I am debugging an issue with cwmp authentication using username and password. The authentication is rejected by the genieacs even when cpe device provides correct response to digest. Upon closer inspection in code, it seems that server nonce value is tied to incoming socket. The authentication flow checks if the map contains correct nonce value against socket. This nonce value was set earlier when cpe sends unauthenticated request.
Since cpe device uses different sockets in each request, genieacs rejects the request with 401 code everytime.
Now when I look into the RFC, it does not mandate that connection must be reuse.
I am wondering this problem can be associated to other cpe devices as well. What is your views on this? Is there any PR that provide solution to it?
GenieACS version: v1.2.13