[SR-Users] diameter auth with round trip

Carsten Bock carsten at ng-voice.com
Tue Oct 6 13:44:25 CEST 2015 

Hi JB,

I guess you can simply do a fork and a make a pull-request on Github.
Someone will then review the change and accept or decline it with the
proper reason.

You should only make sure, that the current behaviour stays intact
(e.g. make it configurable, if necessary).

Thanks for your contribution,
Carsten

2015-10-06 13:33 GMT+02:00 JB <jbf.nospam at gmail.com>:
>
>
>
> Thanks for the suggestion about auth_diameter, do you think there would be
> an interest in the community if we were to do this modification on ims_auth
> or auth_diameter ? could it be integrated to trunk ?
>
> We do not want to publish our own fork of ims_auth or auth_diameter with
> that small change and maintain the code repository if it can be avoided, so
> it would be nice if we can put it in the trunk and forget about it. Plus it
> is more open source oriented to publish to main branch i feel :)
>
> JB
>
> 2015-10-03 23:53 GMT+02:00 JB <jbf.nospam at gmail.com>:
>>
>> Hello all, we are working on a SIP solution using Kamailio.
>>
>> We want to secure our base of  user credentials even in case of attack on
>> the SIP server, and for that reason we plan to use diameter authentication
>> as described in RFC http://www.rfc-base.org/txt/rfc-4740.txt
>>
>> Paragraph 6.2 describes a mode where the HSS answer with code
>>
>> DIAMETER_MULTI_ROUND_AUTH ,and then validate user credential after a
>> second round trip.
>>
>>
>> This does NOT corresponds to what is done on Kamailio module ims_auth,
>> where credentials (actually a hash of the credentials, but its enough to
>> authenticate )
>>
>> ) are pushed to kamailio, which does the computation of the expected
>> answer (which corresponds to par 6.3 of the RFC 4740)
>>
>> Is there any kamailio module that would allow to use the method with
>> DIAMETER_MULTI_ROUND_AUTH ?
>>
>> Thank you
>>
>> JB
>
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>



-- 
Carsten Bock
CEO (Geschäftsführer)

ng-voice GmbH
Schomburgstr. 80
D-22767 Hamburg / Germany

http://www.ng-voice.com
mailto:carsten at ng-voice.com

Office +49 40 5247593-0
Fax +49 40 5247593-99

Sitz der Gesellschaft: Hamburg
Registergericht: Amtsgericht Hamburg, HRB 120189
Geschäftsführer: Carsten Bock
Ust-ID: DE279344284

Hier finden Sie unsere handelsrechtlichen Pflichtangaben:
http://www.ng-voice.com/imprint/

More information about the sr-users mailing list