8 Apr
2009
8 Apr
'09
7:41 a.m.
On Wednesday 08 April 2009, catalina oancea wrote:
From whant I understand, nonce shouldn't be used
twice at all, so if
www_authenticate return code is 3 (NONCE_REUSED), the REGISTER or any
other authenticated package should be rejected. But the usual examples
of kamailio.cfg show that the message is rejected only if
www_authenticate reply is < 0. So how exactly is the safe way to use
it?
Hi catalina,
why do you think that the return value of NONCE_REUSED is 3? According to the
code its -6:
typedef enum auth_result {
NONCE_REUSED = -6, /*!< Returned if nonce is used more than once */
[..]
So checking for < 0 should be fine for this case too.
Cheers,
Henning