[sr-dev] [Kamailio] Why is the nonce expiry checked so late?
Alex Hermann
alex at speakup.nl
Tue Nov 17 16:13:15 CET 2009
Hello,
Why is the nonce expiry checked in post_auth instead of pre_auth? Now the
expiry is checked after the username/password is checked against the DB. That
seems a bit odd.
I moved the check to check_nonce (which is called from pre_auth) and it seems
to work fine. Did I miss something? Security issue?
--
Greetings,
Alex Hermann
More information about the sr-dev
mailing list