15 Oct
2010
15 Oct
'10
11:52 a.m.
On Oct 15, 2010 at 04:31, Alex Balashov <abalashov(a)evaristesys.com> wrote:
Andrei
On 10/15/2010 04:18 AM, Andrei Pelinescu-Onciul
wrote:
Yes, that's the problem. You should not enable 4 (from_tag) for
REGISTER, since that can change for the challenged request (confirmed by
the dump you've sent me).
We probably should update the doc with some good examples and warnings.
I think the safest settings are:
# r-uri, call-id and src_ip
modparam("auth", "auth_checks_register", 11)
# r-uri, src_ip (call-id and from might change)
modparam("auth", "auth_checks_no_dlg", 9)
# everything for in-dialog (r-uri, call-id, from_tag, src_ip)
modparam("auth", "auth_checks_in_dlg", 15)
Yes, it's a bug. It's just not something
I've tested before,
that's why I've asked. It should be fixed now.
Understandable, and thanks for the commit!
That's very strange. It should work.
Could you send me a packet capture with re-challenged requests?
It has been sent to you privately.
Could you try with the auth_checks_* commented
out?
It does indeed work, when I comment out:
#modparam("auth", "auth_checks_register", 15)
I wonder if not all of (1 | 2 | 4 | 8) that am trying to use there
are actually appropriate for REGISTER. Could you also try only nonce_count and disabled
one_time_nonce?
That does not work unless I disable the auth_register_checks above.
That's clearly the issue.