[OpenSER-Devel] SF.net SVN: openser: [3232] trunk/etc/openser.cfg
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Tue Dec 4 09:47:07 UTC 2007
Hi Henning,
the sequence number is not checked because it is not stored in the auth
module. Actually there is no information kept by the module during the
challenge and response.
regards,
bogdan
Henning Westerholt wrote:
> On Friday 30 November 2007, Klaus Darilion wrote:
>
>>> Revision: 3232
>>> http://openser.svn.sourceforge.net/openser/?rev=3232&view=rev
>>> Author: henningw
>>> Date: 2007-11-29 08:14:33 -0800 (Thu, 29 Nov 2007)
>>>
>>> Log Message:
>>> -----------
>>> - enable qop mode for auth challenge function, as recommended in
>>> documentation
>>>
>> As openser does not check sequence numbers there is actually no benefit
>> of security :-(
>>
>
> Hi Klaus,
>
> do you have more informations about this problem? Was this discussed on the
> list in the past? Why is this not checked?
>
> Cheers,
>
> Henning
>
> _______________________________________________
> Devel mailing list
> Devel at lists.openser.org
> http://lists.openser.org/cgi-bin/mailman/listinfo/devel
>
>
More information about the Devel
mailing list