|
|
@@ -1,6 +1,12 @@
|
|
|
<?xml version='1.0'?>
|
|
|
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
|
|
|
- "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
|
|
|
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
|
|
|
+
|
|
|
+<!-- Include general documentation entities -->
|
|
|
+<!ENTITY % docentities SYSTEM "../../../../doc/docbook/entities.xml">
|
|
|
+%docentities;
|
|
|
+
|
|
|
+]>
|
|
|
|
|
|
<refentry id="module.auth"
|
|
|
xmlns:serdoc="http://sip-router.org/xml/serdoc">
|
|
|
@@ -16,7 +22,7 @@
|
|
|
<refsect1>
|
|
|
<title>Description</title>
|
|
|
<para>
|
|
|
- The <command>auth</command> SER module provides basic functionality
|
|
|
+ The <command>auth</command> module of &kamailio; provides basic functionality
|
|
|
for digest authentication. However, it does not provide access to
|
|
|
the user information and therefore relies on another module. These
|
|
|
modules are <serdoc:module>auth_db</serdoc:module>,
|
|
|
@@ -199,12 +205,12 @@
|
|
|
</para>
|
|
|
<para>
|
|
|
Instead of using single arrays for keeping nonce state, these arrays
|
|
|
- can be divided into several partitions. Each SER process is assigned
|
|
|
+ can be divided into several partitions. Each &kamailio; process is assigned
|
|
|
to one of these partitions, allowing for higher concurrency on
|
|
|
multi-CPU machines. Besides increasing performance, increasing
|
|
|
<parameter>nid_pool_no</parameter> has also a negative effect: it
|
|
|
could decrease the maximum supported in-flight nonces in certain
|
|
|
- conditions. In the worst case, when only one SER process receives
|
|
|
+ conditions. In the worst case, when only one &kamailio; process receives
|
|
|
most of the traffic (e.g. very busy TCP connection between two
|
|
|
proxies), the in-flight nonces could be limited to the array size
|
|
|
(<serdoc:modparam module="auth">nc_array_size</serdoc:modparam>
|
|
|
@@ -523,12 +529,12 @@
|
|
|
<para>
|
|
|
In a challenge the parameter indicates, which of these methods
|
|
|
the server supports. This can either be one of them or both,
|
|
|
- separated by a comma. For challenges generated by SER, this
|
|
|
+ separated by a comma. For challenges generated by &kamailio;, this
|
|
|
is given by the <parameter>qop</parameter> module. It may also
|
|
|
be an empty string, in which case no <parameter>qop</parameter>
|
|
|
- parameter will be present in challenges created by SER. This may
|
|
|
+ parameter will be present in challenges created by &kamailio;. This may
|
|
|
be necessary for compatibility with some old clients but will
|
|
|
- make your SER not comply with RFC 3261.
|
|
|
+ make your &kamailio; not comply with RFC 3261.
|
|
|
</para>
|
|
|
<para>
|
|
|
Protection against nonce replay attacks can be achieved by
|
Daniel-Constantin Mierla