[sr-dev] Crash - auth
Alex Balashov
abalashov at evaristesys.com
Fri Oct 15 08:47:46 CEST 2010
On 10/15/2010 02:38 AM, Andrei Pelinescu-Onciul wrote:
> Do you have both nonce_count and one_time_nonce enabled in the same
> time? If so could you try with nonce_count disabled and see if you still
> get this problem?
I do have them both enabled concomitantly, but the documentation did not
say I cannot.
No, the crash does not happen if I disable nonce_count. But, in that
situation, with the same code as in my initial report, responses are
challenged at infinitum without successful credential acceptance.
Presumably that is an artifact of nonce_count being 0.
> Could you send me all the auth modparam lines that you have in your
> config? (nid_pool_no, nc_*, otn_in*)
Sure:
modparam("auth", "auth_checks_register", 15)
modparam("auth", "auth_checks_no_dlg", 15)
modparam("auth", "auth_checks_in_dlg", 7)
modparam("auth", "qop", "auth")
modparam("auth", "nonce_count", 1)
modparam("auth", "one_time_nonce", 1)
modparam("auth", "nid_pool_no", 4)
modparam("auth", "nc_array_size", 8388608) # 8 MB.
modparam("auth", "otn_in_flight_no", 8388608) # 8 MB
modparam("auth", "nonce_expire", 600) # 10 minutes.
modparam("auth", "nonce_auth_max_drift", 5) # 5 seconds
modparam("auth", "force_stateless_reply", 0)
--
Alex Balashov - Principal
Evariste Systems LLC
1170 Peachtree Street
12th Floor, Suite 1200
Atlanta, GA 30309
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/
More information about the sr-dev
mailing list