14 Jun
2010
14 Jun
'10
8:56 a.m.
On Monday 14 June 2010, Andrei Pelinescu-Onciul wrote:
It looks like he uses modules/auth_radius (which seems
to be the k
version) and modules_s/auth. Unfortunately the ser auth api is
incompatible with the k one.
OTOH IMHO the ser auth module is superior to the k one, e.g.:
ser auth:
+ nonce-count/qop=auth* support:
+ extra protection even in non qop=auth mode and non-one-time-nonce mode
(the one time nonce mode has potential issues with retransmissions):
+ base64 nonces (shorter)
k auth (at first sight) seems to support only on-time-nonces and their
implementation uses locks (and seems to be more "limited").
Indeed the ser auth module is superiour in this areas to the kamailio one. I
can't judge about the auth_radius side, as i did not used it so far.
Regards,
Henning