< Previous by Date	Date Index	Next by Date >
	Thread Index	Next in Thread >

[reSIProcate] ServerAuthentication questions

From: Robert Szokovacs <rszokovacs@xxxxxxxxxxxxxxx>
Date: Fri, 22 Oct 2010 12:42:04 +0200

Hi,

I'm creating a server with authentication and there are some things in the 
resip/dum code I don't understand completely:

There is a function called ServerAuthManager::useAuthInt() which if returns 
true, causes resip to include the qop parameter in the challenge (it include 
"auth,auth-int"), requesting the client to use RFC 2617 style authentication 
and if it returns false, the qop parameter is omitted, causing the client to 
revert to RFC 2069. So there is no way to request only "auth" or even to force 
"auth-int" currently?

I didn't find in the source the part where the server checks for replay 
attacks, using the nonce-count parameter. Is it really missing? If no, can 
somebody point me to it? If yes, are there plans to include it or it's up to 
me?

TIA

br

Szo

Follow-Ups:
- Re: [reSIProcate] ServerAuthentication questions
  - From: Scott Godin

Prev by Date: Re: [reSIProcate] Memory leaks in Helper.cxx
Next by Date: [reSIProcate] unresponsive DNS query blocks stack thread if USE_IPV6 is not defined (windows)
Previous by thread: Re: [reSIProcate] Memory leaks in Helper.cxx
Next by thread: Re: [reSIProcate] ServerAuthentication questions
Index(es):
- Date
- Thread