[OpenSIPS-Users] Auth parameter disable_nonce_check not working as expected
Bogdan-Andrei Iancu
bogdan at opensips.org
Tue Jan 9 09:39:04 EST 2018
Hi Rob,
A "reused" and a "stale" nonce are different things. A reused one means
that same nonce is to be used for multiple auth attempts. A stale nonce
means the nonce (used or not) is rejected as it is too old (relative to
the time when the nonce was generated by the server).
Of course, the stale check is first perform (and mandatory). After that
(according to disable_nonce_check option) the nonce re-usage is checked.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
OpenSIPS Summit 2018
http://www.opensips.org/events/Summit-2018Amsterdam
On 01/08/2018 08:36 PM, Robert Dyck wrote:
>
> Using opensips 2.3.2 compiled from source
>
> I have a buggy UA that insists on reusing a stale nonce. I tried to
> work around it by setting disable_nonce_check. It didn't work for me.
> Am I misunderstanding the purpose of the parameter or is this an
> opensips bug?
>
> Jan 8 09:46:19 [11380] DBG:core:set_mod_param_regex: found
> <disable_nonce_check> in module auth [/usr/lib64/opensips/modules/]
>
> Rob
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20180109/c09f0987/attachment-0001.html>
More information about the Users
mailing list