[SR-Users] Nonce lifetime in RADIUS auth module
Måns Nilsson
mansaxel at besserwisser.org
Tue Mar 31 22:28:52 CEST 2015
Hi,
I have a problem with stale nonces being reused by a UA. I'd like to do two things;
* Set the nonce lifetime to a lower value
* Handle stale nonces in my authentication route
For the first, I'm interpreting the RADIUS module documentation so that
it gets such parameters from the generic auth module and, therefore,
I should be good with something like:
...
modparam("auth", "nonce_expire", 60) # Set nonce_expire to 60s
...
For the second, I'd appreciate pointers on how to set stale=true in the
401 reply, if special handling is required. I have incomplete packet
traces to work from right now, so can't tell if it is being set already.
Thanks,
--
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE +46 705 989668
I'm wearing PAMPERS!!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20150331/7ecea0fd/attachment.sig>
More information about the sr-users
mailing list