[sr-dev] [Kamailio] Why is the nonce expiry checked so late?

17 Nov 2009

Hello,

Why is the nonce expiry checked in post_auth instead of pre_auth? Now the 
expiry is checked after the username/password is checked against the DB. That 
seems a bit odd.

I moved the check to check_nonce (which is called from pre_auth) and it seems 
to work fine. Did I miss something? Security issue?
-- 
Greetings,

Alex Hermann

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

[sr-dev] [Kamailio] Why is the nonce expiry checked so late?