Hello, Why is the nonce expiry checked in post_auth instead of pre_auth? Now the expiry is checked after the username/password is checked against the DB. That seems a bit odd.
I moved the check to check_nonce (which is called from pre_auth) and it seems to work fine. Did I miss something? Security issue? -- Greetings, Alex Hermann _______________________________________________ sr-dev mailing list [email protected] http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
