On Jun 14, 2010 at 14:56, Henning Westerholt <henning.westerh...@1und1.de> wrote: > On Monday 14 June 2010, Andrei Pelinescu-Onciul wrote: > > It looks like he uses modules/auth_radius (which seems to be the k > > version) and modules_s/auth. Unfortunately the ser auth api is > > incompatible with the k one. > > OTOH IMHO the ser auth module is superior to the k one, e.g.: > > ser auth: > > + nonce-count/qop=auth* support: > > + extra protection even in non qop=auth mode and non-one-time-nonce mode > > (the one time nonce mode has potential issues with retransmissions): > > + base64 nonces (shorter) > > > > k auth (at first sight) seems to support only on-time-nonces and their > > implementation uses locks (and seems to be more "limited"). > > Indeed the ser auth module is superiour in this areas to the kamailio one. I > can't judge about the auth_radius side, as i did not used it so far.
I have no idea about the radius part either (Juha knows better). The problem is that right now if one wants to use auth from module_s and radius, he/she can't and the quickest way to fix it is to temporarily revive the modules_s/*radius stuff (which will have the unpleasant side-effect of some path changes: modules/auth_radius => modules_k/auth_radius and modules/misc_radius => modules_k/misc_radius). Andrei _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
