Hello, maybe woth looking at auth_diameter, which is sort of unmaintained, because of the lack of interest during the past years, but iirc, the authentication was done inside diameter server, which was returned ok/not-ok. I expect the module to need some coding, but could be not that big changes to bring it up to date.
Cheers, Daniel On 03/10/15 23:53, JB wrote: > Hello all, we are working on a SIP solution using Kamailio. > > We want to secure our base of user credentials even in case of attack > on the SIP server, and for that reason we plan to use diameter > authentication as described in RFC > http://www.rfc-base.org/txt/rfc-4740.txt > > Paragraph 6.2 describes a mode where the HSS answer with code > DIAMETER_MULTI_ROUND_AUTH ,and then validate user credential after a second > round trip. > > > This does NOT corresponds to what is done on Kamailio module ims_auth, > where credentials (actually a hash of the credentials, but its enough > to authenticate ) > ) are pushed to kamailio, which does the computation of the expected > answer (which corresponds to par 6.3 of the RFC 4740) > Is there any kamailio module that would allow to use the method with > DIAMETER_MULTI_ROUND_AUTH ? > > Thank you > JB > > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list > [email protected] > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Book: SIP Routing With Kamailio - http://www.asipto.com Kamailio Advanced Training, Sep 28-30, 2015, in Berlin - http://asipto.com/u/kat
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list [email protected] http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
