[sr-dev] [SR-Users] auth apis & radius (was: auth_radius - Segmentation fault)

Henning Westerholt henning.westerholt at 1und1.de
Mon Jun 14 14:56:36 CEST 2010


On Monday 14 June 2010, Andrei Pelinescu-Onciul wrote:
> It looks like he uses modules/auth_radius (which seems to be the k
> version) and modules_s/auth. Unfortunately the ser auth api is
> incompatible with the k one.
> OTOH IMHO the ser auth module is superior to the k one, e.g.:
>  ser auth:
>  + nonce-count/qop=auth* support:
>  + extra protection even in non qop=auth mode and non-one-time-nonce mode
>   (the one time nonce mode has potential issues with retransmissions):
>  + base64 nonces (shorter)
> 
>  k auth (at first sight) seems to support only on-time-nonces and their
>  implementation uses locks (and seems to be more "limited").

Indeed the ser auth module is superiour in this areas to the kamailio one. I 
can't judge about the auth_radius side, as i did not used it so far.

Regards,

Henning



More information about the sr-dev mailing list