[Kamailio-Devel] nonce checking in auth module

[Daniel-Constantin Mierla]

I am not sure how many followed the evolution of the auth module during 
this development cycle. So I am going to present the situation shortly. 
Starting with revision 4294, auth module is doing nonce reusing checking.

http://openser.svn.sourceforge.net/viewvc/openser?view=rev&revision=4294

The improvement is very good from security point of view but will have 
performance impact. The issue I am seeing is the inability to control 
this feature via a parameter, so will be done all the time. I don't know 
if it is only me, but I am using in some setups short registration time 
to ensure that pinholes in the nat routers. Re-usage of the nonce was 
good as registrations were not challenged for the nonce expiration time 
(this is controlled by a module parameter), not loading that much the 
server.

Might be late now, but my question is, does someone else sees a good 
thing in the ability to control nonce re-usage checking via module 
parameter?

Cheers,
Daniel

-- 
Daniel-Constantin Mierla
http://www.asipto.com