[Kamailio-Users] NONCE_REUSED return code
catalina oancea
catalina.oancea at gmail.com
Wed Apr 8 13:48:31 CEST 2009
Ooh, so there's my bug :) I am currently using an older 1.4 and my
code looks like this:
typedef enum auth_result {
AUTH_ERROR = -5, /* Error occurred, a reply has not been sent out */
NO_CREDENTIALS, /* Credentials missing */
STALE_NONCE, /* Stale nonce */
INVALID_PASSWORD, /* Invalid password */
USER_UNKNOWN, /* User non existant */
ERROR, /* Error occurred, a reply has been sent out -> */
/* return 0 to the openser core */
AUTHORIZED, /* Authorized. If returned by pre_auth, */
/* no digest authorization necessary */
DO_AUTHORIZATION, /* Can only be returned by pre_auth. */
NONCE_REUSED /* Returned if nonce is used more than once */
/* Means to continue doing authorization */
} auth_result_t;
So for me in 1.4 I should make an additional checkup in cfg for return
code 3, until I am ready to upgrade to 1.5. Right?
Thanks again, especially for the quick answers.
2009/4/8 Henning Westerholt <henning.westerholt at 1und1.de>:
> On Wednesday 08 April 2009, catalina oancea wrote:
>> From whant I understand, nonce shouldn't be used twice at all, so if
>> www_authenticate return code is 3 (NONCE_REUSED), the REGISTER or any
>> other authenticated package should be rejected. But the usual examples
>> of kamailio.cfg show that the message is rejected only if
>> www_authenticate reply is < 0. So how exactly is the safe way to use
>> it?
>
> Hi catalina,
>
> why do you think that the return value of NONCE_REUSED is 3? According to the
> code its -6:
>
> typedef enum auth_result {
> NONCE_REUSED = -6, /*!< Returned if nonce is used more than once */
> [..]
>
> So checking for < 0 should be fine for this case too.
>
> Cheers,
>
> Henning
>
More information about the sr-users
mailing list