31 Mar
2015
31 Mar
'15
8:28 p.m.
Hi,
I have a problem with stale nonces being reused by a UA. I'd like to do two things;
* Set the nonce lifetime to a lower value
* Handle stale nonces in my authentication route
For the first, I'm interpreting the RADIUS module documentation so that it gets such parameters from the generic auth module and, therefore, I should be good with something like:
... modparam("auth", "nonce_expire", 60) # Set nonce_expire to 60s ...
For the second, I'd appreciate pointers on how to set stale=true in the 401 reply, if special handling is required. I have incomplete packet traces to work from right now, so can't tell if it is being set already.
Thanks,
--
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE +46 705 989668
I'm wearing PAMPERS!!