[asterisk-dev] A question about the nonce generation and checking
Johansson Olle E
oej at edvina.net
Wed Jan 23 04:42:59 CST 2008
23 jan 2008 kl. 11.07 skrev Isaac Lee:
> Hi,
>
> I would like to find out more information on how the Asterisk
> generates
> its nonce and whether it checks the validity of the nonce. Whereabouts
> in the code I can find those information? And is the nonce just a
> random
> string or it is computed based on some caller related information to
> prevent replay attacks? Thank you
What part of ASterisk are you talking about? We have digest auth
in many places.
/O
More information about the asterisk-dev
mailing list