< Previous by Date | Date Index | Next by Date > |
< Previous in Thread | Thread Index | Next in Thread > |
I suspect a value of 3000 seconds (50 minutes) was intentional since
3 seconds doesn’t seem reasonable – although I can’t answer
why 50 minutes was chosen. Also - I think your first question is interesting, but I don’t
know the answer. : ) Scott From: resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxxx
[mailto:resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxxx] On Behalf Of Justin
Matthews If
DUM challenges an INVITE and then successfully authenticates a call and the UA
then sends DUM a BYE and copies the auth info from the original INVITE, a 403
is returned because the Method portion of the request-uri is used in
calculating A2 and the Method is now BYE and originally was INVITE. Is
this behavior by the UA sending the BYE completely against the spec(s), or
should DUM be able to allow my app to decide whether to accept this kind of
behavior? Also, the call to advancedAuthenticateRequest in ServerAuthManager.cxx passes 3000 as a hard-coded expiration for the nonce value, is this meant to be 3 seconds? The comparison on nonce expiration values is done in seconds in advancedAuthenticateRequest. On a side note, how was the value of the expiration interval decided? Thanks, Justin |