[reSIProcate] ServerAuthentication questions
Hi,
I'm creating a server with authentication and there are some things in the
resip/dum code I don't understand completely:
There is a function called ServerAuthManager::useAuthInt() which if returns
true, causes resip to include the qop parameter in the challenge (it include
"auth,auth-int"), requesting the client to use RFC 2617 style authentication
and if it returns false, the qop parameter is omitted, causing the client to
revert to RFC 2069. So there is no way to request only "auth" or even to force
"auth-int" currently?
I didn't find in the source the part where the server checks for replay
attacks, using the nonce-count parameter. Is it really missing? If no, can
somebody point me to it? If yes, are there plans to include it or it's up to
me?
TIA
br
Szo