xCqskN", algorithm=MD5, username="123456789", uri="sip:sip.example.com:5060", response="ab717ce439c666e9b5651d0dc74dff9a", cnonce="MzrTCxYCoCPxZ Authentication Scheme: Digest Realm: "sip.example.com" Nonce Value: "aRvGYGkbxTQrS5pTzBoahdefo1xCqskN" Algorithm: MD5 Username: "123456789" Authentication URI: "sip:sip.example.com:5060" Digest Authentication Response: "ab717ce439c666e9b5651d0dc74dff9a" CNonce Value: "MzrTCxYCoCPxZ91a" Nonce Count: 00000001 QOP: Content-Length: 0
Hello David,
the cnonce is not so common but usually supported from kamailio. If you are having a trace, have a look to the raw SIP packet to see if it was maybe really truncated on the wire. The QOP seems to be missing/truncated from the dump below.
Cheers,
Henning
From: David Cunningham via sr-users sr-users@lists.kamailio.org Sent: Dienstag, 18. November 2025 03:34 To: Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org Cc: David Cunningham dcunningham@voisonics.com Subject: [SR-Users] error while parsing credentials
Hello,
We have one particular device which won't authenticate with Kamailio, and are looking for any insight into why. When Kamailio receives the REGISTER it logs:
Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} <core> [core/parser/digest/digest.c:323]: find_credentials(): error while parsing credentials Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} auth [api.c:73]: pre_auth(): Error while looking for credentials
A redacted copy of the REGISTER is below. I note two unusual things: - On the Authorization header it says "[truncated]Authorization". - It includes a "cnonce" (client nonce) in the Authorization data, which is unusual compared to our other SIP devices. Thanks in advance!
Session Initiation Protocol (REGISTER) Request-Line: REGISTER sip:sip.example.com:5060http://sip.example.com:5060 SIP/2.0 Message Header To: "C25" <sip:123456789@sip.example.commailto:sip%3A123456789@sip.example.com> SIP to display info: "C25" SIP to address: sip:123456789@sip.example.commailto:sip%3A123456789@sip.example.com SIP to address User Part: 123456789 SIP to address Host Part: sip.example.comhttp://sip.example.com From: "C25" <sip:123456789@sip.example.commailto:sip%3A123456789@sip.example.com>;tag=mmVG392Qv SIP from display info: "C25" SIP from address: sip:123456789@sip.example.commailto:sip%3A123456789@sip.example.com SIP from tag: mmVG392Qv Contact: sip:123456789@11.22.221.114:65477;transport=udp Contact URI: sip:123456789@11.22.221.114:65477;transport=udp Via: SIP/2.0/UDP 11.22.221.114:65477;branch=z9hG4bK.X0v8d63yc CSeq: 2 REGISTER Call-ID: iYC5fcJqy [Generated Call-ID: iYC5fcJqy] Max-Forwards: 70 Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, NOTIFY User-Agent: Rogue sip 7.1.11 (stm32mp15-ya157c-v2) linux Expires: 3600 [truncated]Authorization: Digest realm="sip.example.comhttp://sip.example.com", nonce="aRvGYGkbxTQrS5pTzBoahdefo1xCqskN", algorithm=MD5, username="123456789", uri="sip:sip.example.com:5060http://sip.example.com:5060", response="ab717ce439c666e9b5651d0dc74dff9a", cnonce="MzrTCxYCoCPxZ Authentication Scheme: Digest Realm: "sip.example.comhttp://sip.example.com" Nonce Value: "aRvGYGkbxTQrS5pTzBoahdefo1xCqskN" Algorithm: MD5 Username: "123456789" Authentication URI: "sip:sip.example.com:5060http://sip.example.com:5060" Digest Authentication Response: "ab717ce439c666e9b5651d0dc74dff9a" CNonce Value: "MzrTCxYCoCPxZ91a" Nonce Count: 00000001 QOP: Content-Length: 0
-- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782
Hi Henning,
Thank you for the reply. An ngrep shows the full SIP packet, and there is an empty "qop" value in the Authorization header:
Authorization: Digest realm="sip.example.com", nonce="aR0SEGkdEOQ2eLjMXqc05nC5+GDLOKUy", algorithm=MD5, username="123456789", uri="sip:sip.example.com:5060", response="21c1d546986a43c871486fcf2ef3ff83", cnonce="IWbhxqr9ut1LqMwj", nc=00000001, qop=.
So I'm not sure why Wireshark says the packet is truncated. Would you have any ideas on where to look for the reason?
On Wed, 19 Nov 2025 at 06:02, Henning Westerholt hw@gilawa.com wrote:
Hello David,
the cnonce is not so common but usually supported from kamailio. If you are having a trace, have a look to the raw SIP packet to see if it was maybe really truncated on the wire. The QOP seems to be missing/truncated from the dump below.
Cheers,
Henning
*From:* David Cunningham via sr-users sr-users@lists.kamailio.org *Sent:* Dienstag, 18. November 2025 03:34 *To:* Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org *Cc:* David Cunningham dcunningham@voisonics.com *Subject:* [SR-Users] error while parsing credentials
Hello,
We have one particular device which won't authenticate with Kamailio, and are looking for any insight into why. When Kamailio receives the REGISTER it logs:
Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} <core> [core/parser/digest/digest.c:323]: find_credentials(): error while parsing credentials Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} auth [api.c:73]: pre_auth(): Error while looking for credentials
A redacted copy of the REGISTER is below. I note two unusual things:
On the Authorization header it says "[truncated]Authorization".
It includes a "cnonce" (client nonce) in the Authorization data, which
is unusual compared to our other SIP devices.
Thanks in advance!
Session Initiation Protocol (REGISTER) Request-Line: REGISTER sip:sip.example.com:5060 SIP/2.0 Message Header To: "C25" sip:123456789@sip.example.com SIP to display info: "C25" SIP to address: sip:123456789@sip.example.com SIP to address User Part: 123456789 SIP to address Host Part: sip.example.com From: "C25" sip:123456789@sip.example.com;tag=mmVG392Qv SIP from display info: "C25" SIP from address: sip:123456789@sip.example.com SIP from tag: mmVG392Qv Contact: sip:123456789@11.22.221.114:65477;transport=udp Contact URI: sip:123456789@11.22.221.114:65477;transport=udp Via: SIP/2.0/UDP 11.22.221.114:65477;branch=z9hG4bK.X0v8d63yc CSeq: 2 REGISTER Call-ID: iYC5fcJqy [Generated Call-ID: iYC5fcJqy] Max-Forwards: 70 Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, NOTIFY User-Agent: Rogue sip 7.1.11 (stm32mp15-ya157c-v2) linux Expires: 3600 [truncated]Authorization: Digest realm="sip.example.com", nonce="aRvGYGkbxTQrS5pTzBoahdefo1xCqskN", algorithm=MD5, username="123456789", uri="sip:sip.example.com:5060", response="ab717ce439c666e9b5651d0dc74dff9a", cnonce="MzrTCxYCoCPxZ Authentication Scheme: Digest Realm: "sip.example.com" Nonce Value: "aRvGYGkbxTQrS5pTzBoahdefo1xCqskN" Algorithm: MD5 Username: "123456789" Authentication URI: "sip:sip.example.com:5060" Digest Authentication Response: "ab717ce439c666e9b5651d0dc74dff9a" CNonce Value: "MzrTCxYCoCPxZ91a" Nonce Count: 00000001 QOP: Content-Length: 0
--
David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782
Hello,
the problem is the empty qop value, it has to be a token there, usually auth or auth-int.
The 'truncated' in the wireshark is just to indicate that it does not display the entire field there, just part of it, but internally it has all of it -- subsequently to that field is the list of parsed attributes insides it, which shows qop being empty.
Cheers, Daniel
On 19.11.25 02:02, David Cunningham via sr-users wrote:
Hi Henning,
Thank you for the reply. An ngrep shows the full SIP packet, and there is an empty "qop" value in the Authorization header:
Authorization: Digest realm="sip.example.com http://sip.example.com", nonce="aR0SEGkdEOQ2eLjMXqc05nC5+GDLOKUy", algorithm=MD5, username="123456789", uri="sip:sip.example.com:5060 http://sip.example.com:5060", response="21c1d546986a43c871486fcf2ef3ff83", cnonce="IWbhxqr9ut1LqMwj", nc=00000001, qop=.
So I'm not sure why Wireshark says the packet is truncated. Would you have any ideas on where to look for the reason?
On Wed, 19 Nov 2025 at 06:02, Henning Westerholt hw@gilawa.com wrote:
Hello David, the cnonce is not so common but usually supported from kamailio. If you are having a trace, have a look to the raw SIP packet to see if it was maybe really truncated on the wire. The QOP seems to be missing/truncated from the dump below. Cheers, Henning *From:*David Cunningham via sr-users <sr-users@lists.kamailio.org> *Sent:* Dienstag, 18. November 2025 03:34 *To:* Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org> *Cc:* David Cunningham <dcunningham@voisonics.com> *Subject:* [SR-Users] error while parsing credentials Hello, We have one particular device which won't authenticate with Kamailio, and are looking for any insight into why. When Kamailio receives the REGISTER it logs: Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} <core> [core/parser/digest/digest.c:323]: find_credentials(): error while parsing credentials Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} auth [api.c:73]: pre_auth(): Error while looking for credentials A redacted copy of the REGISTER is below. I note two unusual things: - On the Authorization header it says "[truncated]Authorization". - It includes a "cnonce" (client nonce) in the Authorization data, which is unusual compared to our other SIP devices. Thanks in advance! Session Initiation Protocol (REGISTER) Request-Line: REGISTER sip:sip.example.com:5060 <http://sip.example.com:5060> SIP/2.0 Message Header To: "C25" <sip:123456789@sip.example.com <mailto:sip%3A123456789@sip.example.com>> SIP to display info: "C25" SIP to address: sip:123456789@sip.example.com <mailto:sip%3A123456789@sip.example.com> SIP to address User Part: 123456789 SIP to address Host Part: sip.example.com <http://sip.example.com> From: "C25" <sip:123456789@sip.example.com <mailto:sip%3A123456789@sip.example.com>>;tag=mmVG392Qv SIP from display info: "C25" SIP from address: sip:123456789@sip.example.com <mailto:sip%3A123456789@sip.example.com> SIP from tag: mmVG392Qv Contact: <sip:123456789@11.22.221.114:65477;transport=udp> Contact URI: sip:123456789@11.22.221.114:65477;transport=udp Via: SIP/2.0/UDP 11.22.221.114:65477;branch=z9hG4bK.X0v8d63yc CSeq: 2 REGISTER Call-ID: iYC5fcJqy [Generated Call-ID: iYC5fcJqy] Max-Forwards: 70 Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, NOTIFY User-Agent: Rogue sip 7.1.11 (stm32mp15-ya157c-v2) linux Expires: 3600 [truncated]Authorization: Digest realm="sip.example.com <http://sip.example.com>", nonce="aRvGYGkbxTQrS5pTzBoahdefo1xCqskN", algorithm=MD5, username="123456789", uri="sip:sip.example.com:5060 <http://sip.example.com:5060>", response="ab717ce439c666e9b5651d0dc74dff9a", cnonce="MzrTCxYCoCPxZ Authentication Scheme: Digest Realm: "sip.example.com <http://sip.example.com>" Nonce Value: "aRvGYGkbxTQrS5pTzBoahdefo1xCqskN" Algorithm: MD5 Username: "123456789" Authentication URI: "sip:sip.example.com:5060 <http://sip.example.com:5060>" Digest Authentication Response: "ab717ce439c666e9b5651d0dc74dff9a" CNonce Value: "MzrTCxYCoCPxZ91a" Nonce Count: 00000001 QOP: Content-Length: 0 -- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782-- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782
Kamailio - Users Mailing List - Non Commercial Discussions -- sr-users@lists.kamailio.org To unsubscribe send an email to sr-users-leave@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender!
Hi Daniel,
Thank you for that! We'll look into the empty qop value.
On Thu, 20 Nov 2025 at 03:21, Daniel-Constantin Mierla via sr-users < sr-users@lists.kamailio.org> wrote:
Hello,
the problem is the empty qop value, it has to be a token there, usually auth or auth-int.
The 'truncated' in the wireshark is just to indicate that it does not display the entire field there, just part of it, but internally it has all of it -- subsequently to that field is the list of parsed attributes insides it, which shows qop being empty.
Cheers, Daniel On 19.11.25 02:02, David Cunningham via sr-users wrote:
Hi Henning,
Thank you for the reply. An ngrep shows the full SIP packet, and there is an empty "qop" value in the Authorization header:
Authorization: Digest realm="sip.example.com", nonce="aR0SEGkdEOQ2eLjMXqc05nC5+GDLOKUy", algorithm=MD5, username="123456789", uri="sip:sip.example.com:5060", response="21c1d546986a43c871486fcf2ef3ff83", cnonce="IWbhxqr9ut1LqMwj", nc=00000001, qop=.
So I'm not sure why Wireshark says the packet is truncated. Would you have any ideas on where to look for the reason?
On Wed, 19 Nov 2025 at 06:02, Henning Westerholt hw@gilawa.com wrote:
Hello David,
the cnonce is not so common but usually supported from kamailio. If you are having a trace, have a look to the raw SIP packet to see if it was maybe really truncated on the wire. The QOP seems to be missing/truncated from the dump below.
Cheers,
Henning
*From:* David Cunningham via sr-users sr-users@lists.kamailio.org *Sent:* Dienstag, 18. November 2025 03:34 *To:* Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org *Cc:* David Cunningham dcunningham@voisonics.com *Subject:* [SR-Users] error while parsing credentials
Hello,
We have one particular device which won't authenticate with Kamailio, and are looking for any insight into why. When Kamailio receives the REGISTER it logs:
Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} <core> [core/parser/digest/digest.c:323]: find_credentials(): error while parsing credentials Nov 17 17:50:37 sip /sbin/kamailio[2293367]: ERROR: {1 2 REGISTER mrXSmu5Gh} auth [api.c:73]: pre_auth(): Error while looking for credentials
A redacted copy of the REGISTER is below. I note two unusual things:
On the Authorization header it says "[truncated]Authorization".
It includes a "cnonce" (client nonce) in the Authorization data, which
is unusual compared to our other SIP devices.
Thanks in advance!
Session Initiation Protocol (REGISTER) Request-Line: REGISTER sip:sip.example.com:5060 SIP/2.0 Message Header To: "C25" sip:123456789@sip.example.com SIP to display info: "C25" SIP to address: sip:123456789@sip.example.com SIP to address User Part: 123456789 SIP to address Host Part: sip.example.com From: "C25" sip:123456789@sip.example.com;tag=mmVG392Qv SIP from display info: "C25" SIP from address: sip:123456789@sip.example.com SIP from tag: mmVG392Qv Contact: sip:123456789@11.22.221.114:65477;transport=udp Contact URI: sip:123456789@11.22.221.114:65477;transport=udp Via: SIP/2.0/UDP 11.22.221.114:65477;branch=z9hG4bK.X0v8d63yc CSeq: 2 REGISTER Call-ID: iYC5fcJqy [Generated Call-ID: iYC5fcJqy] Max-Forwards: 70 Allow: INVITE, ACK, CANCEL, BYE, OPTIONS, NOTIFY User-Agent: Rogue sip 7.1.11 (stm32mp15-ya157c-v2) linux Expires: 3600 [truncated]Authorization: Digest realm="sip.example.com", nonce="aRvGYGkbxTQrS5pTzBoahdefo1xCqskN", algorithm=MD5, username="123456789", uri="sip:sip.example.com:5060", response="ab717ce439c666e9b5651d0dc74dff9a", cnonce="MzrTCxYCoCPxZ Authentication Scheme: Digest Realm: "sip.example.com" Nonce Value: "aRvGYGkbxTQrS5pTzBoahdefo1xCqskN" Algorithm: MD5 Username: "123456789" Authentication URI: "sip:sip.example.com:5060" Digest Authentication Response: "ab717ce439c666e9b5651d0dc74dff9a" CNonce Value: "MzrTCxYCoCPxZ91a" Nonce Count: 00000001 QOP: Content-Length: 0
--
David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782
-- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782
Kamailio - Users Mailing List - Non Commercial Discussions -- sr-users@lists.kamailio.org To unsubscribe send an email to sr-users-leave@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender!
-- Daniel-Constantin Mierla (@ asipto.com)twitter.com/miconda -- linkedin.com/in/miconda Kamailio Consultancy, Training and Development Services -- asipto.com Kamailio Advanced Training, Dec 1-4, 2025 -- asipto.com
Kamailio - Users Mailing List - Non Commercial Discussions -- sr-users@lists.kamailio.org To unsubscribe send an email to sr-users-leave@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender!
-
Daniel-Constantin Mierla -
David Cunningham -
Henning Westerholt